About the talk:
|Distributed Denial of Service (DDoS) attacks against public-access
sites are difficult to filter: A single attack can involve millions of
traffic flows, while a sophisticated router typically supports less than
250,000 filters. I will present Active Internet Traffic Filtering (AITF),
a filter management protocol for protecting public-access sites against
such large-scale attacks.
AITF pushes filtering of attack traffic as close as possible to the attack sources, i.e., to the edges of the network, where there are more filtering resources per attack source. I will present results for a variety of simulated attack scenarios, which indicate that AITF protects a significant amount of the victim's bandwidth, while requiring a number of filters that can be easily accommodated in today's routers.
About the speaker:
|Katerina Argyraki is a Ph.D. student with the Distributed Systems Group.|