A behavior-based method for detecting DNS amplification attacks

Longzhu Cai, Yaokai Feng, Junpei Kawamoto, Kouichi Sakurai

Research output: Chapter in Book/Report/Conference proceedingConference contribution

3 Citations (Scopus)

Abstract

DNS (Domain Name System) amplification attack has become a popular form of the attacks of the Distributed Denial of Service (DDoS) in recent years. In DNS amplification attacks, the attackers utilize spoofed source IP addresses and open recursive DNS servers to perform the bandwidth consumption attacks. A lot of responses are generated and they are sent to the targets after the attackers send only a little of DNS requests. Various methods have been proposed for detecting the DNS amplification attacks. However, almost of them have to determine parameters in advance, which is not easy for many cases. In this study, we utilized the detection pattern and combination of three features to distinguish normal and attack. It can solve the problem that limitation of detection in the case of high-frequency and low-amplification attack.

Original languageEnglish
Title of host publicationProceedings - 2016 10th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, IMIS 2016
EditorsFatos Xhafa, Leonard Barolli, Noriki Uchida
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages608-613
Number of pages6
ISBN (Electronic)9781509009848
DOIs
Publication statusPublished - Dec 21 2016
Event10th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, IMIS 2016 - Fukuoka, Japan
Duration: Jul 6 2016Jul 8 2016

Publication series

NameProceedings - 2016 10th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, IMIS 2016

Other

Other10th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, IMIS 2016
CountryJapan
CityFukuoka
Period7/6/167/8/16

    Fingerprint

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications
  • Computer Science Applications

Cite this

Cai, L., Feng, Y., Kawamoto, J., & Sakurai, K. (2016). A behavior-based method for detecting DNS amplification attacks. In F. Xhafa, L. Barolli, & N. Uchida (Eds.), Proceedings - 2016 10th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, IMIS 2016 (pp. 608-613). [7794541] (Proceedings - 2016 10th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, IMIS 2016). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/IMIS.2016.88