Trusted Networks Initiative to Combat DDoS Attacks University of - - PowerPoint PPT Presentation

trusted networks initiative to
SMART_READER_LITE
LIVE PREVIEW

Trusted Networks Initiative to Combat DDoS Attacks University of - - PowerPoint PPT Presentation

Oct 25, 2022 293 likes •542 views

Trusted Networks Initiative to Combat DDoS Attacks University of Amsterdam System & Network Engineering Research Project 1 Jeroen van Kessel Alexandros Stavroulakis Research Question Is the '' Trusted Networks Initiative '' a feasible

slide-1
SLIDE 1

Trusted Networks Initiative to Combat DDoS Attacks

University of Amsterdam System & Network Engineering Research Project 1

Jeroen van Kessel Alexandros Stavroulakis

slide-2
SLIDE 2

Research Question

Is the ''Trusted Networks Initiative'' a feasible additional solution in protecting hosts and networks from large and/or long lasting DDoS attacks?

slide-3
SLIDE 3

Problem Description

  • The size of DDoS attacks keeps increasing
  • Mitigation costs are also increasing
  • No short term answer to this growing threat
slide-4
SLIDE 4

Size of largest reported DDoS attacks

Source: Arbor Networks Worldwide Infrastructure Security Report, 2014

slide-5
SLIDE 5

Top 10 countries of origin Q1 2014

Source: Incapsula Top 10 DDoS Attack Trends of 2014

slide-6
SLIDE 6

DDoS Types & Mitigation Solutions

  • Attack types
  • Volumetric Attacks
  • Application Layer Attacks
  • Mitigation Solutions
  • Layer 3/4
  • Layer 7
slide-7
SLIDE 7

DDoS Layer 7 Mitigation Solution

slide-8
SLIDE 8

DDoS Layer 3/4 Mitigation Solution

slide-9
SLIDE 9

Disadvantages

  • Legitimate traffic discarded along with attack traffic
  • Up to 30 minutes activation time is too long
  • Privacy issues when serving https:// websites
  • High cost
  • The industry is always one step behind the attackers
slide-10
SLIDE 10

Trusted Networks Initiative Concept

  • A temporary last resort solution for DDoS attacks
  • Dutch, internationally oriented initiative
  • In combination with other Mitigation Solutions
  • Trusted Routing to provide a secure interconnection for

Trusted Networks

  • Temporarily separate traffic from Trusted and

Untrusted Networks

slide-11
SLIDE 11

Trusted Networks Initiative Concept

  • Responsibility for proper Networking
  • Advertise only valid prefixes
  • Ingress Filtering (address spoofing)
  • 24/7 Collaboration between participants
  • Forensic Investigation on DDoS Attacks
slide-12
SLIDE 12

Participants

slide-13
SLIDE 13

NLnet, The Hague Security Delta, AMS-IX, NL-ix, XS4ALL, ASP4ALL, KPN, Ziggo, UPC, SIDN Labs, SURFnet, Ministry of Justice and Rabobank.

slide-14
SLIDE 14

Normal Routing, no DDoS Attack

slide-15
SLIDE 15
slide-16
SLIDE 16

Under DDoS Attack

slide-17
SLIDE 17
slide-18
SLIDE 18

How to mitigate a large DDoS Attack?

slide-19
SLIDE 19

Trusted Routing

  • Scenarios
  • On emergency Activation
  • Always On
slide-20
SLIDE 20
slide-21
SLIDE 21

Technical Analysis

  • Uses already existent infrastructure and technology
  • Traffic segregation via AS Numbers and IP ranges through BGP-4 routers
  • Implementation of Anti-Spoofing with BCP 38
slide-22
SLIDE 22

Conclusions

  • DDoS attacks’ severity increases
  • Trusted Networks Initiative is a feasible additional solution
  • Critical services available to end-users even under attack
  • Strong future marketing point
slide-23
SLIDE 23

However

  • Participants need to reach a consensus on its purpose
  • Policies need to be finalized and timeframes to be specified
  • Mobile Carriers as Trusted Networks
slide-24
SLIDE 24

Thanks for your attention!

Jeroen van Kessel Alexandros Stavroulakis