DAAD: DNS Amplification Attack Defender in SDN
Myoungbo HanSchool of Electronic Engineering, Soongsil University, Seoul, South KoreaThang Nguyen CanhDepartment of Information Communication, Materials, and Chemistry Convergence Technology, Soongsil University, Seoul, South KoreaSi chul NohDepartment of Information Communication, Materials, and Chemistry Convergence Technology, Soongsil University, Seoul, South KoreaJunmin YiSchool of Electronic Engineering, Soongsil University, Seoul, South KoreaMinho ParkDepartment of Information Communication, Materials, and Chemistry Convergence Technology, Soongsil University, Seoul, South Korea
2019en
ABI
Аннотация
Public DNS servers have been deployed more and more because of some reasons such as faster web browsing or censorship bypassing. However, they are open to anyone, which can be used as a tool for network attacks. A typical attack using public DNS servers is a DNS amplification attack. In this paper, we propose a DNS amplification attack defense system which can block response messages from unsolicited DNS queries in the SDN environment by using the flow control technique. The system is emerged into the SDN controller to manages all the flow rules of the switches. The results show that our system can maintain stable bandwidth and prevent the DNS amplification attack effectively.
Перевод пока недоступен
Идентификаторы
Цитирования и источники
Цитирований: 2Использованных источников: 0