In April 2009, government and financial sites in the U.S. and South Korea were attacked by DDOS and were brought offline for days. This incident followed the Estonian DDOS attacks in 2007 and Georgian DDOS attacks in 2008. However, the attacks used in these incidents were primarily Layer 4 (TCP) attacks which are already addressed by anti-DDOS solutions.
A NEW and very lethal form of Layer 7 attack technique, which uses slow HTTP POST connections, was discovered by Onn Chee and his team in Singapore in 2009.
As it is a Layer 7 attack, existing Layer 4 protection systems may not be able to defend against such an attack. In addition, unlike the HTTP GET DDOS attack technique, both Apache and IIS web servers are vulnerable to HTTP POST DDOS attacks. Onn Chee and Tom Brennan will walk through the details of how this lethal HTTP POST DDOS technique works, other interesting findings in the protocol and the challenges in defending critical infrastructure against such attacks.
They will also demonstrate how an "agentless" DDOS botnet can be created via malicious online games and how a victim website can be brought down in matter of minutes using the HTTP POST DDOS attack.
A Q&A session will be held at the end to solicit ideas on how best to defend against this new and lethal DDOS attack technique.
Onn Chee is currently working as the Chief Technology Officer in Resolvo Systems, a leading information leakage expert in Asia. He has led numerous large-scale projects, primarily in the government and defense sectors. His areas of expertise include information leakage protection, web security and security strategy. Onn Chee is also one of the co-inventors for at least six international PCT patents (http://www.wipo.int).
Onn Chee was a founding member and the first Vice-President of the Information Systems Security Association (ISSA), Singapore Chapter (http://www.issa.org.sg), the largest international, not-for-profit association for security professionals. He contributes regularly to ISSA Journal and has published his works in the area of information leakage protection and application of evidence laws when designing IT systems. He was also a former member of the Center of Internet Security (US) (http://www.cisecurity.org) which provides well-recognized security benchmarks for various systems which are commonly used by US Federal Government and private organizations. Onn Chee is also the current Singapore chapter president of Open Web Application Security Project (OWASP) (http://www.owasp.org/) and the main organizer of the Security Meetup Group in Singapore. Onn Chee is frequently invited to speak in information security conferences here in Singapore.
Tom Brennan started with technology in 1986 when 8-bit and CP/M was cool <grin>. After a career ending injury with United States Marines Corps., 2nd AAV BN, 2nd Mar Div., during Gulf War I Era he has dedicated his life to information security. Was elected and served with the FBI Infragard program 2002-2004 and then founded the OWASP New Jersey Chapter that today includes NYC Metro. with over 1100 members. In 2007 Brennan was appointed by his application security peers to the global board of directors for OWASP Foundation (www.owasp.org).
Tom is the CEO of Proactive Risk a provider of education services, assessments and mitigating controls for Critical Infrastructure clients. A father of 4 great kids and is a frequent and entertaining speaker at information security conferences.