@inproceedings{fb2d32a2826e4905b8bd7bbab1ec36da,
title = "Detecting amplification attacks with Software Defined Networking",
abstract = "Distributed denial of service (DDoS) is an attack that attempts to disrupt network service for various malicious purposes. It makes use of public services as reflectors to amplify the traffic, and thus called distributed reflection denial of service attacks. This type of attack forges source IP address, and makes it hard to filter the problematic packets. With Software Defined Networking (SDN) and machine learning techniques, we implement a system to detect DRDoS packets and block the amplification attacks automatically. DNS and NTP amplifications are two typical attacks of DDoS. By analyzing the traffic features, although our classifier is trained only for the DNS amplification attack, our system can identify and then block both DNS and NTP amplification attacks with great accuracy.",
author = "Chen, {Chih Chieh} and Chen, {Yi Ren} and Lu, {Wei Chih} and Shi-Chun Tsai and Yang, {Ming Chuan}",
note = "Publisher Copyright: {\textcopyright} 2017 IEEE.; 2017 IEEE Conference on Dependable and Secure Computing ; Conference date: 07-08-2017 Through 10-08-2017",
year = "2017",
month = oct,
day = "18",
doi = "10.1109/DESEC.2017.8073807",
language = "English",
series = "2017 IEEE Conference on Dependable and Secure Computing",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
pages = "195--201",
booktitle = "2017 IEEE Conference on Dependable and Secure Computing",
address = "United States",
}