DDoS Mitigation: A Measurement-Based Approach

Mattijs Jonker

    Research output: ThesisPhD Thesis - Research UT, graduation UT

    217 Downloads (Pure)

    Abstract

    Society heavily relies upon the Internet for global communications in this day and age. Although core Internet components were designed with resilience in mind, Internet stability and reliability are nowadays continuously subject to deliberate threats. These threats include Denial-of-Service (DoS) attacks, which can potentially be devastating.

    Notorious incidents underpin the gravity of the DoS threat. And while the DoS problem is by no means new, the number and intensity of attacks have especially over the past years reached unexpected proportions. Experts argue that the full potential of attacks has not been seen yet, which prompts the question how many record-breaking attacks have yet to reach notoriety in the years to come.

    As a result of attacks, not only businesses lose hundreds of millions of dollars annually. When it comes to vital infrastructure, national safety and even lives could be at stake. In the face of the evolving DoS threat, effective defenses are an absolute necessity. The upsurge of the DoS problem has prompted not only the development of diverse mitigation solutions, but has also given rise to a booming market for commercial products. Businesses and other prospective users of mitigation solutions find themselves having many shapes and sizes to choose from. The right fit may, however, not always be apparent. In addition, even though diverse solutions are readily available, their deployment and operation may come with hidden hazards that need to be better understood.

    Policy makers and governments also find themselves facing questions concerning what needs to be done to promote cybersafety on a national level. Should we stimulate the market for mitigation solutions? Are there drawbacks to centralization of that market? And can we become too digitally dependent on other countries, especially when it comes to the safety and security of vital infrastructure? Given such questions, developing an optimal course of action to deal with the DoS problem brings about societal challenges that stack further upon technical ones.

    Even though the DoS problem is not new, the scale of the problem is still unclear. We do not know exactly what it is we are defending against and getting a better understanding of attacks is essential to addressing the problem head-on. To advance situational awareness, many technical and societal challenges are yet to be tackled. Given the central importance of better understanding the DoS problem to improve overall Internet security, this thesis has three main contributions. First, this thesis rigorously characterizes DoS attacks and attacked targets at scale. Second, this thesis advances knowledge about the Internet-wide adoption, deployment and operational use of various mitigation solutions. Thirdly, this thesis investigates hidden hazards with mitigation solutions that have the potential to hamstring defenses or render mitigation solutions altogether ineffective.
    Original languageEnglish
    QualificationDoctor of Philosophy
    Awarding Institution
    • University of Twente
    Supervisors/Advisors
    • Pras, Aiko , Supervisor
    • Sperotto, Anna , Co-Supervisor
    Thesis sponsors
    Award date10 Oct 2019
    Place of PublicationEnschede
    Publisher
    Print ISBNs978-90-365-4868-7
    DOIs
    Publication statusPublished - 10 Oct 2019

    Fingerprint Dive into the research topics of 'DDoS Mitigation: A Measurement-Based Approach'. Together they form a unique fingerprint.

    Cite this