Detecting DNS Amplification Attacks

14 years 1 months ago

Download www.icsd.aegean.gr

DNS amplification attacks massively exploit open recursive DNS servers mainly for performing bandwidth consumption DDoS attacks. The amplification effect lies in the fact that DNS response messages may be substantially larger than DNS query messages. In this paper, we present and evaluate a novel and practical method that is able to distinguish between authentic and bogus DNS replies. The proposed scheme can effectively protect local DNS servers acting both proactively and reactively. Our analysis and the corresponding real-usage experimental results demonstrate that the proposed scheme offers a flexible, robust and effective solution.

Georgios Kambourakis, Tassos Moschos, Dimitris Gen

Real-time Traffic

CRITIS 2007 | DNS Response Messages | DNS Servers | Recursive Dns Servers | Security Privacy |

claim paper

Post Info
More Details (n/a)

Added	26 Oct 2010
Updated	26 Oct 2010
Type	Conference
Year	2007
Where	CRITIS
Authors	Georgios Kambourakis, Tassos Moschos, Dimitris Geneiatakis, Stefanos Gritzalis

Comments (0)

Sciweavers

Detecting DNS Amplification Attacks

CRITIS 2007 | DNS Response Messages | DNS Servers | Recursive Dns Servers | Security Privacy |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers