The goal of this project is to create fundamentally new defenses against distributed denial-of-service (DDoS)
attacks that can provide far greater resilience to these attacks compared to existing solutions.
Today's responses to DDoS attacks largely rely on old-school network-based filtering or scrubbing,
which are slow and manual, and cannot handle new attacks. DeDOS takes a radically different approach
that combines techniques from declarative programming, program analysis, and real-time resource
allocation in the cloud.
Rather than relying on traditional detection and mitigation techniques, the project aims to develop a new
software architecture from the ground up that make it significantly harder for an attacker to slow down
to system without expending large amounts of resources. For example, instead of running monolithic software
and naively replicating it when under an attack, DeDOS logically and physically restructures complex software
systems into smaller components that can react to attacks at a much finer granularity. DeDOS also uses
state-of-the-art resource allocation algorithms to achieve near-optimal use of system resources and to
support critical, time-sensitive applications, such as situational awareness.
We are happy to announce the first release of the DeDOS platform!
Code, documentation, and installation instructions are available here.
Also check out Dosarray and Dostbin DoS experimentation tools and data.
DeDoS: Defusing DoS with Dispersion Oriented Software. Henri Maxime Demoulin*, Tavish Vaidya*, Isaac Pedisich, Bob Dimaiolo, Jingyu Qian, Chirag Shah, Yuankai Zhang, Ang Chen, Andreas Haeberlen, Boon Loo, Linh Phan, Micah Sherr, Clay Shields and Wenchao Zhou.
Annual Computer Security Applications Conference (ACSAC), 2018.
*Lead students are listed alphabetically.
Automated Detection and Mitigation of Application-level Asymmetric DoS Attacks [PDF]
Henri Maxime Demoulin, Isaac Pedisich, Linh Thi Xuan Phan, and Boon Thau Loo.
ACM SIGCOMM Workshop on Self-Driving Networks (SDN), August 2018.
A Demonstration of the DeDoS Platform for Defusing Asymmetric DDoS Attacks in Data Centers [PDF] [BibTeX]
Henri Maxime Demoulin*, Tavish Vaidya*, Isaac Pedisich, Nik Sultana, Jingyu Qian, Bowen Wang, Yuankai Zhang, Ang Chen, Andreas Haeberlen, Boon Thau Loo, Linh Thi Xuan Phan, Micah Sherr, Clay Shields, Wenchao Zhou.
SIGCOMM 2017 demonstration
*Lead students are ordered alphabetically.
First prize for the ACM Student Research Competition at SIGCOMM'17.
Dispersing Asymmetric DDoS Attacks with SplitStack
Ang Chen*, Akshay Sriraman*, Tavish Vaidya*, Yuankai Zhang*, Andreas Haeberlen, Boon Thau Loo, Linh Thi Xuan Phan, Micah Sherr, Clay Shields, and Wenchao Zhou 15th ACM Workshop on Hot Topics in Networks (HotNets'16),
Atlanta, GA, November 2016.
*Student orders are listed alphabetically.