Slide title 70 pt CAPITALS Slide subtitle minimum 30 pt SENSS: Software-defined Security Service Minlan Yu, Ying Zhang*, Jelena Mirkovic, Abdulla Alwabel.

Slides:



Advertisements
Similar presentations
Slide title 70 pt CAPITALS Slide subtitle minimum 30 pt CLOUD SW: A SUCCESS FOR ERICSSON FINLAND.
Advertisements

Slide title 70 pt CAPITALS Slide subtitle minimum 30 pt Ethernet Routing for Large Scale Distributed Data Center Fabrics Dave Allan, János Farkas, Panagiotis.
Slide title 44 pt Text and bullet level 1 minimum 24 pt Bullets level 2-5 minimum 20 pt Characters for Embedded font: !"#$%&'()*+,-./ :;
Ericsson Packaging Requirements For Inbound Goods Quick Guide to.
Slide title 70 pt CAPITALS Slide subtitle minimum 30 pt Protected Content in Browsers Position Paper.
Slide title 70 pt CAPITALS Slide subtitle minimum 30 pt Ericsson Learning Interface ELI User guide.
Slide title 70 pt CAPITALS Slide subtitle minimum 30 pt Craig Stein Executive Vice President and GM U.S. Regions Broadband and Media Accounts MONETIZING.
Slide title 70 pt CAPITALS Slide subtitle minimum 30 pt RTCP SDES SRCNAME draft-westerlund-avtext-rtcp-sdes-srcname-01 Bo Burman.
Slide title 70 pt CAPITALS Slide subtitle minimum 30 pt The leader role in large- scale agile development LARS-OLA DAMM Ericsson AB, Sweden.
Slide title 44 pt Text and bullet level 1 minimum 24 pt Bullets level 2-5 minimum 20 pt Characters for Embedded font: !"#$%&'()*+,-./ :;
Bringing the networked society to life LOURENCO PINTO COELHO VP STRATEGY & MARKETING REGION LATINAMERICA.
Slide title 70 pt CAPITALS Slide subtitle minimum 30 pt Erlang – from a relaxed angle.
Slide title 70 pt CAPITALS Slide subtitle minimum 30 pt Scrum Training: The Scrum Guide Explained for the Self-Organizing Team Glen Wang
Slide title 70 pt CAPITALS Slide subtitle minimum 30 pt Top Ten Security Challenges for the Networked Society Mats Näslund Ericsson Research.
Slide title 70 pt CAPITALS Slide subtitle minimum 30 pt Review for Eclipse (R4E): Code and Model Reviews made easy Eclipse Con 2012 – Agile ALM track Sebastien.
Homomorphic Encryption Alexander Maximov. Slide title 44 pt Text and bullet level 1 minimum 24 pt Bullets level 2-5 minimum 20 pt Characters for Embedded.
© 2013 OSLC Steering Committee1 What if integration came standard? OSLC to be standardized at OASIS Analyst Community Call: 10 AM EDT, 30 May 2013 Open.
Slide title 70 pt CAPITALS Slide subtitle minimum 30 pt Vpn service Ericsson.
Slide title 70 pt CAPITALS Slide subtitle minimum 30 pt Roberto Morabito Ericsson Research Hypervisors vs. Lightweight Virtualization A Performance Comparison.
Slide title 70 pt CAPITALS Slide subtitle minimum 30 pt Back to the roots – incident case study Mikko Karikytö Head of Ericsson PSIRT.
Slide title 70 pt CAPITALS Slide subtitle minimum 30 pt Network Platform as a Service & Service Provider DevOps András Császár, Ericsson Research Coordinator.
Slide title 70 pt CAPITALS Slide subtitle minimum 30 pt An Introduction to Software-Defined Networking (SDN) Zhang Fu.
IP Spoofing Defense On the State of IP Spoofing Defense TOBY EHRENKRANZ and JUN LI University of Oregon 1 IP Spoofing Defense.
Zhang Fu, Marina Papatriantafilou, Philippas Tsigas Chalmers University of Technology, Sweden 1 ACM SAC 2010 ACM SAC 2011.
Slide title 70 pt CAPITALS Slide subtitle minimum 30 pt Making money work Olutunmbi Idowu Head of Compliance & Risk Control Ericsson M-Commerce.
Introduction. Overview of Pushback. Architecture of router. Pushback mechanism. Conclusion. Pushback: Remedy for DDoS attack.
Slide title 70 pt CAPITALS Slide subtitle minimum 30 pt A Taxonomy of Grouping Semantics and Mechanisms for RTP Sources draft-ietf-avtext-rtp-grouping-taxonomy-02.
Bandwidth DoS Attacks and Defenses Robert Morris Frans Kaashoek, Hari Balakrishnan, Students MIT LCS.
DDoS Attack and Its Defense1 CSE 5473: Network Security Prof. Dong Xuan.
Sample Research Defenses Packetscore Pushback Traceback SOS Proof-of-work systems Human behavior modeling SENSS.
Slide title 70 pt CAPITALS Slide subtitle minimum 30 pt WebRTC: RTP Usage WG Last Call Comments draft-ietf-rtcweb-rtp-usage-14 Magnus Westerlund.
Slide title 70 pt CAPITALS Slide subtitle minimum 30 pt RTP usage in WebRTC Part 1: API and Topologies draft-ietf-rtcweb-rtp-usage-03 RTCWEB Interim June.
Slide title 70 pt CAPITALS Slide subtitle minimum 30 pt Streaming Video demo for NetInf enabled Androids IRTF ICNRG meeting Vancouver November, 2013 Adeel.
Slide title 70 pt CAPITALS Slide subtitle minimum 30 pt Leadership On-the-Go Integrating learning as you lead GFHR Talent Management.
Distributed Denial of Service CRyptography Applications Bistro Presented by Lingxuan Hu April 15, 2004.
1 SENSS Security Service for the Internet Jelena Mirkovic USC Information Sciences Institute Joint work with Minlan Yu (USC), Ying Zhang.
Slide title 70 pt CAPITALS Slide subtitle minimum 30 pt RTP Media Stream Pause / Resume draft-westerlund-avtext-rtp-stream-pause-02 Bo Burman.
Slide title 70 pt CAPITALS Slide subtitle minimum 30 pt Het erogeneous Networks Small Cells, WiFi and LTE in Mobile Broadband NovákCsaba Senior Advisor.
Security Issues in Control, Management and Routing Protocols M.Baltatu, A.Lioy, F.Maino, D.Mazzocchi Computer and Network Security Group Politecnico di.
1 Countering DoS Through Filtering Omar Bashir Communications Enabling Technologies
Interdomain Routing Security. How Secure are BGP Security Protocols? Some strange assumptions? – Focused on attracting traffic from as many Ases as possible.
A Firewall for Routers: Protecting Against Routing Misbehavior1 June 26, A Firewall for Routers: Protecting Against Routing Misbehavior Jia Wang.
Security Requirements of NVO3 draft-hartman-nvo3-security-requirements-01 S. Hartman M. Wasserman D. Zhang 1.
Slide title 70 pt CAPITALS Slide subtitle minimum 30 pt IMS 15 system & products training programs.
Detecting Selective Dropping Attacks in BGP Mooi Chuah Kun Huang November 2006.
Slide title 44 pt Text and bullet level 1 minimum 24 pt Bullets level 2-5 minimum 20 pt Characters for Embedded font: !"#$%&'()*+,-./ :;
Slide title 70 pt CAPITALS Slide subtitle minimum 30 pt Standard essential patents And frand licensing – the need for a balanced approach Ulrika Wester,
Slide title minimum 48 pt CAPITALS Slide subtitle minimum 30 pt SDP Bandwidth Attribute Magnus Westerlund Tomas Frankkila Bo Burman draft-westerlund-mmusic-sdp-bw-attribute-00.
Slide title 70 pt CAPITALS Slide subtitle minimum 30 pt ICTP – innovation strategy Assignment #1 & #2 May 26, 2015.
MDE WITH PAPYRUS novelties and beyond Francis Bordeleau Ericsson, Canada Florian Noyrit On Behalf of Sebastien GERARD CEA.
Slide title 70 pt CAPITALS Slide subtitle minimum 30 pt Scalable Point-to-multipoint Communication Information-centric Networking January, 2015 Börje Ohlman.
Slide title 70 pt CAPITALS Slide subtitle minimum 30 pt Using Simulcast in RTP Sessions draft-westerlund-avtcore-rtp-simulcast-03 Bo Burman, Magnus Westerlund,
Slide title 70 pt CAPITALS Slide subtitle minimum 30 pt Configuration Management IN IT: Responding to current trends.
Slide title 70 pt CAPITALS Slide subtitle minimum 30 pt Elisa Longoria Urmi Mukerji.
Slide title 70 pt CAPITALS Slide subtitle minimum 30 pt oTT Opportunities for Operators in vietnam Denis Brunetti Vice President Ericsson Vietnam, Cambodia.
Slide title minimum 48 pt CAPITALS Slide subtitle minimum 30 pt WebRTC Data Channels Salvatore Loreto Randell Jesup Michael Tuexen Interim June
Slide title minimum 48 pt CAPITALS Slide subtitle minimum 30 pt Glare Handling in WebRTC Signalling Magnus Westerlund draft-jennings-rtcweb-signaling-01.
Slide title 44 pt Text and bullet level 1 minimum 24 pt Bullets level 2-5 minimum 20 pt Characters for Embedded font: !"#$%&'()*+,-./ :;
Slide title minimum 48 pt CAPITALS Slide subtitle minimum 30 pt RTP Media Stream Pause and Resume Magnus Westerlund Bo Burman Daniel Gröndal Azam Akram.
A Common ICN API A discussion starter IRTF ICNRG Vancouver, Nov 2013 Börje Ohlman Alina Quereilhac.
Slide title 70 pt CAPITALS Slide subtitle minimum 30 pt An Introduction to Software-Defined Networking (SDN) Zhang Fu Ericsson Research Feb 2016.
Slide title 70 pt CAPITALS Slide subtitle minimum 30 pt IMS 16 Mobile Telephony Evolution with volte training programs.
Slide title 70 pt CAPITALS Slide subtitle minimum 30 pt Patterns for a feature centric data model in a multi user database environment for portfolio management.
Slide title 70 pt CAPITALS Slide subtitle minimum 30 pt By Thorben Neumann.
1 SENSS Security Service for the Internet Jelena Mirkovic (USC/ISI), Minlan Yu (USC), Ying Zhang (HP Labs), Sivaram Ramanathan (USC)
Slide title 70 pt CAPITALS Slide subtitle minimum 30 pt standard essential patents: Developments in US courts & Standard Development organizations MLEX.
ATD 2016 International Conference & Exposition The Premier Conference for TD Professionals.
Slide title 70 pt CAPITALS Slide subtitle minimum 30 pt RTP Stream Pause / Resume draft-ietf-avtext-rtp-stream-pause-01 Bo Burman.
COS 561: Advanced Computer Networks
BGP Security Jennifer Rexford Fall 2018 (TTh 1:30-2:50 in Friend 006)
Presentation transcript:

Slide title 70 pt CAPITALS Slide subtitle minimum 30 pt SENSS: Software-defined Security Service Minlan Yu, Ying Zhang*, Jelena Mirkovic, Abdulla Alwabel USC, Ericsson Research*

Slide title 44 pt Text and bullet level 1 minimum 24 pt Bullets level 2-5 minimum 20 pt Characters for Embedded font: !"#$%&'()*+,-./ :; WXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~¡¢£¤¥¦§¨©ª« ¬®¯°±²³´¶·¸¹º»¼½ÀÁÂÃÄÅÆÇÈËÌÍÎÏÐÑÒÓÔÕÖ×ØÙÚÛ ÜÝÞßàáâãäåæçèéêëìíîïðñòóôõö÷øùúûüýþÿĀāĂăąĆćĊċ ČĎďĐđĒĖėĘęĚěĞğĠġĢģĪīĮįİıĶķĹĺĻļĽľŁłŃńŅņŇňŌŐőŒ œŔŕŖŗŘřŚśŞşŠšŢţŤťŪūŮůŰűŲųŴŵŶŷŸŹźŻżŽžƒˆˇ˘˙˚˛ ˜˝ẀẁẃẄẅỲỳ–— ‘’‚“”„†‡…‰‹›⁄€™ĀĀĂĂĄĄĆĆĊĊČČĎĎĐĐĒĒĖĖĘĘĚĚ ĞĞĠĠĢĢĪĪĮĮİĶĶĹĹĻĻĽĽŃŃŅŅŇŇŌŌŐŐŔŔŖŖŘŘŚŚŞ ŞŢŢŤŤŪŪŮŮŰŰŲŲŴŴŶŶŹŹŻŻ−≤≥fifl ΆΈΉΊΌΎΏΐΑΒΓΕΖΗΘΙΚΛΜΝΞΟΠΡΣΤΥΦΧΨΪΫΆΈΉΊΰα βγδεζηθικλνξορςΣΤΥΦΧΨΩΪΫΌΎΏ ЁЂЃЄЅІЇЈЉЊЋЌЎЏАБВГДЕЖЗИЙКЛМНОПРСТУФХ ЦЧШЩЪЫЬЭЮЯАБВГДЕЖЗИЙКЛМНОПРСТУФХЦЧ ШЩЪЫЬЭЮЯЁЂЃЄЅІЇЈЉЊЋЌЎЏ ѢѢѲѲѴѴ ҐҐәǽẀẁ ẂẃẄẅỲỳ№ Do not add objects or text in the footer area ›Network attacks are becoming more frequent and more damaging –DDoS attacks targeting both the end hosts and the network infrastructure –Prefix hijacking to blackhole and eavesdrop traffic ›Victim or local ISP based detection and mitigation is not sufficient ›Inter ISP solutions are not adopted –Focused on detection or mitigation for individual attacks –Complex changes on the router –Lack of incentives for ISPs to deploy ›SENSS: a wide-scale, general service for automated inter-ISP collaboration on security problems –Victim network can request help from remote networks to observe and control its own traffic and routes Motivation

Slide title 44 pt Text and bullet level 1 minimum 24 pt Bullets level 2-5 minimum 20 pt Characters for Embedded font: !"#$%&'()*+,-./ :; WXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~¡¢£¤¥¦§¨©ª« ¬®¯°±²³´¶·¸¹º»¼½ÀÁÂÃÄÅÆÇÈËÌÍÎÏÐÑÒÓÔÕÖ×ØÙÚÛ ÜÝÞßàáâãäåæçèéêëìíîïðñòóôõö÷øùúûüýþÿĀāĂăąĆćĊċ ČĎďĐđĒĖėĘęĚěĞğĠġĢģĪīĮįİıĶķĹĺĻļĽľŁłŃńŅņŇňŌŐőŒ œŔŕŖŗŘřŚśŞşŠšŢţŤťŪūŮůŰűŲųŴŵŶŷŸŹźŻżŽžƒˆˇ˘˙˚˛ ˜˝ẀẁẃẄẅỲỳ–— ‘’‚“”„†‡…‰‹›⁄€™ĀĀĂĂĄĄĆĆĊĊČČĎĎĐĐĒĒĖĖĘĘĚĚ ĞĞĠĠĢĢĪĪĮĮİĶĶĹĹĻĻĽĽŃŃŅŅŇŇŌŌŐŐŔŔŖŖŘŘŚŚŞ ŞŢŢŤŤŪŪŮŮŰŰŲŲŴŴŶŶŹŹŻŻ−≤≥fifl ΆΈΉΊΌΎΏΐΑΒΓΕΖΗΘΙΚΛΜΝΞΟΠΡΣΤΥΦΧΨΪΫΆΈΉΊΰα βγδεζηθικλνξορςΣΤΥΦΧΨΩΪΫΌΎΏ ЁЂЃЄЅІЇЈЉЊЋЌЎЏАБВГДЕЖЗИЙКЛМНОПРСТУФХ ЦЧШЩЪЫЬЭЮЯАБВГДЕЖЗИЙКЛМНОПРСТУФХЦЧ ШЩЪЫЬЭЮЯЁЂЃЄЅІЇЈЉЊЋЌЎЏ ѢѢѲѲѴѴ ҐҐәǽẀẁ ẂẃẄẅỲỳ№ Do not add objects or text in the footer area ›Victim-oriented programming for diverse attacks –Victim has the incentives and knowledge of its network, business and priorities –Victim requests data and control actions from local and remote ISPs –Can only query/manipulate for traffic that goes to/from their prefixes ›Simple and expressive interfaces at ISPs SENSS Architecture

Slide title 44 pt Text and bullet level 1 minimum 24 pt Bullets level 2-5 minimum 20 pt Characters for Embedded font: !"#$%&'()*+,-./ :; WXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~¡¢£¤¥¦§¨©ª« ¬®¯°±²³´¶·¸¹º»¼½ÀÁÂÃÄÅÆÇÈËÌÍÎÏÐÑÒÓÔÕÖ×ØÙÚÛ ÜÝÞßàáâãäåæçèéêëìíîïðñòóôõö÷øùúûüýþÿĀāĂăąĆćĊċ ČĎďĐđĒĖėĘęĚěĞğĠġĢģĪīĮįİıĶķĹĺĻļĽľŁłŃńŅņŇňŌŐőŒ œŔŕŖŗŘřŚśŞşŠšŢţŤťŪūŮůŰűŲųŴŵŶŷŸŹźŻżŽžƒˆˇ˘˙˚˛ ˜˝ẀẁẃẄẅỲỳ–— ‘’‚“”„†‡…‰‹›⁄€™ĀĀĂĂĄĄĆĆĊĊČČĎĎĐĐĒĒĖĖĘĘĚĚ ĞĞĠĠĢĢĪĪĮĮİĶĶĹĹĻĻĽĽŃŃŅŅŇŇŌŌŐŐŔŔŖŖŘŘŚŚŞ ŞŢŢŤŤŪŪŮŮŰŰŲŲŴŴŶŶŹŹŻŻ−≤≥fifl ΆΈΉΊΌΎΏΐΑΒΓΕΖΗΘΙΚΛΜΝΞΟΠΡΣΤΥΦΧΨΪΫΆΈΉΊΰα βγδεζηθικλνξορςΣΤΥΦΧΨΩΪΫΌΎΏ ЁЂЃЄЅІЇЈЉЊЋЌЎЏАБВГДЕЖЗИЙКЛМНОПРСТУФХ ЦЧШЩЪЫЬЭЮЯАБВГДЕЖЗИЙКЛМНОПРСТУФХЦЧ ШЩЪЫЬЭЮЯЁЂЃЄЅІЇЈЉЊЋЌЎЏ ѢѢѲѲѴѴ ҐҐәǽẀẁ ẂẃẄẅỲỳ№ Do not add objects or text in the footer area ›Simple and expressive interfaces at ISPs ›SENSS Uses SENSS interfaces and use cases MessageFieldsReply/Action Traffic queryaggr, time, in/out#bytes/#pkts for aggr Route queryprefixAS paths from the SENSS AS to the prefix Traffic filteraggrfilter traffic that matches aggr Bandwidth guaranteeaggr. bwguarentee bw for aggr Route demotePrefix, segDemote route to prefix that matches segment Route modPrefix, seg1, seg2Modify routes Data plane attacksControl plane attacks DDoS with signature DDoS without signature Reflector based DDoS attack Crossfire Blackhole based prefix hijacking Interception attacks

Slide title 44 pt Text and bullet level 1 minimum 24 pt Bullets level 2-5 minimum 20 pt Characters for Embedded font: !"#$%&'()*+,-./ :; WXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~¡¢£¤¥¦§¨©ª« ¬®¯°±²³´¶·¸¹º»¼½ÀÁÂÃÄÅÆÇÈËÌÍÎÏÐÑÒÓÔÕÖ×ØÙÚÛ ÜÝÞßàáâãäåæçèéêëìíîïðñòóôõö÷øùúûüýþÿĀāĂăąĆćĊċ ČĎďĐđĒĖėĘęĚěĞğĠġĢģĪīĮįİıĶķĹĺĻļĽľŁłŃńŅņŇňŌŐőŒ œŔŕŖŗŘřŚśŞşŠšŢţŤťŪūŮůŰűŲųŴŵŶŷŸŹźŻżŽžƒˆˇ˘˙˚˛ ˜˝ẀẁẃẄẅỲỳ–— ‘’‚“”„†‡…‰‹›⁄€™ĀĀĂĂĄĄĆĆĊĊČČĎĎĐĐĒĒĖĖĘĘĚĚ ĞĞĠĠĢĢĪĪĮĮİĶĶĹĹĻĻĽĽŃŃŅŅŇŇŌŌŐŐŔŔŖŖŘŘŚŚŞ ŞŢŢŤŤŪŪŮŮŰŰŲŲŴŴŶŶŹŹŻŻ−≤≥fifl ΆΈΉΊΌΎΏΐΑΒΓΕΖΗΘΙΚΛΜΝΞΟΠΡΣΤΥΦΧΨΪΫΆΈΉΊΰα βγδεζηθικλνξορςΣΤΥΦΧΨΩΪΫΌΎΏ ЁЂЃЄЅІЇЈЉЊЋЌЎЏАБВГДЕЖЗИЙКЛМНОПРСТУФХ ЦЧШЩЪЫЬЭЮЯАБВГДЕЖЗИЙКЛМНОПРСТУФХЦЧ ШЩЪЫЬЭЮЯЁЂЃЄЅІЇЈЉЊЋЌЎЏ ѢѢѲѲѴѴ ҐҐәǽẀẁ ẂẃẄẅỲỳ№ Do not add objects or text in the footer area ›The victim periodically queries ISPs about its incoming traffic distribution. Example: DDoS without signature

Slide title 44 pt Text and bullet level 1 minimum 24 pt Bullets level 2-5 minimum 20 pt Characters for Embedded font: !"#$%&'()*+,-./ :; WXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~¡¢£¤¥¦§¨©ª« ¬®¯°±²³´¶·¸¹º»¼½ÀÁÂÃÄÅÆÇÈËÌÍÎÏÐÑÒÓÔÕÖ×ØÙÚÛ ÜÝÞßàáâãäåæçèéêëìíîïðñòóôõö÷øùúûüýþÿĀāĂăąĆćĊċ ČĎďĐđĒĖėĘęĚěĞğĠġĢģĪīĮįİıĶķĹĺĻļĽľŁłŃńŅņŇňŌŐőŒ œŔŕŖŗŘřŚśŞşŠšŢţŤťŪūŮůŰűŲųŴŵŶŷŸŹźŻżŽžƒˆˇ˘˙˚˛ ˜˝ẀẁẃẄẅỲỳ–— ‘’‚“”„†‡…‰‹›⁄€™ĀĀĂĂĄĄĆĆĊĊČČĎĎĐĐĒĒĖĖĘĘĚĚ ĞĞĠĠĢĢĪĪĮĮİĶĶĹĹĻĻĽĽŃŃŅŅŇŇŌŌŐŐŔŔŖŖŘŘŚŚŞ ŞŢŢŤŤŪŪŮŮŰŰŲŲŴŴŶŶŹŹŻŻ−≤≥fifl ΆΈΉΊΌΎΏΐΑΒΓΕΖΗΘΙΚΛΜΝΞΟΠΡΣΤΥΦΧΨΪΫΆΈΉΊΰα βγδεζηθικλνξορςΣΤΥΦΧΨΩΪΫΌΎΏ ЁЂЃЄЅІЇЈЉЊЋЌЎЏАБВГДЕЖЗИЙКЛМНОПРСТУФХ ЦЧШЩЪЫЬЭЮЯАБВГДЕЖЗИЙКЛМНОПРСТУФХЦЧ ШЩЪЫЬЭЮЯЁЂЃЄЅІЇЈЉЊЋЌЎЏ ѢѢѲѲѴѴ ҐҐәǽẀẁ ẂẃẄẅỲỳ№ Do not add objects or text in the footer area ›Compares the traffic distributions before and during the attack ›Identifies upstream ASes that have previously routed little traffic but now route significantly more during the attack Example: DDoS without signature

Slide title 44 pt Text and bullet level 1 minimum 24 pt Bullets level 2-5 minimum 20 pt Characters for Embedded font: !"#$%&'()*+,-./ :; WXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~¡¢£¤¥¦§¨©ª« ¬®¯°±²³´¶·¸¹º»¼½ÀÁÂÃÄÅÆÇÈËÌÍÎÏÐÑÒÓÔÕÖ×ØÙÚÛ ÜÝÞßàáâãäåæçèéêëìíîïðñòóôõö÷øùúûüýþÿĀāĂăąĆćĊċ ČĎďĐđĒĖėĘęĚěĞğĠġĢģĪīĮįİıĶķĹĺĻļĽľŁłŃńŅņŇňŌŐőŒ œŔŕŖŗŘřŚśŞşŠšŢţŤťŪūŮůŰűŲųŴŵŶŷŸŹźŻżŽžƒˆˇ˘˙˚˛ ˜˝ẀẁẃẄẅỲỳ–— ‘’‚“”„†‡…‰‹›⁄€™ĀĀĂĂĄĄĆĆĊĊČČĎĎĐĐĒĒĖĖĘĘĚĚ ĞĞĠĠĢĢĪĪĮĮİĶĶĹĹĻĻĽĽŃŃŅŅŇŇŌŌŐŐŔŔŖŖŘŘŚŚŞ ŞŢŢŤŤŪŪŮŮŰŰŲŲŴŴŶŶŹŹŻŻ−≤≥fifl ΆΈΉΊΌΎΏΐΑΒΓΕΖΗΘΙΚΛΜΝΞΟΠΡΣΤΥΦΧΨΪΫΆΈΉΊΰα βγδεζηθικλνξορςΣΤΥΦΧΨΩΪΫΌΎΏ ЁЂЃЄЅІЇЈЉЊЋЌЎЏАБВГДЕЖЗИЙКЛМНОПРСТУФХ ЦЧШЩЪЫЬЭЮЯАБВГДЕЖЗИЙКЛМНОПРСТУФХЦЧ ШЩЪЫЬЭЮЯЁЂЃЄЅІЇЈЉЊЋЌЎЏ ѢѢѲѲѴѴ ҐҐәǽẀẁ ẂẃẄẅỲỳ№ Do not add objects or text in the footer area ›Install traffic filters on these ASes Example: DDoS mitigation E: filter, dst = V, ingress=I N: filter, dst = V L: filter, dst = V

Slide title 44 pt Text and bullet level 1 minimum 24 pt Bullets level 2-5 minimum 20 pt Characters for Embedded font: !"#$%&'()*+,-./ :; WXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~¡¢£¤¥¦§¨©ª« ¬®¯°±²³´¶·¸¹º»¼½ÀÁÂÃÄÅÆÇÈËÌÍÎÏÐÑÒÓÔÕÖ×ØÙÚÛ ÜÝÞßàáâãäåæçèéêëìíîïðñòóôõö÷øùúûüýþÿĀāĂăąĆćĊċ ČĎďĐđĒĖėĘęĚěĞğĠġĢģĪīĮįİıĶķĹĺĻļĽľŁłŃńŅņŇňŌŐőŒ œŔŕŖŗŘřŚśŞşŠšŢţŤťŪūŮůŰűŲųŴŵŶŷŸŹźŻżŽžƒˆˇ˘˙˚˛ ˜˝ẀẁẃẄẅỲỳ–— ‘’‚“”„†‡…‰‹›⁄€™ĀĀĂĂĄĄĆĆĊĊČČĎĎĐĐĒĒĖĖĘĘĚĚ ĞĞĠĠĢĢĪĪĮĮİĶĶĹĹĻĻĽĽŃŃŅŅŇŇŌŌŐŐŔŔŖŖŘŘŚŚŞ ŞŢŢŤŤŪŪŮŮŰŰŲŲŴŴŶŶŹŹŻŻ−≤≥fifl ΆΈΉΊΌΎΏΐΑΒΓΕΖΗΘΙΚΛΜΝΞΟΠΡΣΤΥΦΧΨΪΫΆΈΉΊΰα βγδεζηθικλνξορςΣΤΥΦΧΨΩΪΫΌΎΏ ЁЂЃЄЅІЇЈЉЊЋЌЎЏАБВГДЕЖЗИЙКЛМНОПРСТУФХ ЦЧШЩЪЫЬЭЮЯАБВГДЕЖЗИЙКЛМНОПРСТУФХЦЧ ШЩЪЫЬЭЮЯЁЂЃЄЅІЇЈЉЊЋЌЎЏ ѢѢѲѲѴѴ ҐҐәǽẀẁ ẂẃẄẅỲỳ№ Do not add objects or text in the footer area ›High incentives for SENSS adoption –Victim has strong incentives –ISPs can charge the victims for new services –Aligned with ISP’s interests and capabilities ›Securing SENSS communications –Secure key exchange and authentication via RPKI –Encrypt, authenticate and timestamp messages –Protect against message flooding and resource exhaustion ›Incremental deployment –DDoS attack: 94% attack traffic eliminated with 30 SENSS ASes –Prefix hijacking: 82% polluted ASes corrected with 18 SENSS Ases Discussion

Slide title 44 pt Text and bullet level 1 minimum 24 pt Bullets level 2-5 minimum 20 pt Characters for Embedded font: !"#$%&'()*+,-./ :; WXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~¡¢£¤¥¦§¨©ª« ¬®¯°±²³´¶·¸¹º»¼½ÀÁÂÃÄÅÆÇÈËÌÍÎÏÐÑÒÓÔÕÖ×ØÙÚÛ ÜÝÞßàáâãäåæçèéêëìíîïðñòóôõö÷øùúûüýþÿĀāĂăąĆćĊċ ČĎďĐđĒĖėĘęĚěĞğĠġĢģĪīĮįİıĶķĹĺĻļĽľŁłŃńŅņŇňŌŐőŒ œŔŕŖŗŘřŚśŞşŠšŢţŤťŪūŮůŰűŲųŴŵŶŷŸŹźŻżŽžƒˆˇ˘˙˚˛ ˜˝ẀẁẃẄẅỲỳ–— ‘’‚“”„†‡…‰‹›⁄€™ĀĀĂĂĄĄĆĆĊĊČČĎĎĐĐĒĒĖĖĘĘĚĚ ĞĞĠĠĢĢĪĪĮĮİĶĶĹĹĻĻĽĽŃŃŅŅŇŇŌŌŐŐŔŔŖŖŘŘŚŚŞ ŞŢŢŤŤŪŪŮŮŰŰŲŲŴŴŶŶŹŹŻŻ−≤≥fifl ΆΈΉΊΌΎΏΐΑΒΓΕΖΗΘΙΚΛΜΝΞΟΠΡΣΤΥΦΧΨΪΫΆΈΉΊΰα βγδεζηθικλνξορςΣΤΥΦΧΨΩΪΫΌΎΏ ЁЂЃЄЅІЇЈЉЊЋЌЎЏАБВГДЕЖЗИЙКЛМНОПРСТУФХ ЦЧШЩЪЫЬЭЮЯАБВГДЕЖЗИЙКЛМНОПРСТУФХЦЧ ШЩЪЫЬЭЮЯЁЂЃЄЅІЇЈЉЊЋЌЎЏ ѢѢѲѲѴѴ ҐҐәǽẀẁ ẂẃẄẅỲỳ№ Do not add objects or text in the footer area Backup

Slide title 44 pt Text and bullet level 1 minimum 24 pt Bullets level 2-5 minimum 20 pt Characters for Embedded font: !"#$%&'()*+,-./ :; WXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~¡¢£¤¥¦§¨©ª« ¬®¯°±²³´¶·¸¹º»¼½ÀÁÂÃÄÅÆÇÈËÌÍÎÏÐÑÒÓÔÕÖ×ØÙÚÛ ÜÝÞßàáâãäåæçèéêëìíîïðñòóôõö÷øùúûüýþÿĀāĂăąĆćĊċ ČĎďĐđĒĖėĘęĚěĞğĠġĢģĪīĮįİıĶķĹĺĻļĽľŁłŃńŅņŇňŌŐőŒ œŔŕŖŗŘřŚśŞşŠšŢţŤťŪūŮůŰűŲųŴŵŶŷŸŹźŻżŽžƒˆˇ˘˙˚˛ ˜˝ẀẁẃẄẅỲỳ–— ‘’‚“”„†‡…‰‹›⁄€™ĀĀĂĂĄĄĆĆĊĊČČĎĎĐĐĒĒĖĖĘĘĚĚ ĞĞĠĠĢĢĪĪĮĮİĶĶĹĹĻĻĽĽŃŃŅŅŇŇŌŌŐŐŔŔŖŖŘŘŚŚŞ ŞŢŢŤŤŪŪŮŮŰŰŲŲŴŴŶŶŹŹŻŻ−≤≥fifl ΆΈΉΊΌΎΏΐΑΒΓΕΖΗΘΙΚΛΜΝΞΟΠΡΣΤΥΦΧΨΪΫΆΈΉΊΰα βγδεζηθικλνξορςΣΤΥΦΧΨΩΪΫΌΎΏ ЁЂЃЄЅІЇЈЉЊЋЌЎЏАБВГДЕЖЗИЙКЛМНОПРСТУФХ ЦЧШЩЪЫЬЭЮЯАБВГДЕЖЗИЙКЛМНОПРСТУФХЦЧ ШЩЪЫЬЭЮЯЁЂЃЄЅІЇЈЉЊЋЌЎЏ ѢѢѲѲѴѴ ҐҐәǽẀẁ ẂẃẄẅỲỳ№ Do not add objects or text in the footer area ›Detect the traffic distribution changes before and after the attack ›Identify upstream ASes that have previously routed a lot of traffic but now route a little Use case II: Interception attack old route: FHGDV new route: SMAV

Slide title 44 pt Text and bullet level 1 minimum 24 pt Bullets level 2-5 minimum 20 pt Characters for Embedded font: !"#$%&'()*+,-./ :; WXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~¡¢£¤¥¦§¨©ª« ¬®¯°±²³´¶·¸¹º»¼½ÀÁÂÃÄÅÆÇÈËÌÍÎÏÐÑÒÓÔÕÖ×ØÙÚÛ ÜÝÞßàáâãäåæçèéêëìíîïðñòóôõö÷øùúûüýþÿĀāĂăąĆćĊċ ČĎďĐđĒĖėĘęĚěĞğĠġĢģĪīĮįİıĶķĹĺĻļĽľŁłŃńŅņŇňŌŐőŒ œŔŕŖŗŘřŚśŞşŠšŢţŤťŪūŮůŰűŲųŴŵŶŷŸŹźŻżŽžƒˆˇ˘˙˚˛ ˜˝ẀẁẃẄẅỲỳ–— ‘’‚“”„†‡…‰‹›⁄€™ĀĀĂĂĄĄĆĆĊĊČČĎĎĐĐĒĒĖĖĘĘĚĚ ĞĞĠĠĢĢĪĪĮĮİĶĶĹĹĻĻĽĽŃŃŅŅŇŇŌŌŐŐŔŔŖŖŘŘŚŚŞ ŞŢŢŤŤŪŪŮŮŰŰŲŲŴŴŶŶŹŹŻŻ−≤≥fifl ΆΈΉΊΌΎΏΐΑΒΓΕΖΗΘΙΚΛΜΝΞΟΠΡΣΤΥΦΧΨΪΫΆΈΉΊΰα βγδεζηθικλνξορςΣΤΥΦΧΨΩΪΫΌΎΏ ЁЂЃЄЅІЇЈЉЊЋЌЎЏАБВГДЕЖЗИЙКЛМНОПРСТУФХ ЦЧШЩЪЫЬЭЮЯАБВГДЕЖЗИЙКЛМНОПРСТУФХЦЧ ШЩЪЫЬЭЮЯЁЂЃЄЅІЇЈЉЊЋЌЎЏ ѢѢѲѲѴѴ ҐҐәǽẀẁ ẂẃẄẅỲỳ№ Do not add objects or text in the footer area ›Query these ASes for the routes to reach the victim ›Perform hop-by-hop traceback to detect the inconsistency between the routing and data plane ›Ask SENSS ISPs to modify the bogus route Use case II: Interception attack Route to V: SMAV Upstream AS for traffic from S to V: B Data plane path from S to V: SMCBAV

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.