LAUSR.org creates dashboard-style pages of related content for over 1.5 million academic articles. Sign Up to like articles & get recommendations!

On Modeling Link Flooding Attacks and Defenses

Photo from wikipedia

The emerging link flooding attacks (LFAs) are one type of attacks that attract significant attention in both academia and industry against the routing infrastructure. The attack traffic flows originating from… Click to show full abstract

The emerging link flooding attacks (LFAs) are one type of attacks that attract significant attention in both academia and industry against the routing infrastructure. The attack traffic flows originating from bots (e.g., compromised IoT devices) are deliberately aggregated at upstream critical links and grow intensified, gradually making a network connected to the critical links disconnected. Although LFAs are far more sophisticated than traditional DDoS attacks, whether such sophistication comes without a downside has never been investigated. In this paper, by modeling link flooding attacks and defenses, we tackle a series of questions concerning the practical issues of LFAs. Specifically, from the perspective of attacks, we advance a novel notion of strike precision, and reveal that LFAs may exhibit attack interference (i.e., unexpectedly interfere the connectivity of innocent networks) which might undermine the stealthiness and persistence of LFAs. From the perspective of defenses, we make the first step to study attack intention, i.e., inversely inferring the target network to disconnect based on the identified links under attack. Furthermore, we consider a strong defender who employs traffic engineering to mitigate LFAs, and formulate the game-theoretic interactions between attackers and defenders. The experiment results show that attack interference is pervasive, and our proposed SPAH flooding strategy can substantially lower attack interference and increase strike precision. Moreover, we demonstrate that LFAs can be effectively mitigated based on traffic engineering from a game-theoretic perspective, wherein the defender can adopt non-cooperative measurement techniques to achieve light-weight and multi-protocol-based robust probe deployment.

Keywords: attack interference; flooding attacks; modeling link; attacks defenses; link flooding

Journal Title: IEEE Access
Year Published: 2021

Link to full text (if available)


Share on Social Media:                               Sign Up to like & get
recommendations!

Related content

More Information              News              Social Media              Video              Recommended



                Click one of the above tabs to view related content.