IXP scrubber: learning from blackholing traffic for ML-driven DDoS detection at scale
M Wichtlhuber, E Strehle, D Kopp, L Prepens… - Proceedings of the …, 2022 - dl.acm.org
Distributed Denial of Service (DDoS) attacks are among the most critical cybersecurity
threats, jeopardizing the stability of even the largest networks and services. The existing …
threats, jeopardizing the stability of even the largest networks and services. The existing …
Inferring BGP blackholing activity in the internet
The Border Gateway Protocol (BGP) has been used for decades as the de facto protocol to
exchange reachability information among networks in the Internet. However, little is known …
exchange reachability information among networks in the Internet. However, little is known …
Stellar: network attack mitigation using advanced blackholing
Network attacks, including Distributed Denial-of-Service (DDoS), continuously increase in
terms of bandwidth along with damage (recent attacks exceed 1.7 Tbps) and have a …
terms of bandwidth along with damage (recent attacks exceed 1.7 Tbps) and have a …
Sico: Surgical interception attacks by manipulating bgp communities
The Border Gateway Protocol (BGP) is the primary routing protocol for the Internet
backbone, yet it lacks adequate security mechanisms. While simple BGP hijack attacks only …
backbone, yet it lacks adequate security mechanisms. While simple BGP hijack attacks only …
Bgp communities: Even more worms in the routing can
BGP communities are a mechanism widely used by operators to manage policy, mitigate
attacks, and engineer traffic; eg, to drop unwanted traffic, filter announcements, adjust local …
attacks, and engineer traffic; eg, to drop unwanted traffic, filter announcements, adjust local …
Down the black hole: dismantling operational practices of BGP blackholing at IXPs
Large Distributed Denial-of-Service (DDoS) attacks pose a major threat not only to end
systems but also to the Internet infrastructure as a whole. Remote Triggered Black Hole …
systems but also to the Internet infrastructure as a whole. Remote Triggered Black Hole …
Hyper-specific prefixes: gotta enjoy the little things in interdomain routing
Autonomous Systems (ASes) exchange reachability information between each other using
BGP---the de-facto standard inter-AS routing protocol. While IPv4 (IPv6) routes more specific …
BGP---the de-facto standard inter-AS routing protocol. While IPv4 (IPv6) routes more specific …
Lightyear: Using modularity to scale bgp control plane verification
A Tang, R Beckett, S Benaloh, K Jayaraman… - Proceedings of the …, 2023 - dl.acm.org
Current network control plane verification tools cannot scale to large networks because of
the complexity of jointly reasoning about the behaviors of all network nodes. We present a …
the complexity of jointly reasoning about the behaviors of all network nodes. We present a …
[PDF][PDF] A path forward: improving Internet routing security by enabling zones of trust
Although Internet routing security best practices have recently seen auspicious increases in
uptake, Internet Service Providers (ISPs) have limited incentives to deploy them. They are …
uptake, Internet Service Providers (ISPs) have limited incentives to deploy them. They are …
How biased is our validation (data) for AS relationships?
L Prehn, A Feldmann - Proceedings of the 21st ACM Internet …, 2021 - dl.acm.org
The business relationships between Autonomous Systems (ASes) can provide fundamental
insights into the Internet's routing ecosystem. Throughout the last two decades, many works …
insights into the Internet's routing ecosystem. Throughout the last two decades, many works …