Research Article
DDoS Mitigation Dilemma Exposed: A Two-Wave Attack with Collateral Damage of Millions
@INPROCEEDINGS{10.1007/978-3-031-64954-7_2, author={Lumin Shi and Jun Li and Devkishen Sisodia and Mingwei Zhang and Alberto Dainotti and Peter Reiher}, title={DDoS Mitigation Dilemma Exposed: A Two-Wave Attack with Collateral Damage of Millions}, proceedings={Security and Privacy in Communication Networks. 19th EAI International Conference, SecureComm 2023, Hong Kong, China, October 19-21, 2023, Proceedings, Part II}, proceedings_a={SECURECOMM PART 2}, year={2024}, month={10}, keywords={Link-flooding attack Distributed denial-of-Service (DDoS) Collateral damage}, doi={10.1007/978-3-031-64954-7_2} }- Lumin Shi
Jun Li
Devkishen Sisodia
Mingwei Zhang
Alberto Dainotti
Peter Reiher
Year: 2024
DDoS Mitigation Dilemma Exposed: A Two-Wave Attack with Collateral Damage of Millions
SECURECOMM PART 2
Springer
DOI: 10.1007/978-3-031-64954-7_2
Abstract
While mitigating link-flooding attacks on the Internet has become an essential task, little research has been done on how an attacker can further attack and abuse the mitigation solutions themselves. In this paper, we propose a two-wave attack withcollateral damageofmillions (orCarom), a new link-flooding attack that poses a mitigation dilemma for multiple simultaneously attacked networks, which must either endure the flooding attack or suffer unwanted side effects in mitigating the attack. Composed of practical components, the Carom attack aims to maximize the burden on attack mitigation systems and the collateral damage to defending networks, thereby wreaking havoc on large swaths of the Internet. After modeling real-world mitigation solutions, we evaluated the attack against the mitigation solutions with real-world datasets, showing the feasibility of the attack and quantifying the amount of damage it can inflict on today’s Internet. We hope that this work can motivate the improvement of existing link-flooding mitigation solutions.
