Další formáty:
BibTeX
LaTeX
RIS
@inproceedings{1129155, author = {Husák, Martin and Vizváry, Martin}, address = {New York, NY, USA}, booktitle = {Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security}, doi = {http://dx.doi.org/10.1145/2508859.2512523}, keywords = {communication; data sharing; ddos attack; honeypot; mitigation; reflection}, howpublished = {paměťový nosič}, language = {eng}, location = {New York, NY, USA}, isbn = {978-1-4503-2477-9}, pages = {1449-1452}, publisher = {ACM}, title = {POSTER: Reflected attacks abusing honeypots}, year = {2013} }
TY - JOUR ID - 1129155 AU - Husák, Martin - Vizváry, Martin PY - 2013 TI - POSTER: Reflected attacks abusing honeypots PB - ACM CY - New York, NY, USA SN - 9781450324779 KW - communication KW - data sharing KW - ddos attack KW - honeypot KW - mitigation KW - reflection N2 - We present the observation of distributed denial-of-service attacks that use reflection of the flooding traffic off reflectors. This type of attack was used in massive attacks against internet infrastructure of Czech Republic in March, 2013. Apart from common hosts in the network, honeypots were abused as the reflectors. It caused the false positive incident detection and helped attackers. Honeypots, which are by default set to accept any incoming network connection, unintentionally amplified the effect of reflection. We present an analysis of the attack from the point of view of honeypots and show the risks of having honeypots respond to any incoming traffic. We also discuss the possibilities of attack detection and mitigation and present lessons learned from handling the attack. We point out a lack of communication and data sharing during the observed attack. ER -
HUSÁK, Martin a Martin VIZVÁRY. POSTER: Reflected attacks abusing honeypots. In \textit{Proceedings of the 2013 ACM SIGSAC conference on Computer \&{} communications security}. New York, NY, USA: ACM. s.~1449-1452. ISBN~978-1-4503-2477-9. doi:10.1145/2508859.2512523. 2013.
|