Thursday, August 18, 2011
According to Arbor Networks' "Network Infrastructure Security Report" (here, registration required) - "Application-Layer DDoS Attacks Are Increasing in Sophistication and Operational Impact .. IDC and mobile/fixed wireless operators in particular are reporting significant outages, increased OPEX, customer churn and revenue loss due to application-layer DDoS attacks. These attacks are targeting both their customers and their own ancillary supporting services, such as DNS, Web portals, etc" (see chart).
Back to Juniper's article - "The ability to defend against application-layer DoS attacks and implementing an optimal mitigation solution relies on understanding the nature of the attack and the objectives of the attacker. Using information collected by Network/Application Anomaly Detection, Deep Packet Inspection (DPI/IPS), and Network Access Control systems, it may be possible to identify attack traffic. Depending on the nature of attack, several mitigation strategies need to be considered"