SOSP '01 Proceedings of the eighteenth ACM symposium on Operating systems principles
Controlling high bandwidth aggregates in the network
ACM SIGCOMM Computer Communication Review
Loose source routing as a mechanism for traffic policies
Proceedings of the ACM SIGCOMM workshop on Future directions in network architecture
A DoS-limiting network architecture
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
Walking the tightrope: responsive yet stable traffic engineering
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
Source selectable path diversity via routing deflections
Proceedings of the 2006 conference on Applications, technologies, architectures, and protocols for computer communications
MIRO: multi-path interdomain routing
Proceedings of the 2006 conference on Applications, technologies, architectures, and protocols for computer communications
Active internet traffic filtering: real-time response to denial-of-service attacks
ATEC '05 Proceedings of the annual conference on USENIX Annual Technical Conference
AS-based accountability as a cost-effective DDoS defense
HotBots'07 Proceedings of the first conference on First Workshop on Hot Topics in Understanding Botnets
OpenFlow: enabling innovation in campus networks
ACM SIGCOMM Computer Communication Review
SNAPP: stateless network-authenticated path pinning
Proceedings of the 2008 ACM symposium on Information, computer and communications security
Passport: secure and adoptable source authentication
NSDI'08 Proceedings of the 5th USENIX Symposium on Networked Systems Design and Implementation
Proceedings of the ACM SIGCOMM 2008 conference on Data communication
Accountable internet protocol (aip)
Proceedings of the ACM SIGCOMM 2008 conference on Data communication
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
FLoc: Dependable Link Access for Legitimate Traffic in Flooding Attacks
ICDCS '10 Proceedings of the 2010 IEEE 30th International Conference on Distributed Computing Systems
How secure are secure interdomain routing protocols
Proceedings of the ACM SIGCOMM 2010 conference
Tesseract: a 4D network control plane
NSDI'07 Proceedings of the 4th USENIX conference on Networked systems design & implementation
SCION: Scalability, Control, and Isolation on Next-Generation Networks
SP '11 Proceedings of the 2011 IEEE Symposium on Security and Privacy
Fabric: a retrospective on evolving SDN
Proceedings of the first workshop on Hot topics in software defined networks
SP '13 Proceedings of the 2013 IEEE Symposium on Security and Privacy
Hi-index | 0.00 |
Large-scale botnet attacks against Internet links using low-rate flows cannot be effectively countered by any of the traditional rate-limiting and flow-filtering mechanisms deployed in individual routers. In this paper, we present a collaborative defense mechanism, called CoDef, which enables routers to distinguish low-rate attack flows from legitimate flows, and protect legitimate traffic during botnet attacks. CoDef enables autonomous domains that are uncontaminated by bots to collaborate during link flooding attacks and reroute their customers' legitimate traffic in response to requests from congested routers. Collaborative defense using multi-path routing favors legitimate traffic while limiting the bandwidth available to attack traffic at a congested link. We present CoDef's design and evaluate its effectiveness by exploring the domain-level path-diversity of the Internet and performing simulations under various traffic conditions.