NANOG Meeting Presentation Abstract

Diversion and Sieving Techniques to Defeat
Meeting:	NANOG23
Date / Time:	2001-10-22 11:30am - 12:00pm
Room:	OCC East
Presenters:	Speakers: Yehuda Afek, Tel-Aviv Univ. & WANWall Yehuda Afek is a Professor in the School of Computer Science at Tel-Aviv University, and the CTO of WANWall Inc. Currently his research focuses on efficient forwarding and routing algorithms for IP networks, and methods for traffic engineering to stop DDoS attacks. Prior to joining Tel-Aviv University in 1989 he spent four years in AT&T Bell Laboratories. He received his M.Sc. and Ph.D. in Computer Science from UCLA in 1985 and 1983, respectively. Anat Bremler-Barr, Tel-Aviv Univ. & WANWall. Hank Nussbacher, WANWall. Danny Touitou, WANWall.
Abstract:	Network engineers have been known to use diversion to blackhole DDoS attacks. This technique may divert and blackhole legitimate traffic. We present a method that provides availability under DDoS attacks by combining different diversion methods with a mechanism that sieves the \"bad\" packets and forwards the \"good\" packets to the intended victim. The method minimizes demand on router resources and does not introduce additional elements on the normal data path. The diversion method allows a sieving mechanism to process only the victims\' traffic. The system is employable on a provider\'s backbone, preferably at the peering points. Furthermore, since diversion is done on demand for different targets at different periods of time, the solution can be shared by a large number of potential victims and can protect any element in the provider\'s backbone. This method can also be applied on egress traffic, thus enabling a service provider to clean attack traffic generated within its own network. Various alternative methods of transparently diverting a victim\'s traffic and returning its legitimate traffic will be presented.
Files:	Diversion and Sieving Techniques to Defeat Yehuda Afek Presentation(PPT)
Sponsors:	None.

Back to NANOG23 agenda.

NANOG23 Abstracts

• Show All

• IP Routing Protocol Scalability: Theory and Examples
  Speakers:
  Alvaro Retana, Cisco Systems;

• ISP Security - Real World Techniques II
  Speakers:
  Barry Raveendran GreeneCisco Systems; .
  Chris MorrowUUNET/Verizon; .
  Brian W. GemberlingUUNET; .
  

• ISP Security - Real World Techniques II
  Speakers:
  Barry Raveendran GreeneCisco Systems; .
  Chris MorrowUUNET/Verizon; .
  Brian W. GemberlingUUNET; .
  

• ISP Security - Real World Techniques II
  Speakers:
  Barry Raveendran GreeneCisco Systems; .
  Chris MorrowUUNET/Verizon; .
  Brian W. GemberlingUUNET; .
  

• BGP Multihoming Guide
  Speakers:
  Philip SmithCisco Systems; .
  

• Packets and Photons: The Emerging Two-Layer Network
  Speakers:
  Dan Lockwood, Juniper;

• The Internet Under Stress
  Speakers:
  Peter H. Salus, Matrix;

• What Worked and What Didn\'t: 9/11
  Speakers:
  Sean DonelanDonelan.com; .
  

• Multicasting Worked on 9/11
  Speakers:
  Marshall Eubanks, Multicast Technologies; Prashant RajvaidyaUC Santa Barbara; .
  Rich MavrogeanesVbrick; .
  

• Multicasting Worked on 9/11
  Speakers:
  Marshall Eubanks, Multicast Technologies; Prashant RajvaidyaUC Santa Barbara; .
  Rich MavrogeanesVbrick; .
  

• Multicasting Worked on 9/11
  Speakers:
  Marshall Eubanks, Multicast Technologies; Prashant RajvaidyaUC Santa Barbara; .
  Rich MavrogeanesVbrick; .
  

• Trends in Denial of Service Attack Technology
  Speakers:
  Kevin HouleCERT; .
  

• Recent Internet Worms: Who Are the Victims, and How Good Are We at Getting the Word Out?
  Speakers:
  David MooreCAIDA; .
  

• DoS Attacks in the Real World
  Speakers:
  Karthik Arumugham, Global NAPs; Steven Schechter, Globix; Jason Slagle, Toledo Internet Access;

• DoS Attacks in the Real World
  Speakers:
  Karthik Arumugham, Global NAPs; Steven Schechter, Globix; Jason Slagle, Toledo Internet Access;

• DoS Attacks in the Real World
  Speakers:
  Karthik Arumugham, Global NAPs; Steven Schechter, Globix; Jason Slagle, Toledo Internet Access;

• Diversion and Sieving Techniques to Defeat
  Speakers:
  Yehuda Afek, Tel-Aviv Univ. & WANWall; Anat Bremler-BarrTel-Aviv Univ. & WANWall; .
  Hank NussbacherWANWall; .
  Danny TouitouWANWall; .
  

• Diversion and Sieving Techniques to Defeat
  Speakers:
  Yehuda Afek, Tel-Aviv Univ. & WANWall; Anat Bremler-BarrTel-Aviv Univ. & WANWall; .
  Hank NussbacherWANWall; .
  Danny TouitouWANWall; .
  

• Diversion and Sieving Techniques to Defeat
  Speakers:
  Yehuda Afek, Tel-Aviv Univ. & WANWall; Anat Bremler-BarrTel-Aviv Univ. & WANWall; .
  Hank NussbacherWANWall; .
  Danny TouitouWANWall; .
  

• Diversion and Sieving Techniques to Defeat
  Speakers:
  Yehuda Afek, Tel-Aviv Univ. & WANWall; Anat Bremler-BarrTel-Aviv Univ. & WANWall; .
  Hank NussbacherWANWall; .
  Danny TouitouWANWall; .
  

• NOBAD: Network-Oriented Basic Anomaly Detection
  Speakers:
  Jonas M. Luster, d-fensive.com;

• Designing a Testbed for Evaluating DDoS Defense Research
  Speakers:
  Wes Hardaker, NAI Labs;

• Inter-City MAN Services Using MPLS
  Speakers:
  Pascal Menezes, Terabeam;

• MPLS in Perspective
  Speakers:
  Kireeti Kompella, Juniper;

• Peering BOF IV
  Moderators:
  Bill NortonEquinix; .
  

• Enhancing the Internet\'s Administrative Look-up Service
  Speakers:
  Mark KostersVeriSign Applied Research; .
  Andrew NewtonVeriSign Applied Research; .
  

• Enhancing the Internet\'s Administrative Look-up Service
  Speakers:
  Mark KostersVeriSign Applied Research; .
  Andrew NewtonVeriSign Applied Research; .
  

• ARIN Open Mike Session
  Speakers:
  Richard JimmersonARIN; .
  

• Global Routing Instabilities During Code Red II and Nimda Worm Propagation
  Speakers:
  Jim CowieRenesys Corporation; .
  Andy OgielskiRenesys Corporation; .
  

• Global Routing Instabilities During Code Red II and Nimda Worm Propagation
  Speakers:
  Jim CowieRenesys Corporation; .
  Andy OgielskiRenesys Corporation; .
  

• Shining Light on Dark Internet Address Space
  Speakers:
  Craig LabovitzMerit Network/Arbor Networks; .
  Abha AhujaMerit Network/Arbor Networks; .
  Presented by Rob MalanArbor Networks; .
  

• Shining Light on Dark Internet Address Space
  Speakers:
  Craig LabovitzMerit Network/Arbor Networks; .
  Abha AhujaMerit Network/Arbor Networks; .
  Presented by Rob MalanArbor Networks; .
  

• Shining Light on Dark Internet Address Space
  Speakers:
  Craig LabovitzMerit Network/Arbor Networks; .
  Abha AhujaMerit Network/Arbor Networks; .
  Presented by Rob MalanArbor Networks; .
  

• BGP Multiple Origin AS (MOAS) Conflicts
  Speakers:
  Xiaoliang ZhaoNCSU; .
  Dan MasseyUSC/ISI; .
  Allison MankinUSC/ISI; .
  S. Felix WuUC Davis; .
  Lan WangUCLA; .
  Dan PeiUCLA; .
  Lixia ZhangUCLA; .
  

• BGP Multiple Origin AS (MOAS) Conflicts
  Speakers:
  Xiaoliang ZhaoNCSU; .
  Dan MasseyUSC/ISI; .
  Allison MankinUSC/ISI; .
  S. Felix WuUC Davis; .
  Lan WangUCLA; .
  Dan PeiUCLA; .
  Lixia ZhangUCLA; .
  

• BGP Multiple Origin AS (MOAS) Conflicts
  Speakers:
  Xiaoliang ZhaoNCSU; .
  Dan MasseyUSC/ISI; .
  Allison MankinUSC/ISI; .
  S. Felix WuUC Davis; .
  Lan WangUCLA; .
  Dan PeiUCLA; .
  Lixia ZhangUCLA; .
  

• BGP Multiple Origin AS (MOAS) Conflicts
  Speakers:
  Xiaoliang ZhaoNCSU; .
  Dan MasseyUSC/ISI; .
  Allison MankinUSC/ISI; .
  S. Felix WuUC Davis; .
  Lan WangUCLA; .
  Dan PeiUCLA; .
  Lixia ZhangUCLA; .
  

• BGP Multiple Origin AS (MOAS) Conflicts
  Speakers:
  Xiaoliang ZhaoNCSU; .
  Dan MasseyUSC/ISI; .
  Allison MankinUSC/ISI; .
  S. Felix WuUC Davis; .
  Lan WangUCLA; .
  Dan PeiUCLA; .
  Lixia ZhangUCLA; .
  

• BGP Multiple Origin AS (MOAS) Conflicts
  Speakers:
  Xiaoliang ZhaoNCSU; .
  Dan MasseyUSC/ISI; .
  Allison MankinUSC/ISI; .
  S. Felix WuUC Davis; .
  Lan WangUCLA; .
  Dan PeiUCLA; .
  Lixia ZhangUCLA; .
  

• BGP Multiple Origin AS (MOAS) Conflicts
  Speakers:
  Xiaoliang ZhaoNCSU; .
  Dan MasseyUSC/ISI; .
  Allison MankinUSC/ISI; .
  S. Felix WuUC Davis; .
  Lan WangUCLA; .
  Dan PeiUCLA; .
  Lixia ZhangUCLA; .
  

• The Impact of BGP Misconfiguration on Connectivity
  Speakers:
  Ratul MahajanUniversity of Washington; .
  David WetherallUniversity of Washington; .
  Tom AndersonUniversity of Washington; .
  

• The Impact of BGP Misconfiguration on Connectivity
  Speakers:
  Ratul MahajanUniversity of Washington; .
  David WetherallUniversity of Washington; .
  Tom AndersonUniversity of Washington; .
  

• The Impact of BGP Misconfiguration on Connectivity
  Speakers:
  Ratul MahajanUniversity of Washington; .
  David WetherallUniversity of Washington; .
  Tom AndersonUniversity of Washington; .
  

• Analysis of RIPE / RIS Project\'s BGP Data: CIDR at Work
  Speakers:
  Cengiz Alaettinoglu, Packet Design;

• XML-based Network Management
  Speakers:
  Rob Enns, Juniper;

• Using Topological Mapping to Manage and Secure Large Networks
  Speakers:
  Karl Siil, Lumeta;