Title :
A simple response packet confirmation method for DRDoS detection
Author :
Tsunoda, Hiroshi ; Nemoto, Yoshiaki ; Ohta, Kohei ; Yamamoto, Atsunori
Author_Institution :
Graduate Sch. of Inf. Sci., Tohoku Univ., Sendai
Abstract :
In this paper, we propose a simple but tough method for confirming response packets to detect DRDoS attack packets. In DRDoS attacks, the victim suffers from reflected response packets from legitimate hosts, and it is difficult to distinguish attack packets from legitimate packets. We focus on the fact that the types of packet used for DRDoS are limited and predictable. Thus, the proposed method uses only a pair of request/response, and does not need complicated state management like the stateful inspection method. We demonstrate that the proposed method can accurately detect DRDoS packets with fewer cost
Keywords :
Internet; security of data; DRDoS attack packet detection; distributed reflection denial of service; legitimate packets; reflected response packets; simple response packet confirmation method; Computer crime; Costs; Electronic mail; Information filtering; Information filters; Inspection; Internet; Reflection; Web server; Detection; Distributed Reflection DoS; Response Confirmation; Simplicity;
Conference_Titel :
Advanced Communication Technology, 2006. ICACT 2006. The 8th International Conference
Conference_Location :
Phoenix Park
Print_ISBN :
89-5519-129-4
DOI :
10.1109/ICACT.2006.206282
