da/sec scientific talk on Internet Security
Topic: Distributed DDoS Defense: A collaborative Approach at Internet Scale
by Jessica Steinberger
D19/2.03a, July 13, 2017 (Thursday), 12.00 noon
Keywords — DDoS, DDoS Mitigation, Collaborative DDoS Defense
Abstract
The Internet has evolved to a vital component that heavily influences our daily life. Large majorities of users rely on the Internet on a regular basis and it has become a crucial component for millions of businesses. However, emerging technologies offered within the Internet are also opening up new vulnerabilities that might be exploited by attackers to perform large-scale cyber attacks. These large-scale cyber attacks could lead to enormous financial loss and prolonged distruptions in communications, food and water supplies. One type of such a large-scale cyber attack is known as Distributed Denial of Service (DDoS). DDoS still remain the top concern responsible for network infrastructure and service outages as they are getting larger, more frequent and sophisticated. At the same time it has never been easier to execute DDoS attacks. Although traditional security solutions as firewalls and Intrustion Prevention Systems are deployed, often the amount of traffic generated by DDoS attacks is such that the target network will lose connectivity, because network resources are exhausted. To optimize mitigation and response capabilities and thus reduce potential damages caused by DDoS attacks, mitigation and response should move as close to the source of the attack as possible. Therefore, mititgation and response should move from the target network to the network of Internet Service Providers (ISPs). Additionally, ISPs should collaborate and exchange information in context of network security. This talk presents the main research results of a PhD trajectory that investigates the Development of a collaborative, automated approach to mitigate the effects of DDoS attacks at Internet Scale.