All

What are you looking for?

All
Projects
Results
Organizations

Quick search

  • Projects supported by TA ČR
  • Excellent projects
  • Projects with the highest public support
  • Current projects

Smart search

  • That is how I find a specific +word
  • That is how I leave the -word out of the results
  • “That is how I can find the whole phrase”
EN
ČeštinaEnglish

Informed DDoS Mitigation at 100 Gb/s

The result's identifiers

  • Result code in IS VaVaI

    <a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F63839172%3A_____%2F18%3A10133096" target="_blank" >RIV/63839172:_____/18:10133096 - isvavai.cz</a>

  • Result on the web

  • DOI - Digital Object Identifier

Alternative languages

  • Result language

    angličtina

  • Original language name

    Informed DDoS Mitigation at 100 Gb/s

  • Original language description

    Network attacks, especially DoS and DDoS attacks, are a significant threat to all providers of services or infrastructure. The most potent attacks can paralyze even large-scale infrastructures of worldwide companies (as it is mentioned, e.g., in [1]). The objective of DDoS attacks is usually to flood the target network device or even the network itself with a large number of packets. Such attack results in nondeterministic discarding of network packets. There are many different types of DDoS attacks hence every mitigation technique addresses only a portion of them. Network operators can use various ways of defense (such as blackholing, rate-limiting) that deterministically discard packets of the traffic according to defined rules. The problem of packet discarding is related to the availability of the victim. When all packets targeted against the victim are discarded, the attack becomes harmless. Naturally, legitimate packets are discarded as well. Therefore, it is not always a feasible approach in practice. The main challenge is to distinguish malicious and legitimate packets. DDoS mitigation strategy based on the recognition of malicious packets is a complex task due to the similarity between legitimate and malicious packets. This presentation proposes a design of a mitigation heuristic which utilizes the knowledge of the so-called reputation score [2] of network entities and describes a way to integrate the proposed heuristic into a scrubbing center developed by CESNET a.l.e. The result, which will be described in this presentation, is based on the DDoS Mitigation Device (DMD) [3] that works at link speed 100 Gb/s. The DMD analysis the traffic on-the-fly, it computes statistics and using our proposed heuristic algorithm based on reputation scores it determines what packets to discard.

  • Czech name

  • Czech description

Classification

  • Type

    O - Miscellaneous

  • CEP classification

  • OECD FORD branch

    20202 - Communication engineering and systems

Result continuities

  • Project

    <a href="/en/project/LM2015042" target="_blank" >LM2015042: E-infrastructure CESNET</a><br>

  • Continuities

    P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)

Others

  • Publication year

    2018

  • Confidentiality

    S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Similar results(10)

Augmented DDoS Mitigation with Reputation ScoresAccelerated DDoS Attacks Mitigation using Programmable Data PlaneSVM Algorithm Training for DDoS on SDN Networks