02

Adaptive DDoS Attacks and Learning How To Suppress Them

Innovation, adaption, and efficacy monitoring are intrinsic to the increasing number of adversaries who launch DDoS attacks.

New vectors and methodologies for launching attacks within those vectors emerge constantly, and methods have been developed to counteract these threats. Some of these efforts have resulted in reducing the impact of DDoS attacks, as evidenced by the downward trend in DNS amplification attacks (below).

DNS Amplification Attacks

However, adversaries haven’t stopped finding ways to circumvent security measures, which means we must continually develop new ways to combat DDoS attacks. One such solution is adaptive DDoS suppression, which aims to stop an attack before it ever has a chance to get started.

What is Adaptive DDoS?

Adaptive DDoS Attacks

  • 1

    Advanced reconnaissance of target networks

  • 2

    Continuous attack efficacy monitoring

  • 3

    Quickly changing attack vectors to counter mitigations

  • 4

    Using topologically adjacent attack infrastructure

  • 5

    Continuous attacker innovation and vector weaponization

Adaptive DDoS Defense

  • 1

    Intelligence DDoS Detection, Classification, Traceback, and Mitigation

  • 2

    Ability to detect and mitigate minute-zero attacks

  • 3

    Enhanced anomaly-detection technology, dynamic traffic analysis and classification

  • 4

    Curated threat intelligence, dynamic vector identification

  • 5

    Pre-attack adversary infrastructure identification

Explore the Whitepaper

Download our deep dive on adaptive DDoS suppression, and learn more about what NETSCOUT recommends for countering adaptive DDoS attacks.