Protecting internet infrastructure against link flooding attacks : a techno-economic perspective

As an emerging threat, link flooding attacks (LFAs) target and congest core links that constitute Internet routing infrastructure, hence posing a growing threat to networks worldwide. Mitigating and defeating LFAs is particularly challenging for two reasons. First, arising from the end-to-end commun...

Full description

Saved in:
Bibliographic Details
Main Authors: Ma, Xiaobo, Li, Jianfeng, Tang, Yajuan, An, Bo, Guan, Xiaohong
Other Authors: School of Computer Science and Engineering
Format: Article
Language:English
Published: 2020
Subjects:
Online Access:https://hdl.handle.net/10356/142636
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Nanyang Technological University
Language: English
id sg-ntu-dr.10356-142636
record_format dspace
spelling sg-ntu-dr.10356-1426362020-06-26T01:41:18Z Protecting internet infrastructure against link flooding attacks : a techno-economic perspective Ma, Xiaobo Li, Jianfeng Tang, Yajuan An, Bo Guan, Xiaohong School of Computer Science and Engineering Engineering::Computer science and engineering Internet Infrastructure Security Link Flooding Attack As an emerging threat, link flooding attacks (LFAs) target and congest core links that constitute Internet routing infrastructure, hence posing a growing threat to networks worldwide. Mitigating and defeating LFAs is particularly challenging for two reasons. First, arising from the end-to-end communication from bots to public servers (e.g., Web servers), the attack traffic flows could be indistinguishable from legitimate ones, and even unobservable to the victim network surrounded by the target links. Therefore, typical flow-filtering countermeasures deployed at the network perimeter become invalid when handling LFAs. Second, the target link and the victim network belong to an autonomous system (AS) different from the source ASs where the attack traffic flows originate. These source ASs, however, have no idea the target link is under attack, whereas they are in charge of routing decisions and thus capable of mitigating LFAs by rerouting the attack traffic flows to bypass the target link. Therefore, inter-AS cooperation is indispensable to defeat LFAs. Unfortunately, the source ASs lack incentives to cooperate because the collateral damage of LFAs to them may be negligible, making it challenging to eradicate LFAs. In this paper, we make the first effort to cope with LFAs from a techno-economic perspective, for accelerating ISPs’ cooperation in defending against LFAs. We propose two novel mechanisms to mitigate LFAs by stimulating the inter-AS cooperation via incentive design and Nash bargaining. Experiments using Internet AS relationship data demonstrate the feasibility and effectiveness of our mechanisms. 2020-06-26T01:41:18Z 2020-06-26T01:41:18Z 2019 Journal Article Ma, X., Li, J., Tang, Y., An, B., & Guan, X. (2019). Protecting internet infrastructure against link flooding attacks : a techno-economic perspective. Information Sciences, 479, 486-502. doi:10.1016/j.ins.2018.04.050 0020-0255 https://hdl.handle.net/10356/142636 10.1016/j.ins.2018.04.050 2-s2.0-85046131501 479 486 502 en Information Sciences © 2018 Elsevier Inc. All rights reserved.
institution Nanyang Technological University
building NTU Library
country Singapore
collection DR-NTU
language English
topic Engineering::Computer science and engineering
Internet Infrastructure Security
Link Flooding Attack
spellingShingle Engineering::Computer science and engineering
Internet Infrastructure Security
Link Flooding Attack
Ma, Xiaobo
Li, Jianfeng
Tang, Yajuan
An, Bo
Guan, Xiaohong
Protecting internet infrastructure against link flooding attacks : a techno-economic perspective
description As an emerging threat, link flooding attacks (LFAs) target and congest core links that constitute Internet routing infrastructure, hence posing a growing threat to networks worldwide. Mitigating and defeating LFAs is particularly challenging for two reasons. First, arising from the end-to-end communication from bots to public servers (e.g., Web servers), the attack traffic flows could be indistinguishable from legitimate ones, and even unobservable to the victim network surrounded by the target links. Therefore, typical flow-filtering countermeasures deployed at the network perimeter become invalid when handling LFAs. Second, the target link and the victim network belong to an autonomous system (AS) different from the source ASs where the attack traffic flows originate. These source ASs, however, have no idea the target link is under attack, whereas they are in charge of routing decisions and thus capable of mitigating LFAs by rerouting the attack traffic flows to bypass the target link. Therefore, inter-AS cooperation is indispensable to defeat LFAs. Unfortunately, the source ASs lack incentives to cooperate because the collateral damage of LFAs to them may be negligible, making it challenging to eradicate LFAs. In this paper, we make the first effort to cope with LFAs from a techno-economic perspective, for accelerating ISPs’ cooperation in defending against LFAs. We propose two novel mechanisms to mitigate LFAs by stimulating the inter-AS cooperation via incentive design and Nash bargaining. Experiments using Internet AS relationship data demonstrate the feasibility and effectiveness of our mechanisms.
author2 School of Computer Science and Engineering
author_facet School of Computer Science and Engineering
Ma, Xiaobo
Li, Jianfeng
Tang, Yajuan
An, Bo
Guan, Xiaohong
format Article
author Ma, Xiaobo
Li, Jianfeng
Tang, Yajuan
An, Bo
Guan, Xiaohong
author_sort Ma, Xiaobo
title Protecting internet infrastructure against link flooding attacks : a techno-economic perspective
title_short Protecting internet infrastructure against link flooding attacks : a techno-economic perspective
title_full Protecting internet infrastructure against link flooding attacks : a techno-economic perspective
title_fullStr Protecting internet infrastructure against link flooding attacks : a techno-economic perspective
title_full_unstemmed Protecting internet infrastructure against link flooding attacks : a techno-economic perspective
title_sort protecting internet infrastructure against link flooding attacks : a techno-economic perspective
publishDate 2020
url https://hdl.handle.net/10356/142636
_version_ 1681057313590345728