With the proliferation of new technologies such as Internet of Things (IOT) and Software-Defined Networking(SDN) in the recent years, the distributed denial of service (DDoS)attack vector has broadened and opened new opportunities for more sophisticated DDoS attacks on the targeted victims. The new attack vector includes unsecured and vulnerable IoT devices connected to the internet, denial of service vulnerabilities like southbound channel saturation in the SDN architecture. Given the high-volume and pervasive nature of these attacks, it is beneficial for stakeholders to collaborate in detecting and mitigating the denial of service attacks in a timely manner. The blockchain technology is considered to improve the security aspects owing to the decentralized design, secured distributed storage and privacy. A thorough exploration and classification of blockchain techniques used for DDoS attack mitigation is not explored in the prior art. This paper reviews and categorizes the existed state-of-the-art DDoS mitigation solutions based on blockchain technology. The DDoS mitigation techniques are classified based on the solution deployment location i.e. network based, near attacker location, near victim location and hybrid solutions in the network architecture with emphasis on the IoT and SDN architectures. Additionally, based on our study, the research challenges and future directions to implement the blockchain based DDoS mitigation solutions are discussed. We believe that this paper could serve as a starting point and reference resource for future researchers working on denial of service attacks detection and mitigation using blockchain technology.
翻译:随着近年来诸如物的互联网和软件定义网络等新技术的扩散,分布式拒绝服务(DDoS)攻击矢量已经扩大,为更精密的DDoS攻击目标受害者开辟了新的机会。新的攻击矢量包括连接互联网的无保障和脆弱的IoT装置,否认服务脆弱性,如SDN结构中南端通道饱和等。鉴于这些攻击的数量和普遍性质,利益攸关方合作及时发现和减少拒绝服务攻击的做法是有益的。由于设计分散、安全储存和隐私,认为链链式技术有助于改善安全方面。对DDoS攻击行动所用链技术的彻底探索和分类在前一艺术中没有探讨。本文审查和分类了SDDoS缓解办法在SD结构中的现有状态,DDoS缓解技术根据解决方案部署地点进行了分类,即基于网络、接近攻击者地点、接近受害者地点和网络参考点的混合解决方案,目的是改善安全方面的情况。