A First Joint Look at DoS Attacks and BGP Blackholing in the Wild

Mattijs Jonker, Aiko Pras, Alberto Dainotti, Anna Sperotto

Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

1 Downloads (Pure)

Abstract

BGP blackholing is an operational countermeasure that builds upon the capabilities of BGP to achieve DoS mitigation. Although empirical evidence of blackholing activities are documented in literature, a clear understanding of how blackholing is used in practice when attacks occur is still missing.

This paper presents a first joint look at DoS attacks and BGP blackholing in the wild. We do this on the basis of two complementary data sets of DoS attacks, inferred from a large network telescope and DoS honeypots, and on a data set of blackholing events. All data sets span a period of three years, thus providing a longitudinal overview of operational deployment of blackholing during DoS attacks.
Original languageEnglish
Title of host publicationProceedings of the ACM Internet Measurement Conference 2018
Pages457-463
Number of pages7
DOIs
Publication statusPublished - 31 Oct 2018
Event18th ACM Internet Measurement Conference 2018 - Northeastern University, Boston, United States
Duration: 31 Oct 20182 Nov 2018
Conference number: 18
https://conferences.sigcomm.org/imc/2018/

Conference

Conference18th ACM Internet Measurement Conference 2018
Abbreviated titleACM IMC 2018
CountryUnited States
CityBoston
Period31/10/182/11/18
Internet address

Fingerprint

mitigation

Cite this

Jonker, M., Pras, A., Dainotti, A., & Sperotto, A. (2018). A First Joint Look at DoS Attacks and BGP Blackholing in the Wild. In Proceedings of the ACM Internet Measurement Conference 2018 (pp. 457-463) https://doi.org/10.1145/3278532.3278571
Jonker, Mattijs ; Pras, Aiko ; Dainotti, Alberto ; Sperotto, Anna . / A First Joint Look at DoS Attacks and BGP Blackholing in the Wild. Proceedings of the ACM Internet Measurement Conference 2018. 2018. pp. 457-463
@inproceedings{bccb5465056543a0baefe9e69e6bddb5,
title = "A First Joint Look at DoS Attacks and BGP Blackholing in the Wild",
abstract = "BGP blackholing is an operational countermeasure that builds upon the capabilities of BGP to achieve DoS mitigation. Although empirical evidence of blackholing activities are documented in literature, a clear understanding of how blackholing is used in practice when attacks occur is still missing.This paper presents a first joint look at DoS attacks and BGP blackholing in the wild. We do this on the basis of two complementary data sets of DoS attacks, inferred from a large network telescope and DoS honeypots, and on a data set of blackholing events. All data sets span a period of three years, thus providing a longitudinal overview of operational deployment of blackholing during DoS attacks.",
author = "Mattijs Jonker and Aiko Pras and Alberto Dainotti and Anna Sperotto",
year = "2018",
month = "10",
day = "31",
doi = "10.1145/3278532.3278571",
language = "English",
pages = "457--463",
booktitle = "Proceedings of the ACM Internet Measurement Conference 2018",

}

Jonker, M, Pras, A, Dainotti, A & Sperotto, A 2018, A First Joint Look at DoS Attacks and BGP Blackholing in the Wild. in Proceedings of the ACM Internet Measurement Conference 2018. pp. 457-463, 18th ACM Internet Measurement Conference 2018, Boston, United States, 31/10/18. https://doi.org/10.1145/3278532.3278571

A First Joint Look at DoS Attacks and BGP Blackholing in the Wild. / Jonker, Mattijs ; Pras, Aiko ; Dainotti, Alberto; Sperotto, Anna .

Proceedings of the ACM Internet Measurement Conference 2018. 2018. p. 457-463.

Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

TY - GEN

T1 - A First Joint Look at DoS Attacks and BGP Blackholing in the Wild

AU - Jonker, Mattijs

AU - Pras, Aiko

AU - Dainotti, Alberto

AU - Sperotto, Anna

PY - 2018/10/31

Y1 - 2018/10/31

N2 - BGP blackholing is an operational countermeasure that builds upon the capabilities of BGP to achieve DoS mitigation. Although empirical evidence of blackholing activities are documented in literature, a clear understanding of how blackholing is used in practice when attacks occur is still missing.This paper presents a first joint look at DoS attacks and BGP blackholing in the wild. We do this on the basis of two complementary data sets of DoS attacks, inferred from a large network telescope and DoS honeypots, and on a data set of blackholing events. All data sets span a period of three years, thus providing a longitudinal overview of operational deployment of blackholing during DoS attacks.

AB - BGP blackholing is an operational countermeasure that builds upon the capabilities of BGP to achieve DoS mitigation. Although empirical evidence of blackholing activities are documented in literature, a clear understanding of how blackholing is used in practice when attacks occur is still missing.This paper presents a first joint look at DoS attacks and BGP blackholing in the wild. We do this on the basis of two complementary data sets of DoS attacks, inferred from a large network telescope and DoS honeypots, and on a data set of blackholing events. All data sets span a period of three years, thus providing a longitudinal overview of operational deployment of blackholing during DoS attacks.

U2 - 10.1145/3278532.3278571

DO - 10.1145/3278532.3278571

M3 - Conference contribution

SP - 457

EP - 463

BT - Proceedings of the ACM Internet Measurement Conference 2018

ER -

Jonker M, Pras A, Dainotti A, Sperotto A. A First Joint Look at DoS Attacks and BGP Blackholing in the Wild. In Proceedings of the ACM Internet Measurement Conference 2018. 2018. p. 457-463 https://doi.org/10.1145/3278532.3278571