Seybold Report Journal
Seybold Report Journal
Seybold Report Journal
7152659
ABHINAV BHANDARI
Department of Computer Science & Engineering, (Punjabi University), Patiala, India.
Email: [email protected]
Abstract
One of the most serious security threats to network domains is a distributed denial of service attack. Various
mitigation mechanisms are widely deployed in various networks or domains, but they lack the resources and
resilience to deal with DDoS attacks on their own. Collaborative mitigation systems have been developed to
improve the DDoS mitigation capability of a single mitigation system by exchanging mitigation information.
However, for collaborative DDoS mitigation architectures, deployment complexity, secure information exchange,
and trust remain issues. Block chain technology has recently demonstrated its compatibility with fields such as
supply chain management, health care, IoT, and other public services. Because Block chain is distributed in nature
and effective in data integrity and transparency, it can integrate with collaborative DDoS mitigation systems. This
paper provides an overview of the integration of Collaborative DDoS mitigation systems with Block chain
technology. We discuss the history of DDoS mitigation and Block chain, as well as the applicability of Block
chain to collaborative DDoS mitigation and open challenges in this area.
Keywords: Block chain, Security, Trust, Data sharing, Cooperative Defense, Distributed Denial-of-Service
(DDoS)
1. INTRODUCTION
The Internet has evolved into a necessary component that has a significant impact on our daily
lives. The majority of users rely on the Internet for most services such as financial, shopping,
healthcare, and education. Emerging megatrends such as cloud computing, social networking,
mobile computing, and big data necessitate greater bandwidth and speed than ever before.
There is a hasty growth in the number of unsafe devices which are estimated to be more than
50 billion by the end of 2020 [1]. This rapid growth can make things easier for the attackers
who want to disturb the essential network services, so network security has become a crucial
requirement. One of the active attacks called Denial of Service (DoS) has been impacting the
network services for many years and still, it is still a major challenge. Denial of service (DoS)
attacks is one of the key reasons for affecting the accessibility of the network services. First
DoS attack happened in 1974 and since then these attacks have gained in frequency, power and
complexity. The strength of this attack becomes more when launched in a distributed manner
(called Distributed Denial of Service attack).
In Distributed Denial-of-Service (DDoS) attack target machine resources become unavailable
for legitimate users [1]. Even though it is a very well-known attack it is still considered a major
concern for big organizations or service providers. The hasty increase in the number of unsafe
devices lets the malicious users take control over a large number of unsafe or unsecured devices
94 | V 1 7 . I 1 0
DOI 10.5281/zenodo.7152659
to launch an attack. It became difficult for internal defense systems and cloud-based defense
systems due to transmission bottleneck and centralized tactics. DDoS attack is distributed in
nature so a distributor and collaborative mitigation solution would be a better option for
defending against the DDoS attack. Some literature shows the numerous advantages of
collaborative mitigation or defense systems against DDoS attacks [2]–[6]. It basically
combines the abilities of the different participants in a collaborative defense to reduce the
mitigation burden on a single node or network and helps to block the attack traffic near to its
origin. Even though there are so many advantages of collaborative mitigation solutions, no
extensive deployment of these collaborative and cooperative mitigation solutions due to lack
of efficiency and deployment complexities or difficulties. The main challenges of existing
mitigation solutions are high deployment complexity, high complexity of cooperation and
coordination between two participants, trusted communication and incentive scheme for
cooperation [7], [8].
Some of the new technologies like SDN and Block chain recently showed potential in this area
due to the special features of these technologies. Block chain technology is moving towards
different types of areas as Block chain works in a distributed manner without a trusted
intermediary unlike in centralized systems [9]. Things can be done in a decentralized way
without the help of the central authorities. Block chain technology could play a major role in
collaborative DDoS mitigation services due to its key features like pure distributed and well-
secured in nature. For example, in sharing malicious IP among the different domains with help
of Block chain network which is an immutable platform. The main objective of this paper is
to confer the likelihood of combining collaborative DDoS mitigation with Block chain
technology. We introduced the background of DDoS mitigation and challenges in
Collaborative DDoS mitigation. Keeping a view on collaborative DDoS mitigation, we
introduce the background of Block chain and its applications and then provide a perception on
where Block chain technology can be useful for addressing the problem of Collaborative DDoS
Mitigation.
The enduring part of this paper is organized as follows. Section II introduces the background
of Block chain technology and its applications. Section III presents the background of DDoS
Mitigation and major challenges. We discuss how Block chain technology can be integrated
with DDoS mitigation for solving problems in existing DDoS mitigation solutions in Section
IV and discuss open challenges in section V. Finally, Section VI concludes the work.
95 | V 1 7 . I 1 0
DOI 10.5281/zenodo.7152659
has the capability to combine many essential technologies like cryptographic hashes,
asymmetric cryptography and distributed consensus algorithms. Block chain is cost-effective
and more efficient because it works in a decentralized model. Though Bitcoin or any
Cryptocurrency is one of the key applications of the Block chain, it has much potential in other
miscellaneous applications other than the cryptocurrencies. Block chain is going to play a
major role on the internet for the future.
A. Characteristics of Blockchain
With some analysis efforts [10] [11] [12] [13] some basic characteristics of Block chain as
described below as:
1. Distributed: Block chain is designed as a distributed system that works in point-to-point
networks. This makes it ideal for organizational business networks in which there is heavy
dealing among the different types of organizations. Each user within the network needs to
validate transactions and has a uniform copy of the ledger. After that encrypted transactions
can be added. If any change takes place in a ledger that would mirror all its copies in a very
short time.
2. Immutability: Once all nodes unite about a transaction and then it is recorded after
verification, it cannot be modified again. You can only change the state of a transaction by
doing the same process again but cannot modify the previous transaction.one should not be
able to hide the original transaction. He can trace any asset throughout its life. So, all the
valid transactions are practically changeless because of the necessity for verification by all
different nodes within the network.
3. Consensus: An agreement is required to validate the block or transactions. If all the
members of Block chain are agreed only then block or transaction is accepted. All the
members should conform to the same agreement. A transaction that does not follow the
same agreement won't be accepted.
4. Irreversible: Block chain is irreversible as Hashing is used so it would be complicated and
it's not possible to reverse it. It is not possible to drive a private key from the public key.
Even one modification within the input could lead to a totally different hash.
B. Types of Blockchain
Block chain can be categorized into three types based on access permissions i.e. Public Block
chain, Consortium Block chain, and Private Block chain [14][15].
Public Block chain: In public Block chain, every node can read, add transactions and conjointly
engage within the consensus process. A public Block chain is totally transparent and
decentralized. Bitcoin or Ethereum are some examples of public Block chains.
Consortium Block chain: In consortium Block chain, just some node that is selected in a pre-
defined way can participate in the consensus process. Only specific nodes can be read. Block
96 | V 1 7 . I 1 0
DOI 10.5281/zenodo.7152659
chain can also be public or restricted thus we are able to say it's partially decentralized.
Hyperledger is an example of Consortium Block chain. Private Block chain: In private Block
chain one central node having to write permission and read permission are often public or
restricted. Most private companies are using private Block chain for their desired purpose.
Table 1: Comparison among Public block chain, Consortium Block chain and Private
Block chain
Property Public block Consortium block Private block chain
chain chain
Consensus All miners The selected set of One organization
determination nodes
Read permission Public Could be public or Could be public or
restricted restricted
Immutability Nearly impossible Could be tempered Could be tempered
to temper
Efficiency Low High High
Centralized No Partial Yes
Consensus process Permission less Permissioned Permissioned
C. Smart Contract
The smart contract came into existence in the 1990s as a transactional protocol that is
computerized and executes automatically the contract terms of an agreement [16]. These are
built on top of the Block chain and these are like triggers imposed automatically when a
condition is fulfilled. The trigger will execute the matching function automatically after
condition fulfilment in a smart contract. For example, person A and person B agree on the fine
for breaching the agreed contract. Suppose person A disrupts the contract, penalty (as
mentioned in the contract) is automatically deducted from the account of person “A” and
credited to the account of person “B”. A Smart contract has the following phases during its life
cycle as shown in fig.2 [17]
1. Creation: The first phase is to create a smart contract and it can be done by several rounds
of discussions on the rights prohibitions on the contract among participant parties [30].
Parties may take the help of counselors and lawyers to draft the first copy of the agreement
and then the software developer creates a smart contract from the written agreement like in
other software development. All participant parties, stakeholders, counselors, lawyers and
software developers are involved in the whole process.
2. Deployment: When a software developer creates a smart contract then these are validated
and installed on the top of the Block chain. Once the deployment of the smart contract on
the Block chain is done it cannot be altered due to the property of the Block chain. For any
kind of modification in the existing contract, the only way is to create a fresh smart contract
and install it on the Block chain again.
3. Execution: All the clauses present in a contract are being observed and checked when any
trigger condition occurs the corresponding function in a smart contract executed
automatically.
97 | V 1 7 . I 1 0
DOI 10.5281/zenodo.7152659
4. Completion: After the execution of any function from the smart contract corresponding to
a particular condition matching, new situations of involved participants are updated and
stored on a Block chain.
D. Major Applications areas of Block chains
98 | V 1 7 . I 1 0
DOI 10.5281/zenodo.7152659
efficiency of the service. Block chain technology could be useful in the online education
sector.
4. Reputation system: Reputation is the way of evaluation by which someone trusts you. The
truthfulness of someone is directly proportional to the reputation means more the reputation
more the trust. For example, the reputation of an individual can be measured by his historic
dealings and interactions. Reputation systems can be applied in areas like e-commerce,
academics and web communities.
5. Security: Block chain technology could be applied to security enhancement and privacy
concerns. In recent times, security and privacy are major issues or challenges because of
the increase in vast no of unsafe devices. By looking at the special characteristics of Block
chain technology it could have great potential to tackle these rapidly rising challenges.
99 | V 1 7 . I 1 0
DOI 10.5281/zenodo.7152659
100 | V 1 7 . I 1 0
DOI 10.5281/zenodo.7152659
some specialized kind of hardware for its operation. BloSS does not require any kind of special
type infrastructure for its operation which reduces its operational cost. Z. A. El Houda et al. [7]
have proposed Cochain-SC, a Block chain-based approach, which includes intra-domain and
inter-domain DDoS mitigation. In intra-domain, they proposed DDoS mitigation techniques
with help of software-defined networks (SDN). For inter-domain, they proposed a collaborative
DDoS mitigation scheme using Block chain by using smart contracts. They proposed a smart
contract-based framework for collaboration between different SD-based domains by using
Ethereum’s smart contract. It is the only scheme for providing both levels of mitigation i.e.
intra-domain and interdomain DDoS mitigation.
Mitigating DDoS attacks and sustaining the accessibility of services is a complicated task and
some actions are required from the upstream level because the victim does not always have the
resources to mitigate the attack. Huge resources are required from upstream networks as DoS
attacks involve a gigantic amount of malicious traffic. So a collaborative mitigation approach
becomes necessary for an effective mitigation solution but collaborative mitigation suffers
from many issues. Some of the major issues in collaborative DDoS mitigation approaches are
as follow:
Mitigation for a large volume of DDoS attacks handling the huge volume of malicious
traffic.
Prevention of infrastructure damages so that the legitimate user can have access to
service.
Mitigation process should be implemented using existing infrastructure without the need
for some specialized infrastructure.
To keep the mitigation, process up to date for the latest attacks.
Recently, the focus of researchers is on Block chain in the wide range of industries which was
initially restricted only to cryptocurrencies. Block chain technology is moving towards
different types of areas as Block chain works in a distributed manner without a trusted
intermediary unlike in centralized systems. Things can be done in a decentralized way without
the help of the central authorities. Block chain technology could play a major role in DDoS
mitigation services due to its key features which are desirable in collaborative DDoS solutions.
101 | V 1 7 . I 1 0
DOI 10.5281/zenodo.7152659
information due to lack of trust. So, without availability of information or data from all the
participants, it is not possible to build an effective collaborative DDoS mitigation model to
mitigate a large-scale DDoS attack.
2. Trust Factor: Trust among all the participants is one of the major factors in any kind of
collaborative system. The trust computation is required to measure the level of trust among all
the nodes or participants. In collaborative mitigation systems, it is a major issue. Solutions for
the trust computation are mostly centralized and the central server can be compromised.
3. Deployment complexity: In collaborative DDoS solutions another important factor to be
considered is the complexity in implementing the collaborative DDoS mitigation solution
among all the participants or networks, which may differ in many ways by their nature. To set
up a whole new infrastructure for collaborative DDoS mitigation would be very costly. It is a
big challenge for the collaborative DDoS mitigation solutions to decrease the implementation
complexity somehow.
b. Block chain-based solutions
Block chain technology is moving towards different types of areas as Block chain works in a
distributed manner without a trusted intermediary unlike in centralized systems. Things can be
done in a decentralized way without the help of the central authorities. Block chain technology
could play a major role in DDoS mitigation services due to its special features which are
suitable for collaborative DDoS mitigation. Major components of collaborative DDoS
mitigation as Block chain-based solutions are shown in figure-3.
102 | V 1 7 . I 1 0
DOI 10.5281/zenodo.7152659
participants in collaborative DDoS mitigation solutions. All this would be on Block chain and
publicly available to all the participants which is unalterable. For privacy of the data, it can be
renovated before sharing or can be secreted by any way and all this information is shared as a
transaction on Block chain. In general, Block chains can be very useful in sharing the data or
information by preserving trust and privacy of data.
2. Trust Factor: Trust is the main factor in collaborative DDoS mitigation systems and to
compute the trust of a particular node or participant in a collaborative DDoS mitigation system
is still a big challenge due to many factors like false reporting, fraud rating etc. Block chain
technology offers a robust system to mitigate the issue of computing trust issues. An efficient
algorithm for the trust factor can be built over the Block chain as a smart contract which would
be public and unalterable.
3. Deployment complexity: A collaborative DDoS mitigation system would be a distributed
system and spread over many domains. It is a big challenge to deploy this big mitigation system
due to the high level of diversity among the different domains participating in the collaborative
DDoS mitigation system. Even some special infrastructure and modifications in existing
protocols are required which is a very hard task. A public Block chain is an alternative for
sharing the information among all the participant nodes as there is no need of setting up new
infrastructure. We can use the already existing Block chain network for sharing information by
joining the public Block chain network.
5. OPEN CHALLENGES IN BLOCK CHAIN-BASED SOLUTIONS
Block chain technology and Collaborative DDoS mitigation systems complement each other.
In spite of this, both have some challenges and limitations which should be solved for making
the collaborative DDoS mitigation system more effective.
Cost and energy: To verify the Block chain transaction a lot of computation needs to be done.
When we consider the whole Block chain network the computational power enlarges
immensely. Some cost is required to complete every transaction so energy and cost involved
are still a big challenge.
Security and Privacy: All nodes are the participants in the public Block chain, it is open for all
that makes a weak point if considering it as a security and privacy viewpoint. Furthermore,
Block chain technology itself could be a target for some cyber-attacks. There is a need to work
in the area of security and privacy of Block chain technology.
Acceptance and awareness: Block chain technology is in its early stage and still growing day
by day, so it became a big challenge for the Block chain-based mitigation system due to lack
of awareness and acceptance. Block chain technology seems to be very complex for all
organizations as it is a new emerging technology but success of Block chain-based mitigation
solution also depends on how many organizations are adopting this technology. It is a big
challenge for any Block chain-based application.
103 | V 1 7 . I 1 0
DOI 10.5281/zenodo.7152659
Standards and regulations: Standards and regulations always play a major role in any
technology to be adopted by everyone. Block chain is still in its initial phase so standards and
regulations are far behind the new emerging technology.
6. CONCLUSION
The Block chain's pure distributed and secure features make it more suitable for collaborative
and distributed mitigation against DDoS attacks. Although the integration of Block chain
technology with many application areas, such as health care and supply chain management,
has been studied, very few efforts have been made to investigate the potential of Block chain
technology in collaborative DDoS mitigation. As a result, our efforts primarily confer the
applicability of Block chain technology to collaborative DDoS mitigation, as well as challenges
or issues. We recognise Block chains' potential for improving collaborative DDoS mitigation
systems. There will be a strong need in the future to improve the major components of a
collaborative mitigation system, namely data sharing, alert exchange, and trust computation, in
order to make the collaborative mitigation system more effective and stronger.
References
1. S. T. Zargar, J. Joshi, and D. Tipper, “A survey of defense mechanisms against distributed denial of service
(DDOS) flooding attacks,” IEEE Commun. Surv. Tutorials, vol. 15, no. 4, pp. 2046–2069, 2013.
2. G. Loukas and G. Öke, “Protection against denial of service attacks: A survey,” Comput. J., vol. 53, no. 7,
pp. 1020–1037, 2010.
3. J. Steinberger, B. Kuhnert, A. Sperotto, H. Baier, and A. Pras, “Collaborative DDoS defense using flow-
based security event information,” Proc. NOMS 2016 - 2016 IEEE/IFIP Netw. Oper. Manag. Symp., pp. 516–
522, 2016.
4. W. Li, S. Tug, W. Meng, and Y. Wang, “Designing collaborative Block chained signature-based intrusion
detection in IoT environments,” Futur. Gener. Comput. Syst., vol. 96, pp. 481–489, 2019.
5. B. Rashidi, C. Fung, and E. Bertino, “A Collaborative DDoS Defence Framework Using Network Function
Virtualization,” IEEE Trans. Inf. Forensics Secur., vol. 12, no. 10, pp. 2483–2497, 2017.
6. K. Giotis, A. Maria, and V. Maglaris, “A Reputation-based Collaborative Schema for the Mitigation of
Distributed Attacks in SDN Domains,” in NOMS 2016 - 2016 IEEE/IFIP Network Operations and
Management Symposium, 2016, no. Noms, pp. 495–501.
7. Z. A. El Houda, A. Hafid, and L. Khoukhi, “Cochain-SC: An Intra- and Inter-Domain DDoS mitigation
scheme based on Block chain using SDN and smart contract,” IEEE Access, pp. 1–1, 2019.
8. B. Rodrigues, T. Bocek, and B. Stiller, “Enabling a Cooperative, Multi-domain DDoS Defense by a Block
chain Signaling System (BloSS),” Semant. Sch., p. 3, 2017.
9. H. W. Zibin Zheng, Shaoan Xie, Hong-Ning Dai, Xiangping Chen, “Block chain Challenges and
Opportunities : A Survey Zibin Zheng Shaoan Xie Hong-Ning Dai Xiangping Chen Huaimin Wang,” vol. 14,
no. 4, pp. 1–25, 2017.
10. M. Atzori, “Block chain Technology and Decentralized Governance: Is the State Still Necessary?,” Ssrn, pp.
1–37, 2016.
104 | V 1 7 . I 1 0
DOI 10.5281/zenodo.7152659
11. Z. Zheng, S. Xie, H. Dai, X. Chen, and H. Wang, “An Overview of Block chain Technology: Architecture,
Consensus, and Future Trends,” Proc. - 2017 IEEE 6th Int. Congr. Big Data, BigData Congr. 2017, pp. 557–
564, 2017.
12. M. Pilkington, “Block chain technology: principles and applications,” Res. Handb. Digit. Transform., pp.
225–253.
13. Q. Feng, D. He, S. Zeadally, M. K. Khan, and N. Kumar, “A survey on privacy protection in the Block chain
system,” J. Netw. Comput. Appl., vol. 126, pp. 45–58, 2019.
14. E.Portmann, Rezension „Block chain: Blueprint for a New Economy“. 2018.
15. M. J. W. RENNOCK, A. COHN, and J. R. BUTCHER, “Block chain Technology and Regulatory
Investigations,” Journal, vol. February/M, no. March, pp. 34–44, 2018.
16. F.Idelberger, G. Governatori, R. Riveret, and G. Sartor, “Evaluation of logic-based smart contracts for Block
chain systems,” Lect. Notes Comput. Sci. (including Subser. Lect. Notes Artif. Intell. Lect. Notes
Bioinformatics), vol. 9718, pp. 167–183, 2016.
17. H.-N. Dai, Z. Zheng, and Y. Zhang, “Block chain for Internet of Things: A Survey,” IEEE Internet Things J.,
pp. 1–1, 2019.
18. K. Kalkan and F. Alagöz, “A distributed filtering mechanism against DDoS attacks: ScoreForCore,” Comput.
Networks, vol. 108, pp. 199–209, 2016.
19. R. Braga, E. Mota, and A. Passito, “Lightweight DDoS flooding attack detection using NOX/OpenFlow,”
Proc. - Conf. Local Comput. Networks, LCN, no. October, pp. 408–415, 2010.
20. M. Yu, L. Jose, and R. Miao, “OpenSketch: Software Defined Traffic Measurement,” Proc. 10th USENIX
Conf. Networked Syst. Des. Implement., pp. 29–42, 2013.
21. R. Wang, Z. Jia, and L. Ju, “An entropy-based distributed DDoS detection mechanism in software-defined
networking,” Proc. - 14th IEEE Int. Conf. Trust. Secur. Priv. Comput. Commun. Trust. 2015, vol. 1, pp. 310–
317, 2015.
22. K. Nishizuka, L. Xia, J. Xia, D. Zhang, L. Fang, and C. Gray, “Inter-organization cooperative DDoS
protection mechanism,” 2016.
23. B. R. B, T. Bocek, A. Lareida, D. Hausheer, S. Rafati, and B. Stiller, “A Block chain-Based Architecture for
Collaborative DDoS Mitigation with Smart Contracts,” vol. 10356, pp. 16–29, 2017.
105 | V 1 7 . I 1 0