SIBRA: Scalable Internet Bandwidth Reservation Architecture presented at NDSS 2016

by Adrian Perrig, Hsu-chun Hsiao, Ayumu Kubota, Cristina Basescu, Pawel Szalachowski, Raphael M. Reischuk, Yao Zhang, Jumpei Urakawa,

Summary : This paper proposes a Scalable Internet Bandwidth Reservation Architecture (SIBRA) as a new approach against DDoS attacks, which, until now, continue to be a menace on today’s Internet. SIBRA provides scalable inter-domain resource allocations and botnet-size independence, an important property to realize why previous defense approaches are insufficient. Botnet-size independence enables two end hosts to set up communication regardless of the size of distributed botnets in any Autonomous System in the Internet. SIBRA thus ends the arms race between DDoS attackers and defenders. Furthermore, SIBRA is based on purely stateless operations for reservation renewal, flow monitoring, and policing, resulting in highly efficient router operation, which is demonstrated with a full implementation. Finally, SIBRA supports Dynamic Interdomain Leased Lines (DILLs), offering new business opportunities for ISPs.