Enhanced Server Availability for DDoS Amplification Attack Using CLDAP Protocol

KIPS Transactions on Computer and Communication Systems, Vol. 7, No.1, pp.19-26, January 2018
10.3745/KTCCS.2018.7.1.019, Full Text

Abstract

Recently, DDoS amplification attacks using servers that provide Microsoft Active Directory information using CLDAP protocol are increasing. Because CLDAP is an open standard application that allows a wide range of directory information to be accessed and maintained in a network, the server is characterized by its openness to the Internet. This can be exploited by the Reflector server to perform an amplification attack by an attacker. In addition, this attack can be attacked with a packet that is amplified 70 times more than the conventional UDP-based flooding attack, and it can block service to small and medium sized server. Therefore, in this paper, we propose an algorithm that can reduce the DDoS amplification attack using CLDAP server and implement the corresponding CLDAP server environment virtually, and implement and demonstrate the corresponding algorithm. This provides a way to ensure the availability of the server.


Statistics

Show / Hide Statistics

Statistics (Cumulative Counts from October 15, 2016)

Multiple requests among the same browser session are counted as one view. If you mouse over a chart, the values of data points will be shown.


Cite this paper

[KIPS Transactions Style]
C. S. June and K. Jin, "Enhanced Server Availability for DDoS Amplification Attack Using CLDAP Protocol," KIPS Transactions on Computer and Communication Systems, Vol.7, No.1, pp.19-26, 2018, DOI: 10.3745/KTCCS.2018.7.1.019.

[IEEE Style]
Choi Suk June and Kwak Jin, "Enhanced Server Availability for DDoS Amplification Attack Using CLDAP Protocol," KIPS Transactions on Computer and Communication Systems, vol. 7, no. 1, pp. 19-26, 2018. DOI: 10.3745/KTCCS.2018.7.1.019.

[ACM Style]
June, C. S. and Jin, K. 2018. Enhanced Server Availability for DDoS Amplification Attack Using CLDAP Protocol. KIPS Transactions on Computer and Communication Systems, 7, 1, (2018), 19-26. DOI: 10.3745/KTCCS.2018.7.1.019.