Advertisement

Anycast and Its Potential for DDoS Mitigation

  • Wouter B. de Vries
  • Ricardo de O. Schmidt
  • Aiko Pras
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9701)

Abstract

IP anycast is widely being used to distribute essential Internet services, such as DNS, across the globe. One of the main reasons for doing so is to increase the redundancy of the service and reduce the impacts of the growing threat of DDoS attacks. IP anycast can be further used to mitigate DDoS attacks by confining the attack traffic to certain areas. This might cause the targeted service to become unavailable only to a fraction of its users. In this PhD research we aim at investigating how IP anycast can be optimized both statically and dynamically to support the mitigation of DDoS attacks.

Keywords

Border Gateway Protocol Passive Measurement Management Node Attack Traffic Final Research Question 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Notes

Acknowledgements

This research is partially funded by SIDN and NLnet Labs through the projects DAS (http://www.das-project.nl) and SAND (http://www.sand-project.nl), by the EU FP7 FLAMINGO NoE (318488), and the SURFnet Research on Networks project.

References

  1. 1.
  2. 2.
    Anwar, R., Niaz, H., Choffnes, D., Cunha, I., Gill, P., Katz-Bassett, E.: Investigating interdomain routing policies in the wild. In: Proceedings of the 2015 ACM Conference on Internet Measurement Conference. IMC 2015, pp. 71–77. ACM, NewYork (2015). http://doi.acm.org/10.1145/2815675.2815712
  3. 3.
    Liu, Z., Huffaker, B., Fomenkov, M., Brownlee, N., claffy, K.: Two days in the life of the DNS anycast root servers. In: Uhlig, S., Papagiannaki, K., Bonaventure, O. (eds.) PAM 2007. LNCS, vol. 4427, pp. 125–134. Springer, Heidelberg (2007). http://dx.doi.org/10.1007/978-3-540-71617-4_13 CrossRefGoogle Scholar
  4. 4.
    NCC, R.: Ripe atlas (2016). https://ripe.atlas.net
  5. 5.
    Root Server Operators: Events of 2015–11-30 (2015). http://root-servers.org/news/events-of-20151130.txt
  6. 6.
    Santanna, J.J., Sperotto, A.: Characterizing and mitigating the DDoS-as-a-service phenomenon. In: Sperotto, A., Doyen, G., Latré, S., Charalambides, M., Stiller, B. (eds.) AIMS 2014. LNCS, vol. 8508, pp. 74–78. Springer, Heidelberg (2014)Google Scholar
  7. 7.
    Schlinker, B., Zarifis, K., Cunha, I., Feamster, N., Katz-Bassett, E.: Peering: an as for us. In: Proceedings of the 13th ACM Workshop on Hot Topics in Networks, p. 18. ACM (2014)Google Scholar
  8. 8.
    Sozeri, E.K.: Turkish internet hit with massive DDoS attack (2015). http://www.dailydot.com/politics/turkey-ddos-attack-tk-universities/
  9. 9.
    Teixeira, R., Shaikh, A., Griffin, T., Rexford, J.: Dynamics of hot-potato routing in IP networks. SIGMETRICS Perform. Eval. Rev. 32(1), 307–319 (2004). http://doi.acm.org/10.1145/1012888.1005723 CrossRefGoogle Scholar

Copyright information

© IFIP International Federation for Information Processing 2016

Authors and Affiliations

  • Wouter B. de Vries
    • 1
  • Ricardo de O. Schmidt
    • 1
  • Aiko Pras
    • 1
  1. 1.University of TwenteEnschedeThe Netherlands

Personalised recommendations