Defense Analysis Against Store and Forward Distributed Reflective Denial of Service Attacks

Abstract

Distributed Denial of Service (DDoS) attacks are a dangerous large scale highly coordinated attempts to disable network-based computer systems. The attackers are comprised of a large number of agents working to overwhelm the victim with fake requests. Thus, preventing legitimate users from gaining access to the services provided by the victim. These attacks can target web services, as well as the networking infrastructure of critical cyberphysical systems like power stations and water distribution networks. Recently, a new class of DDoS attacks has emerged; Distributed Reflective Denial of Service (DRDoS) attacks are the new trend in this category. By reflecting and amplifying UDP traffic, the attackers are able to divert a large volume of traffic toward the victim. Under this category, store and flood DRDoS attacks have employed P2P networks to store the attack data on agents prior to the attack phase. These attacks have proved to be highly capable and more dangerous than traditional DoS attacks. In this paper, we to tackle the store and flood DRDoS problem. By studying the elements and mechanism of the attack, we develop mechanisms to mitigate the effects of these attacks and filter unwanted traffic.