Detecting amplification attacks with Software Defined Networking

Chih Chieh Chen*, Yi Ren Chen, Wei Chih Lu, Shi-Chun Tsai, Ming Chuan Yang

*此作品的通信作者

研究成果: Conference contribution同行評審

26 引文 斯高帕斯(Scopus)

摘要

Distributed denial of service (DDoS) is an attack that attempts to disrupt network service for various malicious purposes. It makes use of public services as reflectors to amplify the traffic, and thus called distributed reflection denial of service attacks. This type of attack forges source IP address, and makes it hard to filter the problematic packets. With Software Defined Networking (SDN) and machine learning techniques, we implement a system to detect DRDoS packets and block the amplification attacks automatically. DNS and NTP amplifications are two typical attacks of DDoS. By analyzing the traffic features, although our classifier is trained only for the DNS amplification attack, our system can identify and then block both DNS and NTP amplification attacks with great accuracy.

原文English
主出版物標題2017 IEEE Conference on Dependable and Secure Computing
發行者Institute of Electrical and Electronics Engineers Inc.
頁面195-201
頁數7
ISBN(電子)9781509055692
DOIs
出版狀態Published - 18 10月 2017
事件2017 IEEE Conference on Dependable and Secure Computing - Taipei, Taiwan
持續時間: 7 8月 201710 8月 2017

出版系列

名字2017 IEEE Conference on Dependable and Secure Computing

Conference

Conference2017 IEEE Conference on Dependable and Secure Computing
國家/地區Taiwan
城市Taipei
期間7/08/1710/08/17

指紋

深入研究「Detecting amplification attacks with Software Defined Networking」主題。共同形成了獨特的指紋。

引用此