An SDN-based Approach For Defending Against Reflective DDoS Attacks
Distributed Reflective Denial of Service (DRDoS) attacks are an immanent threat to Internet services. The potential scale of such attacks became apparent in March 2018 when a memcached-based attack peaked at 1.7 Tbps. Novel services built upon UDP increase the need for automated mitigation mechanism...
Saved in:
| Published in | 2018 IEEE 43rd Conference on Local Computer Networks (LCN) pp. 299 - 302 |
|---|---|
| Main Authors | , , , , |
| Format | Conference Proceeding |
| Language | English |
| Published |
IEEE
01.10.2018
|
| Subjects | |
| Online Access | Get full text |
| DOI | 10.1109/LCN.2018.8638036 |
Cover
| Abstract | Distributed Reflective Denial of Service (DRDoS) attacks are an immanent threat to Internet services. The potential scale of such attacks became apparent in March 2018 when a memcached-based attack peaked at 1.7 Tbps. Novel services built upon UDP increase the need for automated mitigation mechanisms that react to attacks without prior knowledge of the actual application protocols used. With the flexibility that software-defined networks offer, we developed a new approach for defending against DRDoS attacks; it not only protects against arbitrary DRDoS attacks but is also transparent for the attack target and can be used without assistance of the target host operator. The approach provides a robust mitigation system which is protocol-agnostic and effective in the defense against DRDoS attacks. |
|---|---|
| AbstractList | Distributed Reflective Denial of Service (DRDoS) attacks are an immanent threat to Internet services. The potential scale of such attacks became apparent in March 2018 when a memcached-based attack peaked at 1.7 Tbps. Novel services built upon UDP increase the need for automated mitigation mechanisms that react to attacks without prior knowledge of the actual application protocols used. With the flexibility that software-defined networks offer, we developed a new approach for defending against DRDoS attacks; it not only protects against arbitrary DRDoS attacks but is also transparent for the attack target and can be used without assistance of the target host operator. The approach provides a robust mitigation system which is protocol-agnostic and effective in the defense against DRDoS attacks. |
| Author | StOlzle, Kevin Erb, Benjamin Kargl, Frank Lukaseder, Thomas Kleber, Stephan |
| Author_xml | – sequence: 1 givenname: Thomas surname: Lukaseder fullname: Lukaseder, Thomas email: Thomas.Lukaseder@uni-ulm.de organization: Institute of Distributed Systems, Ulm University, Germany – sequence: 2 givenname: Kevin surname: StOlzle fullname: StOlzle, Kevin email: Kevin Stolzle@uni-ulm.de organization: Institute of Distributed Systems, Ulm University, Germany – sequence: 3 givenname: Stephan surname: Kleber fullname: Kleber, Stephan email: Stephan.Kleber@uni-ulm.de organization: Institute of Distributed Systems, Ulm University, Germany – sequence: 4 givenname: Benjamin surname: Erb fullname: Erb, Benjamin email: Benjamin.Erb@uni-ulm.de organization: Institute of Distributed Systems, Ulm University, Germany – sequence: 5 givenname: Frank surname: Kargl fullname: Kargl, Frank email: Frank.Kargl@uni-ulm.de organization: Institute of Distributed Systems, Ulm University, Germany |
| BookMark | eNotj8tKw0AUQEdQ0D72gpv5gcS588rtMiS2CqFCq-sySW7qaJ2ETBD8ewt2dXaHc2bsOvSBGLsHkQKI1WNVbFMpAFO0CoWyV2wGRqHVGpS-ZcsYP4UQ0qKyGu5YkQe-L7dJ7SK1PB-GsXfNB1_3Iy-po9D6cOT50fkQJ76j7kTN5H-Il2W_5_k0ueYrLthN506RlhfO2fv66a14TqrXzUuRV4mHzExJK5HQaahRn9NqLVaoTOZ0JkyjQCmHmZZ1p6lprXGAQiJ0FpzJSMn6_DJnD_9eT0SHYfTfbvw9XD7VH_HPR2M |
| ContentType | Conference Proceeding |
| DBID | 6IE 6IL CBEJK RIE RIL |
| DOI | 10.1109/LCN.2018.8638036 |
| DatabaseName | IEEE Electronic Library (IEL) Conference Proceedings IEEE Proceedings Order Plan All Online (POP All Online) 1998-present by volume IEEE Xplore All Conference Proceedings IEEE Electronic Library (IEL) IEEE Proceedings Order Plans (POP All) 1998-Present |
| DatabaseTitleList | |
| Database_xml | – sequence: 1 dbid: RIE name: IEEE Electronic Library (IEL) url: https://proxy.k.utb.cz/login?url=https://ieeexplore.ieee.org/ sourceTypes: Publisher |
| DeliveryMethod | fulltext_linktorsrc |
| Discipline | Engineering |
| EISBN | 1538644134 9781538644133 |
| EndPage | 302 |
| ExternalDocumentID | 8638036 |
| Genre | orig-research |
| GroupedDBID | 6IE 6IF 6IL 6IN AAJGR AAWTH ABLEC ALMA_UNASSIGNED_HOLDINGS BEFXN BFFAM BGNUA BKEBE BPEOZ CBEJK IEGSK OCL RIB RIC RIE RIL |
| ID | FETCH-LOGICAL-i175t-d28e8a41b84638b4098357a4705c3133a8742bf4ecd65a180281f61a57e32b803 |
| IEDL.DBID | RIE |
| IngestDate | Wed Aug 27 02:50:12 EDT 2025 |
| IsPeerReviewed | false |
| IsScholarly | false |
| Language | English |
| LinkModel | DirectLink |
| MergedId | FETCHMERGED-LOGICAL-i175t-d28e8a41b84638b4098357a4705c3133a8742bf4ecd65a180281f61a57e32b803 |
| PageCount | 4 |
| ParticipantIDs | ieee_primary_8638036 |
| PublicationCentury | 2000 |
| PublicationDate | 2018-Oct. |
| PublicationDateYYYYMMDD | 2018-10-01 |
| PublicationDate_xml | – month: 10 year: 2018 text: 2018-Oct. |
| PublicationDecade | 2010 |
| PublicationTitle | 2018 IEEE 43rd Conference on Local Computer Networks (LCN) |
| PublicationTitleAbbrev | LCN |
| PublicationYear | 2018 |
| Publisher | IEEE |
| Publisher_xml | – name: IEEE |
| SSID | ssj0002683641 |
| Score | 1.7370415 |
| Snippet | Distributed Reflective Denial of Service (DRDoS) attacks are an immanent threat to Internet services. The potential scale of such attacks became apparent in... |
| SourceID | ieee |
| SourceType | Publisher |
| StartPage | 299 |
| SubjectTerms | Computer crime Data collection DDoS mitigation IP networks Monitoring network-based mitigation Protocols reflective DDoS attacks Servers software-defined networking Task analysis |
| Title | An SDN-based Approach For Defending Against Reflective DDoS Attacks |
| URI | https://ieeexplore.ieee.org/document/8638036 |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| link | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwjV07a8MwED6STO3SR1L6RkPH2vFLsjyauCGUJpSmgWxBss4ltNgl2Et_fSXbSR906CYEQo-TdHe6-z4B3AgZKMb1QXIoZ9pBibglhQwtwR2W0chzGBo08nTGJovgfkmXHbjdYWEQsU4-Q9sU61i-KtLKPJUNud4s-sbtQldvswartXtP8XSPLHC3kUgnGj6MZiZ1i9ttsx__p9TqY3wA023HTdbIq12V0k4_fnEy_ndkhzD4AuqRx50KOoIO5sew_41jsA-jOCfzZGYZdaVI3FKIk3GxIQlmWINaSPwi1tpOJE-YvTU3IEmSYk7isjQY_AEsxnfPo4nV_pxgrbU5UFrK48hF4EptXfhcGhH4NBRB6NDU116p4NojllmAqWJUGBI47mbMFTRE35N6JifQy4scT4FEShscStKIZV4gkPNMoPJCjm6KQrc7g75ZjtV7Q46xalfi_O_qC9gzImmy4S6hV24qvNJavZTXtTg_AQiNn6s |
| linkProvider | IEEE |
| linkToHtml | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwjV07T8MwELZKGYCFR4t444GRtHnYjjNGDVWBNkK0lbpVdnxBFShBVbrw67GTtDzEwBZFspz4bH93vvs-I3QjJFGM64VkU850gBJwSwrpW4LbLKWBazMwbORRzAZT8jCjswa63XBhAKAsPoOOeSxz-SpPVuaorMv1ZNE77hba1rhPaMXW2pyouLpPRpx1LtIOusNebIq3eKdu-OMGlRJA-vtotO66qht57awK2Uk-fqky_vfbDlD7i6qHnzYgdIgakB2hvW8qgy3UCzM8jmLLAJbCYS0ijvv5EkeQQklrweGLWGhPET9D-lbtgTiK8jEOi8Kw8Nto2r-b9AZWfXeCtdAOQWEplwMXxJHav_C4NEbwqC-Ib9PE03Gp4DomlimBRDEqjAwcd1LmCOqD50r9J8eomeUZnCAcKO1yKEkDlrpEAOepAOX6HJwEhG53ilpmOObvlTzGvB6Js79fX6OdwWQ0nA_v48dztGvMU9XGXaBmsVzBpcb4Ql6Vpv0EmR2i-A |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=proceeding&rft.title=2018+IEEE+43rd+Conference+on+Local+Computer+Networks+%28LCN%29&rft.atitle=An+SDN-based+Approach+For+Defending+Against+Reflective+DDoS+Attacks&rft.au=Lukaseder%2C+Thomas&rft.au=StOlzle%2C+Kevin&rft.au=Kleber%2C+Stephan&rft.au=Erb%2C+Benjamin&rft.date=2018-10-01&rft.pub=IEEE&rft.spage=299&rft.epage=302&rft_id=info:doi/10.1109%2FLCN.2018.8638036&rft.externalDocID=8638036 |