When cloud application security gets nasty: multi-vectored DDoS

With cloud computing application security still something of a moot point, a number of vendors are now attempting to align new and existing offerings to address the risk of security breaches in the virtual cloud domain.

Akamai is one such protagonist and the firm’s Kona Site Defender has been launched/refreshed this month with view to shielding web sites and cloud applications from serious risks such as multi-vectored DDoS attacks.

What is a multi-vectored DDoS?

A multi-vectored DDoS attack might see (for example) a company’s online web applications “overloaded” by hackers outside of the firm, but via web-based channels that allow input/output levels to go into meltdown. A firm might find that its email, instant message, Skype and website services themselves are simultaneously fried by hackers as they pile on pressure to communicate.

With Kona Site Defender, Akamai has provided a real-time web security-monitoring tool with adaptive rate controls in an always-on format.

The company says that while many organisations still wish to pair acceleration with web security in order to give users of primary sites and web applications a good experience, an increasing number find that the requirement for protection from DDoS and application layer attacks applies to a much broader number of their web properties.

“Attackers don’t stay on one layer anymore; they tend to include both network and application-based techniques, which makes defending against them more complicated,” said Wendy Nather, research director of 451 Research’s enterprise security practice.

Because the Akamai Intelligent Platform is designed to only accept valid HTTP/S requests on port 80 and port 443, network layer attacks such as TCP SYN floods, UDP floods and other network packet based attacks are deflected. The Akamai Intelligent Platform is further designed with built-in automatic protections against HTTP “slow client” attacks (e.g. Slowloris) and HTTP Request Smuggling attacks.


“Akamai’s platform-based approach to web security can offer protection to customers without incurring the performance penalty often associated with other methods, such as traffic scrubbing. At the application layer, where attacks such as SQL injection and cross site scripting are prevalent, the Akamai technology is differentiated through the inclusion of a full-feature web application firewall,” said the company, in a press statement.