ملخص
Random Subdomain DDoS a.acks on the Domain Name System (DNS) infrastructure are becoming a popular vector in recent a.acks (e.g., recent Mirai a.ack on Dyn). In these a.acks, many queries are sent for a single or a few victim domains, yet they include highly varying non-existent subdomains generated randomly. Motivated by these a.acks we designed and implemented novel and efficient algorithms for distinct heavy hi.ers (dHH). A (classic) heavy hi.er (HH) in a stream of elements is a key (e.g., the domain of a query) which appears in many elements (e.g., requests). When stream elements consist of key, subkey¿ pairs, (domain, subdomain¿) a distinct heavy hi.er (dhh) is a key that is paired with a large number of di.erent subkeys. Our algorithms dominate previous designs in both the asymptotic (theoretical) sense and practicality. Speciffically the new .xed-size algorithms are simple to code and with asymptotically optimal space accuracy tradeoffs. Based on these algorithms, we build and implement a system for detection and mitigation of Random Subdomain DDoS a.acks. We perform experimental evaluation, demonstrating the effectiveness of our algorithms.
اللغة الأصلية | الإنجليزيّة |
---|---|
عنوان منشور المضيف | HotWeb 2017 - Proceedings of the 5th ACM/IEEE Workshop on Hot Topics in Web Systems and Technologies |
ناشر | Association for Computing Machinery, Inc |
رقم المعيار الدولي للكتب (الإلكتروني) | 9781450355278 |
المعرِّفات الرقمية للأشياء | |
حالة النشر | نُشِر - 14 أكتوبر 2017 |
الحدث | 5th ACM/IEEE Workshop on Hot Topics in Web Systems and Technologies, HotWeb 2017 - San Jose, الولايات المتّحدة المدة: ١٤ أكتوبر ٢٠١٧ → … |
سلسلة المنشورات
الاسم | HotWeb 2017 - Proceedings of the 5th ACM/IEEE Workshop on Hot Topics in Web Systems and Technologies |
---|
!!Conference
!!Conference | 5th ACM/IEEE Workshop on Hot Topics in Web Systems and Technologies, HotWeb 2017 |
---|---|
الدولة/الإقليم | الولايات المتّحدة |
المدينة | San Jose |
المدة | ١٤/١٠/١٧ → … |
ملاحظة ببليوغرافية
Funding Information:Œis research was supported by a grant from the Blavatnik Cyber Security Councile, by a grant of the European Research Council (ERC) Starting Grant no. 259085, and by the Ministry of Science and Technology, Israel.
Publisher Copyright:
© 2017 Copyright held by the owner/author(s).