trusted networks initiative to
play

Trusted Networks Initiative to Combat DDoS Attacks University of - PowerPoint PPT Presentation

Oct 25, 2022 •293 likes •541 views

Trusted Networks Initiative to Combat DDoS Attacks University of Amsterdam System & Network Engineering Research Project 1 Jeroen van Kessel Alexandros Stavroulakis Research Question Is the '' Trusted Networks Initiative '' a feasible

  1. Trusted Networks Initiative to Combat DDoS Attacks University of Amsterdam System & Network Engineering Research Project 1 Jeroen van Kessel Alexandros Stavroulakis

  2. Research Question Is the '' Trusted Networks Initiative '' a feasible additional solution in protecting hosts and networks from large and/or long lasting DDoS attacks ?

  3. Problem Description • The size of DDoS attacks keeps increasing • Mitigation costs are also increasing • No short term answer to this growing threat

  4. Size of largest reported DDoS attacks Source: Arbor Networks Worldwide Infrastructure Security Report, 2014

  5. Top 10 countries of origin Q1 2014 Source: Incapsula Top 10 DDoS Attack Trends of 2014

  6. DDoS Types & Mitigation Solutions • Attack types • Volumetric Attacks • Application Layer Attacks • Mitigation Solutions • Layer 3/4 • Layer 7

  7. DDoS Layer 7 Mitigation Solution

  8. DDoS Layer 3/4 Mitigation Solution

  9. Disadvantages • Legitimate traffic discarded along with attack traffic • Up to 30 minutes activation time is too long • Privacy issues when serving https:// websites • High cost • The industry is always one step behind the attackers

  10. Trusted Networks Initiative Concept • A temporary last resort solution for DDoS attacks • Dutch, internationally oriented initiative • In combination with other Mitigation Solutions • Trusted Routing to provide a secure interconnection for Trusted Networks • Temporarily separate traffic from Trusted and Untrusted Networks

  11. Trusted Networks Initiative Concept • Responsibility for proper Networking • Advertise only valid prefixes • Ingress Filtering (address spoofing) • 24/7 Collaboration between participants • Forensic Investigation on DDoS Attacks

  12. Participants

  13. NLnet, The Hague Security Delta, AMS-IX, NL-ix, XS4ALL, ASP4ALL, KPN, Ziggo, UPC, SIDN Labs, SURFnet, Ministry of Justice and Rabobank.

  14. Normal Routing, no DDoS Attack

  16. Under DDoS Attack

  18. How to mitigate a large DDoS Attack?

  19. Trusted Routing • Scenarios • On emergency Activation • Always On

  21. Technical Analysis • Uses already existent infrastructure and technology • Traffic segregation via AS Numbers and IP ranges through BGP-4 routers • Implementation of Anti-Spoofing with BCP 38

  22. Conclusions • DDoS attacks’ severity increases • Trusted Networks Initiative is a feasible additional solution • Critical services available to end-users even under attack • Strong future marketing point

  23. However • Participants need to reach a consensus on its purpose • Policies need to be finalized and timeframes to be specified • Mobile Carriers as Trusted Networks

  24. Thanks for your attention! Jeroen van Kessel Alexandros Stavroulakis

Recommend

Trusted Partner Initiative Fiona Flood, Manager, Employment Permits Section, Department of Jobs,

Trusted Partner Initiative Fiona Flood, Manager, Employment Permits Section, Department of Jobs,

Trusted Partner Initiative Fiona Flood, Manager, Employment Permits Section, Department of Jobs, Enterprise and Innovation 12 th May 2015 What is the Trusted Partner Initiative? APJ 2015 (Action 27) New Form of Registration for

618 views • 14 slides
for TPM API Aybek Mukhamedov, Andy Gordon and Mark Ryan Trusted Platform Module Trusted

for TPM API Aybek Mukhamedov, Andy Gordon and Mark Ryan Trusted Platform Module Trusted

Towards Verified C specification for TPM API Aybek Mukhamedov, Andy Gordon and Mark Ryan Trusted Platform Module Trusted Computing, an initiative by major IT vendors Functions: integrity measurement, reporting & protected storage

374 views • 16 slides
Slalom: Fast, Verifiable and Private Execution of Neural Networks in Trusted Hardware Florian

Slalom: Fast, Verifiable and Private Execution of Neural Networks in Trusted Hardware Florian

Slalom: Fast, Verifiable and Private Execution of Neural Networks in Trusted Hardware Florian Tramr (joint work with Dan Boneh) Intel, Santa Clara August 30 th 2018 Trusted execution of ML: 3 motivating scenarios 1. Outsourced ML Data

781 views • 21 slides
Information-seeking on the Web with Trusted Social Networks - from Theory to Systems T om Heath

Information-seeking on the Web with Trusted Social Networks - from Theory to Systems T om Heath

Information-seeking on the Web with Trusted Social Networks - from Theory to Systems T om Heath Knowledge Media Institute, The Open University / Platform Division, T alis Overview 1. Problem Statement and Research Questions 2. Source

799 views • 79 slides
GENERIC TRUSTED COMPONENT BRUNO VAVALA CMU / UL Nuno Neves Peter Steenkiste UL CMU

GENERIC TRUSTED COMPONENT BRUNO VAVALA CMU / UL Nuno Neves Peter Steenkiste UL CMU

SECURE IDENTIFICATION of ACTIVELY EXECUTED CODE on a GENERIC TRUSTED COMPONENT BRUNO VAVALA CMU / UL Nuno Neves Peter Steenkiste UL CMU IEEE/IFIP Conference on Dependable Systems & Networks (DSN16) outline Trusted Practical

663 views • 47 slides
Bachelors Thesis: A Certification Service for future Home Networks based on Trusted Computing

Bachelors Thesis: A Certification Service for future Home Networks based on Trusted Computing

Lehrstuhl Netzarchitekturen und Netzdienste Institut fr Informatik TU Mnchen Bachelors Thesis: A Certification Service for future Home Networks based on Trusted Computing Technology Announcement: Prof. Georg Carle Advisor: Holger

552 views • 34 slides
Slalom: Fast, Verifiable and Private Execution of Neural Networks in Trusted Hardware F LORIAN T

Slalom: Fast, Verifiable and Private Execution of Neural Networks in Trusted Hardware F LORIAN T

Slalom: Fast, Verifiable and Private Execution of Neural Networks in Trusted Hardware F LORIAN T RAMR & D AN B ONEH ICLR, New Orleans May 7 th 2019 2 Securely outsourcing ML inference with hardware isolation - Intel SGX input X -

554 views • 10 slides
TRUSTED MEMORY Software-Based O-Chip Memory Protection for RISC-V Trusted Execution

TRUSTED MEMORY Software-Based O-Chip Memory Protection for RISC-V Trusted Execution

TRUSTED MEMORY Software-Based O-Chip Memory Protection for RISC-V Trusted Execution Environments Gui Andrade Krste Asanovi Dayeol Lee David Kohlbrenner Dawn Song University of California, Berkeley TRUSTED MEMORY? Securing data/code

703 views • 48 slides
Trusted Caregivers, On Demand An app that provides a marketplace of trusted, convenient, and

Trusted Caregivers, On Demand An app that provides a marketplace of trusted, convenient, and

Trusted Caregivers, On Demand An app that provides a marketplace of trusted, convenient, and affordable caregivers to families on demand. Why create RestUp? Americans provide $470 Billion in unpaid care in 2015. Emergency Staffing

324 views • 8 slides
Sorrento Networks Trusted Transport The 5G Reality Steve Pegrum September 2017 Mobile Data:

Sorrento Networks Trusted Transport The 5G Reality Steve Pegrum September 2017 Mobile Data:

Global Footprint Sorrento Networks Trusted Transport The 5G Reality Steve Pegrum September 2017 Mobile Data: Exponential Growth Courtesy of www.electronicdesign.com Courtesy of Business Intelligence Mobile data in Blue Courtesy of Cisco

270 views • 23 slides
Your Trusted China Partner Market Overview Your Trusted Partner in China Source: McKinsey &

Your Trusted China Partner Market Overview Your Trusted Partner in China Source: McKinsey &

Chinas Dietary Supplement Industry Market Insights Natural Products Expo West March 11, 2017 Your Trusted China Partner Market Overview Your Trusted Partner in China Source: McKinsey & Company Your Trusted Partner in China Consumer

409 views • 29 slides
What is the HPW initiative? Its a programme to help firms start using high performance

What is the HPW initiative? Its a programme to help firms start using high performance

What is the HPW initiative? Its a programme to help firms start using high performance working practices to improve business performance and make work more satisfying. Dept of Labour works with and funds Trusted Partners who engage

77 views • 6 slides
A well-established international media Created in 1992 As an initiative from EBU* Based in

A well-established international media Created in 1992 As an initiative from EBU* Based in

A well-established international media Created in 1992 As an initiative from EBU* Based in Lyon, France New worldwide headquarters * European Broadcasting Union 2 A trusted brand Independent Global Unbiased No infotainment No Political

1.04k views • 76 slides
Kantara F2F Berlin Closing Session Summary slides from: Business Cases for Trusted Federations

Kantara F2F Berlin Closing Session Summary slides from: Business Cases for Trusted Federations

Kantara F2F Berlin Closing Session Summary slides from: Business Cases for Trusted Federations Trust Framework Meta Model Telecommunications Identity Open Source Support Initiative Privacy Framework eGovernment Board of Trustees BCTF

322 views • 17 slides
Trusted Platform Module Dries Schellekens COSIC, KU Leuven Nomenclature Trusted versus

Trusted Platform Module Dries Schellekens COSIC, KU Leuven Nomenclature Trusted versus

Trusted Platform Module Dries Schellekens COSIC, KU Leuven Nomenclature Trusted versus trustworthy RFC 4949 (Internet Security Glossary) Trust : A feeling of certainty (sometimes based on inconclusive evidence) either (a) that the system

788 views • 33 slides
Networks Association Insert presentation title here Open Networks Workstream 3 Product 5 Lynne

Networks Association Insert presentation title here Open Networks Workstream 3 Product 5 Lynne

Energy Networks Association Insert presentation title here Open Networks Workstream 3 Product 5 Lynne McDonald Name UK Power Networks Position Date 1 Overview The Open Networks Project is a major industry initiative that will

350 views • 21 slides
EndBox: Scalable M iddlebox Functions Using Client-Side Trusted Execution Image CC-BY-SA

EndBox: Scalable M iddlebox Functions Using Client-Side Trusted Execution Image CC-BY-SA

Institute of Operating Systems and Computer Networks EndBox: Scalable M iddlebox Functions Using Client-Side Trusted Execution Image CC-BY-SA Victorgrigas David Goltzsche, 1 Signe Rsch, 1 Manuel Nieke, 1 Sbastien Vaucher, 2 Nico Weichbrodt, 1

630 views • 46 slides
Trusted evidence. Informed decisions. Better health. Health-Related content on Wikipedia: Why

Trusted evidence. Informed decisions. Better health. Health-Related content on Wikipedia: Why

I have no actual or potential conflict of interest in relation to this presentation. Trusted evidence. Informed decisions. Better health. Health-Related content on Wikipedia: Why share evidence on Wikipedia? Cochrane-Wikipedia Initiative How

707 views • 44 slides
Layer 2 Cryptocurrency Networks Cryptocurrency transaction rates are slow. How can we build

Layer 2 Cryptocurrency Networks Cryptocurrency transaction rates are slow. How can we build

Continuous Credit Networks and Layer 2 Blockchains Ashish Goel and Geoffrey Ramseyer , Stanford University Layer 2 Cryptocurrency Networks Cryptocurrency transaction rates are slow. How can we build trusted relationships in an untrusted

454 views • 4 slides
Trusted Mobile Platforms: Part 1: An introduction to trusted computing Chris Mitchell Royal

Trusted Mobile Platforms: Part 1: An introduction to trusted computing Chris Mitchell Royal

Trusted Mobile Platforms: Part 1: An introduction to trusted computing Chris Mitchell Royal Holloway, University of London c.mitchell@rhul.ac.uk http://www.isg.rhul.ac.uk/~cjm Contents What is trusted computing? The TCG TCG

1.43k views • 114 slides
Chapter 10 Trusted Computing Trusted Computing Chapter 10 and Multilevel Security and

Chapter 10 Trusted Computing Trusted Computing Chapter 10 and Multilevel Security and

Computer S ecurity: Principles and Practice Chapter 10 Trusted Computing Trusted Computing Chapter 10 and Multilevel Security and Multilevel Security First Edition by William S tallings and Lawrie Brown Lecture slides by Lawrie

636 views • 40 slides
Four Layers to Build a Four Layers to Build a Trusted Architecture Trusted Architecture Danny

Four Layers to Build a Four Layers to Build a Trusted Architecture Trusted Architecture Danny

Trusted Architecture for Trusted Architecture for Securely Shared Services Securely Shared Services Four Layers to Build a Four Layers to Build a Trusted Architecture Trusted Architecture Danny De Cock K.U.Leuven ESAT/COSIC

369 views • 17 slides
A BAD DREAM: SUBVERTING TRUSTED PLATFORM MODULE WHILE YOU ARE SLEEPING Seunghun Han, Wook Shin,

A BAD DREAM: SUBVERTING TRUSTED PLATFORM MODULE WHILE YOU ARE SLEEPING Seunghun Han, Wook Shin,

A BAD DREAM: SUBVERTING TRUSTED PLATFORM MODULE WHILE YOU ARE SLEEPING Seunghun Han, Wook Shin, Jun-Hyeok Park, and HyoungChun Kim, National Security Research Institute BACKGROUND Trusted Computing Group (TCG) Trusted Platform Module

375 views • 19 slides
Access Control Casey Schaufler August 2010 Casey Schaufler Trusted Solaris, Trusted Irix,

Access Control Casey Schaufler August 2010 Casey Schaufler Trusted Solaris, Trusted Irix,

File Content Based Access Control Casey Schaufler August 2010 Casey Schaufler Trusted Solaris, Trusted Irix, Linux LSM Various Government Efforts Trusix, CMM, CHATS Standards P1003.1e/2c, TSIG Smack Linux Security Module

497 views • 30 slides

More recommend