MTF: Mitigating Link Flooding Attacks in Delay Tolerant Networks

The link flooding attack (LFA) is a new type of distributed denial-of-service (DDoS) attack emerged in recent years. Several defense mechanisms have been proposed in TCP/IP networks. However, due to the connectionless nature of Delay Tolerant Networks (DTN), the efficiency of these mechanisms is degraded facing the LFA in DTN. Thus, in this paper, we propose a new scheme named Macro Traffic Filtering (MTF), to defend the LFA in DTN efficiently. With the real prototype implementations and the long-term emulations, the preliminary results show that compared to the undifferentiated interception and the TE-based interplay scheme, MTF achieves significantly higher attack traffic hit ratio, lower collateral damage and higher cost to the attackers.

[1]  Virgil D. Gligor,et al.  FLoc : Dependable Link Access for Legitimate Traffic in Flooding Attacks , 2010, 2010 IEEE 30th International Conference on Distributed Computing Systems.

[2]  Vinton G. Cerf,et al.  Delay-tolerant networking: an approach to interplanetary Internet , 2003, IEEE Commun. Mag..

[3]  Virgil D. Gligor,et al.  The Crossfire Attack , 2013, 2013 IEEE Symposium on Security and Privacy.

[4]  Vyas Sekar,et al.  SPIFFY: Inducing Cost-Detectability Tradeoffs for Persistent Link-Flooding Attacks , 2016, NDSS.

[5]  Xenofontas A. Dimitropoulos,et al.  On the Interplay of Link-Flooding Attacks and Traffic Engineering , 2016, CCRV.

[6]  Virgil D. Gligor,et al.  Routing Bottlenecks in the Internet: Causes, Exploits, and Countermeasures , 2014, CCS.

[7]  Kemal Akkaya,et al.  Mitigating Crossfire Attacks Using SDN-Based Moving Target Defense , 2016, 2016 IEEE 41st Conference on Local Computer Networks (LCN).

[8]  Xin Zhang,et al.  STRIDE: sanctuary trail -- refuge from internet DDoS entrapment , 2013, ASIA CCS '13.

[9]  Iwao Sasase,et al.  Fast target link flooding attack detection scheme by analyzing traceroute packets flow , 2015, 2015 IEEE International Workshop on Information Forensics and Security (WIFS).

[10]  Adrian Perrig,et al.  The Coremelt Attack , 2009, ESORICS.

[11]  Saman Taghavi Zargar,et al.  A Survey of Defense Mechanisms Against Distributed Denial of Service (DDoS) Flooding Attacks , 2013, IEEE Communications Surveys & Tutorials.

[12]  Stephen Farrell,et al.  Licklider Transmission Protocol - Specification , 2008, RFC.

[13]  Xenofontas A. Dimitropoulos,et al.  A novel framework for modeling and mitigating distributed link flooding attacks , 2016, IEEE INFOCOM 2016 - The 35th Annual IEEE International Conference on Computer Communications.

[14]  Jianping Wu,et al.  Towards mitigating Link Flooding Attack via incremental SDN deployment , 2016, 2016 IEEE Symposium on Computers and Communication (ISCC).

[15]  Virgil D. Gligor,et al.  CoDef: collaborative defense against large-scale link-flooding attacks , 2013, CoNEXT.