%0 Conference Proceedings
%T A Blockchain-Based Architecture for Collaborative DDoS Mitigation with Smart Contracts
%+ Universität Zürich [Zürich] = University of Zurich (UZH)
%+ Technische Universität Darmstadt - Technical University of Darmstadt (TU Darmstadt)
%A Rodrigues, Bruno
%A Bocek, Thomas
%A Lareida, Andri
%A Hausheer, David
%A Rafati, Sina
%A Stiller, Burkhard
%Z Part 1: Security Management
%< avec comité de lecture
%( Lecture Notes in Computer Science
%B 11th IFIP International Conference on Autonomous Infrastructure, Management and Security (AIMS)
%C Zurich, Switzerland
%Y Daphne Tuncer
%Y Robert Koch
%Y Rémi Badonnel
%Y Burkhard Stiller
%I Springer International Publishing
%3 Security of Networks and Services in an All-Connected World
%V LNCS-10356
%P 16-29
%8 2017-07-10
%D 2017
%R 10.1007/978-3-319-60774-0_2
%K Distributed Denial-of-Service (DDoS)
%K Security
%K Blockchain
%K Software-defined Networks (SDN)
%K Network management
%Z Computer Science [cs]
%Z Computer Science [cs]/Networking and Internet Architecture [cs.NI]Conference papers
%X The rapid growth in the number of insecure portable and stationary devices and the exponential increase of traffic volume makes Distributed Denial-of-Service (DDoS) attacks a top security threat to services provisioning. Existing defense mechanisms lack resources and flexibility to cope with attacks by themselves, and by utilizing other’s companies resources, the burden of the mitigation can be shared. Emerging technologies such as blockchain and smart contracts allows for the sharing of attack information in a fully distributed and automated fashion. In this paper, the design of a novel architecture is proposed by combining these technologies introducing new opportunities for flexible and efficient DDoS mitigation solutions across multiple domains. Main advantages are the deployment of an already existing public and distributed infrastructure to advertise white or blacklisted IP addresses, and the usage of such infrastructure as an additional security mechanism to existing DDoS defense systems, without the need to build specialized registries or other distribution mechanisms, which enables the enforcement of rules across multiple domains.
%G English
%Z TC 6
%Z WG 6.6
%2 https://inria.hal.science/hal-01806063/document
%2 https://inria.hal.science/hal-01806063/file/452969_1_En_2_Chapter.pdf
%L hal-01806063
%U https://inria.hal.science/hal-01806063
%~ IFIP-LNCS
%~ IFIP
%~ IFIP-TC
%~ IFIP-TC6
%~ IFIP-AIMS
%~ IFIP-WG6-6
%~ IFIP-LNCS-10356