Affiliation:
1. Delft University of Technology, Delft, Netherlands
Abstract
Distributed Denial-of-Service (DDoS) attacks continue to threaten the availability of Internet-based services. While countermeasures exist to decrease the impact of these attacks, not all operators have the resources or knowledge to deploy them. Unwanted Traffic Removal Service (UTRS), being one of the oldest community-based anti-DDoS services aims at mitigating major DDoS attacks through the Border Gateway Protocol (BGP).
In this paper we develop and evaluate a methodology to automatically detect UTRS participation in the wild. To this end, we deploy a measurement infrastructure and devise a methodology to detect UTRS-based traffic blocking. Using this methodology, we conducted a longitudinal analysis of UTRS participants over ten weeks. Our results show that at any point in time, there were 562 participants, including multihomed, stub, transit, and IXP ASes. Moreover, we surveyed 245 network operators to understand why they would (not) join UTRS. Results show that threat and coping appraisal significantly influence the intention to participate in UTRS.
Funder
Nederlandse Organisatie voor Wetenschappelijk Onderzoek
Publisher
Association for Computing Machinery (ACM)
Reference8 articles.
1. Accessed on 03.04.2021. RIPE Atlas. https://atlas.ripe.net/
2. DDoS Never Dies? An IXP Perspective on DDoS Amplification Attacks
3. Linux Kernel. [n. d.]. Linux Kernel Networking Documentation - sysctl. https: //www.kernel.org/doc/Documentation/networking/ip-sysctl.txt
4. PeeringDB. 2004. The Interconnection Database. Retrieved 25.04.2022 from https://www.peeringdb.com/
5. Characterizing ICMP rate limitation on routers