101 lines
2.6 KiB
TeX
101 lines
2.6 KiB
TeX
\documentclass{beamer}
|
|
\usepackage[T1]{fontenc}
|
|
\usepackage[utf8]{inputenc}
|
|
\usepackage{lmodern}
|
|
\usepackage{amsmath}
|
|
\usetheme{Darmstadt}
|
|
\setbeamercovered{transparent}
|
|
|
|
\title{Checkpoint \texttt{0x01}}
|
|
\subtitle{Implementing DoS Attack Mitigations}
|
|
\author{Adam Mirre\\Supervisor: Ing. Tomáš Dulík, Ph.D.}
|
|
\institute{UTB ve Zlíně}
|
|
\date{\today}
|
|
|
|
|
|
\begin{document}
|
|
|
|
\frame{\titlepage}
|
|
|
|
\begin{frame}{}
|
|
\tableofcontents[pausesections]
|
|
\end{frame}
|
|
|
|
\section{DoS/DDoS}
|
|
\begin{frame}{Denial of Service (DoS)}
|
|
|
|
\begin{block}{Theoretical part outline}
|
|
\begin{itemize}[<+>]
|
|
\item techniques (known and popular)
|
|
\item impact
|
|
\item attack tools
|
|
\item actors and notable occasions
|
|
\item mitigation/protection techniques
|
|
\item blackholing (good BGP peer relations required)
|
|
\item robust infra
|
|
\item mitigation/protection tools
|
|
\end{itemize}
|
|
\end{block}
|
|
|
|
\end{frame}
|
|
|
|
\section{Testing Infra}
|
|
\begin{frame}{Setup}
|
|
|
|
\begin{block}{Practical part}
|
|
\begin{itemize}
|
|
\item<1> testing infrastructure setup (and teardown)
|
|
\begin{itemize}
|
|
\item<1> os
|
|
\item<1> networks
|
|
\item<1> monitoring
|
|
\end{itemize}
|
|
\item<2> setup/configuration automation
|
|
\item<3> staging an attack
|
|
\frametitle<3,4>{Attack}
|
|
\item<4> attack automation
|
|
\frametitle<5->{Response}
|
|
\item<5> attack detection and response
|
|
\item<6> mitigation tools
|
|
\item<7> monitoring \vspace{3pt}
|
|
\item<8> real-life deployment, testing and efficacy assessment
|
|
\end{itemize}
|
|
\end{block}
|
|
\end{frame}
|
|
|
|
\begin{frame}{Setup}
|
|
\begin{block}{infrastructure setup and teardown}
|
|
testing hosts: archlinux, fedora 34, mikrotik VM
|
|
\begin{itemize}
|
|
\item<1> Terraform + libvirt tf provider
|
|
\begin{itemize}
|
|
\item<1> os - cloud images
|
|
\end{itemize}
|
|
\frametitle<2,3,4>{Configuration}
|
|
\item<2> CloudInit
|
|
\item<3> CoreOS (ignition) + libvirt?
|
|
\item<4> attack automation
|
|
\begin{itemize}
|
|
\item {loic,owasp http post tool, hping, RUDY (R-U-Dead-Yet)}
|
|
\end{itemize}
|
|
\frametitle<5->{Detection}
|
|
\item<5> attack detection using fastnetmon
|
|
\frametitle<6->{Response}
|
|
\item<6> attack response - BGP blackholing (for a short time span)
|
|
\frametitle<7->{Monitoring}
|
|
\item<7> monitoring - fastnetmon exporter --> Grafana dashboard \vspace{3pt}
|
|
\frametitle<8->{Real-life deployment}
|
|
\item<8> real-life deployment, testing and efficacy assessment
|
|
\end{itemize}
|
|
\end{block}
|
|
|
|
\end{frame}
|
|
|
|
\section*{Conclusion}
|
|
\begin{frame}[plain]{Conclusion}
|
|
Thank you for your attention.
|
|
\end{frame}
|
|
|
|
|
|
\end{document}
|