Library
local_library Home Repository

Peering into the Darkness

The Use of UTRS in Combating DDoS Attacks

Conference Paper (2024)
Author(s)

Radu Anghel (TU Delft - Organisation & Governance)

Swaathi Vetrivel (TU Delft - Organisation & Governance)

Elsa Turcios Rodríguez (TU Delft - Organisation & Governance)

Kaichi Sameshima (Yokohama National University)

Daisuke Makita (Yokohama National University, National Institute of Information and Communications Technology)

Katsunari Yoshioka (Yokohama National University)

Carlos H Ganán (TU Delft - Organisation & Governance)

Y. Zhauniarovich (TU Delft - Organisation & Governance)

Research Group
Organisation & Governance
Copyright
© 2024 R.I. Anghel, Swaathi Vetrivel, E.R. Turcios Rodriguez, Kaichi Sameshima, Daisuke Makita, Katsunari Yoshioka, C. Hernandez Ganan, Y. Zhauniarovich
DOI related publication
https://doi.org/10.1007/978-3-031-51476-0_2
More Info
expand_more
Publication Year
2024
Language
English
Copyright
© 2024 R.I. Anghel, Swaathi Vetrivel, E.R. Turcios Rodriguez, Kaichi Sameshima, Daisuke Makita, Katsunari Yoshioka, C. Hernandez Ganan, Y. Zhauniarovich
Research Group
Organisation & Governance
Bibliographical Note
Green Open Access added to TU Delft Institutional Repository ‘You share, we take care!’ – Taverne project https://www.openaccess.nl/en/you-share-we-take-care Otherwise as indicated in the copyright section: the publisher is the copyright holder of this work and the author uses the Dutch legislation to make this work public. @en
Pages (from-to)
23-41
ISBN (print)
978-3-031-51475-3
Reuse Rights

Other than for strictly personal use, it is not permitted to download, forward or distribute the text or part of it, without the consent of the author(s) and/or copyright holder(s), unless the work is under an open content license such as Creative Commons.

Abstract

Remotely Triggered Black Hole (RTBH) is a common DDoS mitigation approach that has been in use for the last two decades. Usually, it is implemented close to the attack victim in networks sharing some type of physical connectivity. The Unwanted Traffic Removal Service (UTRS) project offers a free, global, and relatively low-effort-to-join and operate RTBH alternative by removing the requirement of physical connectivity. Given these unique value propositions of UTRS, this paper aims to understand to what extent UTRS is adopted and used to mitigate DDoS attacks. To reach this goal, we collected two DDoS datasets describing amplification and Internet-of-Things-botnet-driven attacks and correlated them with the information from the third dataset containing blackholing requests propagated to the members of UTRS. Our findings suggest that, currently, just a small portion of UTRS members (approximately 10 % ) trigger mitigation attempts: out of 1200+ UTRS members, only 124 triggered blackholing events during our study. Among those, with high probability, 25 Autonomous Systems (ASes) reacted on AmpPot attacks mitigating 0.025 % of them globally or 1.03 % targeting UTRS members; 2 countered IoT-botnet-driven attacks alleviating 0.001 % of them globally or 0.06 % targeting UTRS members. This suggests that UTRS can be a useful tool in mitigating DDoS attacks, but it is not widely used.

Files

978-3-031-51476-0_2.pdf
(pdf | 0.921 Mb)
- Embargo expired in 11-07-2024
License info not available