Mitigating DRDoS Network Attacks via Consolidated Deny Filter Rules

Abstract: This article is concerning distributed reflection denial of service (DRDoS) attacks. These DRDoSattacks are more frequent and large scale, and are one of the biggest threats on the Internet. This paperdiscusses the best way to defend from these attacks using public cloud defenses, such as AmazonAWS, Google GCP, and Microsoft Azure, at a very low cost. Our mitigation strategy takes advantageof the fact that the attacker does not have full control to ch… Show more