{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T04:30:42Z","timestamp":1750221042124,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":19,"publisher":"ACM","license":[{"start":{"date-parts":[[2018,9,26]],"date-time":"2018-09-26T00:00:00Z","timestamp":1537920000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2018,9,26]]},"DOI":"10.1145\/3278681.3278701","type":"proceedings-article","created":{"date-parts":[[2018,11,9]],"date-time":"2018-11-09T13:05:43Z","timestamp":1541768743000},"page":"164-170","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":2,"title":["Using network flow data to analyse distributed reflection denial of service (DRDoS) attacks, as observed on the South African national research and education network (SANReN)"],"prefix":"10.1145","author":[{"given":"Ivan Daniel","family":"Burke","sequence":"first","affiliation":[{"name":"Council for Scientific and Industrial Research, Pretoria, South Africa"}]},{"given":"Alan","family":"Herbert","sequence":"additional","affiliation":[{"name":"Rhodes University, Grahamstown, South Africa"}]},{"given":"Roderick","family":"Mooi","sequence":"additional","affiliation":[{"name":"Council for Scientific and Industrial Research, Pretoria, South Africa"}]}],"member":"320","published-online":{"date-parts":[[2018,9,26]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"Akamai CSIRT Alerts. 2018. Memcached-fueled 1.3 Tbps attacks. https:\/\/blogs.akamai.com\/2018\/03\/memcached-fueled-13-tbps-attacks.html. Date published2018-03-01. Date accessed 2018-03-05.  Akamai CSIRT Alerts. 2018. Memcached-fueled 1.3 Tbps attacks. https:\/\/blogs.akamai.com\/2018\/03\/memcached-fueled-13-tbps-attacks.html. Date published2018-03-01. Date accessed 2018-03-05."},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"crossref","unstructured":"B. Claise B. Trammell and P. Aitken. 2013. Specification of the IP Flow Information Export (IPFIX) Protocol for the Exchange of Flow Information. STD 77. RFC Editor. http:\/\/www.rfc-editor.org\/rfc\/rfc7011.txt.  B. Claise B. Trammell and P. Aitken. 2013. Specification of the IP Flow Information Export (IPFIX) Protocol for the Exchange of Flow Information. STD 77. RFC Editor. http:\/\/www.rfc-editor.org\/rfc\/rfc7011.txt.","DOI":"10.17487\/rfc7015"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1145\/2663716.2663717"},{"key":"e_1_3_2_1_5_1","unstructured":"Christian Dietz. 2013. Passive Remote Detection of Network Address Translation (NAT) by using NetFlow. Master's thesis. Hochschule Darmstadt University of Applied Sciences.  Christian Dietz. 2013. Passive Remote Detection of Network Address Translation (NAT) by using NetFlow. Master's thesis. Hochschule Darmstadt University of Applied Sciences."},{"key":"e_1_3_2_1_6_1","unstructured":"Kevin Draai and Roderick Mooi. 2015. Implementing perfSONAR in the South African National Research and Education Network. (2015).  Kevin Draai and Roderick Mooi. 2015. Implementing perfSONAR in the South African National Research and Education Network. (2015)."},{"key":"e_1_3_2_1_7_1","first-page":"5","article-title":"Distributed caching with memcached","volume":"124","author":"Fitzpatrick Brad","year":"2004","journal-title":"Linux journal"},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1109\/COMST.2014.2321898"},{"volume-title":"Information Security for South Africa (ISSA)","year":"2012","author":"Irwin Barry","key":"e_1_3_2_1_11_1"},{"key":"e_1_3_2_1_12_1","unstructured":"Brian Kerbs. 2018. Powerful New DDoS Method Adds Extortion. https:\/\/krebsonsecurity.com\/tag\/memcached-attack\/. Date published 2018-03-02. Date accessed 2018-03-05.  Brian Kerbs. 2018. Powerful New DDoS Method Adds Extortion. https:\/\/krebsonsecurity.com\/tag\/memcached-attack\/. Date published 2018-03-02. Date accessed 2018-03-05."},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICIMP.2007.42"},{"volume-title":"Router Expert: Smurf\/Fraggle Attack Defense Using SACLS. Networking Tips and Newsletters, www.searchnetwork.techtarget.com","year":"2002","author":"Martin Michael J","key":"e_1_3_2_1_14_1"},{"key":"e_1_3_2_1_15_1","unstructured":"D. Mills J. Martin J. Burbank and W. Kasch. 2010. Network Time Protocol Version 4: Protocol and Algorithms Specification. RFC 5905. RFC Editor. http:\/\/www.rfc-editor.org\/rfc\/rfc5905.txt http:\/\/www.rfc-editor.org\/rfc\/rfc5905.txt.  D. Mills J. Martin J. Burbank and W. Kasch. 2010. Network Time Protocol Version 4: Protocol and Algorithms Specification. RFC 5905. RFC Editor. http:\/\/www.rfc-editor.org\/rfc\/rfc5905.txt http:\/\/www.rfc-editor.org\/rfc\/rfc5905.txt."},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/1233341.1233399"},{"key":"e_1_3_2_1_18_1","unstructured":"Ajith Harshana Ranabahu and E Michael Maximilien. 2009. A best practice model for cloud middleware systems. (2009).  Ajith Harshana Ranabahu and E Michael Maximilien. 2009. A best practice model for cloud middleware systems. (2009)."},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"crossref","unstructured":"D Senie and P Ferguson. 1998. Network ingress filtering: Defeating denial of service attacks which employ IP source address spoofing. Network (1998).  D Senie and P Ferguson. 1998. Network ingress filtering: Defeating denial of service attacks which employ IP source address spoofing. Network (1998).","DOI":"10.17487\/rfc2267"},{"key":"e_1_3_2_1_21_1","unstructured":"Stephen M Specht and Ruby B Lee. 2004. Distributed Denial of Service: Taxonomies of Attacks Tools and Countermeasures. In ISCA PDCS. 543--550.  Stephen M Specht and Ruby B Lee. 2004. Distributed Denial of Service: Taxonomies of Attacks Tools and Countermeasures. In ISCA PDCS. 543--550."},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.5555\/956415.956438"},{"volume-title":"IPCCC","year":"2006","author":"Sridharan Avinash","key":"e_1_3_2_1_23_1"},{"key":"e_1_3_2_1_24_1","unstructured":"US-CERT. 2018. Alert (TA14-017A) - UDP-Based Amplification Attacks. https:\/\/www.us-cert.gov\/ncas\/alerts\/TA14-017A. Date accessed 14 March 2018.  US-CERT. 2018. Alert (TA14-017A) - UDP-Based Amplification Attacks. https:\/\/www.us-cert.gov\/ncas\/alerts\/TA14-017A. Date accessed 14 March 2018."}],"event":{"name":"SAICSIT '18: 2018 Annual Conference of the South African Institute of Computer Scientists and Information Technologists","acronym":"SAICSIT '18","location":"Port Elizabeth South Africa"},"container-title":["Proceedings of the Annual Conference of the South African Institute of Computer Scientists and Information Technologists"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3278681.3278701","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3278681.3278701","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T00:43:54Z","timestamp":1750207434000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3278681.3278701"}},"subtitle":["a postmortem analysis of the memcached attack on the SANReN"],"short-title":[],"issued":{"date-parts":[[2018,9,26]]},"references-count":19,"alternative-id":["10.1145\/3278681.3278701","10.1145\/3278681"],"URL":"https:\/\/doi.org\/10.1145\/3278681.3278701","relation":{},"subject":[],"published":{"date-parts":[[2018,9,26]]},"assertion":[{"value":"2018-09-26","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}