This repository holds the BMv2 implementation for DIDA, proposed in the paper, DIDA: Distributed In-Network Defense Architecture Against Amplified Reflection DDoS Attacks accepted at IEEE NetSoft 2020.
It is assumed that you are familiar with the P4 Tutorial environment.
Configuration steps/ notes:
- Set
OP_MODEregister for each switch/ router (Edge = 0, Access/ TotR = 1) - Set
ROUTER_IDregister for each switch/ router - Current
THRESHOLDis being set at 10 to ease the testing process. - TODO: CounterCheck process should be moved to the Ingress pipeline instead of being in the Egress pipeline, due to the fact that a packet's egress_spec cannot be modified after going through the PRE.
- TODO: Modify forwarding rules for experiment purposes.
If you find this work useful for your research, please cite:
@INPROCEEDINGS{9165488,
author={Khooi, Xin Zhe and Csikor, Levente and Divakaran, Dinil Mon and Kang, Min Suk},
booktitle={2020 6th IEEE Conference on Network Softwarization (NetSoft)},
title={DIDA: Distributed In-Network Defense Architecture Against Amplified Reflection DDoS Attacks},
year={2020},
volume={},
number={},
pages={277-281},
doi={10.1109/NetSoft48620.2020.9165488}}
We welcome questions/ comments/ feedback.
Please do not hesitate reach out the authors via email.
Copyright 2020 Xin Zhe Khooi, National University of Singapore.
The project's source code are released here under the MIT License.