Evaluation of current state of amplification-based DDoS attacks

Edgar Bohte, Manolis Stamatogiannakis (Other), Herbert Bos (Other)

Research output: Online publication or Non-textual formOnline publication or WebsiteAcademic

Abstract

Amplification-based DDoS attacks are still a big threat to the availability of the internet. In quite some time there is no new paper published that gave an update on the current state of amplification DDoS attacks, taken into consideration it was a huge problem a few years ago. We performed multiple scans of the whole IPv4 address space and deployed two honey- pots to monitor amplification DDoS attacks to make a picture of the current state of amplification DDoS attacks. From the scan data and the honeypot data, we can conclude that NTP is the most dangerous protocol, for these kinds of attacks. Furthermore, China and The United States are the most targeted countries for amplification DDoS attacks.
Original languageEnglish
Publication statusPublished - 11 Apr 2018

Fingerprint

Amplification
Availability
Internet
Network protocols

Keywords

  • network security
  • DDoS
  • denial of service
  • amplification attacks

Cite this

@misc{975895a57ad246ba9e5868b7bae180ac,
title = "Evaluation of current state of amplification-based DDoS attacks",
abstract = "Amplification-based DDoS attacks are still a big threat to the availability of the internet. In quite some time there is no new paper published that gave an update on the current state of amplification DDoS attacks, taken into consideration it was a huge problem a few years ago. We performed multiple scans of the whole IPv4 address space and deployed two honey- pots to monitor amplification DDoS attacks to make a picture of the current state of amplification DDoS attacks. From the scan data and the honeypot data, we can conclude that NTP is the most dangerous protocol, for these kinds of attacks. Furthermore, China and The United States are the most targeted countries for amplification DDoS attacks.",
keywords = "network security, DDoS, denial of service, amplification attacks",
author = "Edgar Bohte and Manolis Stamatogiannakis and Herbert Bos",
year = "2018",
month = "4",
day = "11",
language = "English",

}

Evaluation of current state of amplification-based DDoS attacks. Bohte, Edgar (Author); Stamatogiannakis, Manolis (Other); Bos, Herbert (Other). 2018.

Research output: Online publication or Non-textual formOnline publication or WebsiteAcademic

TY - ADVS

T1 - Evaluation of current state of amplification-based DDoS attacks

AU - Bohte, Edgar

A2 - Stamatogiannakis, Manolis

A2 - Bos, Herbert

PY - 2018/4/11

Y1 - 2018/4/11

N2 - Amplification-based DDoS attacks are still a big threat to the availability of the internet. In quite some time there is no new paper published that gave an update on the current state of amplification DDoS attacks, taken into consideration it was a huge problem a few years ago. We performed multiple scans of the whole IPv4 address space and deployed two honey- pots to monitor amplification DDoS attacks to make a picture of the current state of amplification DDoS attacks. From the scan data and the honeypot data, we can conclude that NTP is the most dangerous protocol, for these kinds of attacks. Furthermore, China and The United States are the most targeted countries for amplification DDoS attacks.

AB - Amplification-based DDoS attacks are still a big threat to the availability of the internet. In quite some time there is no new paper published that gave an update on the current state of amplification DDoS attacks, taken into consideration it was a huge problem a few years ago. We performed multiple scans of the whole IPv4 address space and deployed two honey- pots to monitor amplification DDoS attacks to make a picture of the current state of amplification DDoS attacks. From the scan data and the honeypot data, we can conclude that NTP is the most dangerous protocol, for these kinds of attacks. Furthermore, China and The United States are the most targeted countries for amplification DDoS attacks.

KW - network security

KW - DDoS

KW - denial of service

KW - amplification attacks

M3 - Online publication or Website

ER -