Abstract
This paper is the initials of DDoS mitigation, the goal of this research is to detect NTP Amplification as early as possible so that the victim have a data to do further eskalation process. We knows that the goal of the attacker using NTP Amplification Attack is to exhaust the bandwidth of the victim, in this research also simulate an NTP amplification scenario and detection method; the scenario is the attacker sends requests with spoofed IP MONLIST victim to the compromised NTP server NTP server then responds the large volumes of traffic (amplified traffic) towards Victim to consume the bandwidth so as the legitimate user could not access the services. We put DDoS detection device side of the victim, we combine several monitoring tools to detect NTP amplification i.e bandwidth gauge and netflow analyzer. Netflow analyzer (flow analysis) conduct analysis IP packet header that is sent by the router as a flow-exporter. In our experiment, we could perform early detection of the NTP amplification less than 2 minute.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
