cispa_all_3643.pdf (890.82 kB)
AmpFuzz: Fuzzing for Amplification DDoS Vulnerabilities
conference contribution
posted on 2023-11-29, 18:20 authored by Johannes Krupp, Ilya Grishchenko, Christian RossowChristian RossowAmplification DDoS attacks remain a prevalent and severe
threat to the Internet, with recent attacks reaching the Tbps range. However, all amplification attack vectors known to date were either found by researchers through laborious manual analysis or could only be identified postmortem following large attacks. Ideally, though, an attack vector is discovered and mitigated before the first attack can occur. To this end, we present AMPFUZZ, the first systematic approach to finding amplification vectors in UDP services in a protocol-agnostic way. AMPFUZZ is based on the state-of-the-art greybox fuzzing boosted by a novel technique to make fuzzing UDP-aware, which significantly increases performance. We evaluate AMPFUZZ on 28 Debian network services, where we (re-)discover 7 known and 6 previously
unreported amplification vulnerabilities.
History
Preferred Citation
Johannes Krupp, Ilya Grishchenko and Christian Rossow. AmpFuzz: Fuzzing for Amplification DDoS Vulnerabilities. In: Usenix Security Symposium (USENIX-Security). 2022.Primary Research Area
- Secure Connected and Mobile Systems
Name of Conference
Usenix Security Symposium (USENIX-Security)Legacy Posted Date
2022-05-03Open Access Type
- Unknown
BibTeX
@inproceedings{cispa_all_3643, title = "AmpFuzz: Fuzzing for Amplification DDoS Vulnerabilities", author = "Krupp, Johannes and Grishchenko, Ilya and Rossow, Christian", booktitle="{Usenix Security Symposium (USENIX-Security)}", year="2022", }Usage metrics
Categories
No categories selectedLicence
Exports
RefWorks
BibTeX
Ref. manager
Endnote
DataCite
NLM
DC