Presentation | 2018-09-04 A Fine-grained Access Control List towards DDoS Filtering of All IPv4 address space Yohei Kuga, Takeshi Matsuya, Ryo Nakamura, |
---|---|
PDF Download Page | PDF download Page Link |
Abstract(in Japanese) | (See Japanese page) |
Abstract(in English) | In this paper, we discussed a hardware-based DDoS mitigation architecture capable of filtering ACL rules of all IPv4 address spaces to mitigate large-scale DDoS (Distributed Denial of Service) attacks. In 2016, the traffic size of the MIRAI type DDoS attack reached over 600 Gbps scale which used IoT equipment whose password is fragile. It is difficult to defense with the MIRAI scale DDoS attacks only with the existing software-based DDoS filters, and there's a fear that DDoS attacks will be larger than in the future. We proposed a ACL architecture using data structure of page table that considers memory efficiency for holding ACL rules. We discussed the number of ACL rules that can be held by the NetFPGA SUME. |
Keyword(in Japanese) | (See Japanese page) |
Keyword(in English) | DDoS Mitigation / Firewall / Network hardware / FPGA |
Paper # | IA2018-28 |
Date of Issue | 2018-08-27 (IA) |
Conference Information | |
Committee | IA |
---|---|
Conference Date | 2018/9/3(2days) |
Place (in Japanese) | (See Japanese page) |
Place (in English) | Hokkaido Univ. Conference Hall |
Topics (in Japanese) | (See Japanese page) |
Topics (in English) | Internet Operation and Management, etc. |
Chair | Katsuyoshi Iida(Hokkaido Univ.) |
Vice Chair | Rei Atarashi(IIJ) / Hiroyuki Osaki(Kwansei Gakuin Univ.) / Toru Kondo(Hiroshima Univ.) |
Secretary | Rei Atarashi(Tokyo Metropolitan Univ.) / Hiroyuki Osaki(TOYOTA-IT) / Toru Kondo(NEC) |
Assistant | Kenji Ohira(Tokushima Univ.) / Ryohei Banno(Tokyo Inst. of Tech.) |
Paper Information | |
Registration To | Technical Committee on Internet Architecture |
---|---|
Language | JPN |
Title (in Japanese) | (See Japanese page) |
Sub Title (in Japanese) | (See Japanese page) |
Title (in English) | A Fine-grained Access Control List towards DDoS Filtering of All IPv4 address space |
Sub Title (in English) | |
Keyword(1) | DDoS Mitigation |
Keyword(2) | Firewall |
Keyword(3) | Network hardware |
Keyword(4) | FPGA |
1st Author's Name | Yohei Kuga |
1st Author's Affiliation | Keio University(Keio Univ.) |
2nd Author's Name | Takeshi Matsuya |
2nd Author's Affiliation | Keio University(Keio Univ.) |
3rd Author's Name | Ryo Nakamura |
3rd Author's Affiliation | University of Tokyo(Univ. of Tokyo) |
Date | 2018-09-04 |
Paper # | IA2018-28 |
Volume (vol) | vol.118 |
Number (no) | IA-204 |
Page | pp.pp.77-81(IA), |
#Pages | 5 |
Date of Issue | 2018-08-27 (IA) |