0

NETSCOUT SYSTEMS, INC. has announced it enhanced its Arbor® Threat Mitigation System (TMS) Adaptive DDoS Protection solution with additional AI/ML functionality. The leading provider of performance management, cybersecurity, and DDoS attack protection solutions said will  better detect and block malicious traffic. 

RELATED: From DDoS to Ransomware – NETSCOUT uncovers the nine most common cyberattacks
Distributed Denial of Service (DDoS) attacks targeting critical IT infrastructure and services have increased by 55% over the last four years. A perfect storm of AI-driven automation, evolving DDoS-for-hire services have changed the threat landscape. Similar trends such as augmented IoT botnets, and geopolitical conflicts have meant more frequent, sophisticated attacks having the potential to do more damage more rapidly.
To combat these attacks, organisations, enterprises and service providers require AI/ML-enabled solutions that can continually adapt to threats. They must use proactive, intelligence-driven security strategies to protect their networks.

Proactively  adapting to emerging threats

“With AI-driven attacks, ransomware, and nation-state threats impacting corporate governance, financial performance, and customer trust, corporate boards expect their IT teams to be proactive in adapting to emerging threats like DDoS,” said Chris Steffen, Vice President of Research – Information Security, Enterprise Management Associates.

“Implementing solutions that can adapt to threats helps minimise that risk.”

NETSCOUT utilises a hybrid AI/ML strategy that combines AI/ML running at scale in the cloud. It operates with supervision, to analyse data collected from an unprecedented 550 Tbps of Internet traffic (almost half of all Internet traffic). This is along with AI/ML running in our software solutions to enable automated protection from these attacks.

A hybrid AI/ML provides a ‘best of both worlds’ approach. The computational scale of the cloud allows for large-scale analysis of threat data with supervision. This is to ensure accuracy while AI/ML running in our software solutions. Consequently, it enables them to leverage that pre-analysed intelligence to make fast, accurate, automated decisions about what to detect and block.

ATLAS Intelligence Feed delivers unique DDoS Protection capabilities

The company’s cloud-based AI/ML drives the creation of the ATLAS Intelligence Feed. It delivers unique capabilities in its Adaptive DDoS Protection solutions, arming them with the latest DDoS attack intelligence. The continuous analysis, updated multiple times per day, provides insight into the source IP addresses of devices.

ADVERTISEMENT

These are devices actively conducting DDoS attacks on the internet, novel attack vectors, DDoS attack targets, and other intelligence. Thus, this enables Adaptive DDoS Protection to quickly and accurately detect even small direct-path attacks from sampled flow data. It then sends the traffic to TMS for automated blocking.

The latest AI/ML-derived ATLAS Intelligence Feed iteration has been augmented with enhanced Geo-IP location functionality. It maps IP addresses to geographic locations. This enables faster and more precise identification and blocking of malicious traffic. In addition, the ATLAS Intelligence Feed now includes NETSCOUT’s ATLAS tracking of active DDoS campaigns. Thus, enabling Adaptive DDoS Protection to automatically detect and block attacks from over 65 known DDoS threat actors carrying out active attack campaigns against a range of targets, including NoName057 and RipperSec.

Tracking misbehaving subscribers, infected hosts, compromised IoT, etc

AI/ML technology has also been adopted as part of the Adaptive DDoS Protection solution. New in the latest release is AI/ML-powered source host misuse detection, which enables network operators to track misbehaving subscribers, infected hosts, compromised IoT devices, and other internal attack sources.

This new capability makes it easier to detect and block outbound DDoS attacks that can impact service and infrastructure performance and availability as edge connectivity speeds increase. New TMS Source Mitigations enable network operators to redirect and surgically protect against threat activity from specific sources that may be targeting the entire network without requiring fully inline solutions on all network traffic.

Service Provider Benefits

With updates to NETSCOUT’s Adaptive DDoS Protection solution, service providers can better protect their critical infrastructures and the services they provide to their customers. Other key advantages include enhanced availability, reduced downtime costs, less aggravation, and new revenue-generating opportunities.

ADVERTISEMENT

“With more sophisticated and frequent DDoS attacks, the risks have never been greater,” said Scott Nichols, Chief Commercial Officer at Arelion. “Through our partnership with NETSCOUT, we’re able to deliver industry-leading Adaptive DDoS protection to ensure the best experience possible for our customers.”

More in Business

You may also like