DoS Amplification Attacks - Protocol-Agnostic Detection of Service Abuse in Amplifier Networks

نویسندگان

  • Timm Böttger
  • Lothar Braun
  • Oliver Gasser
  • Felix von Eye
  • Helmut Reiser
  • Georg Carle
چکیده

For many years Distributed Denial-of-Service attacks have been known to be a threat to Internet services. Recently a configuration flaw in NTP daemons led to attacks with traffic rates of several hundred Gbit/s. For those attacks a third party, the amplifier, is used to significantly increase the volume of traffic reflected to the victim. Recent research revealed more UDP-based protocols that are vulnerable to amplification attacks. Detecting such attacks from an abused amplifier network’s point of view has only rarely been investigated. In this work we identify novel properties which characterize amplification attacks and allow to identify the illegitimate use of arbitrary services. Their suitability for amplification attack detection is evaluated in large high-speed research networks. We prove that our approach is fully capable of detecting attacks that were already seen in the wild as well as capable of detecting attacks we conducted ourselves exploiting newly discovered vulnerabilities.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Detection of Spoofing Using Packet Marking Algorithm

Wireless networks are vulnerable to spoofing attacks, which allows for many other forms of attacks on the networks. However the localization infrastructure can be subjected to non cryptographic attacks, such as signal attenuation and amplification that cannot be addressed by traditional security services. An interruption in an authorized users access to a computer network, typically one caused ...

متن کامل

A Mechanism for Detecting and Identifying DoS attack in VANET

VANET (Vehicular Ad-hoc Network) which is a hy- brid network (combination of infrastructure and infra- structure-less networks) is an emergent technology with promising future as well as great challenges especially in security. By the other hand this type of network is very sensible to safety problem. This paper focuses on a new mechanism for DoS (denial of service) attacks on the physical and ...

متن کامل

A Mechanism for Detecting and Identifying DoS attack in VANET

VANET (Vehicular Ad-hoc Network) which is a hy- brid network (combination of infrastructure and infra- structure-less networks) is an emergent technology with promising future as well as great challenges especially in security. By the other hand this type of network is very sensible to safety problem. This paper focuses on a new mechanism for DoS (denial of service) attacks on the physical and ...

متن کامل

Detecting Denial of Service Message Flooding Attacks in SIP based Services

Increasing the popularity of SIP based services (VoIP, IPTV, IMS infrastructure) lead to concerns about its ‎security. The main signaling protocol of next generation networks and VoIP systems is Session Initiation Protocol ‎‎(SIP). Inherent vulnerabilities of SIP, misconfiguration of its related components and also its implementation ‎deficiencies cause some security concerns in SIP based infra...

متن کامل

Exit from Hell? Reducing the Impact of Amplification DDoS Attacks

Amplification vulnerabilities in many UDP-based network protocols have been abused by miscreants to launch Distributed Denial-of-Service (DDoS) attacks that exceed hundreds of Gbps in traffic volume. However, up to now little is known about the nature of the amplification sources and about countermeasures one can take to remediate these vulnerable systems. Is there any hope in mitigating the am...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2015