论文信息 - Investigation of Protection Mechanisms Against DRDoS Attacks Using a Simulation Approach

Investigation of Protection Mechanisms Against DRDoS Attacks Using a Simulation Approach

Nowadays, permanent availability is crucial for a growing number of computer services. An increasing quantity and power of DoS attacks frequently disrupts online network communication. Therefore it is important to create new effective defense methods for networks. In this paper we outline a programming library for the simulation of distributed reflected denial of service attacks and security mechanisms against them. Using this framework, a protection mechanism to detect and mitigate DRDoS attacks based on DNS and NTP protocols is developed. To evaluate the effectiveness of the proposed protection mechanism, a series of experiments was conducted. Also a comparison between the proposed protection mechanism and the protection mechanisms proposed by other researchers was carried out.

Yana Bekeneva | Andrey Shorov | Nikolay Shipilov

[1] Craig A. Shue,et al. Characterizing Optimal DNS Amplification Attacks and Effective Mitigation , 2015, PAM.

[2] Georgios Kambourakis,et al. Detecting DNS Amplification Attacks , 2007, CRITIS.

[3] Igor V. Kotenko,et al. Investigation of DDoS Attacks by Hybrid Simulation , 2015, ICT-EurAsia/CONFENIS.

[4] Christian Rossow,et al. Amplification Hell: Revisiting Network Protocols for DDoS Abuse , 2014, NDSS.

[5] Yana A. Bekeneva,et al. Simulation of DDoS-attacks and protection mechanisms against them , 2015, 2015 IEEE NW Russia Young Researchers in Electrical and Electronic Engineering Conference (EIConRusNW).

[6] David Huistra. Detecting Reflection Attacks in DNS Flows , 2013 .

[7] José Meseguer,et al. Model-Checking DoS Amplification for VoIP Session Initiation , 2009, ESORICS.