Forensics of Random-UDP Flooding Attacks

J. Networks Pub Date : 2015-05-27 DOI:10.4304/JNW.10.5.287-293

Anchit Bijalwan, M. Wazid, E. Pilli, R. Joshi

{"title":"Forensics of Random-UDP Flooding Attacks","authors":"Anchit Bijalwan, M. Wazid, E. Pilli, R. Joshi","doi":"10.4304/JNW.10.5.287-293","DOIUrl":null,"url":null,"abstract":"Internet has great impact on various facets of everyone’s life. With the enormous advantage Internet provides to users all around the world, it has some inherent weaknesses because of the protocol stack on which it is built. It can be easily attacked by attackers who exploit the vulnerabilities in the protocols and compromise systems and remotely control them to do further damage. Major attacks are focused on confidentiality, integrity and availability of data or resources. Flooding attack is one such resource availability attack which is a great cause of concern. Hackers can use the flooding attacks and cause Distributed Denial of Service (DDoS) attack with ease. With the increase and variations in the attack mode makes the investigation of these attacks essential. Random-UDP flooding attack is a different type of attack in which the attacker sends multiple UDP datagrams of different sizes at a time. This causes denial of service to the system and its resources. In this paper, we have proposed a technique for the forensics of Random-UDP flooding attack. We have tried to get as close as possible to the source of such attacks. The proposed technique is capable to identify the source of Random-UDP flooding bot attack.","PeriodicalId":14643,"journal":{"name":"J. Networks","volume":"183 1","pages":"287-293"},"PeriodicalIF":0.0000,"publicationDate":"2015-05-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"35","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"J. Networks","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.4304/JNW.10.5.287-293","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 35

Abstract

Internet has great impact on various facets of everyone’s life. With the enormous advantage Internet provides to users all around the world, it has some inherent weaknesses because of the protocol stack on which it is built. It can be easily attacked by attackers who exploit the vulnerabilities in the protocols and compromise systems and remotely control them to do further damage. Major attacks are focused on confidentiality, integrity and availability of data or resources. Flooding attack is one such resource availability attack which is a great cause of concern. Hackers can use the flooding attacks and cause Distributed Denial of Service (DDoS) attack with ease. With the increase and variations in the attack mode makes the investigation of these attacks essential. Random-UDP flooding attack is a different type of attack in which the attacker sends multiple UDP datagrams of different sizes at a time. This causes denial of service to the system and its resources. In this paper, we have proposed a technique for the forensics of Random-UDP flooding attack. We have tried to get as close as possible to the source of such attacks. The proposed technique is capable to identify the source of Random-UDP flooding bot attack.

查看原文本刊更多论文

随机udp泛洪攻击取证

互联网对每个人生活的各个方面都有很大的影响。尽管因特网为全世界的用户提供了巨大的优势，但由于它所基于的协议栈，它也有一些固有的弱点。它可以很容易地被攻击者攻击，他们利用协议中的漏洞，破坏系统，并远程控制它们来做进一步的破坏。主要的攻击集中在数据或资源的机密性、完整性和可用性上。洪水攻击就是其中一种资源可用性攻击，引起了人们的广泛关注。黑客可以利用泛洪攻击，轻松实现分布式拒绝服务(DDoS)攻击。随着攻击方式的增加和变化，对这些攻击的研究变得至关重要。随机UDP泛洪攻击是一种不同类型的攻击，攻击者一次发送多个不同大小的UDP数据报。这会导致对系统及其资源的拒绝服务。在本文中，我们提出了一种随机udp泛洪攻击的取证技术。我们已经试图尽可能接近这类攻击的源头。提出的技术能够识别随机udp洪水僵尸攻击的来源。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

J. Networks

自引率

0.00%

发文量