2 Hits in 4.6 sec

BGPeek-a-Boo: Active BGP-based Traceback for Amplification DDoS Attacks [article]

Johannes Krupp, Christian Rossow
2021 arXiv   pre-print
We propose BGPeek-a-Boo, a BGP-based approach to trace back amplification attacks to their origin network.  ...  BGPeek-a-Boo achieves a unique traceback result 60% of the time in a simulation-based evaluation supported by real-world experiments.  ...  Acknowledgment We would like to thank PEERING for letting us conduct real-world BGP measurements as well as RIPE NCC for a temporary IP-prefix and ASN allocation and the RIPE Atlas platform.  ... 
arXiv:2103.08440v1 fatcat:jqncvj2335bnppsftoqyrvja4a

Using honeypots to trace back amplification DDoS attacks [article]

Johannes Krupp, Universität Des Saarlandes
This thesis presents a line of work that enables practical attack traceback supported by honeypot reflectors.  ...  Third, we propose to use BGP poisoning to locate the attacking network without prior knowledge and even when attack and scan infrastructures are disjoint.  ...  BGPEEK-A-BOO: ACTIVE BGP-BASED TRACEBACK FOR AMPLIFICATION DDOS ATTACKS While our first traceback approach can find attack sources only if they are also used for scans and our second approach is limited  ... 
doi:10.22028/d291-35236 fatcat:6j6rnvgfpfdnvpfyziimqa7ik4