A Customize Approach for Detection and Protection for DNS Amplification Attack

Main Article Content

Margi Patel
Pooja Modi

Abstract

Internet is huge and prominent source of data, information, and different type of services. The Domain Name System (DNS) is a critical component of the Internet infrastructure, provides the translation of easy to remember domain name to IP address, for network services and applications. Denial of Service (DoS) attack usually either involves attackers sending messages to exploit certain vulnerabilities leading to the abnormality or paralysis of business systems, or sending a massive amount of regular messages quickly to a single node to run out the system resources resulting in business system failure. A DNS amplification attack is a type of distributed denial of service (DDoS) attack that takes advantage of the fact that a small DNS query can generate a much larger response. Our proposed approach achieves accuracy for use different types of query and also using this combine approach to detecting and protecting DNS Amplification attack.

Downloads

Download data is not yet available.

Metrics

Metrics Loading ...

Article Details

How to Cite
Margi Patel, and Pooja Modi. “A Customize Approach for Detection and Protection for DNS Amplification Attack”. Technix International Journal for Engineering Research, vol. 2, no. 5, May 2015, pp. 131-4, https://tijer.org/index.php/tijer/article/view/91.
Section
Research Articles

References

Kambourakis, Georgios, et al. "A fair solution to dns amplification attacks."Digital Forensics and Incident Analysis, 2007. WDFIA 2007. Second International Workshop on. IEEE, 2007.

Anagnostopoulos, M., Kambourakis, G., Kopanos, P., Louloudakis, G., & Gritzalis, S. (2013). DNS amplification attack revisited. Computers & Security,39, 475-485.

Herzberg, Amir, and Haya Shulman. "DNS authentication as a service: preventing amplification attacks." Proceedings of the 30th Annual Computer Security Applications Conference. ACM, 2014.

Kambourakis, Georgios, et al. "Detecting DNS amplification attacks." Critical Information Infrastructures Security. Springer Berlin Heidelberg, 2008. 185-196.

Microsoft Corporation, 2013, “Domain Name System [online]”; Available: http://technet.microsoft.com/enus/network/bb629410.aspx.

Network Working Group, “Domain Name- Concepts and Facilities [online]”;Available: https://www.ietf.org/rfc/rfc1034.txt.

http://www.nsfocus.com/uploadfile/Product/ADS/DDoS%20FAQ/What%20is%20DDoS%20Attack.pdf.

Kawaljit, K., Navreen, K. B., and Gurpreet, K. “A Study of DNS Amplification Attack Defence Methods”, IEEE-2014.

http://www.excitingip.com/1500/an-introduction-to-ddos-distributed-denial-of-service-attack

http://www.nsfocus.com/SecurityView/DNS%20Amplification%20Attacks%20on%20the%20Rise.pdf

Arukonda, Srinivas, and Samta Sinha. "The Innocent Perpetrators: Reflectors and Reflection Attacks." (2015).

A. Herzberg and H. Shulman. DNSSEC: Security and Availability challenges. In Communications and Network Security (CNS),2013.

Deshpande, Tushar, et al. "Formal analysis of the DNS bandwidth amplification attack and its countermeasures using probabilistic model checking." High-Assurance Systems Engineering (HASE), 2011 IEEE 13th International Symposium on. IEEE, 2011. [14] Eastlake, Donald E. "Domain name system security extensions." (1999).

Arends, Roy, et al. DNS security introduction and requirements. No. RFC 4033. 2005.

MacFarland, Douglas C., Craig A. Shue, and Andrew J. Kalafut. "Characterizing Optimal DNS Amplification Attacks and Effective Mitigation." Passive and Active Measurement. Springer International Publishing, 2015

Arukonda, Srinivas, and Samta Sinha. "The Innocent Perpetrators: Reflectors and Reflection Attacks." (2015).

Microsoft Corporation, 2013, “Domain Name System [online]”; Available: http://technet.microsoft.com/enus/network/bb629410.

P. Vixie and V. Schryver, ”DNS Response Rate Limiting,”2012. [online]. Available: http://ss.vix.com/~vixie/isc-tn-2012-1.txt

T. Rozekrans and J. de Koning, “Defending against DNS reflection amplification attacks,” University of Amsterdam, February 2013.

M. Anagnostopoulos et al., ”DNS amplification attack revisited,”ELSEVIER Computers and Security, Vol.39, pp. 475- 485,2013.

Muhammad Yea sir Arafat, Muhammad Morshed Alam and Feroz Ahmed “Realistic Approach And Mitigation Techniques for Amplifying DDOS Attack on DNS ” Proceedings of 10th Global Engineering, Science and Technology Conference 2-3 January, 2015, BIAM Foundation, Dhaka, Bangladesh, ISBN: 978-1-922069-69-6.