The exponential increase of the traffic volume makes Distributed Denial-of-Service (DDoS) attacks a top security threat to service providers. Existing DDoS defense mechanisms lack resources and flexibility to cope with attacks by themselves, and by utilizing other’s companies resources, the burden of the mitigation can be shared. Technologies as blockchain and smart contracts allow distributing attack information across multiple domains, while SDN (Software-Defined Networking) and NFV (Network Function Virtualization) enables to scale defense capabilities on demand for a single network domain. This proposal presents the design of a novel architecture combining these elements and introducing novel opportunities for flexible and efficient DDoS mitigation solutions across multiple domains.
[1]
Zonghua Zhang,et al.
Towards Autonomic DDoS Mitigation using Software Defined Networking
,
2015
.
[2]
B. Stiller,et al.
Smart Contracts – Blockchains in the Wings
,
2018
.
[3]
Carol J. Fung,et al.
CoFence: A collaborative DDoS defence using network function virtualization
,
2016,
2016 12th International Conference on Network and Service Management (CNSM).
[4]
Masaki Shimaoka,et al.
Memorandum for Multi-Domain Public Key Infrastructure Interoperability
,
2008,
RFC.
[5]
Dacheng Zhang,et al.
Inter-organization cooperative DDoS protection mechanism
,
2016
.