MaskMask

How to Protect Real-Time Applications From DDoS Without Using a CDN

PublishedMar 12, 2021BySubspace Team
Towards the end of 2020, nearly 77% of all DDoS attacks targeted the online gambling and gaming industries, and that number continues to rise.
Online games have traditionally been an easy target, especially compared to traditional web services, as players and attackers alike immediately see the effects. Usually, protection isn’t a priority for newer game titles that aren’t expected to succeed and aren’t initially well-funded. Budgets and resources typically go toward making the game rather than protecting their network.
In addition, gambling is a highly competitive industry that may be susceptible to attacks from rival sites, or those looking to extort companies and their user bases. Online gambling providers, in some instances, may prioritize security, but that does not negate the persistence of those who specifically target gambling apps and services.
Many of these attacks come from weaknesses in protocols designed 30–50 years ago when the internet was a friendlier place, and real-time apps were only a dream. Existing solutions work wonderfully for traditional web traffic that doesn’t require low-latency response times. Real-time gaming and gambling are now a reality, but current DDoS mitigation and protection providers aren’t focused on real-time security. That leaves real-time apps with latency-inducing security protocols or exposed to attacks.

Traditional Security Companies Incur Latency Through Proxying

Current providers regularly rely on proxying traffic as the primary tool for DDoS mitigation. Proxying involves taking the data through a scrubbing server that forwards traffic and runs analysis before sending it back to the user.
Moving data through a proxy for scrubbing increases ping time and latency, resulting in additional lag. It’s only a good solution for web traffic that doesn’t require real-time communications.
Proxy servers introduce latency, which negatively impacts real-time apps.
On the other hand, Subspace’s platform provides an alternate anti-DDoS solution explicitly built for real-time traffic. It’s time to move away from the traditional canned solutions.

Exclusive Real-time Traffic Benefits From Fingerprinting

Subspace’s platform actively uses fingerprinting to scan for malicious traffic that doesn’t align with the defined profile of gaming or gambling traffic (just to name a few). Since Subspace’s software stack is custom-built for all real-time traffic, malicious traffic is easily identified as it stands out against the unique and identifiable profiles built for all the apps it serves.
Unlike traditional CDNs that handle video, HP, and SSL, Subspace’s platform handles packets exclusively. This unique data profile allows it to identify and kick out DDoS attacks easily.

Line Rate Scrubbing Provides No-Latency Security

On top of Subspace’s superior abilities to remove attacker traffic through fingerprinting, its DDoS scrubbing is performed at line-rate and inline. That means that, unlike most DDoS scrubbing center solutions, it never adds latency to the connections.
Traditional providers host their scrubbing at an external data center, increasing travel time for data packets and incurring latency. These scrubbing centers aren’t always on; if the systems are off, all data requests are processed and directed without being cleaned, compromising their line of defence. Providers are then left to go on to the offensive to mitigate the attack. When it comes to security, it is best to remain on the defensive.
Subspace’s scrubbing is always on, overcoming the issue of traditional scrubbing centers that require a person or system to enable them. Subspace’s infrastructure can natively scrub traffic as it moves through the backbone without disrupting the natural flow of traffic or increasing latency.
Subspace DDoS protection occurs at line-rate and inline, without the need for scrubbing centers.

Server and User Identity Protection for DDoS Prevention

DDoS attacks can only target known IP addresses, leaving servers and users susceptible to a direct attack if this information is accessible. These attacks may be aimed at raising ping times for a single gamer/gambler or targeted toward taking a service offline completely.
In the case of video games, DDoS attacks are a popular way to exact revenge after losing a game. DerpTrolling, made up of a group of hackers, is most notably known for the DDoS attack spree in December 2013 that targeted popular multiplayer games. According to Austin Thompson’s 2018 plea statement, they were able to go as far as taking down Sony’s Playstation Network.
Many different hacking groups will go after servers to turn a profit off of users or corporate data. Blizzard was the victim of four DDoS attacks in March 2020, with all attacks occurring in less than a week. After a DDoS attack, when gamer data is subsequently leaked, gamers begin to lose trust. DDoS attacks that cause the servers to go down harm the gamer’s experience, result in negative press, and lead to game abandonment and subsequent revenue loss.
In terms of gambling, many online betting sites have not adopted HTTPS, which leads to these sites becoming an easy target; it’s especially important for this industry, where 60% of interactions on these sites are sensitive to latency.
Subspace’s infrastructure is built to stay on defence and provide server and user identity protection. It masks all IP addresses to prevent DDoS attacks.

Subspace Uses Anycast Network Ability to Mitigate Without Latency

With a defence-in-depth mentality, Subspace is prepared to mitigate an attack if one occurs. Ready to go on the offensive, if required, Subspace is able to leverage its Anycast network to mitigate a DDoS attack without taking the servers offline or delaying real-time traffic.
Traditional security services incur latency during their defence process and are forced onto the offensive as they remain susceptible to DDoS attacks. For example, the financial sector relies on traditional security providers for protection since financial institutions maintain highly confidential information about their clients. If this information were to be leaked, the banks’ clients would not be likely to trust that bank again.
Back in 2012, a DDoS attack at an unprecedented scale affected six major US banks. It was mitigated and luckily only resulted in the web servers being down for a few hours without any information leaked. Due to the nature of banking and the fact that it is not a real-time service, the delays were frustrating but not detrimental.
Online gambling and gaming are industries that rely on real-time traffic, servers going down is unacceptable to their users. Time in gameplay leads to greater game revenue, and when gamers/gamblers are unable to access servers they may abandon an app entirely due to recurring frustrations, revenue is at risk.
Using Subspace’s anycast network, the infrastructure can distribute attack traffic over many more datacenters and scrub DDoS attack packets much closer to the source. This prevents servers from going down, leading to satisfied users who have secure connections and remain unaffected during mitigation.
Anycast’s obvious advantage over Unicast.
Subspace can easily detect spoofed traffic and drop it quickly near the source. Subspace focuses on providing security for confidential information stored in the server and trust in operation consistency, preventing site outages and users from being locked out of servers.

The Importance of Instant Incident Response Times

Game publishers and betting providers need to have a DDoS incident response plan in place before an attack takes place. If an attack occurs, certain things need to be addressed while the attacking traffic is mitigated:
  • Who needs to be contacted in the event of an incident?
  • Which team runs the incident?
  • Who needs to be notified and updated throughout the incident?
  • When and how to communicate to players (remember that simply saying “we’re aware and working on a resolution” is much better than saying nothing)?
On Subspace’s platform, much of the strategy above has already been implemented. If user traffic is attacked, help will be instant.
After every incident, the incident response plan should be reviewed to identify learnings and incorporate them into the plan’s next iteration.
Not only is Subspace’s infrastructure built to relieve the threat of DDoS attacks occurring, but its service provides confidence that all necessary parties will be kept in the loop and put at ease while an attack is mitigated.
Subspace PacketAccelerator reduces latency and accelerates packets, helping to increase your users’ performance and decrease their stress. Subspace GlobalTURN allows you to run TURN globally without having to maintain servers around the world. SIPTeleport is a Global SIP Proxy for the lowest latency voice and video calls; all solutions include in-line, zero latency DDoS protection.

The Gaming and Gambling Industries are Under Attack

These industries are no exception to DDoS attacks, and trends indicate that attacks are increasing. Traditional mitigation and protection providers incur latency as they work, which is not ideal for real-time traffic. However, their mentality is “why fix what’s not broken” since the services work well for traditional web traffic.
Gaming and gambling traffic isn’t traditional — it is real-time traffic. It needs a customized solution for DDoS protection that is built to maintain low latency rates without jeopardizing security. Subspace’s platform keeps game traffic and latency rates secured.
Subspace prioritizes absolute protection of app integrity. If you are interested in learning more about how Subspace ensures that experience isn’t ruined by attacks while preventing lag, reach out to the team.

Share this post

Subscribe to our newsletter

The world’s fastest internet for real-time applications—period. Every millisecond counts. Learn more in our newsletter.

Related Articles