Never say never: Authoritative TLD nameserver-powered DNS amplification
M Anagnostopoulos, G Kambourakis… - NOMS 2018-2018 …, 2018 - ieeexplore.ieee.org
DNS amplification attack is a significant and persistent threat to the Internet. Authoritative
name servers (ANSes) of popular domains, especially the DNSSEC-enabled ones, give …
name servers (ANSes) of popular domains, especially the DNSSEC-enabled ones, give …
DNS unchained: Amplified application-layer DoS attacks against DNS authoritatives
We present DNS Unchained, a new application-layer DoS attack against core DNS
infrastructure that for the first time uses amplification. To achieve an attack amplification of …
infrastructure that for the first time uses amplification. To achieve an attack amplification of …
Query-crafting DoS threats against internet DNS
Domain name system (DNS) resolves the IP addresses of domain names and is critical for IP
networking. Recent denial-of-service (DoS) attacks on Internet targeted the DNS system (eg …
networking. Recent denial-of-service (DoS) attacks on Internet targeted the DNS system (eg …
Anomaly-based filtering of application-layer DDoS against DNS authoritatives
Authoritative DNS infrastructures are at the core of the Internet ecosystem. But how resilient
are typical authoritative DNS name servers against application-layer Denial-of-Service …
are typical authoritative DNS name servers against application-layer Denial-of-Service …
The far side of DNS amplification: tracing the DDoS attack ecosystem from the internet core
In this paper, we shed new light on the DNS amplification ecosystem, by studying
complementary data sources, bolstered by orthogonal methodologies. First, we introduce a …
complementary data sources, bolstered by orthogonal methodologies. First, we introduce a …
Preventing DNS amplification attacks using the history of DNS queries with SDN
Abstract Domain Name System (DNS) amplification attack is a sophisticated Distributed
Denial of Service (DDoS) attack by sending a huge volume of DNS name lookup requests to …
Denial of Service (DDoS) attack by sending a huge volume of DNS name lookup requests to …
: Measuring centralization of dns infrastructure in the wild
L Zembruzki, AS Jacobs, GS Landtreter… - … : Proceedings of the 34th …, 2020 - Springer
Abstract The Internet Domain Naming System (DNS) is one of the pillars for the Internet and
has been the subject of various Distributed Denial-of-Service (DDoS) attacks over the years …
has been the subject of various Distributed Denial-of-Service (DDoS) attacks over the years …
Detecting network scanning through monitoring and manipulation of dns traffic
In this paper, we propose an approach for detecting internal and external network scanning
attacks on enterprise networks. In our approach, an inline scan detection system (SDS) …
attacks on enterprise networks. In our approach, an inline scan detection system (SDS) …
Unveiling the weak links: exploring DNS infrastructure vulnerabilities and fortifying defenses
In the past decades, DNS has gradually risen into one of the most important systems on the
Internet. Malicious actors have long misused it in reflection and amplification DDoS attacks …
Internet. Malicious actors have long misused it in reflection and amplification DDoS attacks …
Characterizing optimal DNS amplification attacks and effective mitigation
DC MacFarland, CA Shue, AJ Kalafut - … , PAM 2015, New York, NY, USA …, 2015 - Springer
Attackers have used DNS amplification in over 34% of high-volume DDoS attacks, with
some floods exceeding 300 Gbps. The best current practices do not help victims during an …
some floods exceeding 300 Gbps. The best current practices do not help victims during an …