Effective amplification mitigation and spoofing detection during DNS flooding attacks on internet
Recent flooding attacks using Domain Name System (DNS) is used by cybercriminals to launch hundreds of gigabytes of attack traffic to paralyze their victims. The lack of security features in DNS protocol and adding security layers to this protocol is subject of further studying. In this reserach, we...
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Medwell Journals
2017
|
| Online Access: | http://psasir.upm.edu.my/id/eprint/61618/ http://psasir.upm.edu.my/id/eprint/61618/1/Effective%20amplification%20mitigation%20and%20spoofing%20detection%20during%20DNS%20flooding%20attacks%20on%20internet.pdf |
| _version_ | 1848854450555322368 |
|---|---|
| author | Hasan, Dana Hussin, Masnida Abdullah, Azizol |
| author_facet | Hasan, Dana Hussin, Masnida Abdullah, Azizol |
| author_sort | Hasan, Dana |
| building | UPM Institutional Repository |
| collection | Online Access |
| description | Recent flooding attacks using Domain Name System (DNS) is used by cybercriminals to launch hundreds of gigabytes of attack traffic to paralyze their victims. The lack of security features in DNS protocol and adding security layers to this protocol is subject of further studying. In this reserach, we proposed a distributed mechanism to counter DNS reflection based attacks with high detection accuracy and little overhead on network channels. We suggested Distributed Defense Scheme (DDS) to provide authenticity to DNS transactions (i.e. request and response) through authentication message exchange. Then our classification filtering plays an important role in distinguishing between real bogus DNS requests and discarding the fake requests. Our analysis shows how DDS can remarkably reduce amplification factor for attack traffic without affecting normal traffic flow. |
| first_indexed | 2025-11-15T11:10:04Z |
| format | Article |
| id | upm-61618 |
| institution | Universiti Putra Malaysia |
| institution_category | Local University |
| language | English |
| last_indexed | 2025-11-15T11:10:04Z |
| publishDate | 2017 |
| publisher | Medwell Journals |
| recordtype | eprints |
| repository_type | Digital Repository |
| spelling | upm-616182022-05-25T04:40:20Z http://psasir.upm.edu.my/id/eprint/61618/ Effective amplification mitigation and spoofing detection during DNS flooding attacks on internet Hasan, Dana Hussin, Masnida Abdullah, Azizol Recent flooding attacks using Domain Name System (DNS) is used by cybercriminals to launch hundreds of gigabytes of attack traffic to paralyze their victims. The lack of security features in DNS protocol and adding security layers to this protocol is subject of further studying. In this reserach, we proposed a distributed mechanism to counter DNS reflection based attacks with high detection accuracy and little overhead on network channels. We suggested Distributed Defense Scheme (DDS) to provide authenticity to DNS transactions (i.e. request and response) through authentication message exchange. Then our classification filtering plays an important role in distinguishing between real bogus DNS requests and discarding the fake requests. Our analysis shows how DDS can remarkably reduce amplification factor for attack traffic without affecting normal traffic flow. Medwell Journals 2017 Article PeerReviewed text en http://psasir.upm.edu.my/id/eprint/61618/1/Effective%20amplification%20mitigation%20and%20spoofing%20detection%20during%20DNS%20flooding%20attacks%20on%20internet.pdf Hasan, Dana and Hussin, Masnida and Abdullah, Azizol (2017) Effective amplification mitigation and spoofing detection during DNS flooding attacks on internet. Journal of Engineering and Applied Sciences, 12 (3). pp. 475-480. ISSN 1816-949X https://www.medwelljournals.com/abstract/?doi=jeasci.2017.475.480 10.36478/jeasci.2017.475.480 |
| spellingShingle | Hasan, Dana Hussin, Masnida Abdullah, Azizol Effective amplification mitigation and spoofing detection during DNS flooding attacks on internet |
| title | Effective amplification mitigation and spoofing detection during DNS flooding attacks on internet |
| title_full | Effective amplification mitigation and spoofing detection during DNS flooding attacks on internet |
| title_fullStr | Effective amplification mitigation and spoofing detection during DNS flooding attacks on internet |
| title_full_unstemmed | Effective amplification mitigation and spoofing detection during DNS flooding attacks on internet |
| title_short | Effective amplification mitigation and spoofing detection during DNS flooding attacks on internet |
| title_sort | effective amplification mitigation and spoofing detection during dns flooding attacks on internet |
| url | http://psasir.upm.edu.my/id/eprint/61618/ http://psasir.upm.edu.my/id/eprint/61618/ http://psasir.upm.edu.my/id/eprint/61618/ http://psasir.upm.edu.my/id/eprint/61618/1/Effective%20amplification%20mitigation%20and%20spoofing%20detection%20during%20DNS%20flooding%20attacks%20on%20internet.pdf |