Following the massive DDoS attack that last month that targeted DNS provider Dyn and temporarily knocked Twitter, Netflix and other big names off the Internet, we were bombarded with pitches from vendors begging to offer their expert opinions on the matter while extolling the virtues of their solutions that naturally would have safeguarded organizations.
Now, a couple of weeks later, Carnegie Mellon's CyLab Security and Privacy Institute too is touting research that it says shows that the tools really needed to stymie such attacks are on the way. Somehow, this seems more believable than some of the all-to-eager vendor claims, though it doesn't appear the tools will quite be ready to fly for imminent DDoS attack candidates, such as 2016 U.S. Presidential Election-related sites and Black Friday 2016 websites.
Senior Systems Scientist Yang Cai of CyLab's Visual Intelligence Studio says the key is providing visualization of the reams of network traffic data (i.e., IP addresses and time stamps) that IT and security analysts typically examine. This makes it easier to spot patterns, they say.
"Visualization is one way to change abstract data into pictures, sound, and videos so you can see patterns in a very intuitive way," says Cai, who has worked with Sebastian Peryt to build a tool that can be used to inspect network traffic during DDoS attacks and help shut down a malware distribution network. Last month, they showed their tool at the IEEE Symposium on Visualization for Cybersecurity in Baltimore. (See a video demonstration of the tool below.)
Even the visualization of so much data on a computer screen can be pretty overwhelming though. So one thing the team is working on is presenting the data in a virtual reality form, too.