Vše

Co hledáte?

Vše
Projekty
Výsledky výzkumu
Subjekty

Rychlé hledání

  • Projekty podpořené TA ČR
  • Významné projekty
  • Projekty s nejvyšší státní podporou
  • Aktuálně běžící projekty

Chytré vyhledávání

  • Takto najdu konkrétní +slovo
  • Takto z výsledků -slovo zcela vynechám
  • “Takto můžu najít celou frázi”

Informed DDoS Mitigation at 100 Gb/s

Identifikátory výsledku

  • Kód výsledku v IS VaVaI

    <a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F63839172%3A_____%2F18%3A10133096" target="_blank" >RIV/63839172:_____/18:10133096 - isvavai.cz</a>

  • Výsledek na webu

  • DOI - Digital Object Identifier

Alternativní jazyky

  • Jazyk výsledku

    angličtina

  • Název v původním jazyce

    Informed DDoS Mitigation at 100 Gb/s

  • Popis výsledku v původním jazyce

    Network attacks, especially DoS and DDoS attacks, are a significant threat to all providers of services or infrastructure. The most potent attacks can paralyze even large-scale infrastructures of worldwide companies (as it is mentioned, e.g., in [1]). The objective of DDoS attacks is usually to flood the target network device or even the network itself with a large number of packets. Such attack results in nondeterministic discarding of network packets. There are many different types of DDoS attacks hence every mitigation technique addresses only a portion of them. Network operators can use various ways of defense (such as blackholing, rate-limiting) that deterministically discard packets of the traffic according to defined rules. The problem of packet discarding is related to the availability of the victim. When all packets targeted against the victim are discarded, the attack becomes harmless. Naturally, legitimate packets are discarded as well. Therefore, it is not always a feasible approach in practice. The main challenge is to distinguish malicious and legitimate packets. DDoS mitigation strategy based on the recognition of malicious packets is a complex task due to the similarity between legitimate and malicious packets. This presentation proposes a design of a mitigation heuristic which utilizes the knowledge of the so-called reputation score [2] of network entities and describes a way to integrate the proposed heuristic into a scrubbing center developed by CESNET a.l.e. The result, which will be described in this presentation, is based on the DDoS Mitigation Device (DMD) [3] that works at link speed 100 Gb/s. The DMD analysis the traffic on-the-fly, it computes statistics and using our proposed heuristic algorithm based on reputation scores it determines what packets to discard.

  • Název v anglickém jazyce

    Informed DDoS Mitigation at 100 Gb/s

  • Popis výsledku anglicky

    Network attacks, especially DoS and DDoS attacks, are a significant threat to all providers of services or infrastructure. The most potent attacks can paralyze even large-scale infrastructures of worldwide companies (as it is mentioned, e.g., in [1]). The objective of DDoS attacks is usually to flood the target network device or even the network itself with a large number of packets. Such attack results in nondeterministic discarding of network packets. There are many different types of DDoS attacks hence every mitigation technique addresses only a portion of them. Network operators can use various ways of defense (such as blackholing, rate-limiting) that deterministically discard packets of the traffic according to defined rules. The problem of packet discarding is related to the availability of the victim. When all packets targeted against the victim are discarded, the attack becomes harmless. Naturally, legitimate packets are discarded as well. Therefore, it is not always a feasible approach in practice. The main challenge is to distinguish malicious and legitimate packets. DDoS mitigation strategy based on the recognition of malicious packets is a complex task due to the similarity between legitimate and malicious packets. This presentation proposes a design of a mitigation heuristic which utilizes the knowledge of the so-called reputation score [2] of network entities and describes a way to integrate the proposed heuristic into a scrubbing center developed by CESNET a.l.e. The result, which will be described in this presentation, is based on the DDoS Mitigation Device (DMD) [3] that works at link speed 100 Gb/s. The DMD analysis the traffic on-the-fly, it computes statistics and using our proposed heuristic algorithm based on reputation scores it determines what packets to discard.

Klasifikace

  • Druh

    O - Ostatní výsledky

  • CEP obor

  • OECD FORD obor

    20202 - Communication engineering and systems

Návaznosti výsledku

  • Projekt

    <a href="/cs/project/LM2015042" target="_blank" >LM2015042: E-infrastruktura CESNET</a><br>

  • Návaznosti

    P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)

Ostatní

  • Rok uplatnění

    2018

  • Kód důvěrnosti údajů

    S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů