On the potential of IPv6 open resolvers for DDoS attacks
Autor: | Hendriks, Luuk, de Oliveira Schmidt, Ricardo, van Rijswijk-Deij, Roland, Pras, Aiko, Kaafar, Mohamed Ali, Uhlig, Steve, Amann, Johanna |
---|---|
Jazyk: | angličtina |
Rok vydání: | 2017 |
Předmět: |
IPv6 address
business.industry Computer science Domain Name System Data_MISCELLANEOUS ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS 020206 networking & telecommunications Denial-of-service attack 02 engineering and technology Computer security computer.software_genre Open Resolver IPv6 Shared Cache ComputingMilieux_MANAGEMENTOFCOMPUTINGANDINFORMATIONSYSTEMS Shared memory IPv6 Address 0202 electrical engineering electronic engineering information engineering 020201 artificial intelligence & image processing The Internet business computer Response Size |
Zdroj: | Passive and Active Measurement: 18th International Conference, PAM 2017, Sydney, NSW, Australia, March 30-31, 2017, Proceedings, 17-29 STARTPAGE=17;ENDPAGE=29;TITLE=Passive and Active Measurement Passive and Active Measurement ISBN: 9783319543277 PAM |
Popis: | Distributed Denial of Service (DDoS) attacks have become a daily problem in today’s Internet. These attacks aim at overwhelm- ing online services or network infrastrucure. Some DDoS attacks explore open services to perform reflected and amplified attacks; and the DNS is one of the most (mis)used systems by attackers. This problem can be further aggravated in the near future by the increasing number of IPv6-enabled services in the Internet. Given that the deployment of IPv6-enabled services is increasing, it becomes impor- tant to find vulnerable IPv6 open services that could be (mis)used by attackers, and prevent that misuse. However, unlike with IPv4, simply scanning the IPv6 address space to find these open services is impractical. In this paper we present an active measurement approach to enumer- ate a relevant list of open resolvers on IPv6 in the wild that could be potentially exploited in a DDoS attack. Based on the assumption that IPv6 open resolvers can be found via IPv4 ones, we show that IPv6-based amplified DDoS attacks are a significantly potential threat in the Inter- net: the analyzed resolvers, of which 72% are assumingly infrastructural servers, showed a median amplification factor of 50. 1 |
Databáze: | OpenAIRE |
Externí odkaz: |