To request access this dataset you will need to login with an IMPACT account. Accounts are free. If you don't have one please register.

Summary

DS-0777
FRGP_SSDP_Reflection_DDoS_Attack_Traffic_anon-20140930
Dataset
University of Southern California-Information Sciences Institute
University of Southern California-Information Sciences Institute
09/30/2014
09/30/2014
20 (lowest rank is 52)

Category & Restrictions

Traffic Flow Data
traffic flow data, denial of service
Quasi-Restricted
true

Description


SSDP reflection attack

About 3 hours of DDoS attack traffic to a victim in the form of Argus flows. Most of the attack traffic is UDP Simple Service Discovery Protocol (SSDP) traffic. The traffic also includes ICMP and other UDP protocols traffic. The IP addresses are fully anonymized using a prefix-preserving algorithm. The flows are on a 10Gb/s link between a regional and a content ISP. These attacks are triggered by the attackers via UPnP/SSDP discovery requests with spoofed source IP addresses to vulnerable hosts running SSDP.

Additional Details

5.0GB
true
false
ssdp, attack, institute, southern, california, sciences, reflection, traffic, ddos, 20140930, frgp_ssdp_reflection_ddos_attack_traffic_anon-20140930, 777, anon, frgp, reflector, dos, anonymized, university of southern california-information sciences institute, 2014, flows, discovery, udp, protocols, argus, prefix, isp, service, simple, form, source, attackers, hours, icmp, victim, protocol, vulnerable, attacks, 10gb, running, content, requests, flow, algorithm, hosts, link, regional, includes, traffic flow data, triggered, preserving, upnp, spoofed
DOS Reflector attack SSDP