학술논문
Lifting the Smokescreen: Detecting Underlying Anomalies During a DDoS Attack
Document Type
Conference
Source
2018 IEEE International Conference on Intelligence and Security Informatics (ISI) Intelligence and Security Informatics (ISI), 2018 IEEE International Conference on. :130-135 Nov, 2018
Subject
Language
Abstract
While DDoS attacks have become an ever-growing threat in the last decade, a new variation is taking root in which the DDoS is used as a distraction or smokescreen to hide other malicious activity. This variation, which we call DDoS as a Smokescreen (DaaSS), often result in data theft and financial loss, and often are only detected because the theft is discovered independently, long after the attack has ceased. In this work, we set out to describe these attacks and present a novel approach to detect them using real-world network trace data. We present experimental results showing promise that DaaSS attacks can be detected in a manner conducive to practical deployment.