Worldwide Detection of Denial of Service (DoS) Attacks

8/17/01


Click here to start


Table of Contents

Worldwide Detection of Denial of Service (DoS) Attacks

Outline

Key Idea

Backscatter Analysis Technique

Backscatter Example: Responses Monitored

Backscatter analysis

Assumptions and biases

Identifying attacks

Results

Attack breakdown (three weeks in February)

Attacks over time

Attack characterization

Attack duration distribution

Attack rate distribution

Victim characterization

Victim breakdown by TLD

Distribution of repeat attacks

Validation

Conclusions

Cooperative Association for Internet Data Analysis (CAIDA) San Diego Supercomputer Center Computer Science & Engineering University of California, San Diego http://www.caida.org/outreach/ papers/backscatter/

Example 1: Periodic attack (1hr per 24hrs)

Example 2: Punctuated attack (1min interval)

Backscatter protocol breakdown (one week)

Attack protocol breakdown (one week)

Author: David Moore