Bibliographic Information
- Other Title
-
- リフレクター近傍リクエストフィルタリングによるDRDoS攻撃回避
Search this article
Abstract
The DNSamp attack, a DRDoS attack type, amplifies the amount of data via steppingstone servers named“reflectors”and attacks target servers and their networks. In this study, we developed an attack prevention system that blocks malicious queries before amplification, which should be implemented in ISPs. This system consists of several machines with the same function, which are located at borders between ISP and user network. Among these servers, the machines located at the reflector neighborhoods detect and filter increasing DNS queries. However, these machines may block harmless queries to reflectors from victim servers through this filtering action. To avoid this, machines at victim neighborhoods convert the destination port number to distinguish between malicious traffic and harmless traffic. Therefore, we could avoid DNSamp attack in approximately 1.2 s, without blocking harmless packets even if they are transmitted rapidly.
Journal
-
- 東京情報大学研究論集
-
東京情報大学研究論集 25 (2), 21-33, 2022-03-25
東京情報大学
- Tweet
Keywords
Details 詳細情報について
-
- CRID
- 1390291767862753280
-
- NII Book ID
- AA11155514
-
- Text Lang
- ja
-
- Data Source
-
- JaLC
- IRDB