期刊名称:International Journal of Computer Trends and Technology
电子版ISSN:2231-2803
出版年度:2016
卷号:33
期号:1
页码:1-8
DOI:10.14445/22312803/IJCTT-V33P101
出版社:Seventh Sense Research Group
摘要:Distributed Denial of Service (DDoS) attacks pose one of the most serious security threats to the Internet. In this work, we aimed to develop a collaborative defence framework against DNS based DDoS reflection and amplification attacks in networks. We focus on two main phases, which are victim detection and filtering of malicious traffic, to achieve a successful defence against DNS reflection attack and prevention against amplification attack. We propose an efficient server level approach to identify victim IP accurately and responsively by using unusual request count. Once the victim IP is confirmed, our approach is then to use HOP count i.e. number of router packets passes to reach destination, to filter out the entire illegitimate request.
关键词:Distributed Denial of Service attacks (DDoS); Domain Name System (DNS); DNS message sequence; HOPcount; Reflection attack; Amplification attack.
