Measurement of DNS Traffic Caused by DDoS Attacks | Zendy

Keisuke  Ishibashi | Zendy; Tsuyoshi  Toyono | Zendy; Hirotaka  Matsuoka | Zendy; Katsuyasu  Toyama | Zendy; Masahiro  Ishino | Zendy; Chika  Yoshimura | Zendy; Takehiro  Ozaki | Zendy; Yuichi  Sakamoto | Zendy; Ichiro  Mizukoshi | Zendy

AI Assistant Blog Pricing

Home ZAIA Blog

Open Access

Measurement of DNS Traffic Caused by DDoS Attacks

Author(s) -

Keisuke Ishibashi,

Tsuyoshi Toyono,

Hirotaka Matsuoka,

Katsuyasu Toyama,

Masahiro Ishino,

Chika Yoshimura,

Takehiro Ozaki,

Yuichi Sakamoto,

Ichiro Mizukoshi

Publication year - 2005

Publication title -

2005 symposium on applications and the internet workshops (saint 2005 workshops)

Language(s) - English

DOI - 10.1109/saintw.2005.80

We report the measurement results of Domain Name System (DNS) traffic during the periods of DDoS attacks against a Web server. The attack was caused by virus infected machines. We monitored DNS query packets at DNS cache servers of an Japanese ISP, Open Computer Networks (OCN). We especially focused on those sent by the virus to find the IP address of the target web server. By analyzing the measurement results in detail, we found that the DNS configuration change of the authoritative DNS servers of the target site caused a significant increase in the number of queries.We also show how the DNS operators mitigated those queries by changing the configuration of DNS cache servers and authoritative servers.

The content you want is available to Zendy users.

Already have an account? Click here to sign in.

Having issues? You can contact us here

Accelerating Research