Faculty Scholarly Dissemination Grants
Title
Characterizing Optimal DNS Amplification Attacks and Effective Mitigation
Department
School of Computing and Information Systems
College
Padnos College of Engineering and Computing
Date Range
2014-2015
Disciplines
Engineering
Abstract
Attackers have used DNS amplification in over 34% of high- volume DDoS attacks, with some floods exceeding 300Gbps. The best current practices do not help victims during an attack; they are preven- tative measures that third-party organizations must employ in advance. Unfortunately, there are no incentives for these third parties to follow the recommendations. While practitioners have focused on reducing the number of open DNS resolvers, these efforts do not address the threat posed by authoritative DNS servers. In this work, we measure and characterize the attack potential associated with DNS amplification, along with the adoption of countermeasures. We then propose and measure a mitigation strategy that organizations can employ. With the help of an upstream ISP, our strategy will allow even poorly provisioned organizations to mitigate massive DNS amplification attacks with only minor performance overheads.
Conference Name
Passive and Active Measurement Conference
Conference Location
New York, NY
ScholarWorks Citation
Kalafut, Andrew; MacFarland, Douglas; and Shue, Craig, "Characterizing Optimal DNS Amplification Attacks and Effective Mitigation" (2015). Faculty Scholarly Dissemination Grants. 557.
https://scholarworks.gvsu.edu/fsdg/557
