Paper Abstract and Keywords |
Presentation |
2016-03-04 13:30
Evaluation on Virtual Firewall Schemes against DNS Amplification Attacks Eitetsu Gen, Shota Endo (Tokai Univ.), Yuichi Sudo (NTT), Junichi Murayama (Tokai Univ.) IN2015-140 |
Abstract |
(in Japanese) |
(See Japanese page) |
(in English) |
Recently, DDoS attacks that disturb service offering in the Internet have occurred frequently. In order to mitigate such attack traffic between provider networks, deploying firewall functions is effective. They are attached to the border routers of a provider network. This firewall is required to support legitimate DNS accesses. Then, when it forwards a DNS request packet toward an outer provider, it allows incoming of the corresponded DNS reply packet. In such an access between providers, the ingress provider may be different from the egress provider. Consequently, distributed firewalls need to be acted virtually as a single firewall. Toward achieving such a firewall, some schemes have been proposed. However, their typical advantages are not clear. Thus we evaluated and compared virtual firewall schemes. The results are as follows. (1) Regarding allocation of filtering functions, a distributed scheme is tough against heavy attacks, while a centralized scheme is economical for implementation. (2) Concerning exchanging control messages for achieving the distribution, a client/server scheme is scalable for increasing filtering functions, while a peer scheme is reliable against fault. |
Keyword |
(in Japanese) |
(See Japanese page) |
(in English) |
DNS amplification attack / reflector / firewall / dynamic filtering / control message / / / |
Reference Info. |
IEICE Tech. Rep., vol. 115, no. 484, IN2015-140, pp. 189-192, March 2016. |
Paper # |
IN2015-140 |
Date of Issue |
2016-02-25 (IN) |
ISSN |
Print edition: ISSN 0913-5685 Online edition: ISSN 2432-6380 |
Copyright and reproduction |
All rights are reserved and no part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopy, recording, or any information storage and retrieval system, without permission in writing from the publisher. Notwithstanding, instructors are permitted to photocopy isolated articles for noncommercial classroom use without fee. (License No.: 10GA0019/12GB0052/13GB0056/17GB0034/18GB0034) |
Download PDF |
IN2015-140 |
Conference Information |
Committee |
NS IN |
Conference Date |
2016-03-03 - 2016-03-04 |
Place (in Japanese) |
(See Japanese page) |
Place (in English) |
Phoenix Seagaia Resort |
Topics (in Japanese) |
(See Japanese page) |
Topics (in English) |
General |
Paper Information |
Registration To |
IN |
Conference Code |
2016-03-NS-IN |
Language |
Japanese |
Title (in Japanese) |
(See Japanese page) |
Sub Title (in Japanese) |
(See Japanese page) |
Title (in English) |
Evaluation on Virtual Firewall Schemes against DNS Amplification Attacks |
Sub Title (in English) |
|
Keyword(1) |
DNS amplification attack |
Keyword(2) |
reflector |
Keyword(3) |
firewall |
Keyword(4) |
dynamic filtering |
Keyword(5) |
control message |
Keyword(6) |
|
Keyword(7) |
|
Keyword(8) |
|
1st Author's Name |
Eitetsu Gen |
1st Author's Affiliation |
Tokai University (Tokai Univ.) |
2nd Author's Name |
Shota Endo |
2nd Author's Affiliation |
Tokai University (Tokai Univ.) |
3rd Author's Name |
Yuichi Sudo |
3rd Author's Affiliation |
Nippon Telegraph and Telephone Corporation (NTT) |
4th Author's Name |
Junichi Murayama |
4th Author's Affiliation |
Tokai University (Tokai Univ.) |
5th Author's Name |
|
5th Author's Affiliation |
() |
6th Author's Name |
|
6th Author's Affiliation |
() |
7th Author's Name |
|
7th Author's Affiliation |
() |
8th Author's Name |
|
8th Author's Affiliation |
() |
9th Author's Name |
|
9th Author's Affiliation |
() |
10th Author's Name |
|
10th Author's Affiliation |
() |
11th Author's Name |
|
11th Author's Affiliation |
() |
12th Author's Name |
|
12th Author's Affiliation |
() |
13th Author's Name |
|
13th Author's Affiliation |
() |
14th Author's Name |
|
14th Author's Affiliation |
() |
15th Author's Name |
|
15th Author's Affiliation |
() |
16th Author's Name |
|
16th Author's Affiliation |
() |
17th Author's Name |
|
17th Author's Affiliation |
() |
18th Author's Name |
|
18th Author's Affiliation |
() |
19th Author's Name |
|
19th Author's Affiliation |
() |
20th Author's Name |
|
20th Author's Affiliation |
() |
Speaker |
Author-1 |
Date Time |
2016-03-04 13:30:00 |
Presentation Time |
20 minutes |
Registration for |
IN |
Paper # |
IN2015-140 |
Volume (vol) |
vol.115 |
Number (no) |
no.484 |
Page |
pp.189-192 |
#Pages |
4 |
Date of Issue |
2016-02-25 (IN) |
|