TY  - JOUR
TI  - A Study on Exploitable DRDoS Amplifiers in Europe
AB  - One of the best-known cyber attacks, distributed denial of service (DDoS), is evolving. It has become much more
malefic and effective with the use of amplification power of reflected messages. This attack is known as the distributed reflected
denial of service (DRDoS) or the amplification attack. Attackers abuse UDP-based protocols’ connectionless property for this
attack and achieve an attack volume of hundreds of Gbps. The attack occurs by botnets’ spoofing a victim’s IP address and
demanding some service from unhardened servers. Attackers generally prefer protocols that have high a “amplification factor”
such as NTP and Memcached, or protocols where it is hard to differentiate legal requests from malicious ones, such as DNS.
At this point, an important defensive strategy against these attacks is to harden servers not to play a role as amplifiers. In
this paper, we carried out a detailed research of servers in 41 European countries and focused on three UDP-based protocols
most commonly abused by attackers: DNS, NTP, and Memcached. We searched these servers by automatic regional scans and analyzed whether they have been hardened against DRDoS attacks.
AU  - ERCAN, Emre Murat
AU  - Selcuk, Ali Aydin
PY  - 2021
JO  - INTERNATIONAL JOURNAL OF INFORMATION SECURITY SCIENCE
VL  - 10
IS  - 2
SN  - 2147-0030
SP  - 26
EP  - 41
DB  - TRDizin
UR  - http://search/yayin/detay/522859
ER  -