IEICE Technical Committee Submission System
Conference Paper's Information
Online Proceedings
[Sign in]
Tech. Rep. Archives
 Go Top Page Go Previous   [Japanese] / [English] 

Paper Abstract and Keywords
Presentation 2016-03-04 13:30
Evaluation on Virtual Firewall Schemes against DNS Amplification Attacks
Eitetsu Gen, Shota Endo (Tokai Univ.), Yuichi Sudo (NTT), Junichi Murayama (Tokai Univ.) IN2015-140
Abstract (in Japanese) (See Japanese page) 
(in English) Recently, DDoS attacks that disturb service offering in the Internet have occurred frequently. In order to mitigate such attack traffic between provider networks, deploying firewall functions is effective. They are attached to the border routers of a provider network. This firewall is required to support legitimate DNS accesses. Then, when it forwards a DNS request packet toward an outer provider, it allows incoming of the corresponded DNS reply packet. In such an access between providers, the ingress provider may be different from the egress provider. Consequently, distributed firewalls need to be acted virtually as a single firewall. Toward achieving such a firewall, some schemes have been proposed. However, their typical advantages are not clear. Thus we evaluated and compared virtual firewall schemes. The results are as follows. (1) Regarding allocation of filtering functions, a distributed scheme is tough against heavy attacks, while a centralized scheme is economical for implementation. (2) Concerning exchanging control messages for achieving the distribution, a client/server scheme is scalable for increasing filtering functions, while a peer scheme is reliable against fault.
Keyword (in Japanese) (See Japanese page) 
(in English) DNS amplification attack / reflector / firewall / dynamic filtering / control message / / /  
Reference Info. IEICE Tech. Rep., vol. 115, no. 484, IN2015-140, pp. 189-192, March 2016.
Paper # IN2015-140 
Date of Issue 2016-02-25 (IN) 
ISSN Print edition: ISSN 0913-5685    Online edition: ISSN 2432-6380
Copyright
and
reproduction
All rights are reserved and no part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopy, recording, or any information storage and retrieval system, without permission in writing from the publisher. Notwithstanding, instructors are permitted to photocopy isolated articles for noncommercial classroom use without fee. (License No.: 10GA0019/12GB0052/13GB0056/17GB0034/18GB0034)
Download PDF IN2015-140

Conference Information
Committee NS IN  
Conference Date 2016-03-03 - 2016-03-04 
Place (in Japanese) (See Japanese page) 
Place (in English) Phoenix Seagaia Resort 
Topics (in Japanese) (See Japanese page) 
Topics (in English) General 
Paper Information
Registration To IN 
Conference Code 2016-03-NS-IN 
Language Japanese 
Title (in Japanese) (See Japanese page) 
Sub Title (in Japanese) (See Japanese page) 
Title (in English) Evaluation on Virtual Firewall Schemes against DNS Amplification Attacks 
Sub Title (in English)  
Keyword(1) DNS amplification attack  
Keyword(2) reflector  
Keyword(3) firewall  
Keyword(4) dynamic filtering  
Keyword(5) control message  
Keyword(6)  
Keyword(7)  
Keyword(8)  
1st Author's Name Eitetsu Gen  
1st Author's Affiliation Tokai University (Tokai Univ.)
2nd Author's Name Shota Endo  
2nd Author's Affiliation Tokai University (Tokai Univ.)
3rd Author's Name Yuichi Sudo  
3rd Author's Affiliation Nippon Telegraph and Telephone Corporation (NTT)
4th Author's Name Junichi Murayama  
4th Author's Affiliation Tokai University (Tokai Univ.)
5th Author's Name  
5th Author's Affiliation ()
6th Author's Name  
6th Author's Affiliation ()
7th Author's Name  
7th Author's Affiliation ()
8th Author's Name  
8th Author's Affiliation ()
9th Author's Name  
9th Author's Affiliation ()
10th Author's Name  
10th Author's Affiliation ()
11th Author's Name  
11th Author's Affiliation ()
12th Author's Name  
12th Author's Affiliation ()
13th Author's Name  
13th Author's Affiliation ()
14th Author's Name  
14th Author's Affiliation ()
15th Author's Name  
15th Author's Affiliation ()
16th Author's Name  
16th Author's Affiliation ()
17th Author's Name  
17th Author's Affiliation ()
18th Author's Name  
18th Author's Affiliation ()
19th Author's Name  
19th Author's Affiliation ()
20th Author's Name  
20th Author's Affiliation ()
Speaker Author-1 
Date Time 2016-03-04 13:30:00 
Presentation Time 20 minutes 
Registration for IN 
Paper # IN2015-140 
Volume (vol) vol.115 
Number (no) no.484 
Page pp.189-192 
#Pages
Date of Issue 2016-02-25 (IN) 


[Return to Top Page]

[Return to IEICE Web Page]


The Institute of Electronics, Information and Communication Engineers (IEICE), Japan