Network hygiene, incentives, and regulation: deployment of source address validation in the internet
The Spoofer project has collected data on the deployment and characteristics of IP source
address validation on the Internet since 2005. Data from the project comes from participants …
address validation on the Internet since 2005. Data from the project comes from participants …
DDoS never dies? An IXP perspective on DDoS amplification attacks
D Kopp, C Dietzel, O Hohlfeld - … Conference on Passive and Active Network …, 2021 - Springer
DDoS attacks remain a major security threat to the continuous operation of Internet edge
infrastructures, web services, and cloud platforms. While a large body of research focuses …
infrastructures, web services, and cloud platforms. While a large body of research focuses …
The far side of DNS amplification: tracing the DDoS attack ecosystem from the internet core
In this paper, we shed new light on the DNS amplification ecosystem, by studying
complementary data sources, bolstered by orthogonal methodologies. First, we introduce a …
complementary data sources, bolstered by orthogonal methodologies. First, we introduce a …
Stellar: network attack mitigation using advanced blackholing
Network attacks, including Distributed Denial-of-Service (DDoS), continuously increase in
terms of bandwidth along with damage (recent attacks exceed 1.7 Tbps) and have a …
terms of bandwidth along with damage (recent attacks exceed 1.7 Tbps) and have a …
Ten years of zmap
Since ZMap's debut in 2013, networking and security researchers have used the open-
source scanner to write hundreds of research papers that study Internet behavior. In …
source scanner to write hundreds of research papers that study Internet behavior. In …
Security threats in wireless network communication-status, challenges, and future trends
AN Kadhim, SB Sadkhan - 2021 International Conference on …, 2021 - ieeexplore.ieee.org
The wireless air interface is open and accessible to both authorized and unauthorized users
due to the broadcast nature of radio propagation. In a wired network, communication …
due to the broadcast nature of radio propagation. In a wired network, communication …
Quicsand: quantifying quic reconnaissance scans and dos flooding events
In this paper, we present first measurements of Internet background radiation originating
from the emerging transport protocol QUIC. Our analysis is based on the UCSD network …
from the emerging transport protocol QUIC. Our analysis is based on the UCSD network …
Deployment of source address validation by network operators: a randomized control trial
IP spoofing, sending IP packets with a false source IP address, continues to be a primary
attack vector for large-scale Denial of Service attacks. To combat spoofing, various …
attack vector for large-scale Denial of Service attacks. To combat spoofing, various …
{Off-Path} Network Traffic Manipulation via Revitalized {ICMP} Redirect Attacks
ICMP redirect is a mechanism that allows an end host to dynamically update its routing
decisions for particular destinations. Previous studies show that ICMP redirect may be …
decisions for particular destinations. Previous studies show that ICMP redirect may be …
DDoS hide & seek: on the effectiveness of a booter services takedown
D Kopp, M Wichtlhuber, I Poese, J Santanna… - Proceedings of the …, 2019 - dl.acm.org
Booter services continue to provide popular DDoS-as-a-service platforms and enable
anyone irrespective of their technical ability, to execute DDoS attacks with devastating …
anyone irrespective of their technical ability, to execute DDoS attacks with devastating …