Automated, real-time traffic analysis and ML-based mitigation

Issue 6 2023 Infrastructure, Products & Solutions

NetScout Systems has launched Adaptive DDoS Protection for its Arbor Threat Mitigation System (TMS) to dramatically improve the detection of distributed attacks that dynamically change vectors and target numerous destination IP addresses at once.

NetScout ASERT, the company’s security research and DDoS attack mitigation team, has documented a significant increase in dynamic Distributed Denial-of-Service (DDoS) attacks using multiple vectors and techniques to launch botnet-based, direct-path, state exhaustion, and application-layer attacks designed to evade conventional static network and cloud-only-based DDoS defences.

Carpet-bombing attacks have risen by more than 110%. They are particularly challenging for SOC teams to mitigate using conventional means as these attacks target large swaths of IP addresses versus a single host, and generate hundreds or thousands of alerts per attack.

“Direct path attacks are overtaking reflection/amplification as the most popular DDoS attack vector, and they are increasingly botnet-driven, multi-vector, and dynamically adjusted in real time,” said Patrick Donegan, Founder and Principal Analyst, HardenStance. “ASERT analyses highly curated data from its ATLAS Intelligence Feed (AIF) and uses ML-based algorithms to recommend changes to attack countermeasures to stop DDoS attacks. Automating this functionality to bring intelligence into its Adaptive DDoS Protection functionality makes Arbor TMS even more compelling in mitigating DDoS attacks.”

Adaptive DDoS Protection analyses traffic in real time and automatically implements threat intelligence-driven mitigations and countermeasures to block dynamic DDoS attacks as they evolve. Adaptive DDoS Protection gives SOC teams a scalable, always-on, stateless packet processing solution that uses unmatched visibility into more than 50% of all Internet traffic, real-time global DDoS attack threat intelligence, and decades of DDoS mitigation experience to automatically detect, adapt to, and mitigate dynamic DDoS attacks.

Defending against carpet bombing

Carpet bombing attacks are one of the most devastating distributed attacks bad actors can initiate since they target large ranges of IP addresses simultaneously, generating thousands of attack alerts that are impossible for SOC teams to manage. Through Adaptive DDoS Protection, NetScout has introduced a new way to understand DDoS traffic at the network level across all subnets; to detect and report on carpet bombing attacks in one, easy-to-understand alert.

NetScout’s ML-based Precise Protection Prefix technology automatically determines the specific IP ranges targeted by the attack. It then automatically redirects those to Arbor TMS for mitigation, even as the attack moves around the network to different targets. This Adaptive DDoS Protection capability dramatically improves the detection and mitigation of carpet-bombing attacks.

“Defending a network requires as much knowledge about your adversary as possible,” said Scott Lekel-Johnson, AVP, DDoS and Threat Intelligence at NetScout. “We have embedded our global threat intelligence and decades of attack mitigation experience into this product. It is like having an ASERT analyst at your side 24/7. Our Adaptive DDoS Protection finds attacks that other solutions miss through dynamic detection and intelligent redirection to enable Arbor TMS to mitigate DDoS attacks better than any other solution on the market.”




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

From wireless alarms to smart homes
Elvey Security Technologies Perimeter Security, Alarms & Intruder Detection Products & Solutions
The final brand SMART Security Solutions features in its discussions with companies operating in South and southern Africa’s detection and alerting technologies market is DSC, distributed in the region by Elvey Security Technologies.

Read more...
The AX Hybrid PRO Series offers reliable wired and wireless protection
Hikvision South Africa Editor's Choice Perimeter Security, Alarms & Intruder Detection Products & Solutions
Hikvision has announced the launch of a new AX Hybrid PRO alarm system with innovative Hikvision ‘Speed-X’ transmission technology. This system offers reliable wired protection while delivering expanded flexibility with seamless wireless integration.

Read more...
Advanced Perimeter Intrusion Detection Systems
XtraVision OPTEX Technews Publishing Modular Communications Perimeter Security, Alarms & Intruder Detection Integrated Solutions Products & Solutions
Making full use of fibre installations around the perimeter by adding Perimeter Intrusion Detection Systems means you can easily add another layer of security to existing surveillance and fencing systems.

Read more...
Smart intercoms are transforming access control
Access Control & Identity Management Products & Solutions
Smart intercoms have emerged as a pivotal tool in modern access control. They provide a seamless and secure way to manage entry points without the need for traditional security guards to validate visitors before granting them access.

Read more...
Western Digital reveals new solutions
WD South Africa Products & Solutions News & Events Infrastructure
Western Digital unveiled new solutions and technology demonstrations at the Future of Memory and Storage Conference 2024. The innovations cater to diverse market segments, from hyperscale cloud to automotive and consumer storage.

Read more...
Supercharge surveillance with AXIS Camera Station Pro
Surveillance Products & Solutions
Designed to put efficient surveillance at users’ fingertips with an intuitive interface that is easy to operate, AXIS Camera Station Pro 6.2 provides a customisable video management and access control solution for companies of all sizes.

Read more...
The Duxbury Services Gateway revolutionises the Edge
Products & Solutions Infrastructure
Duxbury Networking has announced the launch of the Duxbury Services Gateway (DSG) range. These cost-effective edge compute appliances are designed to meet the diverse needs of South African businesses including SD-WAN, Firewall, and IP PBX applications.

Read more...
Navigating the evolving tech landscape in 2024 and beyond
Residential Estate (Industry) Infrastructure
Progress in the fields of AI, VR and social media is to be expected, but what is not, is our fundamental relationship with how we deploy solutions in our business and how it integrates with greater organisational strategies and goals.

Read more...
Eight terabyte desktop SSD
Products & Solutions Infrastructure
Western Digital has expanded its SanDisk portfolio with the new 8 TB SanDisk Desk Drive, its highest capacity yet on an external desktop solid state drive (SSD), also available with 4 TB

Read more...
78% of organisations highly concerned about cloud security
Information Security Infrastructure
As organisations develop and deploy more cloud applications, security becomes more complicated. Many organisations are adopting a hybrid or multi-cloud approach, which has expanded the attack surface and increased complexity.

Read more...