Michał Sołtysik - How Web Protocol Weaknesses Enable Layer 7 DoS Attacks (ENG)

Описание: Other content:    • Michał Sołtysik - Cybersecurity content  

Official website: https://michalsoltysik.com/

Michał Sołtysik is a Cybersecurity Consultant and Blue Team, Purple Team, and Red Team Analyst, bringing a broad and in-depth range of expertise to his cybersecurity practice.

He is also a Digital and Network Forensics Examiner, Cyber Warfare Organizer, and SOC Trainer, specializing in SOC operational capability and maturity development, network edge traffic profiling, and adversary emulation in EDR testing.

0:00 Start

0:03 Title of the lecture: How Web Protocol Weaknesses Enable Layer 7 DoS Attacks.

2:07 Description of the lecture: This presentation delves into the inherent vulnerabilities within the design of web protocols which indirectly expose web pages to Layer 7 Denial-of-Service (DoS) attacks - regardless of the use of modern transport encryption mechanisms (e.g., WTLS, DTLS, TLS 1.2/1.3, or (G)QUIC). We'll meticulously dissect the specific weaknesses of the Internet Cache Protocol (ICP) and explore how it can be weaponized to circumvent security measures. Our analysis will further delve into the vulnerabilities residing within the handshake processes of DTLS, (G)QUIC, TLS 1.2/1.3, and WTLS. This session will provide valuable insights for security professionals and web developers, highlighting the importance of layered security strategies beyond encryption protocols to defend against DoS attacks.

Content:

1:14 - Opening words.
2:32 - Introduction to Layer 7 DoS Attacks.
3:28 - Weak protocol design in ICP.
8:04 - Weak protocol design in WTLS.
10:45 - Weak protocol design in DTLS.
14:33 - Introduction to QUIC Protocol.
15:12 - QUIC vs. TLS.
15:58 - GQUIC vs. IETF QUIC.
16:42 - Weak protocol design in GQUIC.
18:32 - Weak protocol design in QUIC.
20:35 - Weak protocol design in TLS (Pre-1.3).
23:16 - Weak protocol design in TLS 1.3.
24:33 - Legitimate vs. illegitimate TLS traffic.
25:58 - TLS DoS Attacks in practice.
29:24 - Summary of inherent vulnerabilities in Layer 7 DoS Attacks across protocols.
30:44 - Conclusions on common weaknesses leading to Layer 7 DoS.
31:24 - Solutions for the need for a fully secure mechanism.
33:27 - Executing a Layer 7 TLS 1.3 DoS Attack with OpenSSL and Python on Kali Linux.
41:43 - Q&A.
54:20 - Closing words.

Contact:
Mail: [email protected]
LinkedIn:   / michal-soltysik-ssh-soc  
GitHub: https://github.com/MichalSoltysikSOC
Accredible: https://www.credential.net/profile/mi...
Credly: https://www.credly.com/users/michal-s...

Link to download the presentation in .pdf format: https://files.fm/f/yd6s8y4w2h