Home > Research > Publications & Outputs > An Inter-domain Collaboration Scheme to Remedy ...

Electronic data

  • 08344498

    Rights statement: ©2018 IEEE. Personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE.

    Accepted author manuscript, 1.39 MB, PDF document

    Available under license: CC BY

Links

Text available via DOI:

View graph of relations

An Inter-domain Collaboration Scheme to Remedy DDoS Attacks in Computer Networks

Research output: Contribution to journalJournal article

Published
<mark>Journal publication date</mark>1/09/2018
<mark>Journal</mark>IEEE Transactions on Network and Service Management
Issue number3
Volume15
Number of pages15
Pages (from-to)879-893
Publication statusPublished
Early online date20/04/18
Original languageEnglish

Abstract

Distributed Denial-of-Service (DDoS) attacks continue to trouble network operators and service providers, and with increasing intensity. Effective response to DDoS can be slow (because of manual diagnosis and interaction) and potentially self-defeating (as indiscriminate filtering accomplishes a likely goal of the attacker), and this is the result of the discrepancy between the service provider's flow-based, application-level view of traffic and the network operator's packet-based, network-level view and limited functionality. Furthermore, a network required to take action may be in an Autonomous System (AS) several AS-hops away from the service, so it has no direct relationship with the service on whose behalf it acts. This paper presents Antidose, a means of interaction between a vulnerable peripheral service and an indirectly related AS that allows the AS to confidently deploy local filtering with discrimination under the control of the remote service.
We implement the core filtering mechanism of Antidose, and provide an analysis of it to demonstrate that conscious attacks against the mechanism will not expose the AS to additional attacks. We present a performance evaluation to show that the mechanism is operationally feasible in the emerging trend of operators' willingness to increase the programmability of their hardware with SDN technologies such as OpenFlow, as well as to act to mitigate attacks on downstream customers.