Proceedings of the 2006 conference on Applications, technologies, architectures, and protocols for computer communications
Bunker: a privacy-oriented platform for network tracing
NSDI'09 Proceedings of the 6th USENIX symposium on Networked systems design and implementation
ACM Transactions on Computer Systems (TOCS)
WDA: A Web farm Distributed Denial Of Service attack attenuator
Computer Networks: The International Journal of Computer and Telecommunications Networking
P3CA: private anomaly detection across ISP networks
PETS'11 Proceedings of the 11th international conference on Privacy enhancing technologies
Hi-index | 0.00 |
There is a growing number of DDoS attacks on the Internet, resulting in significant impact on users. Network operators today have little access to scientific means to effectively deal with these attacks in real time. The need of the hour is a tool to accurately assess the impact of attacks and more importantly identify feasible mitigation responses enabling real-time decision making. We designed and implemented Reval, a tool that reports DDoS attack impact in real time, scaling to large networks. This is achieved by modeling resource constraints of network elements and incorporating routing information. We demonstrate the usefulness of the tool on two real network topologies using empirical traffic data and examining real attack scenarios. Using data from a tier-1 ISP network (core, access and customer router network) of size in excess of 60000 nodes, Reval models network conditions with close to 0.4 million traffic flows in about 11 seconds, and evaluates a given mitigation deployment chosen from a sample set in about 35 seconds. Besides real-time decision support, we show how the simulator can also be used in longer term network planning to identify where and how to upgrade the network to improve network resilience. The tool is applicable for networks of any size and can be used to analyze other network anomalies like flash crowds.