7 research outputs found
Distributed Denial of Service Attacks on Cloud Computing Environment‎
This paper aimed to identify the various kinds of distributed denial of service attacks (DDoS) attacks, their destructive capabilities, and most of all, how best these issues could be counter attacked and resolved for the benefit of all stakeholders along the cloud continuum, preferably as permanent solutions. A compilation of the various types of DDoS is done, their strike capabilities and most of all, how best cloud computing environment issues could be addressed and resolved for the benefit of all stakeholders along the cloud continuum. The key challenges against effective DDoS defense mechanism are also explored
Linking Amplification DDoS Attacks to Booter Services
We present techniques for attributing amplification DDoS
attacks to the booter services that launched the attack. Our k-Nearest
Neighbor (k -NN) classification algorithm is based on features that are
characteristic for a DDoS service, such as the set of reflectors used by that
service. This allows us to attribute DDoS attacks based on observations
from honeypot amplifiers, augmented with training data from ground
truth attack-to-services mappings we generated by subscribing to DDoS
services and attacking ourselves in a controlled environment. Our eval-
uation shows that we can attribute DNS and NTP attacks observed by
the honeypots with a precision of over 99% while still achieving recall
of over 69% in the most challenging real-time attribution scenario. Fur-
thermore, we develop a similarly precise technique that allows a victim
to attribute an attack based on a slightly different set of features that
can be extracted from a victim’s network traces. Executing our k -NN
classifier over all attacks observed by the honeypots shows that 25.53%
(49,297) of the DNS attacks can be attributed to 7 booter services and
13.34% (38,520) of the NTP attacks can be attributed to 15 booter ser-
vices. This demonstrates the potential benefits of DDoS attribution to
identify harmful DDoS services and victims of these services