Subject of this research project
Distributed Denial of Service (DDoS) attacks are a threat to Internet services ever since the widely published attacks on ebay.com and amazon.com in 2000. ETH itself was the target of such an attack six months before these commercial sites where hit. ETH suffered repeated complete loss of Internet connectivity ranging from minutes to hours in duration. Massive distributed DDoS attacks have the potential to cause major disruption of Internet functionality up to and including severely decreasing backbone availability.
This project has the following objectives:
Our hypothesis is that both attack phases exhibit distinct traffic patterns that allow detection and distinction from other massive network events like flash-crowds. We will test this hypothesis with measurements of real network traffic and with simulations.
The practical components are aimed at prototypical implementations of these methods and possible deployment in a real backbone network. Close cooperation with SWITCH has been established to this end, and in fact SWITCH provides a significant part of the project funding.
(c) 2003-2005 at TIK CSG ETH Zurich, Thomas Dübendorfer, Arno Wagner, last change: Dec 6th, 2005