research-article

Stellar: network attack mitigation using advanced blackholing

Authors:

Christoph Dietzel,

Matthias Wichtlhuber,

Georgios Smaragdakis,

Anja FeldmannAuthors Info & Claims

CoNEXT '18: Proceedings of the 14th International Conference on emerging Networking EXperiments and Technologies

Pages 152 - 164

https://doi.org/10.1145/3281411.3281413

Published: 04 December 2018 Publication History

Abstract

Network attacks, including Distributed Denial-of-Service (DDoS), continuously increase in terms of bandwidth along with damage (recent attacks exceed 1.7 Tbps) and have a devastating impact on the targeted companies/governments. Over the years, mitigation techniques, ranging from blackholing to policy-based filtering at routers, and on to traffic scrubbing, have been added to the network operator's toolbox. Even though these mitigation techniques provide some protection, they either yield severe collateral damage, e.g., dropping legitimate traffic (blackholing), are cost-intensive, or do not scale well for Tbps level attacks (ACL filtering, traffic scrubbing), or require cooperation and sharing of resources (Flowspec).

In this paper, we propose Advanced Blackholing and its system realization Stellar. Advanced blackholing builds upon the scalability of blackholing while limiting collateral damage by increasing its granularity. Moreover, Stellar reduces the required level of cooperation to enhance mitigation effectiveness. We show that fine-grained blackholing can be realized, e.g., at a major IXP, by combining available hardware filters with novel signaling mechanisms. We evaluate the scalability and performance of Stellar at a large IXP that interconnects more than 800 networks, exchanges more than 6 Tbps traffic, and witnesses many network attacks every day. Our results show that network attacks, e.g., DDoS amplification attacks, can be successfully mitigated while the networks and services under attack continue to operate untroubled.

Supplementary Material

MP4 File (p152-dietzel.mp4)

Download
341.37 MB

References

[1]

B. Ager, N. Chatzis, A. Feldmann, N. Sarrar, S. Uhlig, and W. Willinger. Anatomy of a Large European IXP. ACM SIGCOMM (2012).

Digital Library

[2]

Akamai. State of the Internet Security Report (Q3 2016). https://www.akamai.com/us/en/multimedia/documents/state-of-the-internet/q3-2016-state-of-the-internet-security-report.pdf. (2016).

[3]

Akamai. State of the Internet Security Report (Q4 2017). https://www.akamai.com/us/en/multimedia/documents/state-of-the-internet/q4-2017-state-of-the-internet-security-report.pdf. (2017).

[4]

Akamai. Prolexic Technologies by Akamai. https://www.akamai.com/us/en/cloud-security.jsp. (2018).

[5]

Akamai. State of the Internet Security Report (Attack Spotlight: Memcached). https://www.akamai.com/us/en/multimedia/documents/state-of-the-internet/soti-summer-2018-attack-spotlight.pdf. (2018).

[6]

Alcatel Lucent. QoS Policies. https://infoproducts.alcatel-lucent.com/html/0_add-h-f/93-0077-HTML/7750_SR_OS_QoS_Guide/QoS.html. (2018).

[7]

AMS-IX. Annual Report. https://ams-ix.net/annual_report/2017. (2017).

[8]

G. Antichi, I. Castro, M. Chiesa, E. L. Fernandes, R. Lapeyrade, D. Kopp, J. H. Han, M. Bruyere, C. Dietzel, M. Gusat, A. W. Moore, P. Owezarski, S. Uhlig, and M. Canini. ENDEAVOUR: A Scalable SDN Architecture for Real-World IXPs. IEEE Journal on Selected Areas in Communications 35, 11 (2017).

[9]

M. Antonakakis, T. April, M. Bailey, M. Bernhard, E. Bursztein, J. Cochran, Z. Durumeric, J. A. Halderman, L. Invernizzi, M. Kallitsis, D. Kumar, C. Lever, Z. Ma, J. Mason, D. Menscher, C. Seaman, N. Sullivan, K. Thomas, and Y. Zhou. Understanding the Mirai Botnet. USENIX Security Symposium (2017).

Digital Library

[10]

P. Bosshart, D. Daly, G. Gibb, M. Izzard, N. McKeown, J. Rexford, C. Schlesinger, D. Talayco, A. Vahdat, G. Varghese, and D. Walker. P4: Programming Protocol-independent Packet Processors. ACM CCR 44, 3 (2014).

Digital Library

[11]

K. Carriello. Arm Yourself Against DDoS Attacks: Using BGP Flow Specification for Advanced Mitigation Architectures. http://forum.ix.br/files/apresentacao/. (2017).

[12]

P. Chaignon, K. Lazri, J. François, T. Delmas, and O. Festor. Oko: Extending Open vSwitch with Stateful Filters. ACM SOSR (2018).

Digital Library

[13]

R. Chandra, P. Traina, and T. Li. BGP Communities Attribute. IETF RFC 1997. (1996).

Digital Library

[14]

N. Chatzis, G. Smaragdakis, A. Feldmann, and W. Willinger. There is More to IXPs than Meets the Eye. ACM CCR 45, 5 (2013).

Digital Library

[15]

M. Chiesa, C. Dietzel, G. Antichi, M. Bruyere, I. Castro, M. Gusat, T. King, A. Moore, T. Nguyen, P. Owezarski, S. Uhlig, and M. Canini. Inter-domain Networking Innovation on Steroids: Empowering IXPs with SDN Capabilities. IEEE Communications Magazine 54, 10 (2016), 102--108.

Digital Library

[16]

Cisco. Remotely Triggered Black Hole Filtering - Destination Based and Source Based. htttp://www.cisco.com/c/dam/en_us/about/security/intelligence/blackhole.pdf. (2005).

[17]

Cisco. Configure Commonly Used IP ACLs. https://www.cisco.com/c/en/us/support/docs/ip/access-lists/26448-ACLsamples.html. (2018).

[18]

Cisco. Implementing BGP Flowspec. https://www.cisco.com/c/en/us/td/docs/routers/asr9000/software/asr9k_r5-2/routing/configuration/guide/b_routing_cg52xasr9k/b_routing_cg52xasr9k_chapter_011.html. (2018).

[19]

Corero Network Security. Corero DDoS Trends Report (Q2-Q3 2017). https://www.corero.com/resources/reports/2017-ddos-trends-report. (2017).

[20]

J. Czyz, M. Kallitsis, M. Gharaibeh, C. Papadopoulos, M. Bailey, and M. Karir. Taming the 800 Pound Gorilla: The Rise and Decline of NTP DDoS Attacks. ACM IMC (2014).

Digital Library

[21]

DE-CIX. Connected capacity in Frankfurt exceeds 25 Terabits. https://www.de-cix.net/en/news-events/news/connected-capacity-exceeds-25-terabits. (2017).

[22]

DE-CIX. DE-CIX Blackholing - Fight DDoS Attacks. http://www.de-cix.net/products-services/de-cix-frankfurt/blackholing/. (2018).

[23]

Department of Homeland Security. Communications Sector-Specific Plan: An Annex to the National Infrastructure Protection Plan. https://www.dhs.gov/sites/default/files/publications/nipp-ssp-communications-2010-508.pdf. (2010).

[24]

Deutsche Telekom. AS3320 BGP Communities. https://onestep.net/documents/AS3320_BGP_Communities_v1.1.pdf. (2005).

[25]

C. Dietzel, G. Antichi, I. Castro, E. Fernandes, M. Chiesa, and D. Kopp. SDN-enabled Traffic Engineering and Advanced Blackholing at IXPs. ACM SOSR (2017).

Digital Library

[26]

C. Dietzel, A. Feldmann, and T. King. Blackholing at IXPs: On the Effectiveness of DDoS Mitigation in the Wild. PAM (2016).

[27]

European Union Agency for Network and Information Security. Critical Infrastructures and Services, Internet Infrastructure: Internet Interconnections. http://enisa.europa.eu/activities/Resilience-and-CIIP/critical-infrastructure-and-services/inter-x/. (2010).

[28]

N. Feamster, J. Jung, and H. Balakrishnan. An Empirical Study of "Bogon" Route Advertisements. ACM CCR 35, 1 (2005).

Digital Library

[29]

K. Foster. Application of BGP Communities. The Internet Protocol Journal 6, 2 (2003).

[30]

D. Gillman, Y. Lin, B. Maggs, and R. K. Sitaraman. Protecting Websites from Attack with Secure Delivery Networks. IEEE Computer Magazine 48, 4 (2015).

[31]

V. Giotsas, A. Dhamdhere, and kc claffy. Periscope: Unifying Looking Glass Querying. PAM (2016).

[32]

V. Giotsas, C. Dietzel, G. Smaragdakis, A. Feldmann, A. Berger, and E. Aben. Detecting Peering Infrastructure Outages in the Wild. ACM SIGCOMM (2017).

Digital Library

[33]

V. Giotsas, G. Smaragdakis, C. Dietzel, P. Richter, A. Feldmann, and A. Berger. Inferring BGP Blackholing Activity in the Internet. ACM IMC (2017).

Digital Library

[34]

V. Giotsas, S. Zhou, M. Luckie, and kc claffy. Inferring Multilateral Peering. ACM CoNEXT (2013).

Digital Library

[35]

S. Goldberg. Why is It Taking So Long to Secure Internet Routing? Communications of the ACM 57, 10 (2014).

Digital Library

[36]

A. Gupta, R. MacDavid, R. Birkner, M. Canini, N. Feamster, J. Rexford, and L. Vanbever. An Industrial-Scale Software Defined Internet Exchange Point. USENIX NSDI (2016).

Digital Library

[37]

A. Gupta, L. Vanbever, M. Shahbaz, S. P. Donovan, B. Schlinker, N. Feamster, J. Rexford, S. Shenker, R. Clark, and E. Katz-Bassett. SDX: A Software Defined Internet Exchange. ACM SIGCOMM (2014).

Digital Library

[38]

E. Heilman, D. Cooper, L. Reyzin, and S. Goldberg. From the Consent of the Routed: Improving the Transparency of the RPKI. ACM SIGCOMM (2014).

Digital Library

[39]

N. Hinze, M. Nawrocki, M. Jonker, A. Dainotti, T. C. Schmidt, and M. Wählisch. On the Potential of BGP Flowspec for DDoS Mitigation at Two Sources: ISP and IXP. ACM SIGCOMM (Posters) (2018).

Digital Library

[40]

Hurricane Electric. Customer Blackhole Community. (2006). http://www.he.net/adm/blackhole.html.

[41]

M. Jonker, A. King, J. Krupp, C. Rossow, A. Sperotto, and A. Dainotti. Millions of Targets under Attack: a Macroscopic Characterization of the DoS Ecosystem. ACM IMC (2017).

Digital Library

[42]

M. Jonker and A. Sperotto. Measuring Exposure in DDoS Protection Services. IFIP/IEEE CNSM (2017).

[43]

M. Jonker, A. Sperotto, R. van Rijswijk-Deij, R. Sadre, and A. Pras. Measuring the Adoption of DDoS Protection Services. ACM IMC (2016).

Digital Library

[44]

Juniper. Configuring Firewall Filters. https://www.juniper.net/documentation/en_US/junos/topics/task/configuration/firewall-filter-ex-series-cli.html. (2018).

[45]

R. Karam, R. Puri, S. Ghosh, and S. Bhunia. Emerging Trends in Design and Applications of Memory-based Computing and Content-addressable Memories. Proceedings of the IEEE 103, 8 (2015).

[46]

A. Khan, T. Kwon, H. C. Kim, and Y. Choi. AS-level Topology Collection through Looking Glass Servers. ACM IMC (2013).

Digital Library

[47]

T. King, C. Dietzel, J. Snijders, G. Doering, and G. Hankins. BLACKHOLE Community. IETF RFC 7999. (2016).

[48]

B. Krebs. KrebsOnSecurity Hit With Record DDoS. https://krebsonsecurity.com/2016/09/krebsonsecurity-hit-with-record-ddos. (2016).

[49]

F. Lichtblau, F. Streibelt, T. Krüger, P. Richter, and A. Feldmann. Detection, Classification, and Analysis of Inter-domain Traffic with Spoofed Source IP Addresses. ACM IMC (2017).

Digital Library

[50]

LINX. LINX: Black Holing Support for DDoS Attack. https://www.linx.net/files/hotlinx/hotlinx-34.pdf. (2013).

[51]

A. Lutu, M. Bagnulo, and O. Maennel. The BGP Visibility Scanner. IEEE INFOCOM Workshops (2013).

[52]

P. Marques, N. Sheth, R. Raszuk, B. Greene, J. Mauch, and D. McPherson. Dissemination of Flow Specification Rules. IETF RFC 5575. (2009).

[53]

N. McKeown, T. Anderson, H. Balakrishnan, G. Parulkar, L. Peterson, J. Rexford, S. Shenker, and J. Turner. OpenFlow: Enabling Innovation in Campus Networks. ACM CCR 38, 2 (2008).

Digital Library

[54]

D. McPherson, R. Raszuk, B. Pithawala, A. Karch, and S. Hares. Dissemination of Flow Specification Rules for IPv6. IETF draft. https://tools.ietf.org/html/draft-ietf-idr-flow-spec-v6-09. (2017).

[55]

Merit Network, Inc. IRR - Internet Routing Registry. http://www.irr.net. (2018).

[56]

J. Mirkovic and P. Reiher. A Taxonomy of DDoS Attack and DDoS Defense Mechanisms. ACM CCR 34, 2 (2004), 39--53.

Digital Library

[57]

C. Morales. NETSCOUT Arbor Confirms 1.7 Tbps DDoS Attack; The Terabit Attack Era Is Upon Us. https://asert.arbornetworks.com/netscout-arbor-confirms-1-7-tbps-ddos-attack-terabit-attack-era-upon-us/. (2018).

[58]

Netscout. Arbor Availability Protection System. https://www.netscout.com/product/arbor-availability-protection-system. (2018).

[59]

C. Osborne. 2014 DDoS Attacks: Heavier and in higher Volume. https://www.zdnet.com/article/2014-ddos-attacks-heavier-and-in-higher-volume/. (2014).

[60]

M. Prince. The DDoS That Almost Broke the Internet. https://blog.cloudflare.com/the-ddos-that-almost-broke-the-internet/. (2013).

[61]

B. Quoitin, C. Pelsser, L. Swinnen, O. Bonaventure, and S. Uhlig. Interdomain Traffic Engineering with BGP. IEEE Communications Magazine 41, 5 (2003), 122--128.

Digital Library

[62]

Y. Rekhter, T. Li, and S. Hares. A Border Gateway Protocol 4 (BGP-4). IETF RFC 4271. (2006).

[63]

P. Richter, G. Smaragdakis, A. Feldmann, N. Chatzis, J. Boettger, and W. Willinger. Peering at Peerings: On the Role of IXP Route Servers. ACM IMC (2014).

Digital Library

[64]

C. Rossow. Amplification Hell: Revisiting Network Protocols for DDoS Abuse. NDSS (2014).

[65]

F. J. Ryba, M. Orlinski, M. Wählisch, C. Rossow, and T. C. Schmidt. Amplification and DRDoS Attack Defense-A Survey and New Perspectives. arXiv preprint arXiv:1505.07892 (2015).

[66]

J. Ryburn. DDoS Mitigation Using BGP Flowspec. NANOG 63. (2015).

[67]

S. Sangli, D. Tappan, and Y. Rekhter. BGP Extended Communities Attribute. IETF RFC 4360. (2006).

[68]

J. J. Santanna, R. van Rijswijk-Deij, R. Hofstede, A. Sperotto, M. Wierbosch, L. Z. Granville, and A. Pras. Booters - An analysis of DDoS-as-a-service Attacks. IFIP/IEEE IM (2015).

[69]

P. Sermpezis, V. Kotronis, A. Dainotti, and X. Dimitropoulos. A Survey Among Network Operators on BGP Prefix Hijacking. ACM CCR 48, 1 (2018).

Digital Library

[70]

D. Smith. Turkey DNS Servers Under Attack. https://blog.radware.com/security/2015/12/turkey-dns-servers-under-attack/. (2015).

[71]

R. Stapleton-Gray and W. Woodcock. National Internet Defense - Small States on the Skirmish Line. Communications of the ACM 54, 3 (2011).

Digital Library

[72]

F. Streibelt, F. Lichtblau, R. Beverly, A. Feldmann, C. Pelsser, G. Smaragdakis, and R. Bush. BGP Communities: Even more Worms in the Routing Can. ACM IMC (2018).

Digital Library

[73]

US-CERT. UDP-Based Amplification Attacks. https://www.us-cert.gov/ncas/alerts/TA14-017A. (2018).

[74]

R. van Rijswijk-Deij, A. Sperotto, and A. Pras. DNSSEC and its Potential for DDoS Attacks: A comprehensive Measurement Study. ACM IMC (2014).

Digital Library

[75]

T. Vissers, T. Van Goethem, W. Joosen, and N. Nikiforakis. Maneuvering around Clouds: Bypassing cloud-based Security Providers. ACM CCS (2015).

Digital Library

[76]

D. Walton, A. Retana, E. Chen, and J. Scudder. Advertisement of Multiple Paths in BGP. IETF RFC 7911. (2016).

[77]

S. T. Zargar, J. Joshi, and D. Tipper. A Survey of Defense Mechanisms against Distributed Denial of Service (DDoS) Flooding Attacks. IEEE Communications Surveys & Tutorials 15, 4 (2013).

[78]

P. Zilberman, R. Puzis, and Y. Elovici. On Network Footprint of Traffic Inspection and Filtering at Global Scrubbing Centers. IEEE Transactions on Dependable and Secure Computing 14, 5 (2017).

Cited By

Hiesgen RNawrocki MBarcellos MKopp DHohlfeld OChan EDobbins RDoerr CRossow CThomas DJonker MMok RLuo XKristoff JSchmidt TWählisch Mclaffy kVallina-Rodríguez NSuarez-Tángil GLevin DPelsser C(2024)The Age of DDoScovery: An Empirical Comparison of Industry and Academic DDoS AssessmentsProceedings of the 2024 ACM on Internet Measurement Conference10.1145/3646547.3688451(259-279)Online publication date: 4-Nov-2024
https://dl.acm.org/doi/10.1145/3646547.3688451
Anghel RZhauniarovich YGañán C(2024)Who's Got My Back? Measuring the Adoption of an Internet-wide BGP RTBH ServiceProceedings of the ACM on Measurement and Analysis of Computing Systems10.1145/36390298:1(1-25)Online publication date: 21-Feb-2024
https://dl.acm.org/doi/10.1145/3639029
Lyu MHabibi Gharakheili HSivaraman V(2024)A Survey on Enterprise Network Security: Asset Behavioral Monitoring and Distributed Attack DetectionIEEE Access10.1109/ACCESS.2024.341906812(89363-89383)Online publication date: 2024
https://doi.org/10.1109/ACCESS.2024.3419068
Show More Cited By

Index Terms

Stellar: network attack mitigation using advanced blackholing
1. Networks

Recommendations

United We Stand: Collaborative Detection and Mitigation of Amplification DDoS Attacks at Scale
CCS '21: Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security

Amplification Distributed Denial of Service (DDoS) attacks' traffic and harm are at an all-time high. To defend against such attacks, distributed attack mitigation platforms, such as traffic scrubbing centers that operate in peering locations, e.g., ...
Inferring BGP blackholing activity in the internet
IMC '17: Proceedings of the 2017 Internet Measurement Conference

The Border Gateway Protocol (BGP) has been used for decades as the de facto protocol to exchange reachability information among networks in the Internet. However, little is known about how this protocol is used to restrict reachability to selected ...
A First Joint Look at DoS Attacks and BGP Blackholing in the Wild
IMC '18: Proceedings of the Internet Measurement Conference 2018

BGP blackholing is an operational countermeasure that builds upon the capabilities of BGP to achieve DoS mitigation. Although empirical evidence of blackholing activities are documented in literature, a clear understanding of how blackholing is used in ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

CoNEXT '18: Proceedings of the 14th International Conference on emerging Networking EXperiments and Technologies

December 2018

408 pages

ISBN:9781450360807

DOI:10.1145/3281411

General Chairs:
Xenofontas Dimitropoulos
University of Crete and FORTH, Greece
,
Alberto Dainotti
CAIDA, University of California, San Diego
,
Program Chairs:
Laurent Vanbever
ETH Zurich, Switzerland
,
Theophilus Benson
Brown University

Copyright © 2018 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGCOMM: ACM Special Interest Group on Data Communication

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 04 December 2018

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

European Research Council (ERC)
Deutsche Forschungsgemeinschaft

Conference

CoNEXT '18

Sponsor:

SIGCOMM

CoNEXT '18: The 14th International Conference on emerging Networking EXperiments and Technologies

December 4 - 7, 2018

Heraklion, Greece

Acceptance Rates

Overall Acceptance Rate 198 of 789 submissions, 25%

Upcoming Conference

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

39
Total Citations
View Citations
795
Total Downloads

Downloads (Last 12 months)94
Downloads (Last 6 weeks)21

Reflects downloads up to 23 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Hiesgen RNawrocki MBarcellos MKopp DHohlfeld OChan EDobbins RDoerr CRossow CThomas DJonker MMok RLuo XKristoff JSchmidt TWählisch Mclaffy kVallina-Rodríguez NSuarez-Tángil GLevin DPelsser C(2024)The Age of DDoScovery: An Empirical Comparison of Industry and Academic DDoS AssessmentsProceedings of the 2024 ACM on Internet Measurement Conference10.1145/3646547.3688451(259-279)Online publication date: 4-Nov-2024
https://dl.acm.org/doi/10.1145/3646547.3688451
Anghel RZhauniarovich YGañán C(2024)Who's Got My Back? Measuring the Adoption of an Internet-wide BGP RTBH ServiceProceedings of the ACM on Measurement and Analysis of Computing Systems10.1145/36390298:1(1-25)Online publication date: 21-Feb-2024
https://dl.acm.org/doi/10.1145/3639029
Lyu MHabibi Gharakheili HSivaraman V(2024)A Survey on Enterprise Network Security: Asset Behavioral Monitoring and Distributed Attack DetectionIEEE Access10.1109/ACCESS.2024.341906812(89363-89383)Online publication date: 2024
https://doi.org/10.1109/ACCESS.2024.3419068
Livadariu IFontugne RPhokeer ACandela MStucchi M(2024)A Tale of Two Synergies: Uncovering RPKI Practices for RTBH at IXPsPassive and Active Measurement10.1007/978-3-031-56252-5_5(88-103)Online publication date: 20-Mar-2024
https://doi.org/10.1007/978-3-031-56252-5_5
Aslan ÖAktuğ SOzkan-Okay MYilmaz AAkin E(2023)A Comprehensive Review of Cyber Security Vulnerabilities, Threats, Attacks, and SolutionsElectronics10.3390/electronics1206133312:6(1333)Online publication date: 11-Mar-2023
https://doi.org/10.3390/electronics12061333
Singh Samra RBarcellos M(2023)DDoS2Vec: Flow-Level Characterisation of Volumetric DDoS Attacks at ScaleProceedings of the ACM on Networking10.1145/36291351:CoNEXT3(1-25)Online publication date: 28-Nov-2023
https://dl.acm.org/doi/10.1145/3629135
Li HZhao YYao WXu KLi Q(2023)Towards real-time ML-based DDoS detection via cost-efficient window-based feature extractionScience China Information Sciences10.1007/s11432-021-3545-066:5Online publication date: 17-Apr-2023
https://doi.org/10.1007/s11432-021-3545-0
Anghel RVetrivel SRodriguez ESameshima KMakita DYoshioka KGañán CZhauniarovich Y(2023)Peering into the Darkness: The Use of UTRS in Combating DDoS AttacksComputer Security – ESORICS 202310.1007/978-3-031-51476-0_2(23-41)Online publication date: 25-Sep-2023
https://dl.acm.org/doi/10.1007/978-3-031-51476-0_2
Bremler-Barr ASabag M(2022)Preventing the Flood: Incentive-Based Collaborative Mitigation for DRDoS Attacks2022 IFIP Networking Conference (IFIP Networking)10.23919/IFIPNetworking55013.2022.9829807(1-9)Online publication date: 13-Jun-2022
https://doi.org/10.23919/IFIPNetworking55013.2022.9829807
Mazzola FMarcos PBarcellos MBianchi GMei A(2022)Light, camera, actionsProceedings of the 18th International Conference on emerging Networking EXperiments and Technologies10.1145/3555050.3569143(196-203)Online publication date: 30-Nov-2022
https://dl.acm.org/doi/10.1145/3555050.3569143
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents