University of Twente Student Theses
Impact-based optimisation of BGP Flowspec rules for DDoS attack mitigation
Bakker, D.R. (2019) Impact-based optimisation of BGP Flowspec rules for DDoS attack mitigation.
|
PDF
340kB |
| Abstract: | Distributed Denial of Service (DDoS) attacks aim to take Internet services offline and their frequency and scale is increasing. BGP Flowspec (RFC 5575) defines a protocol to rapidly deploy rules consisting of filters and actions on Internet traffic, and related research shows its potential for DDoS attack mitigation. The protocol allows for taking action on large volumes of traffic, but impact to end-users is imminent because of its low granularity in rule specification. In this paper, we provide a method for quantifying end-user impact of BGP Flowspec rules, including a practical solution to deploy rules into the network. The goal of this research is reducing end-user impact while mitigating an ongoing DDoS attack using BGP Flowspec. |
| Item Type: | Essay (Bachelor) |
| Faculty: | EEMCS: Electrical Engineering, Mathematics and Computer Science |
| Subject: | 54 computer science |
| Programme: | Computer Science BSc (56964) |
| Link to this item: | https://purl.utwente.nl/essays/77598 |
| Export this item as: | BibTeX EndNote HTML Citation Reference Manager |
Show download statistics for this publication
Show download statistics for this publicationRepository Staff Only: item control page