{"title":"存储转发分布式反射式拒绝服务攻击防御分析","authors":"M. Fraiwan, Fida'a Al-Quran, Basheer Al-Duwairi","doi":"10.1109/INNOVATIONS.2018.8605972","DOIUrl":null,"url":null,"abstract":"Distributed Denial of Service (DDoS) attacks are a dangerous large scale highly coordinated attempts to disable network-based computer systems. The attackers are comprised of a large number of agents working to overwhelm the victim with fake requests. Thus, preventing legitimate users from gaining access to the services provided by the victim. These attacks can target web services, as well as the networking infrastructure of critical cyberphysical systems like power stations and water distribution networks. Recently, a new class of DDoS attacks has emerged; Distributed Reflective Denial of Service (DRDoS) attacks are the new trend in this category. By reflecting and amplifying UDP traffic, the attackers are able to divert a large volume of traffic toward the victim. Under this category, store and flood DRDoS attacks have employed P2P networks to store the attack data on agents prior to the attack phase. These attacks have proved to be highly capable and more dangerous than traditional DoS attacks. In this paper, we to tackle the store and flood DRDoS problem. By studying the elements and mechanism of the attack, we develop mechanisms to mitigate the effects of these attacks and filter unwanted traffic.","PeriodicalId":319472,"journal":{"name":"2018 International Conference on Innovations in Information Technology (IIT)","volume":"63 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Defense Analysis Against Store and Forward Distributed Reflective Denial of Service Attacks\",\"authors\":\"M. Fraiwan, Fida'a Al-Quran, Basheer Al-Duwairi\",\"doi\":\"10.1109/INNOVATIONS.2018.8605972\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Distributed Denial of Service (DDoS) attacks are a dangerous large scale highly coordinated attempts to disable network-based computer systems. The attackers are comprised of a large number of agents working to overwhelm the victim with fake requests. Thus, preventing legitimate users from gaining access to the services provided by the victim. These attacks can target web services, as well as the networking infrastructure of critical cyberphysical systems like power stations and water distribution networks. Recently, a new class of DDoS attacks has emerged; Distributed Reflective Denial of Service (DRDoS) attacks are the new trend in this category. By reflecting and amplifying UDP traffic, the attackers are able to divert a large volume of traffic toward the victim. Under this category, store and flood DRDoS attacks have employed P2P networks to store the attack data on agents prior to the attack phase. These attacks have proved to be highly capable and more dangerous than traditional DoS attacks. In this paper, we to tackle the store and flood DRDoS problem. By studying the elements and mechanism of the attack, we develop mechanisms to mitigate the effects of these attacks and filter unwanted traffic.\",\"PeriodicalId\":319472,\"journal\":{\"name\":\"2018 International Conference on Innovations in Information Technology (IIT)\",\"volume\":\"63 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2018-11-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2018 International Conference on Innovations in Information Technology (IIT)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/INNOVATIONS.2018.8605972\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 International Conference on Innovations in Information Technology (IIT)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/INNOVATIONS.2018.8605972","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Defense Analysis Against Store and Forward Distributed Reflective Denial of Service Attacks
Distributed Denial of Service (DDoS) attacks are a dangerous large scale highly coordinated attempts to disable network-based computer systems. The attackers are comprised of a large number of agents working to overwhelm the victim with fake requests. Thus, preventing legitimate users from gaining access to the services provided by the victim. These attacks can target web services, as well as the networking infrastructure of critical cyberphysical systems like power stations and water distribution networks. Recently, a new class of DDoS attacks has emerged; Distributed Reflective Denial of Service (DRDoS) attacks are the new trend in this category. By reflecting and amplifying UDP traffic, the attackers are able to divert a large volume of traffic toward the victim. Under this category, store and flood DRDoS attacks have employed P2P networks to store the attack data on agents prior to the attack phase. These attacks have proved to be highly capable and more dangerous than traditional DoS attacks. In this paper, we to tackle the store and flood DRDoS problem. By studying the elements and mechanism of the attack, we develop mechanisms to mitigate the effects of these attacks and filter unwanted traffic.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
