SSL Attacks – SSL DDoS Attacks
SSL is a method of encryption used by various network communication protocols. Conceptually, SSL runs above TCP/IP, providing security to users communicating over other protocols by encrypting communications and authenticating communicating parties. SSL DDoS attacks and SSL DoS attacks target the SSL handshake mechanism, send garbage data to the SSL server, or abuse functions related to the SSL encryption key negotiation process. SSL attacks in the form of a DoS attack can also be launched over SSL-encrypted traffic, making it extremely difficult to identify.
A single standard home PC can take down an entire SSL-encrypted web application, and several computers can take down a complete farm of large, secured online services. SSL attacks are popular because each SSL session handshake consumes 15 times more resources from the server side than from the client side. Such attacks are "asymmetric" because it takes significantly more server resources to deal with the attack than it does to launch it.
Protecting Against SSL Attacks
Most DDoS mitigation services do not actually inspect SSL traffic, as doing so would require decrypting the encrypted traffic. Moreover, mitigation of SSL attacks requires extensive server resources. Countering SSL DDoS attacks thus poses several challenges, including the burden of implementing encryption and decryption mechanisms. As a result, these serious attacks require extremely sophisticated DDoS mitigation and DDoS protection solutions.