BACKWARD: A Victim-Centric DDoS Detection and Mitigation Scheme in Programmable Data Plane

Most current volumetric DDoS detection and mitigation schemes utilizing data plane programmability are source-based, yet it is challenging to identify an attacker through source analysis because a large number of widespread sources are exploited by the attacker. In this paper, we propose BACKWARD, a...

Full description

Saved in:
Bibliographic Details
Published in2023 IEEE 20th Consumer Communications & Networking Conference (CCNC) pp. 989 - 990
Main Authors Oh, Seoyul, Han, Sol, Lee, Hochan, Pack, Sangheon
Format Conference Proceeding
LanguageEnglish
Published IEEE 08.01.2023
Subjects
Computer crime
DDoS Attack
Denial-of-service attack
Network Security
Programmable Data Planes
Online AccessGet full text

Cover

More Information
Summary:Most current volumetric DDoS detection and mitigation schemes utilizing data plane programmability are source-based, yet it is challenging to identify an attacker through source analysis because a large number of widespread sources are exploited by the attacker. In this paper, we propose BACKWARD, a victim-centric DDoS attack detection and mitigation scheme that first identifies the victim of the DDoS attack and then only blocks sources that contacted the victim. We implement BACKWARD using the P4 language and present experimental results, which show that BACKWARD is able to achieve higher accuracy in identifying and blocking the attackers compared to the source-based scheme.
ISSN:2331-9860
DOI:10.1109/CCNC51644.2023.10059724