|
Authors: | Dimitrios Gkounis, Vasileios Kotronis, Christos Liaskos, Xenofontas Dimitropoulos |
Group: | Communication Systems |
Type: | Article |
Title: | On the Interplay of Link-Flooding Attacks and Traffic Engineering |
Year: | 2016 |
Month: | April |
Journal: | ACM SIGCOMM CCR |
Abstract: | Link-flooding attacks have the potential to disconnect even entire countries from the Internet. Moreover, newly pro- posed indirect link-flooding attacks, such as “Crossfire”, are extremely hard to expose and, subsequently, mitigate effec- tively. Traffic Engineering (TE) is the network’s natural way of mitigating link overload events, balancing the load and restoring connectivity. This work poses the question: Do we need a new kind of TE to expose an attack as well? The key idea is that a carefully crafted, attack-aware TE could force the attacker to follow improbable traffic patterns, revealing his target and his identity over time. We show that both existing and novel TE modules can efficiently expose the attack, and study the benefits of each approach. We implement defense prototypes using simulation mechanisms and evaluate them extensively on multiple real topologies. |
Resources: | [BibTeX] [Paper as PDF] |