Malware-contaminated hosts organized as a ȁC;bot networkȁD; can target and flood network links (e.g., routers). Yet, none of the countermeasures to link flooding proposed to date have provided dependable link access (i.e., bandwidth guarantees) for legitimate traffic during such attacks. In this paper, we present a router subsystem called FLoc (Flow Localization) that confines attack effects and provides differential bandwidth guarantees at a congested link: (1) packet flows of uncontaminated domains (i.e., Autonomous Systems) receive better bandwidth guarantees than packet flows of contaminated ones, and (2) legitimate flows of contaminated domains are guaranteed substantially higher bandwidth than attack flows. FLoc employs new preferential packet-drop and traffic-aggregation policies that limit ȁC;collateral damageȁD; and protect legitimate flows from a wide variety of flooding attacks. We present FLocȁ9;s analytical model for dependable link access, a router design based on it, and illustrate FLocȁ9;s effectiveness using simulations of different flooding strategies and comparisons with other flooding defense schemes.
展开▼