Forensics of Random-UDP Flooding Attacks

Internet has great impact on various facets of everyone’s life. With the enormous advantage Internet provides to users all around the world, it has some inherent weaknesses because of the protocol stack on which it is built. It can be easily attacked by attackers who exploit the vulnerabilities in the protocols and compromise systems and remotely control them to do further damage. Major attacks are focused on confidentiality, integrity and availability of data or resources. Flooding attack is one such resource availability attack which is a great cause of concern. Hackers can use the flooding attacks and cause Distributed Denial of Service (DDoS) attack with ease. With the increase and variations in the attack mode makes the investigation of these attacks essential. Random-UDP flooding attack is a different type of attack in which the attacker sends multiple UDP datagrams of different sizes at a time. This causes denial of service to the system and its resources. In this paper, we have proposed a technique for the forensics of Random-UDP flooding attack. We have tried to get as close as possible to the source of such attacks. The proposed technique is capable to identify the source of Random-UDP flooding bot attack.