An Adaptive Anti-DDoS System for IP Service Provider Backbones

  • Alberto Savio Figueira Rodrigues
  • Fabio Santos
  • Marcos Araujo
  • Natalia Castro Fernandes

Resumo


This article presents an adaptive anti-DDoS system based on SDN for IP service providers' backbones. We analyzed requirements and solutions used on current IP backbones in order to manage different anti-DDoS systems to mitigate attacks to customers or to the backbone itself. The base of our proposal is a controller that synchronizes network reaction according to the volume of attacks and the available infrastructure, using a layered protection scheme. This controller dynamically provisions virtual machines and network links based on transit virtual router and forwarding (VRF). The system is able to dynamically reconfigure itself according to attack traffic patterns. As a consequence, our system improves backbone performance and customers quality of experience by reducing the impact of DDoS traffic in a more efficient way than current solutions.
Publicado
25/10/2018
Como Citar

Selecione um Formato
RODRIGUES, Alberto Savio Figueira; SANTOS, Fabio; ARAUJO, Marcos; FERNANDES, Natalia Castro. An Adaptive Anti-DDoS System for IP Service Provider Backbones. In: SIMPÓSIO BRASILEIRO EM SEGURANÇA DA INFORMAÇÃO E DE SISTEMAS COMPUTACIONAIS (SBSEG) , 2018 Anais do XVIII Simpósio Brasileiro em Segurança da Informação e de Sistemas Computacionais. Porto Alegre: Sociedade Brasileira de Computação, oct. 2018 . p. 105 - 112.