NCI WEBSITE
NORMA eResearch @NCI Library

Detection and mitigation of DNS laundering DDoS attacks

Tools

Garza Ruiz, Kevin Salvador (2023) Detection and mitigation of DNS laundering DDoS attacks. Masters thesis, Dublin, National College of Ireland.

[thumbnail of Master of Science]
Preview
 PDF (Master of Science)
Download (2MB) | Preview
[thumbnail of Configuration Manual]
Preview
 PDF (Configuration Manual)
Download (984kB) | Preview

Abstract

Distributed Denial-of-Service (DDoS) attacks has raised new concerns during the first half of the current year (2023) since longer and more intense attacks has been detected. A recently observed raise of DDoS attack related to Domain Name System (DNS) has been identified as DNS laundering DDoS attack, where the attacker manages to send DNS request to the target through a DNS resolver making the requests appear to be legit. This paper is presenting a solution for DNS laundering DDoS attack and giving a comparison of the effectiveness given by existing methods such as black-hole and rate limit. The proposed solution implies a device that acts as DNS controller which can detect a DDoS DNS laundering attack, block the attack, and keep the access to the targeted domain from users’ perspective. In this work the comparison between different methods and the proposed solution is given by experimentation, where in all cases when the proposed solution is applied, more than 99.6 percent of the load sent by the attacker is dropped, a reduction of 11.54 percent on memory utilization against “under attack” state is achieved, and finally 45.71 percent of swap memory utilization is reduced against “under attack” state. All these results are given under the main approach of the proposed solution that is giving access to legit users during the attack. The comparison given by the experimentation shows that blackhole solution accomplish the task of block the attack but failing on give legit users access to the targeted domain, on the other hand rate limit is successful on give legit users access to victim´s domain but only blocking partially the attack. Finally, the proposed domain is successful on blocking the attack and give legit users access to the victim´s domain.

Item Type: Thesis (Masters)
Supervisors:
Name
Email
Ayala-Rivera, Vanessa
UNSPECIFIED
Subjects: Q Science > QA Mathematics > Electronic computers. Computer science
T Technology > T Technology (General) > Information Technology > Electronic computers. Computer science
Q Science > QA Mathematics > Computer software > Computer Security
T Technology > T Technology (General) > Information Technology > Computer software > Computer Security
Divisions: School of Computing > Master of Science in Cyber Security
Depositing User: Ciara O'Brien
Date Deposited: 17 Apr 2025 10:06
Last Modified: 17 Apr 2025 10:06
URI: https://norma.ncirl.ie/id/eprint/7437

Actions (login required)

View Item View Item