Carnegie Mellon University
Browse
Handling Large-Scale Link-Flooding Attacks in the Internet.pdf (2.68 MB)

Handling Large-Scale Link-Flooding Attacks in the Internet

Download (2.68 MB)
thesis
posted on 2016-06-01, 00:00 authored by Min Suk Kang

Link-flooding attacks in which an adversary coordinates botnet messages to exhaust the bandwidth of selected network links in the core of the Internet (e.g., Tier-1 or Tier-2 networks) have been a powerful means of denial of service. In the past few years, these attacks have moved from the realm of academic curiosities to real-world incidents. Unfortunately, we have had a limited understanding of this type of attacks and effective countermeasures in the current Internet. In this dissertation, we address this gap in our understanding of link-flooding attacks and propose a two-tier defense approach. We begin by identifying routing bottlenecks as the major cause of the Internet vulnerability to link-flooding attacks. A routing bottleneck is a small set of links whose congestion disrupts the majority of routes taken towards a given set of destination hosts. These bottlenecks appear despite physicalpath diversity and sufficient bandwidth provisioning in normal (i.e., nonattack) mode of operation, and are an undesirable artifact of the current Internet design. We illustrate their pervasiveness for adversary-chosen sets of hosts in various cities and countries around the world via experimental measurements. We then present a real-time adaptive attack for persistent flooding of chosen links in the discovered routing bottlenecks using attack flows that are indistinguishable from legitimate traffic. We demonstrate the feasibility of these strategies and show that disruptions can scale from targeted hosts of a single organization to those of a country. To counter the link-flooding attacks defined in this dissertation, one could remove their root cause, namely the routing bottlenecks. However, this would affect the cost-minimizing policy that underlies the current Internet, change its routing architecture, and possibly affect communication costs. Instead, we propose an attack-deterrence mechanism that represents a first line of defense against link-flooding attacks by cost-sensitive adversaries. In the proposed defense, most link-flooding attacks are handled by the low-cost, single-domain based mechanism. As a second line of defense, which targets cost-insensitive adversaries that are undeterred, we propose the use of a multi-domain coordinated defense mechanism that is harder to orchestrate in the current Internet.

History

Date

2016-06-01

Degree Type

  • Dissertation

Department

  • Electrical and Computer Engineering

Degree Name

  • Doctor of Philosophy (PhD)

Advisor(s)

Virgil Gligor

Usage metrics

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC