Abstract

A Link Flooding (LFA) attack is a special type of Denial-of-Service (DoS) attack in which the attacker sends out a huge number of requests to exhaust the capacity of a link on the path the traffic comes to a server. As a result, user traffic cannot reach the server. As a result, DoS and degradation of Quality-of-Service (QoS) occur. Because the attack traffic does not go to the victim, protecting the legitimate traffic alone is hard for the victim. The victim can protect its legitimate traffic by using a special type of router called filter router (FR). An FR can receive server filters and apply them to block a link incident to it. An FR probabilistically appends its own IP address to packets it forwards, and the victim uses that information to discover the traffic topology. By analyzing traffic rates and paths, the victim identifies some links that may be congested. The victim needs to select some of these possible congested links (PCLs) and send a filter to the corresponding FR so that legitimate traffic avoids congested paths. In this paper, we formulate two optimization problems for blocking the least number of PCLs so that the legitimate traffic goes through a non-congested path. We consider the scenario where every user has at least one non-congested shortest path in the first problem. We extend the first problem to a scenario where there are some users whose shortest paths are all congested. We transform the original problem to the vertex separation problem to find the links to block. We use a custom-built Java multi-threaded simulator and conduct extensive simulations to support our solutions.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.