This HTML5 document contains 46 embedded RDF statements represented using HTML+Microdata notation.

The embedded RDF content will be recognized by any processor of HTML5 Microdata.

Namespace Prefixes

PrefixIRI
n15http://linked.opendata.cz/ontology/domain/vavai/riv/typAkce/
dctermshttp://purl.org/dc/terms/
n19http://purl.org/net/nknouf/ns/bibtex#
n10http://localhost/temp/predkladatel/
n11http://linked.opendata.cz/resource/domain/vavai/projekt/
n8http://linked.opendata.cz/resource/domain/vavai/riv/tvurce/
n7http://linked.opendata.cz/resource/domain/vavai/subjekt/
n6http://linked.opendata.cz/ontology/domain/vavai/
n14https://schema.org/
shttp://schema.org/
skoshttp://www.w3.org/2004/02/skos/core#
n3http://linked.opendata.cz/ontology/domain/vavai/riv/
n17http://bibframe.org/vocab/
n20http://linked.opendata.cz/resource/domain/vavai/vysledek/RIV%2F00216224%3A14610%2F13%3A00065737%21RIV14-MV0-14610___/
n2http://linked.opendata.cz/resource/domain/vavai/vysledek/
rdfhttp://www.w3.org/1999/02/22-rdf-syntax-ns#
n9http://linked.opendata.cz/ontology/domain/vavai/riv/klicoveSlovo/
n23http://linked.opendata.cz/ontology/domain/vavai/riv/duvernostUdaju/
xsdhhttp://www.w3.org/2001/XMLSchema#
n16http://linked.opendata.cz/ontology/domain/vavai/riv/jazykVysledku/
n12http://linked.opendata.cz/ontology/domain/vavai/riv/aktivita/
n22http://linked.opendata.cz/ontology/domain/vavai/riv/obor/
n18http://linked.opendata.cz/ontology/domain/vavai/riv/druhVysledku/
n13http://reference.data.gov.uk/id/gregorian-year/

Statements

Subject Item
n2:RIV%2F00216224%3A14610%2F13%3A00065737%21RIV14-MV0-14610___
rdf:type
n6:Vysledek skos:Concept
dcterms:description
We present the observation of distributed denial-of-service attacks that use reflection of the flooding traffic off reflectors. This type of attack was used in massive attacks against internet infrastructure of Czech Republic in March, 2013. Apart from common hosts in the network, honeypots were abused as the reflectors. It caused the false positive incident detection and helped attackers. Honeypots, which are by default set to accept any incoming network connection, unintentionally amplified the effect of reflection. We present an analysis of the attack from the point of view of honeypots and show the risks of having honeypots respond to any incoming traffic. We also discuss the possibilities of attack detection and mitigation and present lessons learned from handling the attack. We point out a lack of communication and data sharing during the observed attack. We present the observation of distributed denial-of-service attacks that use reflection of the flooding traffic off reflectors. This type of attack was used in massive attacks against internet infrastructure of Czech Republic in March, 2013. Apart from common hosts in the network, honeypots were abused as the reflectors. It caused the false positive incident detection and helped attackers. Honeypots, which are by default set to accept any incoming network connection, unintentionally amplified the effect of reflection. We present an analysis of the attack from the point of view of honeypots and show the risks of having honeypots respond to any incoming traffic. We also discuss the possibilities of attack detection and mitigation and present lessons learned from handling the attack. We point out a lack of communication and data sharing during the observed attack.
dcterms:title
POSTER: Reflected attacks abusing honeypots POSTER: Reflected attacks abusing honeypots
skos:prefLabel
POSTER: Reflected attacks abusing honeypots POSTER: Reflected attacks abusing honeypots
skos:notation
RIV/00216224:14610/13:00065737!RIV14-MV0-14610___
n6:predkladatel
n7:orjk%3A14610
n3:aktivita
n12:P
n3:aktivity
P(VG20132015103)
n3:dodaniDat
n13:2014
n3:domaciTvurceVysledku
n8:4268784 n8:5592925
n3:druhVysledku
n18:D
n3:duvernostUdaju
n23:S
n3:entitaPredkladatele
n20:predkladatel
n3:idSjednocenehoVysledku
97692
n3:idVysledku
RIV/00216224:14610/13:00065737
n3:jazykVysledku
n16:eng
n3:klicovaSlova
communication; data sharing; ddos attack; honeypot; mitigation; reflection
n3:klicoveSlovo
n9:ddos%20attack n9:mitigation n9:reflection n9:communication n9:data%20sharing n9:honeypot
n3:kontrolniKodProRIV
[69353952C86D]
n3:mistoKonaniAkce
Berlin, Germany
n3:mistoVydani
New York, NY, USA
n3:nazevZdroje
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
n3:obor
n22:IN
n3:pocetDomacichTvurcuVysledku
2
n3:pocetTvurcuVysledku
2
n3:projekt
n11:VG20132015103
n3:rokUplatneniVysledku
n13:2013
n3:tvurceVysledku
Husák, Martin Vizváry, Martin
n3:typAkce
n15:WRD
n3:zahajeniAkce
2013-01-01+01:00
s:numberOfPages
4
n17:doi
10.1145/2508859.2512523
n19:hasPublisher
ACM
n14:isbn
9781450324779
n10:organizacniJednotka
14610