ABSTRACT
Network attacks, especially DoS and DDoS attacks, are a significant threat for all providers of services or infrastructure. The biggest attacks can paralyze even large-scale infrastructures of worldwide companies. Attack mitigation is a complex issue studied by many researchers and security companies. While several approaches were proposed, there is still space for improvement. This paper proposes to augment existing mitigation heuristic with knowledge of reputation score of network entities. The aim is to find a way to mitigate malicious traffic present in DDoS amplification attacks with minimal disruption to communication of legitimate traffic.
- A10 Networks. 2018. A10 DDoS Protection Cloud. https://www.a10networks.com/products/hybrid-cloud-ddos-defenseGoogle Scholar
- A10 Networks. 2018. Multi-vector DDoS Attack Protection. https://www.a10networks.com/products/thunder-series/ddos-detection-protection-mitigationGoogle Scholar
- Akamai Technologies. 2018. Kona Site Defender. https://www.akamai.com/us/en/products/cloud-security/kona-site-defender.jspGoogle Scholar
- Václav Bartoš and Jan Kořenek. 2016. Evaluating Reputation of Internet Entities. Springer International Publishing, Cham, 132--136.Google Scholar
- Vaclav Bartos and Martin Zadnik. 2014. An analysis of correlations of intrusion alerts in an NREN. In Computer Aided Modeling and Design of Communication Links and Networks (CAMAD), 2014 IEEE 19th International Workshop on. IEEE, 305--309.Google ScholarCross Ref
- Business.com. 2018. The Best DDoS Protection Services. http://www.toptenreviews.com/business/internet/best-ddos-protection-services/Google Scholar
- CESNET, a.l.e. 2018. DDoS Protector. https://www.liberouter.org/technologies/ddos-protector/Google Scholar
- Cloudflare Inc. 2018. Advanced DDoS Protection and Mitigation. https://www.cloudflare.com/ddos/Google Scholar
- Corsa Technology Inc. 2018. Network Security Enforcement for DDoS Attacks. https://www.corsa.com/red-armor-security/Google Scholar
- Jelena Mirkovic and Peter Reiher. 2004. A taxonomy of DDoS attack and DDoS defense mechanisms. ACM SIGCOMM Computer Communication Review 34, 2 (2004), 39--53. Google ScholarDigital Library
- Giovane César Moura. 2013. Internet bad neighborhoods. Dissertation Thesis, University of Twente.Google Scholar
- Vern Paxson. 2001. An analysis of using reflectors for distributed denial-of-service attacks. ACM SIGCOMM Computer Communication Review 31, 3 (2001), 38--47. Google ScholarDigital Library
- Viktor Puš, Jan Kučera, Martin Zadnik, and Jan Kořenek. 2017. Protector: DDoS mitigation at 100G.Google Scholar
- Radware. 2018. DDoS Mitigation Service: DDoS Attack Mitigation. https://www.radware.com/products/attack-mitigation-service/Google Scholar
- Craig A Shue, Andrew J Kalafut, and Minaxi Gupta. 2012. Abnormally malicious autonomous systems and their internet connectivity. IEEE/ACM Transactions on Networking (TON) 20, 1 (2012), 220--230. Google ScholarDigital Library
- Fabio Soldo, Anh Le, and Athina Markopoulou. 2011. Blacklisting recommendation system: using spatio-temporal patterns to predict future attacks. IEEE Journal on Selected Areas in Communications 29, 7 (2011), 1423--1437.Google ScholarCross Ref
- S. T. Zargar, J. Joshi, and D. Tipper. 2013. A Survey of Defense Mechanisms Against Distributed Denial of Service (DDoS) Flooding Attacks. IEEE Communications Surveys & Tutorials 15, 4 (2013), 2046--2069.Google ScholarCross Ref
- Jian Zhang, Phillip A Porras, and Johannes Ullrich. 2008. Highly Predictive Blacklisting. In USENIX Security Symposium. 107--122. Google ScholarDigital Library
Index Terms
- Augmented DDoS Mitigation with Reputation Scores
Recommendations
Mitigation of DDoS Attacks through Pushback and Resource Regulation
MMIT '08: Proceedings of the 2008 International Conference on MultiMedia and Information TechnologyThe current Internet is vulnerable to attacks and failures. The past events have illustrated the Internet's vulnerability to distributed denial of service (DDoS) attacks. This paper proposes a general, and not attack specific, defense strategy through ...
Machine learning combating DOS and DDOS attacks
In recent years, technology is booming at a breakneck speed as so the need of security. Vulnerabilities in the layers of the OSI model and the networks are paving new ways for intruders and hackers to steal the confidential information. Security attacks ...
ARP Cache Poisoning Mitigation and Forensics Investigation
TRUSTCOM '15: Proceedings of the 2015 IEEE Trustcom/BigDataSE/ISPA - Volume 01Address Resolution Protocol (ARP) cache spoofing or poisoning is an OSI layer 2 attack that exploits the statelessness vulnerability of the protocol to make network hosts susceptible to issues such as Man in the Middle attack, host impersonation, Denial ...
Comments