Summary
Asia-Pacific Network Operations and Management Symposium
2016
Session Number:P1
Session:
Number:P1-24
Mitigating DDoS Attacks towards Top Level Domain Name Service
Lanlan Pan, Xuebiao Yuchi, Yong Chen,
pp.-
Publication Date:2016/10/5
Online ISSN:2188-5079
Summary:
As the largest country code Top Level Domain (ccTLD) name service, .CN receives billions of queries every day. Under the threat of Distributed Denial-of-Service (DDoS) attacks, effective mechanism for client classification is especially important for such busy ccTLD service. In this paper, by analyzing the query log of .CN name service, we propose a novel client classification method based on client query entropy and global recursive DNS service architecture. By checking with the query frequencies of the clients, we validate the effectiveness of the proposed method on both busy and long-tailed clients. We find that 2.32% clients can cover the most important web spiders, recursive servers, and well-known internet services, etc. The results indicate that, our method can bring significant benefits for creating the client whitelist, which is useful for mitigating DDoS attack towards Top Level Domain (TLD) name service.