A First Joint Look at DoS Attacks and BGP Blackholing in the Wild

Mattijs Jonker, Aiko Pras, Alberto Dainotti, Anna Sperotto

Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

1 Citation (Scopus)
15 Downloads (Pure)

Abstract

BGP blackholing is an operational countermeasure that builds upon the capabilities of BGP to achieve DoS mitigation. Although empirical evidence of blackholing activities are documented in literature, a clear understanding of how blackholing is used in practice when attacks occur is still missing.

This paper presents a first joint look at DoS attacks and BGP blackholing in the wild. We do this on the basis of two complementary data sets of DoS attacks, inferred from a large network telescope and DoS honeypots, and on a data set of blackholing events. All data sets span a period of three years, thus providing a longitudinal overview of operational deployment of blackholing during DoS attacks.
Original languageEnglish
Title of host publicationProceedings of the ACM Internet Measurement Conference 2018
Pages457-463
Number of pages7
DOIs
Publication statusPublished - 31 Oct 2018
Event18th ACM Internet Measurement Conference 2018 - Northeastern University, Boston, United States
Duration: 31 Oct 20182 Nov 2018
Conference number: 18
https://conferences.sigcomm.org/imc/2018/

Conference

Conference18th ACM Internet Measurement Conference 2018
Abbreviated titleACM IMC 2018
CountryUnited States
CityBoston
Period31/10/182/11/18
Internet address

Fingerprint

mitigation

Cite this

Jonker, M., Pras, A., Dainotti, A., & Sperotto, A. (2018). A First Joint Look at DoS Attacks and BGP Blackholing in the Wild. In Proceedings of the ACM Internet Measurement Conference 2018 (pp. 457-463) https://doi.org/10.1145/3278532.3278571
Jonker, Mattijs ; Pras, Aiko ; Dainotti, Alberto ; Sperotto, Anna . / A First Joint Look at DoS Attacks and BGP Blackholing in the Wild. Proceedings of the ACM Internet Measurement Conference 2018. 2018. pp. 457-463
@inproceedings{bccb5465056543a0baefe9e69e6bddb5,
title = "A First Joint Look at DoS Attacks and BGP Blackholing in the Wild",
abstract = "BGP blackholing is an operational countermeasure that builds upon the capabilities of BGP to achieve DoS mitigation. Although empirical evidence of blackholing activities are documented in literature, a clear understanding of how blackholing is used in practice when attacks occur is still missing.This paper presents a first joint look at DoS attacks and BGP blackholing in the wild. We do this on the basis of two complementary data sets of DoS attacks, inferred from a large network telescope and DoS honeypots, and on a data set of blackholing events. All data sets span a period of three years, thus providing a longitudinal overview of operational deployment of blackholing during DoS attacks.",
author = "Mattijs Jonker and Aiko Pras and Alberto Dainotti and Anna Sperotto",
year = "2018",
month = "10",
day = "31",
doi = "10.1145/3278532.3278571",
language = "English",
pages = "457--463",
booktitle = "Proceedings of the ACM Internet Measurement Conference 2018",

}

Jonker, M, Pras, A, Dainotti, A & Sperotto, A 2018, A First Joint Look at DoS Attacks and BGP Blackholing in the Wild. in Proceedings of the ACM Internet Measurement Conference 2018. pp. 457-463, 18th ACM Internet Measurement Conference 2018, Boston, United States, 31/10/18. https://doi.org/10.1145/3278532.3278571

A First Joint Look at DoS Attacks and BGP Blackholing in the Wild. / Jonker, Mattijs ; Pras, Aiko ; Dainotti, Alberto; Sperotto, Anna .

Proceedings of the ACM Internet Measurement Conference 2018. 2018. p. 457-463.

Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

TY - GEN

T1 - A First Joint Look at DoS Attacks and BGP Blackholing in the Wild

AU - Jonker, Mattijs

AU - Pras, Aiko

AU - Dainotti, Alberto

AU - Sperotto, Anna

PY - 2018/10/31

Y1 - 2018/10/31

N2 - BGP blackholing is an operational countermeasure that builds upon the capabilities of BGP to achieve DoS mitigation. Although empirical evidence of blackholing activities are documented in literature, a clear understanding of how blackholing is used in practice when attacks occur is still missing.This paper presents a first joint look at DoS attacks and BGP blackholing in the wild. We do this on the basis of two complementary data sets of DoS attacks, inferred from a large network telescope and DoS honeypots, and on a data set of blackholing events. All data sets span a period of three years, thus providing a longitudinal overview of operational deployment of blackholing during DoS attacks.

AB - BGP blackholing is an operational countermeasure that builds upon the capabilities of BGP to achieve DoS mitigation. Although empirical evidence of blackholing activities are documented in literature, a clear understanding of how blackholing is used in practice when attacks occur is still missing.This paper presents a first joint look at DoS attacks and BGP blackholing in the wild. We do this on the basis of two complementary data sets of DoS attacks, inferred from a large network telescope and DoS honeypots, and on a data set of blackholing events. All data sets span a period of three years, thus providing a longitudinal overview of operational deployment of blackholing during DoS attacks.

U2 - 10.1145/3278532.3278571

DO - 10.1145/3278532.3278571

M3 - Conference contribution

SP - 457

EP - 463

BT - Proceedings of the ACM Internet Measurement Conference 2018

ER -

Jonker M, Pras A, Dainotti A, Sperotto A. A First Joint Look at DoS Attacks and BGP Blackholing in the Wild. In Proceedings of the ACM Internet Measurement Conference 2018. 2018. p. 457-463 https://doi.org/10.1145/3278532.3278571