Quantifying the Spectrum of Denial-of-Service Attacks through Internet Backscatter

Conference paper (2017)

Authors

N. Blenn Cyber Security - EEMCS
Vincent Ghiëtte External organisation
C. Dörr Cyber Security - EEMCS
Research Group
Cyber Security (EEMCS) (TU Delft)
Telescope Threat intelligence Backscatter Denial-of-service
More Info
expand_more

Published Date

2017

Language

English

Reuse Rights

Other than for strictly personal use, it is not permitted to download, forward or distribute the text or part of it, without the consent of the author(s) and/or copyright holder(s), unless the work is under an open content license such as Creative Commons.

Faculty

Electrical Engineering, Mathematics and Computer Science

Department

Intelligent Systems

Research Group

Cyber Security

Abstract

Denial of Service (DoS) attacks are a major threat currently observable in omputer networks and especially the Internet. In such an attack a malicious party tries to either break a service, running on a server, or exhaust the capacity or bandwidth of the victim to hinder customers to effectively use the service. Recent reports show that the total number of Distributed Denial of Service (DDoS) attacks is steadily growing with “mega-attacks” peaking at hundreds of gigabit/s (Gbps).
In this paper, we will provide a quantification of DDoS attacks in size and duration beyond these outliers reported in the media. We find that these mega attacks do exist, but the bulk of attacks is in practice only a fraction of these frequently reported values. We further show that it is feasible to collect meaningful backscatter traces using surprisingly small telescopes, thereby enabling a broader audience to perform attack intelligence research.