Please use this identifier to cite or link to this item: http://ir.unikl.edu.my/jspui/handle/123456789/20623
metadata.theses.dc.title: A DEFENSE OF DNS AMPLIFICATION ATTACK VIA FLOW-BASED ANALYSIS WITH SDN
metadata.theses.dc.contributor.*: AHMAD ARIFF AIZUDDIN MOHD ATAN
metadata.theses.dc.date.issued: 28-Nov-2018
metadata.theses.dc.description.abstract: The purpose of this research is to seek and propose alternative detection and mitigatin methods which can be used to create a defense of DNS amplification attack. Network traces obtained from University of Twente, Netherlands [2] have been used in this research. The existing methodology for DDoS attack detection and traffic mitigation using flow statistics has been adopted in this research. Properties of the proposed framework include; exporting flow information from an exporter to a collector; importing flow statistics of normal and abnormal DNS traffic; processing collected flow statistics by filtering both benign and malicious traffic according to DNS application data; check change of statistics by comparing both filtered traffic via an analyzer. Experimental results suggested that the proposed method manages to detect suspicious traffic without entailing huge DNS response by using flexible flow, and decelerate amplified traffic without intruding normal DNS operation by using security-centric SDN. A comparative study was also carried out and it showed that the proposed approach has performed better in terms of the detection time and accuracy. This research was conducted based on limited resources and variables due to hardware constraints and the lack of publicly available dataset, apart from the ones that are mentioned above [2]. Thus, the obtained results are applicable only to the study domain with selected network traces. This research has introduced the application of flow-based monitoring with flow-based configuration technologies in providing substitute solution to timely detect and reasonably mitigate DNS amplification attack.
metadata.theses.dc.identifier.uri: http://ir.unikl.edu.my/jspui/handle/123456789/20623
metadata.theses.dc.theses.semester: July 2017
metadata.theses.dc.theses.course: Degree of Master of Information Technology
Appears in Collections:Master Theses

Files in This Item:
File Description SizeFormat 
Master_Ahmad Ariff Aizuddin Mohd Atan_MIIT.pdf78.45 kBAdobe PDFView/Open    Request a copy


Items in UniKL IR are protected by copyright, with all rights reserved, unless otherwise indicated.