Elimination of DoS UDP Reflection Amplification Bandwidth Attacks, Protecting TCP Services

Booth, Todd G.; Andersson, Karl

doi:10.1007/978-3-319-19210-9_1

Todd G. Booth⁴ &
Karl Andersson⁵

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 523))

Included in the following conference series:

International Conference on Future Network Systems and Security

851 Accesses
6 Citations

Abstract

In this paper, we propose a solution to eliminate a popular type of Denial of Service (DoS) attack, which is a DoS amplification attack. Note that a DoS is a subset of DDoS. Our solution protects servers running any number of TCP services. This paper is focused on the most popular type of DoS amplification attack, which uses the UDP protocol. Via DoS UDP amplification attacks, an attacker can send a 1 Gbps traffic stream to reflectors. The reflectors will then send up 556 times that amount (amplified traffic) to the victim’s server. So just ten PCs, each sending 10 Mbps, can send 55 Gbps indirectly, via reflectors, to a victim’s server. Very few ISP customers have 55 Gpbs provisioned. Expensive and complex solutions exist. However our elimination techniques can be implemented very quickly, easily and at an extremely low cost.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

Anonymous Takes Down ISIS Websites, Confirms Leaked Government Documents Were Real/Softmates Inc. http://www.softmates.org/2015/01/22/anonymous-takes-down-isis-websites-confirms-leaked-government-documents-were-real/. Accessed on 29 January 2015
Bhuyan, M.H., Bhattacharyya, D.K., Kalita, J.K.: An empirical evaluation of information metrics for low-rate and high-rate DDoS attack detection. Pattern Recogn. Lett. 51, 1–7 (2014)
Article Google Scholar
British Spies Hit Anonymous With DDoS Attacks, vol. 2015. http://www.darkreading.com/attacks-and-breaches/british-spieshit-anonymous-with-ddos-attacks/d/d-id/1113719
Geva, M., Herzberg, A., Gev, Y.: Bandwidth distributed denial of service: attacks and defenses. IEEE Secur. Priv. 12(1), 54–61 (2014). doi:10.1109/MSP.2013.55
Article Google Scholar
Kavisankar, L., et al.: A pioneer scheme in the detection and defense of DrDoS attack involving spoofed flooding packets. KSII Trans. Internet Inform. Syst. 8(5), 1726–1743 (2014)
Article Google Scholar
Lin, C.-H., et al.: Preserving quality of service for normal users against DDoS attacks by using Double Check Priority Queues. J. Ambient Intell. Humaniz. Comput. 4(2), 275–282 (2013)
Article Google Scholar
Lu, N., et al.: Filtering location optimization for the reactive packet filtering. Secur. Commun. Netw. 7(7), 1150–1164 (2014)
Article Google Scholar
Nam, S.Y., et al.: Estimation of the available bandwidth ratio of a remote link or path segments. Comput. Netw. 57(1), 61–77 (2013)
Article Google Scholar
Panja, B., et al.: Monitoring and managing cloud computing security using denial of service bandwidth allowance. Recent Pat. Comput. Sci. 6(1), 73–81 (2013)
Article Google Scholar
Peng, T., Leckie, C., Ramamohanarao, K.: Survey of network-based defense mechanisms countering the DoS and DDoS problems. ACM Comput. Surv. 39(1), 3-es (2007). doi:10.1145/1216370.1216373. ISSN: 03600300. Accessed on 21 March 2015
Preetha, G., Devi, B.S.K., Shalinie, S.M.: Autonomous agent for DDoS attack detection and defense in an experimental testbed. Int. J. Fuzzy Syst. 16(4), 520–528 (2014)
Google Scholar
Shanmugam, M., Saleem Basha, M.S.: DDos attack traceback and chaosin a distributed network a survey. Int. J. Appl. Eng. Res. 8(10), 1159–1169 (2013)
Google Scholar
UDP-based Amplification Attacks — US-CERT. USA Homeland Security, US-CERT, UDP Attackss. https://www.us-cert.gov/ncas/alerts/TA14-017A. Accessed on 25 March 2015
Varalakshmi, P., Selvi, S.T.: Thwarting DDoS attacks in grid using information divergence. Future Gener. Comput. Syst. 29(1), 429–441 (2013)
Article Google Scholar
Wei, W., et al.: A rank correlation based detection against distributed reflection DoS attacks. IEEE Commun. Lett. 17(1), 173–175 (2013). Cited By: 8
Article Google Scholar

Download references

Author information

Authors and Affiliations

Luleå University of Technology, Information Systems, Skellefteå, Sweden
Todd G. Booth
Luleå University of Technology, Mobile and Pervasive Computing, Skellefteå, Sweden
Karl Andersson

Authors

Todd G. Booth
View author publications
You can also search for this author in PubMed Google Scholar
Karl Andersson
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Karl Andersson .

Editor information

Editors and Affiliations

Deakin University, Burwood, Victoria, Australia
Robin Doss
Department of Information Systems and Operations Management, University of Florida, Gainesville, Florida, USA
Selwyn Piramuthu
ESCP Europe, Paris, France
Wei ZHOU

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Booth, T.G., Andersson, K. (2015). Elimination of DoS UDP Reflection Amplification Bandwidth Attacks, Protecting TCP Services. In: Doss, R., Piramuthu, S., ZHOU, W. (eds) Future Network Systems and Security. FNSS 2015. Communications in Computer and Information Science, vol 523. Springer, Cham. https://doi.org/10.1007/978-3-319-19210-9_1

Download citation

DOI: https://doi.org/10.1007/978-3-319-19210-9_1
Published: 22 May 2015
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-19209-3
Online ISBN: 978-3-319-19210-9
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics