In this paper, we present a measurement study of persistent forwarding loops and a flooding attack that exploits persistent forwarding loops. Persistent forwarding loops may share one or more links with forwarding paths to some hosts. An attacker can exploit persistent forwarding loops to overload the shared links and disrupt Internet connectivity to those hosts. To understand the extent of this vulnerability, we perform extensive measurements to systematically study persistent forwarding loops. We find that persistent forwarding loops do exist in the Internet. At least 35 million addresses experience persistent forwarding loops, and at least 11 million addresses can be attacked by exploiting such persistent forwarding loops. In addition, ...
In a flooding-based distributed denial-of-service (DDoS) attack, an adversary attempts to exhaust a ...
Many types of brute-force attacks are known to exhibit a characteristic ‘flat’ behavior at the netwo...
Abstract—Designing infrastructures that give untrusted thirdparties (such as end-hosts) control over...
In this paper, we present flooding attacks that exploit routing anomalies in the Internet. In partic...
The success of the Internet has brought out extraordinary benefits to our society. Current Internet ...
The Internet is not a safe place. Unsecured hosts can expect to be compromised within minutes of con...
Link-flooding attacks in which an adversary coordinates botnet messages to exhaust the bandwidth of ...
Initially, packet forwarding in the Internet was destination-based – that is, a router would forward...
While it is widely understood that criminal miscreants are subverting large numbers of Internet-conn...
We identify vulnerabilities in epidemic forwarding. We address broadcast applications over wireless ...
The way in which addressing and forwarding are implemented in the Internet constitutes one of its bi...
<p>How pervasive is the vulnerability to linkflooding attacks that degrade connectivity of thousands...
In this paper, we consider a variant of packet replay attacks wherein, an attacker simply replays ov...
We use anonymized flow data collected from a 10Gbps backbone link to discover and analyze malicious ...
The paper describes a Non-Intrusive IP traceback scheme which uses sampled traffic under non-attack ...
In a flooding-based distributed denial-of-service (DDoS) attack, an adversary attempts to exhaust a ...
Many types of brute-force attacks are known to exhibit a characteristic ‘flat’ behavior at the netwo...
Abstract—Designing infrastructures that give untrusted thirdparties (such as end-hosts) control over...
In this paper, we present flooding attacks that exploit routing anomalies in the Internet. In partic...
The success of the Internet has brought out extraordinary benefits to our society. Current Internet ...
The Internet is not a safe place. Unsecured hosts can expect to be compromised within minutes of con...
Link-flooding attacks in which an adversary coordinates botnet messages to exhaust the bandwidth of ...
Initially, packet forwarding in the Internet was destination-based – that is, a router would forward...
While it is widely understood that criminal miscreants are subverting large numbers of Internet-conn...
We identify vulnerabilities in epidemic forwarding. We address broadcast applications over wireless ...
The way in which addressing and forwarding are implemented in the Internet constitutes one of its bi...
<p>How pervasive is the vulnerability to linkflooding attacks that degrade connectivity of thousands...
In this paper, we consider a variant of packet replay attacks wherein, an attacker simply replays ov...
We use anonymized flow data collected from a 10Gbps backbone link to discover and analyze malicious ...
The paper describes a Non-Intrusive IP traceback scheme which uses sampled traffic under non-attack ...
In a flooding-based distributed denial-of-service (DDoS) attack, an adversary attempts to exhaust a ...
Many types of brute-force attacks are known to exhibit a characteristic ‘flat’ behavior at the netwo...
Abstract—Designing infrastructures that give untrusted thirdparties (such as end-hosts) control over...