Naïve to clever: Understanding DoS

Contents

• Introduction Introduction

  • Let me interrupt you

    50s
  • STRIDE and the four question framework

    1m 59s
• 1. DoS Targets 1. DoS Targets

  • (Locked)
    DoS in context

    1m 3s
  • (Locked)
    Attackers fill networks

    1m 31s
  • (Locked)
    How attackers redline your CPU

    2m 20s
  • (Locked)
    How attackers fill storage

    1m 34s
  • (Locked)
    How attackers spend your budget

    1m 19s
  • (Locked)
    How attackers drain your battery

    1m 4s
• 2. Properties of DoS Attacks 2. Properties of DoS Attacks

  • (Locked)
    Persistence and transience of DoS

    1m 7s
  • (Locked)
    Naïve to clever: Understanding DoS

    2m 28s
  • (Locked)
    Amplified or native: Two modes of DoS

    2m 3s
• 3. DoS in Various Technologies 3. DoS in Various Technologies

  • (Locked)
    Mobile and IoT denial of service

    1m 13s
  • (Locked)
    Cloud denial of service

    1m 20s
• 4. DoS Defenses 4. DoS Defenses

  • (Locked)
    Designing for resilience

    1m 30s
  • (Locked)
    Quantity as a defense

    46s
• 5. EOP 5. EOP

  • (Locked)
    What is elevation of privilege?

    1m 18s
  • (Locked)
    Input corrupts

    1m 46s
  • (Locked)
    Main forms of corrupt input

    2m 52s
• 6. EOP Defenses 6. EOP Defenses

  • (Locked)
    Ways to defend against EOP

    1m 10s
  • (Locked)
    Validation to defend against elevation

    1m 32s
  • (Locked)
    Validate for purpose to prevent elevations

    1m 56s
  • (Locked)
    Validation not sanitization for defense

    1m 13s
  • (Locked)
    Attenuation in defense

    2m 14s
  • (Locked)
    Memory safety as a defensive tool

    2m 1s
  • (Locked)
    Stack canaries to protect your code

    2m 20s
  • (Locked)
    Sandboxes and isolation protect your environment

    2m 8s
  • (Locked)
    Bolt-on or built-in defenses

    1m 26s
• Conclusion Conclusion

  • (Locked)
    Making great strides

    2m 6s