In recent years, there are increasing interests in using path identifiers (PIDs) as inter-domain routing objects. However, the PIDs used in existing approaches are static, which makes it easy for attackers to launch distributed denial-of-service (DDoS) flooding attacks. To address this issue, we present the design, implementation, and evaluation of D-PID, a framework that uses PIDs negotiated between neighboring domains as inter-domain routing objects. In DPID, the PID of an inter-domain path connecting two domains is kept secret and changes dynamically. We build a 42-node prototype comprised by six domains to verify D-PID’s feasibility and conduct extensive simulations to evaluate its effectiveness and cost.
Impact Factor
2022: 6.012
This work is licensed under a