North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
full paper up for one of the nanog DOS talks on monday
http://www.caida.org/outreach/papers/backscatter/index.xml in case folks want to have more details on this topic before their talk (pretty interesting stuff...) abstract Inferring Internet Denial-of-Service Activity David Moore Cooperative Association for Internet Data Analysis (CAIDA) San Diego Supercomputer Center University of California, San Diego Geoffrey M. Voelker and Stefan Savage Department of Computer Science and Engineering University of California, San Diego In this paper, we seek to answer a simple question: "How prevalent are denial-of-service attacks in the Internet today?". Our motivation is to understand quantitatively the nature of the current threat as well as to enable longer-term analyses of trends and recurring patterns of attacks. We present a new technique, called "backscatter analysis", that provides an estimate of worldwide denial-of-service activity. We use this approach on three week-long datasets to assess the number, duration and focus of attacks, and to characterize their behavior. During this period, we observe more than 12,000 attacks against more than 5,000 distinct targets, ranging from well known e-commerce companies such as Amazon and Hotmail to small foreign ISPs and dial-up connections. We believe that our work is the only publically available data quantifying denial-of-service activity in the Internet.