Dear NANOG members,


I am a senior Ph.D. student at the University of Oregon (UO). We are seeking your help to understand DDoS mitigation techniques toward volumetric link flooding attacks.


With our preliminary survey so far, DDoS mitigation approaches in the real world include 1) DDoS mitigation service providers (e.g., Akamai, Cloudflare), 2) Remotely-Triggered Black Hole (RTBH), 3) BGP FlowSpec, and 4) direct contact with upstream providers for traffic filtering.


We also realize the traffic filtering space in hardware routers is limited as router vendors use CAM/TCAM to implement packet matching and access control lists at line rate. We believe that many routers on the Internet today may not have the necessary capacity to perform fine-grained traffic filtering, especially when facing a large-scale DDoS attack with or without IP spoofing.


To this end, we ask that you kindly participate in our short and anonymized survey at https://oregon.qualtrics.com/jfe/form/SV_03aPeCIGiyUt6st. The purpose of this survey is to understand 1) the frequency and scale of DDoS attacks, 2) the DDoS mitigation methods commonly used by the edge network operators, and 3) the capability of the mitigation methods.


We plan to collect responses for three months, and we will report the survey result back to you. This study is part of our on-going research project, the Catch-22 attack, and you can view our poster paper at https://luminshi.github.io/assets/papers/catch22.pdf.


Regards,

Lumin Shi

Center for Cyber Security and Privacy

University of Oregon