The Cooperative DDoS Signaling based on a Blockchain-based System

Driven by challenges imposed by a cooperative network defense, the Blockchain Signaling System (BloSS) is presented as an effective and alternative solution for security management, especially cooperative defenses, by exploiting Blockchains (BC) and Software-Defined Networks (SDN) for sharing attack information, an exchange of incentives, and tracking of reputation in a fully distributed and automated fashion. BloSS was prototyped and evaluated through local and global experiments, without the burden to maintain, design, and develop special registries and gossip protocols. Those evaluation results based on the local and global prototyping of BloSS highlight its effectiveness in signaling information of large-scale DDoS attacks. The world-wide scale evaluation experimenting with the interaction between Autonomous Systems’ (AS) victims of a DDoS attack and ASes acting as mitigators, presented an average of 97 seconds to complete all eleven possible outcomes of the BloSS protocol, fully determining the spectrum of possible options. The reputation assessment showed that BloSS is capable of punishing malicious providers and benefiting providers by acting honestly.

[1]  I. Lazar,et al.  The state of the Internet , 2000 .

[2]  Burkhard Stiller,et al.  Bifröst: a Modular Blockchain Interoperability API , 2019, 2019 IEEE 44th Conference on Local Computer Networks (LCN).

[3]  Burkhard Stiller,et al.  Blockchain Signaling System (BloSS): Cooperative Signaling of Distributed Denial-of-Service Attacks , 2020, Journal of Network and Systems Management.

[4]  Stephan Mannhart,et al.  Mitigation as a Service in a Cooperative Network Defense , 2018 .

[5]  Shanika Karunasekera,et al.  Global Detection of Flooding-Based DDoS Attacks Using a Cooperative Overlay Network , 2010, 2010 Fourth International Conference on Network and System Security.

[6]  Peter Reiher,et al.  A taxonomy of DDoS attack and DDoS defense mechanisms , 2004, CCRV.

[7]  Zonghua Zhang,et al.  Towards Autonomic DDoS Mitigation using Software Defined Networking , 2015 .

[8]  Burkhard Stiller,et al.  Security Management and Visualization in a Blockchain-based Collaborative Defense , 2019, 2019 IEEE International Conference on Blockchain and Cryptocurrency (ICBC).

[9]  Aiko Pras,et al.  Collaborative DDoS defense using flow-based security event information , 2016, NOMS 2016 - 2016 IEEE/IFIP Network Operations and Management Symposium.

[10]  Burkhard Stiller,et al.  A Reputation Scheme for a Blockchain-based Network Cooperative Defense , 2019, 2019 IFIP/IEEE Symposium on Integrated Network and Service Management (IM).

[11]  Ramesh Govindan,et al.  COSSACK: Coordinated Suppression of Simultaneous Attacks , 2003, Proceedings DARPA Information Survivability Conference and Exposition.

[12]  Kotagiri Ramamohanarao,et al.  Survey of network-based defense mechanisms countering the DoS and DDoS problems , 2007, CSUR.

[13]  Burkhard Stiller,et al.  Cooperative Signaling of DDoS Attacks in a Blockchain-based Network , 2019, SIGCOMM Posters and Demos.

[14]  Saman Taghavi Zargar,et al.  A Survey of Defense Mechanisms Against Distributed Denial of Service (DDoS) Flooding Attacks , 2013, IEEE Communications Surveys & Tutorials.

[15]  Burkhard Stiller,et al.  PleBeuS: a Policy-based Blockchain Selection Framework , 2020, NOMS 2020 - 2020 IEEE/IFIP Network Operations and Management Symposium.

[16]  Angelos D. Keromytis,et al.  SOS: secure overlay services , 2002, SIGCOMM '02.

[17]  Carol J. Fung,et al.  CoFence: A collaborative DDoS defence using network function virtualization , 2016, 2016 12th International Conference on Network and Service Management (CNSM).

[18]  Burkhard Stiller,et al.  MENTOR: The Design and Evaluation of a Protection Services Recommender System , 2019, 2019 15th International Conference on Network and Service Management (CNSM).

[19]  Massimo Felici,et al.  What's New in the Economics of Cybersecurity? , 2016, IEEE Secur. Priv..

[20]  Manish Parashar,et al.  Cooperative Defence Against DDoS Attacks , 2006, J. Res. Pract. Inf. Technol..

[21]  Burkhard Stiller,et al.  Toward a Policy-based Blockchain Agnostic Framework , 2019, 2019 IFIP/IEEE Symposium on Integrated Network and Service Management (IM).

[22]  Flemming Andreasen,et al.  Distributed-Denial-of-Service Open Threat Signaling (DOTS) Architecture , 2020 .

[23]  Jelena Mirkovic,et al.  A Framework for a Collaborative DDoS Defense , 2006, 2006 22nd Annual Computer Security Applications Conference (ACSAC'06).

[24]  Vyas Sekar,et al.  Bohatei: Flexible and Elastic DDoS Defense , 2015, USENIX Security Symposium.

[25]  Steven M. Bellovin,et al.  Implementing Pushback: Router-Based Defense Against DDoS Attacks , 2002, NDSS.