Teaching on Testbeds

DDoS attack on DNS

Fraida Fund, Grace McDevitt

Runs on: Security, CloudLab

This experiment is a reproduction of the major claims presented in

Yehuda Afek, Anat Bremler-Barr, and Shani Stajnrod. 2023. NRDelegationAttack: Complexity DDoS attack on DNS Recursive Resolvers. In 32nd USENIX Security Symposium (USENIX Security 23), USENIX Association, Anaheim, CA, 3187–3204. https://www.usenix.org/conference/usenixsecurity23/presentation/afek

and will measure the cost of the NRDelegation distributed-denial-of-service attack on the resolver CPU load and its effect on benign clients.

It should take about 60-120 minutes to run this experiment.

You can run this experiment on CloudLab.

DDoS attack on DNS

Author: Grace McDevitt, NYU

This material is based upon work supported by the National Science Foundation under Grant No. 2231984.

Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the National Science Foundation.