DNS amplification attack revisited

Computers and Security

Volumn 39, Issue PART B, 2013, Pages 475-485

  Anagnostopoulos, Marios ^a   Kambourakis, Georgios ^a   Kopanos, Panagiotis ^a   Louloudakis, Georgios ^a   Gritzalis, Stefanos ^a  

^a UNIVERSITY OF THE AEGEAN   (Greece)

Author keywords

Amplification attack; Cybersecurity; DNS; DNSSEC; DoS; Reflection attack

Indexed keywords

AMPLIFICATION FACTORS; CYBER SECURITY; DENIAL OF SERVICE ATTACKS; DNS; DNSSEC; GEOGRAPHICAL LOCATIONS; INTERNET INFRASTRUCTURE; REFLECTION ATTACKS;

AMPLIFICATION; DOS; INTRUSION DETECTION;

INTERNET PROTOCOLS;

EID: 84888862477     PISSN: 01674048     EISSN: None     Source Type: Journal    
DOI: 10.1016/j.cose.2013.10.001     Document Type: Article

References (34)

1. M. Anagnostopoulos, G. Kambourakis, E. Konstantinou, and S. Gritzalis DNSSEC vs. DNSCurve: a side-by-side comparison 2012 IGI Global 201
2. Anonymous Operation global blackout February 2012 http://pastebin.com/ NKbnh8q8
3. M. Antonakakis, D. Dagon, X. Luo, R. Perdisci, W. Lee, and J. Bellmor A centralized monitoring infrastructure for improving DNS security 13th International conference on recent advances in intrusion detection 2010 Springer 18 37
4. R. Arends, R. Austein, M. Larson, D. Massey, and S. Rose RFC 4033: DNS security introduction and requirements 2005 http://www.ietf.org/rfc/rfc4033.txt
5. R. Arends, R. Austein, M. Larson, D. Massey, and S. Rose RFC 4034: resource records for the DNS security extensions 2005 http://www.ietf.org/rfc/ rfc4034.txt
6. R. Arends, R. Austein, M. Larson, D. Massey, and S. Rose RFC 4035: protocol modifications for the DNS security extensions 2005 http://www.ietf.org/ rfc/rfc4035.txt
7. R. Chandramouli, and S. Rose Secure domain name system (DNS) deployment guide April 2010 Recommendations of the National Institute of Standards and Technology (NIST) http://csrc.nist.gov/publications/nistpubs/800-81r1/sp-800- 81r1.pdf
8. A. Cowperthwaite, and A. Somayaji The futility of DNSSEC Proceedings of 5th annual symposium on information assurance (ASIA'10) 2010 2 8
9. D. Dagon, N. Provos, C.P. Lee, and W. Lee Corrupted DNS resolution paths: the rise of a malicious resolution authority Proceedings of network and distributed security symposium (NDSS08) 2008
10. D. Dagon, M. Antonakakis, K. Day, X. Luo, C.P. Lee, and W. Lee Recursive DNS architectures and vulnerability implications Proceedings of 16th network and distributed system security symposium (NDSS) 2009
11. T. Deshpande, P. Katsaros, S. Basagiannis, and S.A. Smolka Formal analysis of the DNS bandwidth amplification attack and its countermeasures using probabilistic model checking High-assurance systems engineering (HASE), 2011 IEEE 13th international symposium on 2011 IEEE 360 367
12. S. Di Paola, and D. Lombardo Protecting against DNS reflection attacks with bloom filters Detection of intrusions and malware, and vulnerability Assessment 2011 Springer 1 16
13. ICANN Security and Stability Advisory Committee (SSAC) SSAC advisory SAC008 DNS distributed denial of service (DDoS) attacks Tech. rep. 2006 ICANN
14. G. Evron Battling botnets and online mobs GJIA 9 2008 121 126
15. P. Ferguson, and D. Senie RFC-2827: network ingress filtering: defeating denial of service attacks which employ IP source address spoofing 2000 http://www.ietf.org/rfc/rfc2827.txt
16. R.D. Graham No, #Anonymous can't DDoS the root DNS servers February 2012 http://erratasec.blogspot.gr/2012/02/no-anonymous-cant-ddos-root-dns-servers. html
17. O. Gudmundsson, and S. Crocker Observing DNSSEC validation in the wild Proceedings of securing and trusting internet names (SATIN) 2011
18. D. Jackson DNS amplification variation used in recent DDoS attacks February 2009 http://www.secureworks.com/cyber-threat-intelligence/threats/dns- amplification
19. G. Kambourakis, T. Moschos, D. Geneiatakis, and S. Gritzalis Detecting DNS amplification attacks Critical information infrastructures security 2008 Springer 185 196
20. R. Lemos Largest-ever DDoS campaign demonstrates danger of new attack method March 2013 http://www.eweek.com/security/largest-ever-ddos-campaign- demonstrates-danger-of-new-attack-method/
21. A. Mankin Random drop congestion control Proceedings of the ACM symposium on communications architectures & protocols Vol. 20 1990 ACM 1 7
22. P. Mockapetris RFC 1034: domain names-concepts and facilities 1987 http://www.ietf.org/rfc/rfc1034.txt
23. NIST Vulnerability summary for CVE-2012-3411 March 2013 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-3411
24. V.S. Paul Vixie DNS response rate limiting (DNS RRL) June 2012 http://ss.vix.com/∼vixie/isc-tn-2012-1.txt
25. S. Rastegari, M.I. Saripan, and M.F.A. Rasid Detection of denial of service attacks against domain name system using neural networks Int J Comput Sci 6 2009 23 27
26. S. Rastegari, M.I. Saripan, and M.F.A. Rasid Detection of denial of service attacks against domain name system using machine learning classifiers Lecture notes in engineering and computer science: proceedings of the world congress on engineering 2010 2010 444 447
27. K. Rikitake, K. Nakao, S. Shimojo, and H. Nogawa UDP large-payload capability detection for DNSSEC IEICE Trans Inf Syst E91-D 5 2008 1261 1273
28. Scapy project, http://www.secdev.org/projects/scapy/.
29. A. Singh, B. Singh, and H. Joseph Vulnerability analysis for DNS and DHCP A. Singh, B. Singh, H. Joseph, Vulnerability analysis and defense for the internet Advances in Information Security Vol. 37 2008 Springer US 111 124
30. C. Sun, B. Liu, and L. Shi Efficient and low-cost hardware defense against DNS amplification attacks Global telecommunications conference, 2008. IEEE GLOBECOM 2008. IEEE 2008 IEEE 1 5
31. US-CERT The continuing denial of service threat posed by DNS recursion (v2.0) Tech. rep. 2013 US-CERT http://www.us-cert.gov/reading-room/DNS- recursion033006.pdf
32. R. Vaughn, and G. Evron DNS amplification attacks (preliminary release) 2006 http://www.isotf.org/news/DNS-Amplification-Attacks.pdf
33. M. Walfish, M. Vutukuru, H. Balakrishnan, D. Karger, and S. Shenker DDoS defense by offense Proceedings of the 2006 conference on applications, technologies, architectures, and protocols for computer communications 2006 303 314 (Pubitemid 44623736)
34. Y. Yao, L. He, and G. Xiong Security and cost analyses of DNSSEC protocol Y. Yuan, X. Wu, Y. Lu, Trustworthy computing and services Communications in computer and information science Vol. 320 2013 Springer Berlin Heidelberg 429 435