On the Potential of IPv6 Open Resolvers for DDoS Attacks

Distributed Denial of Service (DDoS) attacks have become a daily problem in today’s Internet. These attacks aim at overwhelming online services or network infrastrucure. Some DDoS attacks explore open services to perform reflected and amplified attacks; and the DNS is one of the most (mis)used systems by attackers.

[1]  Aiko Pras,et al.  DNSSEC and its potential for DDoS attacks: a comprehensive measurement study , 2014, Internet Measurement Conference.

[2]  Herbert Bos,et al.  On measuring the impact of DDoS botnets , 2014, EuroSec '14.

[3]  Michael Bailey,et al.  Taming the 800 Pound Gorilla: The Rise and Decline of NTP DDoS Attacks , 2014, Internet Measurement Conference.

[4]  Eric Wustrow,et al.  ZMap: Fast Internet-wide Scanning and Its Security Applications , 2013, USENIX Security Symposium.

[5]  Robert Beverly,et al.  Internet nameserver IPv4 and IPv6 address relationships , 2013, Internet Measurement Conference.

[6]  Giovane C. M. Moura,et al.  Anycast vs. DDoS: Evaluating the November 2015 Root DNS Event , 2016, Internet Measurement Conference.

[7]  Mark Allman,et al.  On measuring the client-side DNS infrastructure , 2013, Internet Measurement Conference.

[8]  Robert Beverly,et al.  Server Siblings: Identifying Shared IPv4/IPv6 Infrastructure Via Active Fingerprinting , 2015, PAM.

[9]  Christian Rossow,et al.  Exit from Hell? Reducing the Impact of Amplification DDoS Attacks , 2014, USENIX Security Symposium.

[10]  Craig A. Shue,et al.  Characterizing Optimal DNS Amplification Attacks and Effective Mitigation , 2015, PAM.

[11]  Takeshi Takahashi,et al.  A Measurement Study of Open Resolvers and DNS Server Version , 2013 .

[12]  Edgar R. Weippl,et al.  On Reconnaissance with IPv6: A Pattern-Based Scanning Approach , 2015, 2015 10th International Conference on Availability, Reliability and Security.

[13]  Georg Carle,et al.  Scanning the IPv6 Internet: Towards a Comprehensive Hitlist , 2016, TMA.

[14]  Christian Rossow,et al.  Amplification Hell: Revisiting Network Protocols for DDoS Abuse , 2014, NDSS.