DDoS Mitigation: A Measurement-Based Approach

Mattijs Jonker

Research output: ThesisPhD Thesis - Research UT, graduation UTAcademic

38 Downloads (Pure)

Abstract

Society heavily relies upon the Internet for global communications in this day and age. Although core Internet components were designed with resilience in mind, Internet stability and reliability are nowadays continuously subject to deliberate threats. These threats include Denial-of-Service (DoS) attacks, which can potentially be devastating.

Notorious incidents underpin the gravity of the DoS threat. And while the DoS problem is by no means new, the number and intensity of attacks have especially over the past years reached unexpected proportions. Experts argue that the full potential of attacks has not been seen yet, which prompts the question how many record-breaking attacks have yet to reach notoriety in the years to come.

As a result of attacks, not only businesses lose hundreds of millions of dollars annually. When it comes to vital infrastructure, national safety and even lives could be at stake. In the face of the evolving DoS threat, effective defenses are an absolute necessity. The upsurge of the DoS problem has prompted not only the development of diverse mitigation solutions, but has also given rise to a booming market for commercial products. Businesses and other prospective users of mitigation solutions find themselves having many shapes and sizes to choose from. The right fit may, however, not always be apparent. In addition, even though diverse solutions are readily available, their deployment and operation may come with hidden hazards that need to be better understood.

Policy makers and governments also find themselves facing questions concerning what needs to be done to promote cybersafety on a national level. Should we stimulate the market for mitigation solutions? Are there drawbacks to centralization of that market? And can we become too digitally dependent on other countries, especially when it comes to the safety and security of vital infrastructure? Given such questions, developing an optimal course of action to deal with the DoS problem brings about societal challenges that stack further upon technical ones.

Even though the DoS problem is not new, the scale of the problem is still unclear. We do not know exactly what it is we are defending against and getting a better understanding of attacks is essential to addressing the problem head-on. To advance situational awareness, many technical and societal challenges are yet to be tackled. Given the central importance of better understanding the DoS problem to improve overall Internet security, this thesis has three main contributions. First, this thesis rigorously characterizes DoS attacks and attacked targets at scale. Second, this thesis advances knowledge about the Internet-wide adoption, deployment and operational use of various mitigation solutions. Thirdly, this thesis investigates hidden hazards with mitigation solutions that have the potential to hamstring defenses or render mitigation solutions altogether ineffective.
Original languageEnglish
QualificationDoctor of Philosophy
Awarding Institution
  • University of Twente
Supervisors/Advisors
  • Pras, Aiko , Supervisor
  • Sperotto, Anna , Co-Supervisor
Thesis sponsors
Award date10 Oct 2019
Place of PublicationEnschede
Publisher
Print ISBNs978-90-365-4868-7
DOIs
Publication statusPublished - 10 Oct 2019

Fingerprint

mitigation
market
infrastructure
hazard
safety
services
centralization
communication
gravity
thesis

Cite this

Jonker, Mattijs . / DDoS Mitigation : A Measurement-Based Approach. Enschede : University of Twente, 2019. 152 p.
@phdthesis{3fff7765bfcd455cbf08da599850310a,
title = "DDoS Mitigation: A Measurement-Based Approach",
abstract = "Society heavily relies upon the Internet for global communications in this day and age. Although core Internet components were designed with resilience in mind, Internet stability and reliability are nowadays continuously subject to deliberate threats. These threats include Denial-of-Service (DoS) attacks, which can potentially be devastating.Notorious incidents underpin the gravity of the DoS threat. And while the DoS problem is by no means new, the number and intensity of attacks have especially over the past years reached unexpected proportions. Experts argue that the full potential of attacks has not been seen yet, which prompts the question how many record-breaking attacks have yet to reach notoriety in the years to come.As a result of attacks, not only businesses lose hundreds of millions of dollars annually. When it comes to vital infrastructure, national safety and even lives could be at stake. In the face of the evolving DoS threat, effective defenses are an absolute necessity. The upsurge of the DoS problem has prompted not only the development of diverse mitigation solutions, but has also given rise to a booming market for commercial products. Businesses and other prospective users of mitigation solutions find themselves having many shapes and sizes to choose from. The right fit may, however, not always be apparent. In addition, even though diverse solutions are readily available, their deployment and operation may come with hidden hazards that need to be better understood.Policy makers and governments also find themselves facing questions concerning what needs to be done to promote cybersafety on a national level. Should we stimulate the market for mitigation solutions? Are there drawbacks to centralization of that market? And can we become too digitally dependent on other countries, especially when it comes to the safety and security of vital infrastructure? Given such questions, developing an optimal course of action to deal with the DoS problem brings about societal challenges that stack further upon technical ones.Even though the DoS problem is not new, the scale of the problem is still unclear. We do not know exactly what it is we are defending against and getting a better understanding of attacks is essential to addressing the problem head-on. To advance situational awareness, many technical and societal challenges are yet to be tackled. Given the central importance of better understanding the DoS problem to improve overall Internet security, this thesis has three main contributions. First, this thesis rigorously characterizes DoS attacks and attacked targets at scale. Second, this thesis advances knowledge about the Internet-wide adoption, deployment and operational use of various mitigation solutions. Thirdly, this thesis investigates hidden hazards with mitigation solutions that have the potential to hamstring defenses or render mitigation solutions altogether ineffective.",
author = "Mattijs Jonker",
year = "2019",
month = "10",
day = "10",
doi = "10.3990/1.9789036548687",
language = "English",
isbn = "978-90-365-4868-7",
series = "DSI Ph.D. Thesis Series",
publisher = "University of Twente",
number = "19-018",
address = "Netherlands",
school = "University of Twente",

}

Jonker, M 2019, 'DDoS Mitigation: A Measurement-Based Approach', Doctor of Philosophy, University of Twente, Enschede. https://doi.org/10.3990/1.9789036548687

DDoS Mitigation : A Measurement-Based Approach. / Jonker, Mattijs .

Enschede : University of Twente, 2019. 152 p.

Research output: ThesisPhD Thesis - Research UT, graduation UTAcademic

TY - THES

T1 - DDoS Mitigation

T2 - A Measurement-Based Approach

AU - Jonker, Mattijs

PY - 2019/10/10

Y1 - 2019/10/10

N2 - Society heavily relies upon the Internet for global communications in this day and age. Although core Internet components were designed with resilience in mind, Internet stability and reliability are nowadays continuously subject to deliberate threats. These threats include Denial-of-Service (DoS) attacks, which can potentially be devastating.Notorious incidents underpin the gravity of the DoS threat. And while the DoS problem is by no means new, the number and intensity of attacks have especially over the past years reached unexpected proportions. Experts argue that the full potential of attacks has not been seen yet, which prompts the question how many record-breaking attacks have yet to reach notoriety in the years to come.As a result of attacks, not only businesses lose hundreds of millions of dollars annually. When it comes to vital infrastructure, national safety and even lives could be at stake. In the face of the evolving DoS threat, effective defenses are an absolute necessity. The upsurge of the DoS problem has prompted not only the development of diverse mitigation solutions, but has also given rise to a booming market for commercial products. Businesses and other prospective users of mitigation solutions find themselves having many shapes and sizes to choose from. The right fit may, however, not always be apparent. In addition, even though diverse solutions are readily available, their deployment and operation may come with hidden hazards that need to be better understood.Policy makers and governments also find themselves facing questions concerning what needs to be done to promote cybersafety on a national level. Should we stimulate the market for mitigation solutions? Are there drawbacks to centralization of that market? And can we become too digitally dependent on other countries, especially when it comes to the safety and security of vital infrastructure? Given such questions, developing an optimal course of action to deal with the DoS problem brings about societal challenges that stack further upon technical ones.Even though the DoS problem is not new, the scale of the problem is still unclear. We do not know exactly what it is we are defending against and getting a better understanding of attacks is essential to addressing the problem head-on. To advance situational awareness, many technical and societal challenges are yet to be tackled. Given the central importance of better understanding the DoS problem to improve overall Internet security, this thesis has three main contributions. First, this thesis rigorously characterizes DoS attacks and attacked targets at scale. Second, this thesis advances knowledge about the Internet-wide adoption, deployment and operational use of various mitigation solutions. Thirdly, this thesis investigates hidden hazards with mitigation solutions that have the potential to hamstring defenses or render mitigation solutions altogether ineffective.

AB - Society heavily relies upon the Internet for global communications in this day and age. Although core Internet components were designed with resilience in mind, Internet stability and reliability are nowadays continuously subject to deliberate threats. These threats include Denial-of-Service (DoS) attacks, which can potentially be devastating.Notorious incidents underpin the gravity of the DoS threat. And while the DoS problem is by no means new, the number and intensity of attacks have especially over the past years reached unexpected proportions. Experts argue that the full potential of attacks has not been seen yet, which prompts the question how many record-breaking attacks have yet to reach notoriety in the years to come.As a result of attacks, not only businesses lose hundreds of millions of dollars annually. When it comes to vital infrastructure, national safety and even lives could be at stake. In the face of the evolving DoS threat, effective defenses are an absolute necessity. The upsurge of the DoS problem has prompted not only the development of diverse mitigation solutions, but has also given rise to a booming market for commercial products. Businesses and other prospective users of mitigation solutions find themselves having many shapes and sizes to choose from. The right fit may, however, not always be apparent. In addition, even though diverse solutions are readily available, their deployment and operation may come with hidden hazards that need to be better understood.Policy makers and governments also find themselves facing questions concerning what needs to be done to promote cybersafety on a national level. Should we stimulate the market for mitigation solutions? Are there drawbacks to centralization of that market? And can we become too digitally dependent on other countries, especially when it comes to the safety and security of vital infrastructure? Given such questions, developing an optimal course of action to deal with the DoS problem brings about societal challenges that stack further upon technical ones.Even though the DoS problem is not new, the scale of the problem is still unclear. We do not know exactly what it is we are defending against and getting a better understanding of attacks is essential to addressing the problem head-on. To advance situational awareness, many technical and societal challenges are yet to be tackled. Given the central importance of better understanding the DoS problem to improve overall Internet security, this thesis has three main contributions. First, this thesis rigorously characterizes DoS attacks and attacked targets at scale. Second, this thesis advances knowledge about the Internet-wide adoption, deployment and operational use of various mitigation solutions. Thirdly, this thesis investigates hidden hazards with mitigation solutions that have the potential to hamstring defenses or render mitigation solutions altogether ineffective.

U2 - 10.3990/1.9789036548687

DO - 10.3990/1.9789036548687

M3 - PhD Thesis - Research UT, graduation UT

SN - 978-90-365-4868-7

T3 - DSI Ph.D. Thesis Series

PB - University of Twente

CY - Enschede

ER -

Jonker M. DDoS Mitigation: A Measurement-Based Approach. Enschede: University of Twente, 2019. 152 p. (DSI Ph.D. Thesis Series; 19-018). https://doi.org/10.3990/1.9789036548687