[Ndn-interest] Largest DDoS attack ever delivered by botnet of hijacked IoT devices

Tue Sep 27 17:25:01 PDT 2016

Spyros,

Your intuition is correct.

A DDoS attack exploits resource exhaustion at some point in the 
communication chain. What we see currently with these IoT attacks is 
that the ratio of attackers to communication resources is approaching 
infinity, thus you will not win by simply throwing more resources. The 
alternative is to manage the resources you have and control failure when 
it happens. With NDN and the PIT you have important information about 
whether communication failed, where and potentially how it failed. 
That's a much better starting point than IP.

Christos.

On 09/27/2016 05:16 PM, Spyridon (Spyros) Mastorakis wrote:
> My 2 cents on the discussion:
>
> I agree that the network should take countermeasures to mitigate 
> Interest flooding attacks and I believe that what you gain from the 
> PIT state is more than the price that you have to pay.
>
> If the flooding concerns have to do with PIT, then the PIT size of 
> each router should be limited. If the size reaches the maximum, the 
> router should start dropping state in the sense of erasing PIT entries 
> to mitigate a potential flooding attack. Which entries a router should 
> erase? Probably, the ones closer to expiration.
>
> How exactly to do that is an open question, but this is my rough 
> intuition.
>
> Spyridon (Spyros) Mastorakis
> Personal Website: http://cs.ucla.edu/~mastorakis/ 
> <http://cs.ucla.edu/%7Emastorakis/>
> Internet Research Laboratory
> Computer Science Department
> UCLA
>
>> On Sep 27, 2016, at 3:59 PM, woodc1 at uci.edu <mailto:woodc1 at uci.edu> 
>> wrote:
>>
>> On September 27, 2016 at 3:23:14 PM, Lixia Zhang (lixia at cs.ucla.edu 
>> <mailto:lixia at cs.ucla.edu>) wrote:
>>>
>>>> On Sep 27, 2016, at 1:49 PM, Cesar Ghali wrote:
>>>>
>>>> The PIT may very well serve a useful purpose in NDN/CCN. However, 
>>>> it creates well-known
>>> security problems (interest flooding is trivial) and it’s highly 
>>> doubtful that a deterministic
>>> solution is possible.
>>>
>>> the discussion below is on how to effectively mitigate Interest 
>>> flooding.
>>> By removing PIT, one also removes a number of important functions 
>>> enabled by PIT.
>>
>> To re-iterate Cesar’s point, as of now, there is no truly effective
>> interest flooding mitigation. However, one concrete way to minimize
>> the attack surface (for routers) is to get rid of the attack's root
>> cause: the PIT. (Producers could still be hosed with bogus interests.)
>> And since the PIT enables several important functions, other
>> architecture changes will probably have to follow in its wake.
>>
>> Personally, I don’t think we should settle with an architectural
>> element that has a known (and quite severe) weakness simply because it
>> enables some nice features in practice. The more serious design
>> problems must be dealt with first, not last.
>>
>> Chris
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.lists.cs.ucla.edu/pipermail/ndn-interest/attachments/20160927/61e75d94/attachment.html>