Shoot at a Pigeon and Kill a Crow: On Strike Precision of Link Flooding Attacks

  • Jiahao Peng
  • Xiaobo MaEmail author
  • Jianfeng Li
  • Lei Xue
  • Wenjun Hu
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11058)


The emerging link flooding attacks (LFAs) increasingly attract significant attention in both academia and industry, due to their huge threat to the routing infrastructure. Compared with traditional distributed denial-of-service attacks (DDoS) that target servers, LFAs target critical links. Stemming from coordinated flows between bots and public servers or among bots, the attack traffic flows are aggregated at a critical link, thereby gradually making a network connected to the critical link disconnected as the aggregated attack traffic flows grow intensified. It is commonly believed that LFAs are far more sophisticated than traditional DDoS attacks. Nevertheless, whether such sophistication comes without a downside has never been investigated. In this paper, we advance the notion of strike precision of LFAs, and reveal that LFAs may exhibit attack interference which might restrict their applicability from the adversary’s standpoint. Due to attack interference, strike precision of LFAs would be lowered. That is, while disconnecting a network, LFAs may unexpectedly interfere the connectivity of innocent networks nearby, undermining the stealthiness and persistence of LFAs. We tackle a series of questions surrounding strike precision, for fostering more research concerning the practical aspects of LFAs.


Crossfire Link flooding attack Strike precision 


  1. 1.
    Albert, R., Jeong, H., Barabási, A.L.: Error and attack tolerance of complex networks. Nature 406(6794), 378 (2000)CrossRefGoogle Scholar
  2. 2.
    Bright, P.: Can a ddos break the internet? (2013).
  3. 3.
    Gkounis, D., Kotronis, V., Liaskos, C., Dimitropoulos, X.: On the interplay of link-flooding attacks and traffic engineering. ACM SIGCOMM Comput. Commun. Rev. 46(2), 5–11 (2016)CrossRefGoogle Scholar
  4. 4.
    Hirayama, T., Toyoda, K., Sasase, I.: Fast target link flooding attack detection scheme by analyzing traceroute packets flow. In: Proceedings of IEEE WIFS, pp. 1–6 (2015)Google Scholar
  5. 5.
    Hyun, Y.: Caida Monitors: The Archipelago Measurement Infrastructure (2009)Google Scholar
  6. 6.
    Jing, J., Li-dong, M., Shu-ling, L., Lin, J.: Simulation research based on a self-adaptive genetic algorithm. In: Proceedings of IEEE ICIS, pp. 267–269 (2010)Google Scholar
  7. 7.
    Kang, M.S., Gligor, V.D.: Routing bottlenecks in the internet: causes, exploits, and countermeasures. In: Proceedings of ACM SIGSAC, pp. 321–333 (2014)Google Scholar
  8. 8.
    Kang, M.S., Gligor, V.D., Sekar, V.: SPIFFY: Inducing cost-detectability tradeoffs for persistent link-flooding attacks. In: Proceedings of NDSS, pp. 1–15 (2016)Google Scholar
  9. 9.
    Kang, M.S., Lee, S.B., Gligor, V.D.: The crossfire attack. In: Proceedings of IEEE S&P, pp. 127–141 (2013)Google Scholar
  10. 10.
    Lee, S.B., Kang, M.S., Gligor, V.D.: CoDef: collaborative defense against large-scale link-flooding attacks. In: Proceedings of ACM CoNEXT, pp. 417–428 (2013)Google Scholar
  11. 11.
    Lipowski, A., Lipowska, D.: Roulette-wheel selection via stochastic acceptance, pp. 2193–2196. CoRR abs/1109.3627 (2012)Google Scholar
  12. 12.
    Luo, X., Chang, R.K.: On a new class of pulsing denial-of-service attacks and the defense. In: Proceedings of NDSS (2005)Google Scholar
  13. 13.
    Luo, X., Chang, R.K.: Optimizing the pulsing denial-of-service attacks. In: Proceedings of IEEE DSN, pp. 582–591 (2005)Google Scholar
  14. 14.
    Ma, X., Li, J., Tang, Y., An, B., Guan, X.: Protecting internet infrastructure against link flooding attacks: a techno-economic perspective. Inf. Sci. (2018, in press)Google Scholar
  15. 15.
    Magoni, D.: Tearing down the internet. IEEE J. Sel. Areas Commun. 21(6), 949–960 (2003)CrossRefGoogle Scholar
  16. 16.
    Qin, A.K., Suganthan, P.N.: Self-adaptive differential evolution algorithm for numerical optimization. In: Proceedings of IEEE TEVC, pp. 1785–1791 (2005)Google Scholar
  17. 17.
    Shavitt, Y., Shir, E.: DIMES: let the internet measure itself. ACM SIGCOMM Comput. Commun. Rev. 35(5), 71–74 (2005)CrossRefGoogle Scholar
  18. 18.
    Stoffa, P.L., Sen, M.K.: Nonlinear multiparameter optimization using genetic algorithms: inversion of plane-wave seismograms. Geophysics 56(11), 1794–1810 (1991)CrossRefGoogle Scholar
  19. 19.
    Studer, A., Perrig, A.: The coremelt attack. In: Backes, M., Ning, P. (eds.) ESORICS 2009. LNCS, vol. 5789, pp. 37–52. Springer, Heidelberg (2009). Scholar
  20. 20.
    Tang, Y., Luo, X., Hui, Q., Chang, R.K.: Modeling the vulnerability of feedback-control based internet services to low-rate DoS attacks. IEEE Trans. Inf. Forensics Secur. 9(3), 339–353 (2014)CrossRefGoogle Scholar
  21. 21.
    Wang, C., Miu, T.T., Luo, X., Wang, J.: SkyShield: a sketch-based defense system against application layer DDoS attacks. IEEE Trans. Inf. Forensics Secur. 13(3), 559–573 (2018)CrossRefGoogle Scholar
  22. 22.
    Wang, L., Li, Q., Jiang, Y., Wu, J.: Towards mitigating link flooding attack via incremental SDN deployment. In: Proceedings of IEEE ISCC, pp. 397–402 (2016)Google Scholar
  23. 23.
    Wang, Y., Xiao, S., Xiao, G., Fu, X., Cheng, T.H.: Robustness of complex communication networks under link attacks. In: Proceedings of ACM ICAIT, p. 61 (2008)Google Scholar
  24. 24.
    Willinger, W., Roughan, M.: Internet topology research redux. Recent Advances in Networking. ACM SIGCOMM eBook (2013)Google Scholar
  25. 25.
    Xue, L., Luo, X., Chan, E.W., Zhan, X.: Towards detecting target link flooding attack. In: Proceedings of USENIX LISA, pp. 81–96 (2014)Google Scholar
  26. 26.
    Xue, L., Ma, X., Luo, X., Chan, E.W., Miu, T.T., Gu, G.: Linkscope: Towards detecting target link flooding attacks. IEEE Trans. Inf. Forensics Secur. 13, 2423–2438 (2018)CrossRefGoogle Scholar

Copyright information

© Springer Nature Switzerland AG 2018

Authors and Affiliations

  • Jiahao Peng
    • 1
    • 2
  • Xiaobo Ma
    • 1
    • 2
    Email author
  • Jianfeng Li
    • 1
    • 2
  • Lei Xue
    • 3
  • Wenjun Hu
    • 4
  1. 1.Ministry of Education Key Laboratory of Intelligent Networks and Network SecurityXi’an Jiaotong UniversityXi’anChina
  2. 2.School of Electronic and Information EngineeringXi’an Jiaotong UniversityXi’anChina
  3. 3.Department of ComputingHong Kong Polytechnic UniversityHong KongChina
  4. 4.Palo Alto NetworksSanta ClaraUSA

Personalised recommendations