Abstract:
DNS (Domain Name System) amplification attack has become a popular form of the attacks of the Distributed Denial of Service (DDoS) in recent years. In DNS amplification a...Show MoreMetadata
Abstract:
DNS (Domain Name System) amplification attack has become a popular form of the attacks of the Distributed Denial of Service (DDoS) in recent years. In DNS amplification attacks, the attackers utilize spoofed source IP addresses and open recursive DNS servers to perform the bandwidth consumption attacks. A lot of responses are generated and they are sent to the targets after the attackers send only a little of DNS requests. Various methods have been proposed for detecting the DNS amplification attacks. However, almost of them have to determine parameters in advance, which is not easy for many cases. In this study, we utilized the detection pattern and combination of three features to distinguish normal and attack. It can solve the problem that limitation of detection in the case of high-frequency and low-amplification attack.
Published in: 2016 10th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing (IMIS)
Date of Conference: 06-08 July 2016
Date Added to IEEE Xplore: 22 December 2016
ISBN Information: