Advanced SearchSearch Tips
A Study on Amplification DRDoS Attacks and Defenses
facebook(new window)  Pirnt(new window) E-mail(new window) Excel Download
 Title & Authors
A Study on Amplification DRDoS Attacks and Defenses
Choi, Hyunsang; Park, Hyundo; Lee, Heejo;
  PDF(new window)
DDoS attacks have been used for paralyzing popular Internet services. Especially, amplification attacks have grown dramatically in recent years. Defending against amplification attacks is challenging since the attacks usually generate extremely hugh amount of traffic and attack traffic is coming from legitimate servers, which is hard to differentiate from normal traffic. Moreover, some of protocols used by amplification attacks are widely adopted in IoT devices so that the number of servers susceptible to amplification attacks will continue to increase. This paper studies on the analysis of amplification attack mechanisms in detail and proposes defense methodologies for scenarios where attackers, abused servers or victims are in a monitoring network.
Amplification attack;DDoS;IoT;Defense;Security;
 Cited by
Powershell을 이용한 안전한 XMPP 프로토콜 기반의 의료기기 IoT환경 구축 제안,박연진;이근호;

한국사물인터넷학회논문지, 2016. vol.2. 2, pp.15-20 crossref(new window)
IoT기기에서 SSDP 증폭 공격을 이용한 공격기법 및 대응 방안,오주혜;이근호;

한국융합학회논문지, 2016. vol.7. 4, pp.33-38 crossref(new window)
Attack Scenarios and Countermeasures using CoAP in IoT Environment, Journal of the Korea Convergence Society, 2016, 7, 4, 33  crossref(new windwow)
Construction of IoT Environment for XMPP Protocol Based Medical Devices Using Powershell, Journal of The Korea Internet of Things Society, 2016, 2, 2, 15  crossref(new windwow)

Shodan, networked device search engine,

Karami, M., McCoy, D. "Understanding the Emerging Threat of DDoS-as-a-Service", Proc. of the 6th UNSENIX Workshop on Large-Scale Exploits and Emergent Threats. (LEET), 2013.

J. Mirkovic , P. Reiher, "A taxonomy of DDoS attack and DDoS defense mechanisms", ACM SIGCOMM, 2004.

M. M. Andrade and N. Vlajic, "Dirt jumper: A key player in today's botnet-for-ddos market". IEEE WorldCIS, 2012.

M. S. Kang, S. B. Lee, and V. D. Gligor, "The Crossfire Attack", Proc. of IEEE Security and Privacy (S&P), 2013.

A. Studer and A. Perrig, "The Coremelt Attack", Proc. of the European Symposium on Research in Computer Security (ESORICS), 2009.

J. Ioannidis and S. M. Bellovin, "Implementing Pushback: Router-Based Defense Against DDoS Attacks", Proc. of Network and Distributed System Security Symposium (NDSS), 2002

V. Sekar, N. G. Duffield, O. Spatscheck, J. E. van der Merwe, and H. Zhang, "LADS: Large-scale Automated DDoS Detection System", Proc. of the USENIX Annual Technical Conference (ATC), 2006.

X. Wang and M. K. Reiter, "Mitigating BandwidthExhaustion Attacks Using Congestion Puzzles", Proc. of the 11th ACM Conference on Computer and Communications Security (CCS), 2004.

J. Jung, V. Paxson, A. W. Berger, and H. Balakrishnan, "Fast Portscan Detection Using Sequential Hypothesis Testing", Proc. of IEEE Symposium on Security and Privacy (S&P), 2004

C. Rossow, "Amplification Hell: Revisiting Network Protocols for DDoS Abuse", Proc. of the Network and Distributed System Security (NDSS) Symposium, 2014.

M. Kuhrer , T. Hupperich , C. Rossow , T. Holz, "Exit from hell? reducing the impact of amplification DDoS attacks", Proc. of the 23rd USENIX conference on Security Symposium, 2014.

M. Kuhrer, T. Hupperich, C. Rossow, T. Holz, "Hell of a Handshake: Abusing TCP for Reflective Amplification DDoS Attacks", USENIX Workshop on Offensive Technologies (WOOT), 2014.

Shadowserver foundation,

P. Ferguson and D. Senie, "Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing", IETF RFC 2827, 2000

K. Park and H. Lee, "On the Effectiveness of Route-based Packet Filtering for Distributed DoS Attack Prevention in Power-law Internets", ACM SIGCOMM, 2001.

S. Gorbunov and A. Rosenbloom, "Autofuzz: Automated network protocol fuzzing framework", IJCSNS International Journal of Computer Science and Network Security, 2010.


W. Feng, E. Kaiser, W. Feng, and A. Luu, "Design and implementation of network puzzles", Proc. of IEEE INFOCOM 2005.

Y. Gilad and A. Herzberg, "LOT: A Defense Against IP Spoofing and Flooding Attacks", ACM Transaction on Information and System Security, 2012.