usenix conference policies
Flooding Attacks by Exploiting Persistent Forwarding Loops
In this paper, we present flooding attacks that exploit routing anomalies in the Internet. In particular, we focus on routing anomalies introduced by persistent forwarding loops. Persistent forwarding loops may share one or more links with forwarding paths to reachable addresses. An attacker can exploit persistent forwarding loops to overload the shared links to disrupt the Internet connectivity to those reachable addresses.
To understand the extent of this vulnerability, we perform extensive measurements to systematically study persistent forwarding loops and the number of network addresses that can be affected. We find that persistent forwarding loops do exist in the current Internet. About .2% of routable addresses experience persistent forwarding loops and .21% of routable addresses can be attacked by exploiting persistent forwarding loops. In addition, 85.16% of the persistent forwarding loops appear within destination domains and they can be observed from various locations, which makes it possible to launch attacks from many vantage points. We also find that most persistent forwarding loops are just two hops long, which enables an attacker to amplify traffic to persistent forwarding loops significantly. To the best of our knowledge, this is the first study of exploiting the vulnerability of persistent forwarding loops to launch DDoS attacks.
author = {Jianhong Xia and Lixin Gao and Teng Fei},
title = {Flooding Attacks by Exploiting Persistent Forwarding Loops},
booktitle = {Internet Measurement Conference 2005 (IMC 05)},
year = {2005},
address = {Berkeley, CA},
url = {https://www.usenix.org/conference/imc-05/flooding-attacks-exploiting-persistent-forwarding-loops},
publisher = {USENIX Association},
month = oct
}
connect with us