Using NetFlow Auditor to Assist in Identifying Distributed Denial-of-Service (DDoS) Attacks and Other Network Behavior Anomalies

Date Added: Aug 2009
Format: PDF

This Paper covers how Denial of Service Attacks (DoS) and Distributed Denial of Service Attacks (DDos) can be identified early to mitigate and attack. The paper will reflect a method to alert when changes occur outside of learnt baselines and how new patterns can be recognized when security analysts have access to technology that provides high visibility of traffic from utilization, conversation, packet analysis, packet size distribution analysis and byte usage and standard deviation methods. A game-changing Network Auditing technology called NetFlow Auditor has the potential to enhance the security, reliability, resilience, and trustworthiness of the digital infrastructure which can be used to assist in identifying a DDoS flood or a slow Denial of Service attacks and other network behavior anomalies including Peer-to-Peer (P2P) usage.