To request access this dataset you will need to login with an IMPACT account. Accounts are free. If you don't have one please register.

Summary

DS-0479
FRGP_SSDP_Reflection_DDoS_Attack_Traffic-20140930
Dataset
Colorado State University
Colorado State University
09/30/2014
09/30/2014
27 (lowest rank is 55)

Category & Restrictions

Traffic Flow Data
traffic flow data, denial of service
Restricted
true

1.Researcher shall not extract, transfer, or duplicate the provided data outside the compute environment of the Data Provider/Host that house the data, without written authorization from the Colorado State IMPACT PI team. Researcher agrees that derivative information from the provided data can be transferred and used in accordance with the Researcher obligations and other terms of this Agreement, only if sensitive information (including IP addresses) has been anonymized and/or removed.
2. Researcher acknowledges    that the actions of Researcher while using the compute environment/resources provided by the data Provider/Host are subject to logging and monitoring at any time and without prior consent. The data Provider/Host may terminate access to the datasets and compute resources at anytime, for any reason and without prior warning to the Researcher.
3. Researcher agrees that compute resources (such as real and/or virtual machine's processing power, memory and network bandwidth) provided by the Data Provider/Host to the Researcher for downloading and processing the data, are shared resources. Thus, Researcher agrees that such resources/services are provided on a best effort basis.

Description


SSDP reflection attack

About 3 hours of DDoS attack traffic to a victim in the form of Argus flows. Most of the attack traffic is UDP Simple Service Discovery Protocol (SSDP) traffic. The traffic also includes ICMP and other UDP protocols traffic. The flows are on a 10Gb/s link between a regional and a content ISP. These attacks are triggered by the attackers via UPnP/SSDP discovery requests with spoofed source IP addresses to vulnerable hosts running SSDP.

Additional Details

N/A
true
false
network layer protocols, cybercrime, img college, simple service discovery protocol, communication protocol, internet security, dos, denial of service attack, internet control message protocol, cyberwarfare, frgp_ssdp_reflection_ddos_attack_traffic-20140930, digital media, virginia tech hokies, servers, 479, cyberattack, internet layer protocols, internet protocol, colorado state university, telecom, reflection attack, internet relay chat, exploit, universal plug and play