Abstract
Traffic diversion through powerful cloud-based scrubbing centers provides a solution for protecting against various DDoS attacks. In one respect, such a solution enables sanitizing attack traffic close to its source and saves precious resources for the network service provider. Contrarily, the diversion of the inspected traffic toward the scrubbing centers may increase its footprint in the network. The location of the scrubbing centers greatly affects the network resource utilization and, therefore, should be carefully considered in the design of the security service. In this paper, we investigate four deployment strategies and compare their performance on a network of Points-of-Presence and on several router level topologies obtained from the RocketFuel project. The deployment quality was measured using the following criteria: the footprint of the inspected traffic, the redistribution of load on the links, and the increase in communication latency. Our results show that the deployment strategy that is considered to perform well for locating network monitors by maximizing flow coverage results in the worst footprint when traffic diversion is employed. Overall, we show that the deployment strategy that is tailored for traffic filtering is also suitable for traffic monitoring, but not the other way around.
Original language | English |
---|---|
Article number | 7305782 |
Pages (from-to) | 521-534 |
Number of pages | 14 |
Journal | IEEE Transactions on Dependable and Secure Computing |
Volume | 14 |
Issue number | 5 |
DOIs | |
State | Published - 1 Sep 2017 |
Keywords
- Cyber attacks
- denial-of-service
- distributed traffic filtering
- network resources
- scrubbing centers
- topology analysis
ASJC Scopus subject areas
- General Computer Science
- Electrical and Electronic Engineering