Protecting internet infrastructure against link flooding attacks : a techno-economic perspective
As an emerging threat, link flooding attacks (LFAs) target and congest core links that constitute Internet routing infrastructure, hence posing a growing threat to networks worldwide. Mitigating and defeating LFAs is particularly challenging for two reasons. First, arising from the end-to-end commun...
Saved in:
| Main Authors: | , , , , |
|---|---|
| Other Authors: | |
| Format: | Article |
| Language: | English |
| Published: |
2020
|
| Subjects: | |
| Online Access: | https://hdl.handle.net/10356/142636 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Nanyang Technological University |
| Language: | English |
| id |
sg-ntu-dr.10356-142636 |
|---|---|
| record_format |
dspace |
| spelling |
sg-ntu-dr.10356-1426362020-06-26T01:41:18Z Protecting internet infrastructure against link flooding attacks : a techno-economic perspective Ma, Xiaobo Li, Jianfeng Tang, Yajuan An, Bo Guan, Xiaohong School of Computer Science and Engineering Engineering::Computer science and engineering Internet Infrastructure Security Link Flooding Attack As an emerging threat, link flooding attacks (LFAs) target and congest core links that constitute Internet routing infrastructure, hence posing a growing threat to networks worldwide. Mitigating and defeating LFAs is particularly challenging for two reasons. First, arising from the end-to-end communication from bots to public servers (e.g., Web servers), the attack traffic flows could be indistinguishable from legitimate ones, and even unobservable to the victim network surrounded by the target links. Therefore, typical flow-filtering countermeasures deployed at the network perimeter become invalid when handling LFAs. Second, the target link and the victim network belong to an autonomous system (AS) different from the source ASs where the attack traffic flows originate. These source ASs, however, have no idea the target link is under attack, whereas they are in charge of routing decisions and thus capable of mitigating LFAs by rerouting the attack traffic flows to bypass the target link. Therefore, inter-AS cooperation is indispensable to defeat LFAs. Unfortunately, the source ASs lack incentives to cooperate because the collateral damage of LFAs to them may be negligible, making it challenging to eradicate LFAs. In this paper, we make the first effort to cope with LFAs from a techno-economic perspective, for accelerating ISPs’ cooperation in defending against LFAs. We propose two novel mechanisms to mitigate LFAs by stimulating the inter-AS cooperation via incentive design and Nash bargaining. Experiments using Internet AS relationship data demonstrate the feasibility and effectiveness of our mechanisms. 2020-06-26T01:41:18Z 2020-06-26T01:41:18Z 2019 Journal Article Ma, X., Li, J., Tang, Y., An, B., & Guan, X. (2019). Protecting internet infrastructure against link flooding attacks : a techno-economic perspective. Information Sciences, 479, 486-502. doi:10.1016/j.ins.2018.04.050 0020-0255 https://hdl.handle.net/10356/142636 10.1016/j.ins.2018.04.050 2-s2.0-85046131501 479 486 502 en Information Sciences © 2018 Elsevier Inc. All rights reserved. |
| institution |
Nanyang Technological University |
| building |
NTU Library |
| country |
Singapore |
| collection |
DR-NTU |
| language |
English |
| topic |
Engineering::Computer science and engineering Internet Infrastructure Security Link Flooding Attack |
| spellingShingle |
Engineering::Computer science and engineering Internet Infrastructure Security Link Flooding Attack Ma, Xiaobo Li, Jianfeng Tang, Yajuan An, Bo Guan, Xiaohong Protecting internet infrastructure against link flooding attacks : a techno-economic perspective |
| description |
As an emerging threat, link flooding attacks (LFAs) target and congest core links that constitute Internet routing infrastructure, hence posing a growing threat to networks worldwide. Mitigating and defeating LFAs is particularly challenging for two reasons. First, arising from the end-to-end communication from bots to public servers (e.g., Web servers), the attack traffic flows could be indistinguishable from legitimate ones, and even unobservable to the victim network surrounded by the target links. Therefore, typical flow-filtering countermeasures deployed at the network perimeter become invalid when handling LFAs. Second, the target link and the victim network belong to an autonomous system (AS) different from the source ASs where the attack traffic flows originate. These source ASs, however, have no idea the target link is under attack, whereas they are in charge of routing decisions and thus capable of mitigating LFAs by rerouting the attack traffic flows to bypass the target link. Therefore, inter-AS cooperation is indispensable to defeat LFAs. Unfortunately, the source ASs lack incentives to cooperate because the collateral damage of LFAs to them may be negligible, making it challenging to eradicate LFAs. In this paper, we make the first effort to cope with LFAs from a techno-economic perspective, for accelerating ISPs’ cooperation in defending against LFAs. We propose two novel mechanisms to mitigate LFAs by stimulating the inter-AS cooperation via incentive design and Nash bargaining. Experiments using Internet AS relationship data demonstrate the feasibility and effectiveness of our mechanisms. |
| author2 |
School of Computer Science and Engineering |
| author_facet |
School of Computer Science and Engineering Ma, Xiaobo Li, Jianfeng Tang, Yajuan An, Bo Guan, Xiaohong |
| format |
Article |
| author |
Ma, Xiaobo Li, Jianfeng Tang, Yajuan An, Bo Guan, Xiaohong |
| author_sort |
Ma, Xiaobo |
| title |
Protecting internet infrastructure against link flooding attacks : a techno-economic perspective |
| title_short |
Protecting internet infrastructure against link flooding attacks : a techno-economic perspective |
| title_full |
Protecting internet infrastructure against link flooding attacks : a techno-economic perspective |
| title_fullStr |
Protecting internet infrastructure against link flooding attacks : a techno-economic perspective |
| title_full_unstemmed |
Protecting internet infrastructure against link flooding attacks : a techno-economic perspective |
| title_sort |
protecting internet infrastructure against link flooding attacks : a techno-economic perspective |
| publishDate |
2020 |
| url |
https://hdl.handle.net/10356/142636 |
| _version_ |
1681057313590345728 |