To request access this dataset you will need to login with an IMPACT account. Accounts are free. If you don't have one please register.

Summary

DS-0777
FRGP_SSDP_Reflection_DDoS_Attack_Traffic_anon-20140930
Dataset
University of Southern California-Information Sciences Institute
University of Southern California-Information Sciences Institute
09/30/2014
09/30/2014
31 (lowest rank is 48)

Category & Restrictions

Traffic Flow Data
Quasi-Restricted
true

Description


SSDP reflection attack

About 3 hours of DDoS attack traffic to a victim in the form of Argus flows. Most of the attack traffic is UDP Simple Service Discovery Protocol (SSDP) traffic. The traffic also includes ICMP and other UDP protocols traffic. The IP addresses are fully anonymized using a prefix-preserving algorithm. The flows are on a 10Gb/s link between a regional and a content ISP. These attacks are triggered by the attackers via UPnP/SSDP discovery requests with spoofed source IP addresses to vulnerable hosts running SSDP.

Additional Details

5.0GB
true
false
udp, network layer protocols, cybercrime, frgp, ssdp reflection attack, dos, communication protocol, frgp_ssdp_reflection_ddos_attack_traffic_anon-20140930, attack, 777, host, internet protocol, data protection, ssdp, colorado state university, simple service discovery, vulnerable host, los angeles, internet service provider, universal plug and play, traffic, front range gigapop, simple service discovery protocol, spoofed source, internet security, data anonymization, upnp, argus flow audit record generation and utilization system, denial of service attack, internet control message protocol, cyberwarfare, information privacy, gigapop, university of southern california-information sciences institute, reflector, university of southern california, user datagram protocol, cyberattack, internet layer protocols, argus, reflection attack, internet relay chat, exploit, information sciences institute
DOS Reflector attack SSDP