Kill 'em All — DDoS Protection Total Annihilation!

DEF CON 21

Presented by: Dr. Wai-Leng Lee, Tony Miu (MT)
Date: Friday August 02, 2013
Time: 15:00 - 15:45
Location: Track 1
Track: Track 1

With the advent of paid DDoS protection in the forms of CleanPipe, CDN / Cloud or whatnot, the sitting ducks have stood up and donned armors... or so they think! We're here to rip apart this false sense of security by dissecting each and every mitigation techniques you can buy today, showing you in clinical details how exactly they work and how they can be defeated.

Essentially we developed a 3-fold attack methodology:

  1. stay just below red-flag rate threshold,
  2. mask our attack traffics inconspicuous,
  3. emulate the behavior of a real networking stack with a human operator behind it in order to spoof the correct response to challenges,
  4. ???
  5. PROFIT!

We will explain all the required look-innocent headers, TCP / HTTP challenge-response handshakes,JS auth bypass, etc. etc. in meticulous details. With that knowledge you too can be a DDoS ninja! Our PoC attack tool "Kill-em-All" will then be introduced as a platform to put what you've learned into practice, empowering you to bypass all DDoS mitigation layers and get straight through to the backend where havoc could be wrought. Oh and for the skeptics among you, we'll be showing testing results against specific products and services.

Tony Miu

As a battle-hardened veteran in the DDoS battlefield, Tony "MT" Miu has garnered invaluable experiences and secrets of the trade, making him a distinguished thought leader in DDoS mitigation technologies. At Nexusguard, day in day out he deals with high-profile mission-critical clients, architecturing for them full-scale DDoS mitigation solutions where failure is not an option. He has presented at DEF CON 20 and AVTokyo 2012 a talk titled "DDoS Black and White Kungfu Revealed", and at the 6th Annual HTCIA Asia-Pacific Conference a workshop titled "Network Attack Investigation".

Dr. Wai-Leng Lee

With "Impossible is Nothing" as his motto, Dr. Lee never fails to impress with his ingenious implementation prowess. With years of SOC experience under his belt, systematic security engineering and process optimization are his specialties. As a testament to his versatility, Dr. Lee has previously presented in conferences across various disciplines including ACM VRCIA, ACM VRST, IEEE ICECS and IEEE ECCTD.


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats