OARC 31 (Austin, TX, USA)

Name: OARC 31 (Austin, TX, USA)
Start: 2019-10-31T03:00:00-05:00
End: 2019-11-01T18:10:00-05:00
Location: JW Marriott Austin

31 October 2019 to 1 November 2019 AGM

JW Marriott Austin

America/Winnipeg timezone

OARC31 Presentation Videos available at https://youtube.com/DNS-OARC

OARC 31 Admin

Characterizing Certain DNS DDoS Attacks

1 Nov 2019, 09:30

15m

Griffin Hall (JW Marriott Austin)

Griffin Hall

JW Marriott Austin

110 E 2nd St Austin TX 78701 USA

No longer available: Standard Presentation Public Workshop

Dr Andrea Urban (Infoblox)

In this talk, we focus on a Distributed Denial of Service (DDoS) attack known as Slow Drip, also referred to as Random Subdomain or Water Torture Attack. Studying data obtained via passive DNS collectors, we used machine learning to investigate the Slow Drip attack. First, we built a statistical classifier to identify these attack events. Then, using unsupervised learning we were able to group the events and investigate the malware that was used to create them. We discuss newly discovered features of Slow Drip and compare to past work. Using these new features, we can characterize the malware and describe its scope.

Talk Duration	Lightning Talk 5 Minutes

Dr Renee Burton (Infoblox)

Dr Andrea Urban (Infoblox)

Urban_DDoSAttacks_DNS-OARC.pdf

OARC 31 (Austin, TX, USA)

OARC 31 Admin

Characterizing Certain DNS DDoS Attacks

Griffin Hall

JW Marriott Austin

Speaker

Description

Primary author

Co-author

Presentation materials

Choose timezone

OARC 31 (Austin, TX, USA)

OARC 31 Admin

Speaker

Description

Primary author

Co-author

Presentation materials