Key-sharing tech helps combat encrypted DDoS attacks
- By John Breeden II
- Sep 03, 2013
Agencies are starting to get Distributed Denial of Service (DDoS) attacks under control as combat attacks from bots or zombie clients. But like the hydra of legend, slay one head, and a new one pops up. The latest threat is the encrypted DDoS attack, which is detected and analyzed by examining packet headers. But packet headers require a customer’s unique secure socket layer (SSL) key to unlock.
Prolexic announced that its SSL key-sharing tools make it easier to detect and stop encrypted Layer 7 (application layer) DDoS attacks while customers maintain control of their SSL keys at all times.
For quicker and easier DDoS analysis and detection, Prolexic developed the PLXabm SSL Hardware Security Module. Compliant with FIPS-140-2 Level 2 key management standards, this SSL module facilitates decryption of SSL traffic bi-directionally and enables automated alerting when a DDoS attack is detected.
“This enhancement to PLXabm allows our engineers to identify and isolate the source IP address, which they can use to block encrypted Layer 7 attacks,” said Stuart Scholly, president at Prolexic. “Best of all, this approach ensures that our customers can maintain control over their SSL keys at all times.”
Prolexic can also mitigate encrypted DDoS attacks using its PLXproxy service once the customer’s SSL keys and certificates are uploaded and deployed to Prolexic.
Customers can elect to have their keys and certificates stored securely for reuse or provide temporary ones that are revoked after an encrypted DDoS attack is stopped. To aid in this process, PLXproxy SSL Manager, a secure and efficient way to upload SSL keys and certificates, can be accessed through the PLXportal, an online resource devoted to giving Prolexic customers greater visibility into their Prolexic DDoS mitigation services and activity.
John Breeden II directs the GCN Lab.