Distributed DDoS Defense: A collaborative Approach at Internet Scale

Anna Sperotto, Jessica Steinberger, Harald Baier, Aiko Pras

Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

1 Downloads (Pure)


Distributed large-scale cyber attacks targeting the availability of computing and network resources still remain a serious threat. To limit the effects caused by those attacks and to provide a proactive defense, mitigation should move to the networks of Internet Service Providers (ISPs). In this context, this thesis focuses on a development of a collaborative, automated approach to mitigate the effects of Distributed Denial of Service (DDoS) attacks at Internet Scale. This thesis has the following contributions: i) a systematic and multifaceted study on mitigation of large-scale cyber attacks at ISPs. ii) A detailed guidance selecting an exchange format and protocol suitable to use to disseminate threat information. iii) To overcome the shortcomings of missing flow-based interoperability of current exchange formats, a development of the exchange format Flow-based Event Exchange Format (FLEX). iv) A communication process to facilitate the automated defense in response to ongoing network-based attacks, v) a model to select and perform a semi-automatic deployment of suitable response actions. vi) An investigation of the effectiveness of the defense techniques moving-target using Software Defined Networking (SDN) and their applicability in context of large-scale cyber attacks and the networks of ISPs. Finally, a trust model that determines a trust and a knowledge level of a security event to deploy semi-automated remediations and facilitate the dissemination of security event information using the exchange format FLEX in context of ISP networks.
Original languageEnglish
Title of host publication2020 IEEE/IFIP Network Operations and Management Symposium (NOMS 2020)
Place of PublicationPiscataway, NJ
Number of pages6
ISBN (Electronic)978-1-7281-4973-8
ISBN (Print)978-1-7281-4974-5
Publication statusPublished - 2020
Event17th IEEE/IFIP Network Operations and Management Symposium, NOMS 2020: Management in the Age of Softwarization and Artificial Intelligence - Virtual conference, Budapest, Hungary
Duration: 20 Apr 202024 Apr 2020
Conference number: 17
https://noms2020.ieee-noms.org/ (Conference)

Publication series

NameIEEE/IFIP Network Operations and Management Symposium (NOMS)
ISSN (Print)1542-1201
ISSN (Electronic)2374-9709


Conference17th IEEE/IFIP Network Operations and Management Symposium, NOMS 2020
Abbreviated titleNOMS
Internet address


  • DDoS
  • Mitigation
  • Reaction
  • Dissemination
  • Future attacks
  • Attack intensities
  • Cybersecurity


Dive into the research topics of 'Distributed DDoS Defense: A collaborative Approach at Internet Scale'. Together they form a unique fingerprint.

Cite this