Title :
Automatic Detection and Rectification of DNS Reflection Amplification Attacks with Hadoop MapReduce and Chukwa
Author :
Jose, Ancy Sherin ; Binu, A.
Author_Institution :
Dept. of Inf. Technol., Rajagiri Sch. of Eng. & Technol., Kochi, India
Abstract :
DNS Reflection Amplification Attacks are now a days popular and it is the Distributed Denial of Service Attack. This attack makes use of DNS Servers, which are publicly hosted and accessible by everyone, to give huge responses to victims. The victims thus get overloaded by the huge responses for which they do not have sent requests, thus exhausting the resources of the victim. Chukwa is a hadoop subproject which is designed for distributed log monitoring and analysis. This paper concentrates on detecting the DNS Reflection Amplification Attacks by using chukwa for log collection and HDFS for storing logs and Chukwa Demux jobs which are Map Reduce Jobs for detecting the orphan queries and thus automatically defensing by updating the firewall rules.
Keywords :
firewalls; monitoring; Chukwa Demux jobs; DNS reflection amplification attacks; Hadoop MapReduce; automatic detection; automatic rectification; distributed denial of service attack; distributed log monitoring; firewall rules; Computer crime; Firewalls (computing); Monitoring; Ports (Computers); Reflection; Servers; Workstations; Chukwa; Chukwa Demux Jobs; DNS Reflection Amplification Attacks; HDFS; Hadoop; Map Reduce;
Conference_Titel :
Advances in Computing and Communications (ICACC), 2014 Fourth International Conference on
Conference_Location :
Cochin
Print_ISBN :
978-1-4799-4364-7
DOI :
10.1109/ICACC.2014.54
