the DDoS Resiliency Score

DDoS Resiliency Score

The DDoS Resiliency Score (DRS) measures and evaluates mitigation strategies in objective, quantitative terms. Using the DRS score, organizations can:

  • Evaluate DDoS attack readiness. The DRS score provides a specific, defined list of the types of attacks an organization can withstand prior to an outage.
  • Make better technology decisions. Using the DRS score, technical teams can compare the effectiveness of different DDoS technologies and solution by assigning each a score.
  • Facilitate communication between management and technical teams. A score of 4.7, for example, can indicate to management that mitigation capabilities have improved since the previous score of 3.5. At the same time, the score encapsulates a list of specific attack vectors that will and will not be blocked, which the technical teams can analyze.

The DDoS Resiliency Scoring Method

The DRS scoring mechanism is based on seven ascending levels of DDoS attacks. Each level introduces additional types of attacks, more sophisticated attack vectors, and larger volumes of traffic. Similarly, the requirements on the defending side increase, with each level requiring  a shorter mitigation response time and smaller latency.

DRS_2-Small

Seven Levels of Attacks- Which One Can You Withstand?

The following table provides an overview of the key characteristics of the seven DDoS attack levels. For more information, please refer to the technical spec document.

Each of the attack levels,  from 1 through 7, introduces increased demands in terms of :

  • Traffic volume. DDoS attack vectors’ volume is measured by bytes per seconds (Mbps), packets per second (PPS) and transaction per second (TPS).
  • Attack vector types. With each level, additional attack levels are introduced to those from the previous level. In the following table, the ‘Attack Vectors’ column lists the delta - the attack vectors added in each level.
  • Attack sophistication. In each level, advanced properties are introduced that characterize more effective attacks, such as IP Address Spoofing, URL Randomization and more.
  • Mitigation requirements. Each level introduces a shorter response time requirement, measured by the maximum outage following attacks. Another parameter measuring mitigation resiliency is ‘Maximum latency,’ defined by the extra roundtrip time for an average packet to travel, compared to the normal roundtrip time when not under attack.

Organizations Using the DDoS Resiliency Score

Red Button is a security services and consulting company specializing in Distributed Denial of Service (DDoS). Red Button is the founder of the DDoS Resiliency Score. The standard was developed to fill a “methodological gap” in the DDoS domain. Red Button uses this standard in virtually all its services: testing, virtual testing, consulting and more.

Imperva Incapsula is a market leader in DDoS mitigation and  application security and delivery.

Arrow ECS Austria is the Austrian division of Arrow ECS and provide multiple security services. Arrow ECS Austria uses the benchmark as part of its DDoS service especially in its DDoS testing service.

Rua-Tek is an Application Delivery Networking company based in Costa Rica, in Central America. As part of its Application Security Consulting Deliverables, Rua-Tek uses the DRS as a tool for the DDOs Readiness Programs.

zeroBS provides various security-services for its ecommerce-driven customers.

As an early adaptor of the DRS zeroBS realized its value for measuring ddos-protection-capabilities with an easy-to-understand-scoring (and nice graphics for the C-level included) zeroBS uses the calculator for customer-assessments.