Elimination of DoS UDP Reflection Amplification Bandwidth Attacks, Protecting TCP Services
2015 (English)In: Future Network Systems and Security: First International Conference, FNSS 2015, Paris, France, June 11-13, 2015, Proceedings / [ed] Robin Doss; Selwyn Piramuthu; Wei Zhou, Encyclopedia of Global Archaeology/Springer Verlag, 2015, 1-15 p.Conference paper (Refereed)
In this paper, we propose a solution to eliminate a popular type of Denial of Service (DoS) attack, which is a DoS amplification attack. Note that a DoS is a subset of of DDoS. Our solution protects servers running any number of TCP services. This paper is focused on the most popular type of DoS amplification attack, which uses the UDP protocol. Via DoS UDP amplification attacks, an attacker can send a 1 Gbps traffic stream to reflectors. The reflectors will then send up 556 times that amount (amplified traffic) to the victim’s server. So just ten PCs, each sending 10Mbps, can send 55 Gbps indirectly, via reflectors, to a victim’s server. Very few ISP customers have 55 Gpbs provisioned. Expensive and complex solutions exist. However our elimination techniques can be implemented very quickly, easily and at an extremely low cost.
Place, publisher, year, edition, pages
Encyclopedia of Global Archaeology/Springer Verlag, 2015. 1-15 p.
Communications in Computer and Information Science, ISSN 1865-0929 ; 523
Research subject Mobile and Pervasive Computing; Information systems; Enabling ICT (AERI)
IdentifiersURN: urn:nbn:se:ltu:diva-38493DOI: 10.1007/978-3-319-19210-9_1ScopusID: 84937428472Local ID: cea0ac63-01c5-4791-8da6-d453ecbb3257ISBN: 978-3-319-19209-3ISBN: 978-3-319-19210-9 (PDF)OAI: oai:DiVA.org:ltu-38493DiVA: diva2:1011994
International Conference on Future Network Systems and Security : 11/06/2015 - 13/06/2015
Validerad; 2015; Nivå 1; 20150326 (karand)2016-10-032016-10-032017-01-03Bibliographically approved