• DocumentCode
    248414
  • Title

    Automatic Detection and Rectification of DNS Reflection Amplification Attacks with Hadoop MapReduce and Chukwa

  • Author

    Jose, Ancy Sherin ; Binu, A.

  • Author_Institution
    Dept. of Inf. Technol., Rajagiri Sch. of Eng. & Technol., Kochi, India
  • fYear
    2014
  • fDate
    27-29 Aug. 2014
  • Firstpage
    195
  • Lastpage
    198
  • Abstract
    DNS Reflection Amplification Attacks are now a days popular and it is the Distributed Denial of Service Attack. This attack makes use of DNS Servers, which are publicly hosted and accessible by everyone, to give huge responses to victims. The victims thus get overloaded by the huge responses for which they do not have sent requests, thus exhausting the resources of the victim. Chukwa is a hadoop subproject which is designed for distributed log monitoring and analysis. This paper concentrates on detecting the DNS Reflection Amplification Attacks by using chukwa for log collection and HDFS for storing logs and Chukwa Demux jobs which are Map Reduce Jobs for detecting the orphan queries and thus automatically defensing by updating the firewall rules.
  • Keywords
    firewalls; monitoring; Chukwa Demux jobs; DNS reflection amplification attacks; Hadoop MapReduce; automatic detection; automatic rectification; distributed denial of service attack; distributed log monitoring; firewall rules; Computer crime; Firewalls (computing); Monitoring; Ports (Computers); Reflection; Servers; Workstations; Chukwa; Chukwa Demux Jobs; DNS Reflection Amplification Attacks; HDFS; Hadoop; Map Reduce;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Advances in Computing and Communications (ICACC), 2014 Fourth International Conference on
  • Conference_Location
    Cochin
  • Print_ISBN
    978-1-4799-4364-7
  • Type

    conf

  • DOI
    10.1109/ICACC.2014.54
  • Filename
    6906023
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=248414