TPRC 2024: The 52nd Research Conference on Communications, Information and Inter

Link to paper

Abstract:
The focus of this paper is on an economics-based analysis and redesign of mitigation of volumetric Denial-of-Service (DDos) attacks utilizing the initial packets in connection-oriented protocols. These attacks have been documented for decades and their volume and impact have been growing enormously. The contributions of the paper are: (1) a novel evaluation framework based on all of efficacy, threat, overhead, and damage as experienced by applications; (2) a comparison of TCP with SYN Cookies and QUIC with Retries, the two accepted DDoS mitigation approaches in these two transport protocols; (3) evaluation of our alternative proposal to use SYN Proof-of-Work (SYN PoW) to address these volumetric attacks more effectively; and (4) an in-depth discussion of the economics of the various stakeholders in these scenarios. As demonstrated in this work, the SYN PoW type of approach not only moves much of the cost of mitigation onto the attackers, unlike current proposals, but also enables verification of validity of traffic to be handled anywhere in the network, rather than only at the end-points, giving network service providers an additional capability for reducing malicious traffic. A critical contribution is that this type of approach