Measurement of DNS Traffic Caused by DDoS Attacks

	This Article
	Subscribers, please Login Purchase article: $19 PDF RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Keisuke Ishibashi Articles by Tsuyoshi Toyono Articles by Hirotaka Matsuoka Articles by Katsuyasu Toyama Articles by Masahiro Ishino Articles by Chika Yoshimura Articles by Takehiro Ozaki Articles by Yuichi Sakamoto Articles by Ichiro Mizukoshi

2005 Symposium on Applications and the Internet Workshops (SAINT 2005 Workshops)

Trento, Italy

January 31-February 04

ISBN: 0-7695-2263-7

	ASCII Text	x
	Keisuke Ishibashi, Tsuyoshi Toyono, Hirotaka Matsuoka, Katsuyasu Toyama, Masahiro Ishino, Chika Yoshimura, Takehiro Ozaki, Yuichi Sakamoto, Ichiro Mizukoshi, "Measurement of DNS Traffic Caused by DDoS Attacks," Applications and the Internet Workshops, IEEE/IPSJ International Symposium on, pp. 118-121, 2005 Symposium on Applications and the Internet Workshops (SAINT 2005 Workshops), 2005.

	BibTex	x
	@article{ 10.1109/SAINTW.2005.80, author = {Keisuke Ishibashi and Tsuyoshi Toyono and Hirotaka Matsuoka and Katsuyasu Toyama and Masahiro Ishino and Chika Yoshimura and Takehiro Ozaki and Yuichi Sakamoto and Ichiro Mizukoshi}, title = {Measurement of DNS Traffic Caused by DDoS Attacks}, journal ={Applications and the Internet Workshops, IEEE/IPSJ International Symposium on}, volume = {0}, year = {2005}, isbn = {0-7695-2263-7}, pages = {118-121}, doi = {http://doi.ieeecomputersociety.org/10.1109/SAINTW.2005.80}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Applications and the Internet Workshops, IEEE/IPSJ International Symposium on TI - Measurement of DNS Traffic Caused by DDoS Attacks SN - 0-7695-2263-7 SP118 EP121 A1 - Keisuke Ishibashi, A1 - Tsuyoshi Toyono, A1 - Hirotaka Matsuoka, A1 - Katsuyasu Toyama, A1 - Masahiro Ishino, A1 - Chika Yoshimura, A1 - Takehiro Ozaki, A1 - Yuichi Sakamoto, A1 - Ichiro Mizukoshi, PY - 2005 KW - null VL - 0 JA - Applications and the Internet Workshops, IEEE/IPSJ International Symposium on ER -

Keisuke Ishibashi, NTT Corporation

Tsuyoshi Toyono, NTT Corporation

Hirotaka Matsuoka, NTT Corporation

Katsuyasu Toyama, NTT Corporation

Masahiro Ishino, NTT Communications

Chika Yoshimura, NTT Communications

Takehiro Ozaki, NTT Communications

Yuichi Sakamoto, NTT Communications

Ichiro Mizukoshi, NTT Communications

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/SAINTW.2005.80

We report the measurement results of Domain Name System (DNS) traffic during the periods of DDoS attacks against a Web server. The attack was caused by virus infected machines. We monitored DNS query packets at DNS cache servers of an Japanese ISP, Open Computer Networks (OCN). We especially focused on those sent by the virus to find the IP address of the target web server.

By analyzing the measurement results in detail, we found that the DNS configuration change of the authoritative DNS servers of the target site caused a significant increase in the number of queries.We also show how the DNS operators mitigated those queries by changing the configuration of DNS cache servers and authoritative servers.

Citation:

Keisuke Ishibashi, Tsuyoshi Toyono, Hirotaka Matsuoka, Katsuyasu Toyama, Masahiro Ishino, Chika Yoshimura, Takehiro Ozaki, Yuichi Sakamoto, Ichiro Mizukoshi, "Measurement of DNS Traffic Caused by DDoS Attacks," saint-w, pp.118-121, 2005 Symposium on Applications and the Internet Workshops (SAINT 2005 Workshops), 2005

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.