CoDef: collaborative defense against large-scale link-flooding attacks

  • Authors:
  • Soo Bum Lee;Min Suk Kang;Virgil D. Gligor

  • Affiliations:
  • Qualcomm, San Diego, CA, USA;Carnegie Mellon University, Pittsburgh, PA, USA;Carnegie Mellon University, Pittsburgh, PA, USA

  • Venue:
  • Proceedings of the ninth ACM conference on Emerging networking experiments and technologies
  • Year:
  • 2013

Quantified Score

Hi-index 0.00

Visualization

Abstract

Large-scale botnet attacks against Internet links using low-rate flows cannot be effectively countered by any of the traditional rate-limiting and flow-filtering mechanisms deployed in individual routers. In this paper, we present a collaborative defense mechanism, called CoDef, which enables routers to distinguish low-rate attack flows from legitimate flows, and protect legitimate traffic during botnet attacks. CoDef enables autonomous domains that are uncontaminated by bots to collaborate during link flooding attacks and reroute their customers' legitimate traffic in response to requests from congested routers. Collaborative defense using multi-path routing favors legitimate traffic while limiting the bandwidth available to attack traffic at a congested link. We present CoDef's design and evaluate its effectiveness by exploring the domain-level path-diversity of the Internet and performing simulations under various traffic conditions.