| Title | DDoS Mitigation: A Measurement-Based Approach |
| Publication Type | Conference Paper |
| Year of Publication | 2020 |
| Authors | Jonker, Mattijs, Sperotto, Anna, Pras, Aiko |
| Conference Name | NOMS 2020 - 2020 IEEE/IFIP Network Operations and Management Symposium |
| Date Published | April 2020 |
| Publisher | IEEE |
| ISBN Number | 978-1-7281-4973-8 |
| Keywords | attacks, composability, DDoS, DDoS attack mitigation, DDOS attacks detection, denial-of-service, Human Behavior, internet measurement, Metrics, mitigation, pubcrawl, resilience, Resiliency, threat mitigation |
| Abstract | Society heavily relies upon the Internet for global communications. Simultaneously, Internet stability and reliability are continuously subject to deliberate threats. These threats include (Distributed) Denial-of-Service (DDoS) attacks, which can potentially be devastating. As a result of DDoS, businesses lose hundreds of millions of dollars annually. Moreover, when it comes to vital infrastructure, national safety and even lives could be at stake. Effective defenses are therefore an absolute necessity. Prospective users of readily available mitigation solutions find themselves having many shapes and sizes to choose from, the right fit of which may, however, not always be apparent. In addition, the deployment and operation of mitigation solutions may come with hidden hazards that need to be better understood. Policy makers and governments also find themselves facing questions concerning what needs to be done to promote cybersafety on a national level. Developing an optimal course of action to deal with DDoS, therefore, also brings about societal challenges. Even though the DDoS problem is by no means new, the scale of the problem is still unclear. We do not know exactly what it is we are defending against and getting a better understanding of attacks is essential to addressing the problem head-on. To advance situational awareness, many technical and societal challenges need still to be tackled. Given the central importance of better understanding the DDoS problem to improve overall Internet security, the thesis that we summarize in this paper has three main contributions. First, we rigorously characterize attacks and attacked targets at scale. Second, we advance knowledge about the Internet-wide adoption, deployment and operational use of various mitigation solutions. Finally, we investigate hidden hazards that can render mitigation solutions altogether ineffective. |
| URL | https://ieeexplore.ieee.org/document/9110320 |
| DOI | 10.1109/NOMS47738.2020.9110320 |
| Citation Key | jonker_ddos_2020 |
DDoS Mitigation: A Measurement-Based Approach