Abstract

Distributed link-flooding attacks constitute a new class of attacks with the potential to segment large areas of the Internet. Their distributed nature makes detection and mitigation very hard. This work proposes a novel framework for the analytical modeling and optimal mitigation of such attacks. The detection is modeled as a problem of relational algebra, representing the association of potential attackers (bots) to potential targets. The analysis seeks to optimally dissolve all but the malevolent associations. The framework is implemented at the level of online Traffic Engineering (TE), which is naturally triggered on link-flooding events. The key idea is to continuously re-route traffic in a manner that makes persistent participation to link-flooding events highly improbable for any benign source. Thus, bots are forced to adopt a suspicious behavior to remain effective, revealing their presence. The load-balancing objective of TE is not affected at all. Extensive simulations on various topologies validate our analytical findings.

Comment: 9 pages, 8 figures, IEEE INFOCOM 2016


Original document

The different versions of the original document can be found in:

http://dx.doi.org/10.1109/infocom.2016.7524507
https://arxiv.org/pdf/1611.02491.pdf,
https://arxiv.org/abs/1611.02491,
http://ui.adsabs.harvard.edu/abs/2016arXiv161102491L/abstract,
https://ieeexplore.ieee.org/document/7524507,
https://academic.microsoft.com/#/detail/2505895234
Back to Top

Document information

Published on 01/01/2016

Volume 2016, 2016
DOI: 10.1109/infocom.2016.7524507
Licence: CC BY-NC-SA license

Document Score

0

Views 0
Recommendations 0

Share this document

claim authorship

Are you one of the authors of this document?