Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Discover a critical vulnerability in Content Delivery Network (CDN) infrastructures through this 28-minute Black Hat conference talk that exposes how attackers can exploit CDN back-to-origin strategies for massive amplification attacks. Learn about Back-to-Origin Amplification (BtOAmp) attacks, a new class of HTTP amplification attacks that leverage CDN edge servers as amplifiers to bypass DDoS protection mechanisms and directly target origin servers. Explore the systematic analysis of CDN back-to-origin strategies that revealed five distinct amplification attack vectors capable of compromising CDN DDoS protections. Understand how these attacks exploit CDN configurations that prioritize performance over security, leading to origin server resource exhaustion. Examine the devastating potential of these attacks through experimental results demonstrating how an attacker with only 200 Kbps bandwidth can destroy a 1 Gbps bandwidth website using just a laptop. Gain insights into mitigation strategies and the responsible disclosure process that led multiple CDN vendors to acknowledge these vulnerabilities. Recognize the latent security risks within CDN infrastructures and the urgent need for proactive security measures by both CDN operators and users to protect against these sophisticated amplification attacks.
