DDoS Attack Mitigation through Root-DNS Server: A Case Study
| Autor: | Stavros Shiaeles, Basil K. Papadopoulos, Betty Saridou |
|---|---|
| Rok vydání: | 2019 |
| Předmět: |
0106 biological sciences
business.industry Computer science Domain Name System ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS 020206 networking & telecommunications Denial-of-service attack 02 engineering and technology Load balancing (computing) 01 natural sciences DDoS mitigation Failover Root name server Anycast Server 0202 electrical engineering electronic engineering information engineering business 010606 plant biology & botany Computer network |
| Zdroj: | SERVICES |
| Popis: | Load balancing and IP anycast are traffic routing algorithms used to speed up delivery of the Domain Name System. In case of a DDoS attack or an overload condition, the value of these protocols is critical, as they can provide intrinsic DDoS mitigation with the failover alternatives. In this paper, we present a methodology for predicting the next DNS response in the light of a potential redirection to less busy servers, in order to mitigate the size of the attack. Our experiments were conducted using data from the Nov. 2015 attack of the Root DNS servers and Logistic Regression, k-Nearest Neighbors, Support Vector Machines and Random Forest as our primary classifiers. The models were able to successfully predict up to 83% of responses for Root Letters that operated on a small number of sites and consequently suffered the most during the attacks. On the other hand, regarding DNS requests coming from more distributed Root servers, the models demonstrated lower accuracy. Our analysis showed a correlation between the True Positive Rate metric and the number of sites, as well as a clear need for intelligent management of traffic in load balancing practices. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|