all InfoSec news
SoK: A Data-driven View on Methods to Detect Reflective Amplification DDoS Attacks Using Honeypots. (arXiv:2302.04614v1 [cs.CR])
cs.CR updates on arXiv.org arxiv.org
In this paper, we revisit the use of honeypots for detecting reflective
amplification attacks. These measurement tools require careful design of both
data collection and data analysis including cautious threshold inference. We
survey common amplification honeypot platforms as well as the underlying
methods to infer attack detection thresholds and to extract knowledge from the
data. By systematically exploring the threshold space, we find most honeypot
platforms produce comparable results despite their different configurations.
Moreover, by applying data from a large-scale …
amplification analysis attack attacks collection data data analysis data collection data-driven ddos ddos attacks design detect detection extract find honeypot honeypots knowledge measurement platforms space survey tools