The design and Implementation of the detection and defense system against packet amplifier attacks using open resolver DNS servers.
Project/Area Number |
26330101
|
Research Category |
Grant-in-Aid for Scientific Research (C)
|
Allocation Type | Multi-year Fund |
Section | 一般 |
Research Field |
Information network
|
Research Institution | The University of Tokyo |
Principal Investigator |
SEKIYA Yuji 東京大学, 情報基盤センター, 准教授 (30361687)
|
Co-Investigator(Kenkyū-buntansha) |
石原 知洋 東京大学, 大学院総合文化研究科, 助教 (60588242)
|
Research Collaborator |
TAZAKI Hajime 株式会社IIJイノベーションインスティテュート (10611303)
|
Project Period (FY) |
2014-04-01 – 2017-03-31
|
Project Status |
Completed (Fiscal Year 2016)
|
Budget Amount *help |
¥4,550,000 (Direct Cost: ¥3,500,000、Indirect Cost: ¥1,050,000)
Fiscal Year 2016: ¥1,040,000 (Direct Cost: ¥800,000、Indirect Cost: ¥240,000)
Fiscal Year 2015: ¥1,430,000 (Direct Cost: ¥1,100,000、Indirect Cost: ¥330,000)
Fiscal Year 2014: ¥2,080,000 (Direct Cost: ¥1,600,000、Indirect Cost: ¥480,000)
|
Keywords | サイバーセキュリティ / DNS / SDN / NFV / Hadoop / 深層学習 / セキュリティ / 機械学習 / トラフィック解析 / DDoS / Botnet / ボットネット / 攻撃緩和 / DDoS攻撃 / NTP / 増幅攻撃 / hadoop |
Outline of Final Research Achievements |
In this research, we propose a method and system to analyze predictions of attack against packet amplification attack, mainly DNS. We released the packaged system as open software on that anyone can use. In addition, we published some examples of detection using this system and proposed a method for defending attacks leading to packet amplification attacks and information leaks by using SDN technology. This defense method works on Internet eXchange (IX) which is a public backbone part on the Internet, and it becomes a more effective defense measure by making it cooperate with multiple IX. In addition, we investigated the possibility of attack prediction using deep learning to make proactive attack measure.
|
Report
(4 results)
Research Products
(14 results)