HUSÁK, Martin and Martin VIZVÁRY. POSTER: Reflected attacks abusing honeypots. In Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security. New York, NY, USA: ACM, 2013. p. 1449-1452. ISBN 978-1-4503-2477-9. doi:10.1145/2508859.2512523.
Other formats:   BibTeX LaTeX RIS
Basic information
Original name POSTER: Reflected attacks abusing honeypots
Authors HUSÁK, Martin (203 Czech Republic, guarantor, belonging to the institution) and Martin VIZVÁRY (703 Slovakia, belonging to the institution).
Edition New York, NY, USA, Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security, p. 1449-1452, 4 pp. 2013.
Publisher ACM
Other information
Original language English
Type of outcome Proceedings paper
Field of Study 10201 Computer sciences, information science, bioinformatics
Country of publisher United States of America
Confidentiality degree is not subject to a state or trade secret
Publication form storage medium (CD, DVD, flash disk)
RIV identification code RIV/00216224:14610/13:00065737
Organization unit Institute of Computer Science
ISBN 978-1-4503-2477-9
ISSN 1543-7221
Doi http://dx.doi.org/10.1145/2508859.2512523
Keywords in English communication; data sharing; ddos attack; honeypot; mitigation; reflection
Tags rivok
Tags International impact, Reviewed
Changed by Changed by: Mgr. Marta Novotná Buršíková, učo 15689. Changed: 16. 3. 2016 15:23.
Abstract
We present the observation of distributed denial-of-service attacks that use reflection of the flooding traffic off reflectors. This type of attack was used in massive attacks against internet infrastructure of Czech Republic in March, 2013. Apart from common hosts in the network, honeypots were abused as the reflectors. It caused the false positive incident detection and helped attackers. Honeypots, which are by default set to accept any incoming network connection, unintentionally amplified the effect of reflection. We present an analysis of the attack from the point of view of honeypots and show the risks of having honeypots respond to any incoming traffic. We also discuss the possibilities of attack detection and mitigation and present lessons learned from handling the attack. We point out a lack of communication and data sharing during the observed attack.
Links
VG20132015103, research and development projectName: Kybernetický polygon (Acronym: KYPO)
Investor: Ministry of the Interior of the CR, Cybernetic Proving Ground
Type Name Uploaded/Created by Uploaded/Created Rights
reflected_attacks_abusing_honeypots.pdf   File version Husák, M. 22. 11. 2013

Properties

Address within IS
https://is.muni.cz/auth/publication/1129155/reflected_attacks_abusing_honeypots.pdf
Address for the users outside IS
https://is.muni.cz/publication/1129155/reflected_attacks_abusing_honeypots.pdf
Address within Manager
https://is.muni.cz/auth/publication/1129155/reflected_attacks_abusing_honeypots.pdf?info
Address within Manager for the users outside IS
https://is.muni.cz/publication/1129155/reflected_attacks_abusing_honeypots.pdf?info
Uploaded/Created
Fri 22. 11. 2013 11:30, RNDr. Martin Husák, Ph.D.

Rights

Right to read
  • anyone on the Internet
Right to upload
 
Right to administer:
  • a concrete person RNDr. Martin Vizváry, učo 255917
  • a concrete person RNDr. Martin Husák, Ph.D., učo 256631
Attributes
 

reflected_attacks_abusing_honeypots.pdf

Application
Open the file
Download file.
Address within IS
https://is.muni.cz/auth/publication/1129155/reflected_attacks_abusing_honeypots.pdf
Address for the users outside IS
http://is.muni.cz/publication/1129155/reflected_attacks_abusing_honeypots.pdf
File type
PDF (application/pdf)
Size
391,9 KB
Hash md5
c71f119ca79384ae2e7d59aacb64c6b7
Uploaded/Created
Fri 22. 11. 2013 11:30

reflected_attacks_abusing_honeypots.txt

Application
Open the file
Download file.
Address within IS
https://is.muni.cz/auth/publication/1129155/reflected_attacks_abusing_honeypots.txt
Address for the users outside IS
http://is.muni.cz/publication/1129155/reflected_attacks_abusing_honeypots.txt
File type
plain text (text/plain)
Size
15 KB
Hash md5
4962ea8fa7dc6ac21d4c0575a802a28d
Uploaded/Created
Fri 22. 11. 2013 11:32
reflected_attacks_abusing_honeypots_poster.pdf   File version Husák, M. 22. 11. 2013

Properties

Address within IS
https://is.muni.cz/auth/publication/1129155/reflected_attacks_abusing_honeypots_poster.pdf
Address for the users outside IS
https://is.muni.cz/publication/1129155/reflected_attacks_abusing_honeypots_poster.pdf
Address within Manager
https://is.muni.cz/auth/publication/1129155/reflected_attacks_abusing_honeypots_poster.pdf?info
Address within Manager for the users outside IS
https://is.muni.cz/publication/1129155/reflected_attacks_abusing_honeypots_poster.pdf?info
Uploaded/Created
Fri 22. 11. 2013 11:31, RNDr. Martin Husák, Ph.D.

Rights

Right to read
  • anyone on the Internet
Right to upload
 
Right to administer:
  • a concrete person RNDr. Martin Vizváry, učo 255917
  • a concrete person RNDr. Martin Husák, Ph.D., učo 256631
Attributes
 

reflected_attacks_abusing_honeypots_poster.pdf

Application
Open the file
Download file.
Address within IS
https://is.muni.cz/auth/publication/1129155/reflected_attacks_abusing_honeypots_poster.pdf
Address for the users outside IS
http://is.muni.cz/publication/1129155/reflected_attacks_abusing_honeypots_poster.pdf
File type
PDF (application/pdf)
Size
4,2 MB
Hash md5
b2cb61f286089f362d559c774a481966
Uploaded/Created
Fri 22. 11. 2013 11:31

reflected_attacks_abusing_honeypots_poster.txt

Application
Open the file
Download file.
Address within IS
https://is.muni.cz/auth/publication/1129155/reflected_attacks_abusing_honeypots_poster.txt
Address for the users outside IS
http://is.muni.cz/publication/1129155/reflected_attacks_abusing_honeypots_poster.txt
File type
plain text (text/plain)
Size
3,3 KB
Uploaded/Created
Fri 22. 11. 2013 11:33
Print
Report a file uploaded without authorization. Displayed: 26. 6. 2022 10:21