Honeypots for Distributed Denial of Service Attacks
Abstract:
Distributed Denial-of-Service attacks are still a big threat to the
Internet. Several proposals for coping with the attacks have been made in
the recent past, but neither of them are successful on themselves alone.
In this paper, we present a system that helps in the defence in depth of
a network from DDoS attacks. In addition to state-of-art active and passive
security defences, we propose a honeypot for such attacks. The goal is to
convincingly simulate the success of the compromise of a system to a potential
DDoS attacker. Thereby, we can implement the lessons learned by the honeypot
in our other systems to harden them against such attacks. On the other hand,
we protect the rest of our network infrastructure form the impact of such
an attack.
Keywords: Distributed Denial of Service Attacks, Honeypot, Security Practices.
Available as PDF-file.