Authors: William Beckett and Thusitha Jayawardena
The Internet has transformed how people interact and transact day-to-day activities in less than a single human generation. The rate of this transformation will only increase with the on-going innovations in mobile networks and devices. However, a limiting factor of adoption of innovation is the concern about Internet security. Thus, for the continuation of the transformative function of the Internet it is critical that Internet security itself is transformed to play a facilitating role from its current limiting role. Even as the current Internet evolves to a more secure future Internet several trends we see today will likely remain. One of them is the “arms race” between attacker and defender in cyberspace. We describe a new spiral in such an arms race in the current Internet, namely, DDoS attacks originating from botnets and their mitigation in large provider networks using BGP flow specification, a new, dynamic, real-time traffic filtering capability described in RFC 5575.
Keywords: DDOS Mitigation;BGP Flow specification; Botnets