An SDN-based Approach For Defending Against Reflective DDoS Attacks

Distributed Reflective Denial of Service (DRDoS) attacks are an immanent threat to Internet services. The potential scale of such attacks became apparent in March 2018 when a memcached-based attack peaked at 1.7 Tbps. Novel services built upon UDP increase the need for automated mitigation mechanisms that react to attacks without prior knowledge of the actual application protocols used. With the flexibility that software-defined networks offer, we developed a new approach for defending against DRDoS attacks; it not only protects against arbitrary DRDoS attacks but is also transparent for the attack target and can be used without assistance of the target host operator. The approach provides a robust mitigation system which is protocol-agnostic and effective in the defense against DRDoS attacks

Modern DDoS Attacks and Defences -- Survey

Denial of Service (DoS) and Distributed Denial of Service of Service (DDoS) attacks are commonly used to disrupt network services. Attack techniques are always improving and due to the structure of the internet and properties of network protocols it is difficult to keep detection and mitigation techniques up to date. A lot of research has been conducted in this area which has demonstrated the difficulty of preventing DDoS attacks altogether, therefore the primary aim of most research is to maximize quality of service (QoS) for legitimate users. This survey paper aims to provide a clear summary of DDoS attacks and focuses on some recently proposed techniques for defence. The research papers that are analysed in depth primarily focused on the use of virtual machines (VMs) (HoneyMesh) and network function virtualization (NFV) (VGuard and VFence).Comment: 6 pages, 6 figure

Characterizing and mitigating the DDoS-as-a-Service phenomenon

Distributed Denial of Service (DDoS) attacks are an increasing threat on the Internet. Until a few years ago, these types of attacks were only launched by people with advanced knowledge of computer networks. However, nowadays the ability to launch attacks have been offered as a service to everyone, even to those without any advanced knowledge. Booters are online tools that offer DDoS-as-a-Service. Some of them advertise, for less than U$ 5, up to 25 Gbps of DDoS traffic, which is more than enough to make most hosts and services on the Internet unavailable. Booters are increasing in popularity and they have shown the success of attacks against third party services, such as government websites; however, there are few mitigation proposals. In addition, existing literature in this area provides only a partial understanding of the threat, for example by analyzing only a few aspects of one specific Booter. In this paper, we propose mitigation solutions against DDoS-as-a-Service that will be achieved after an extensive characterization of Booters. Early results show 59 different Booters, which some of them do not deliver what is offered. This research is still in its initial phase and will contribute to a Ph.D. thesis after four years