Investigating DDOS - Architecture, Actors, and Attribution

Explore the evolving landscape of DDoS attacks in this Black Hat conference talk. Delve into novel techniques used by law enforcement and private sector to measure, study, and attribute attacks from embedded device botnets and booter/stresser services. Learn about honeypot usage for gathering historical attack data and best practices for live DDoS attack testing. Examine representative PCAPs, dissect attack architectures, and understand various protocols involved. Gain insights into the underground marketplaces where these services are sold, the purchasing process, and the individuals behind these operations. Discover the legal implications and international efforts to combat DDoS attacks, concluding with a thought-provoking discussion on the future of cybersecurity in this domain.

Introduction
Welcome
Questions
Agenda
What happened to DDoS
Whats going on right now
The amplifier list
The architecture
Honeypots
Moloch
Indexing
Results
Protocols
NTP
NCP
Request
DNS
Reply
Charging
SMP
HTTP
UDP Flood
Attack Testing
Hack Forums
Top Seller
Landing Page
Turnkey DDoS Service
Whos doing this
Database Leaks
Computer Crime Computer Fraud
United Kingdom
Twitter Post
What Do You Think
Take Questions