Advanced search
Start date
Betweenand


Reflector Saturation in Amplified Reflection Denial of Service Attack Abusing CLDAP and Memcache Protocols

Full text
Author(s):
Costa Gondim, Joao Jose ; Albuquerque, Robson de Oliveira
Total Authors: 2
Document type: Journal article
Source: ADVANCED RESEARCH IN TECHNOLOGIES, INFORMATION, INNOVATION AND SUSTAINABILITY, PT 2, ARTIIS 2023; v. 1936, p. 16-pg., 2024-01-01.
Abstract

Amplified reflection distributed denial-of-service (ARDDoS) attacks have been prevalent in the last ten years. AR-DDoS attacks are volumetric attacks where the stream reaching the victim comes from an intermediary infrastructure that amplifies and redirects it to the target, all orchestrated by a skilled attacker. This dynamic motivates the study of the behavior of the intermediate node - the reflector - since the effectiveness of the attack depends on it. This work aims to evaluate the saturation behavior of Connection-less Lightweight Directory Access Protocol (CLDAP) and Memcache reflectors during a DDoS attack by amplified reflection characterizing such behavior on general-purpose hardware. The results obtained are compared with previous works and discussed with the aim of anticipating evolution trends in AR-DDoS attacks and possible requirements for improvements in their detection and mitigation. (AU)

FAPESP's process: 20/05152-7 - PROFISSA: Programmable Future Internet for Secure Software Architectures
Grantee:Lisandro Zambenedetti Granville
Support Opportunities: Research Projects - Thematic Grants