{"id":1121,"date":"2018-12-11T14:21:00","date_gmt":"2018-12-11T13:21:00","guid":{"rendered":"https:\/\/samovar2022.int-evry.fr\/index.php\/2018\/12\/11\/utiliser-les-ressources-reseaux-pour-attenuer-les-attaques-ddos-volumetriques\/"},"modified":"2020-09-04T18:45:45","modified_gmt":"2020-09-04T16:45:45","slug":"utiliser-les-ressources-reseaux-pour-attenuer-les-attaques-ddos-volumetriques","status":"publish","type":"post","link":"https:\/\/samovar.telecom-sudparis.eu\/index.php\/2018\/12\/11\/utiliser-les-ressources-reseaux-pour-attenuer-les-attaques-ddos-volumetriques\/","title":{"rendered":"\u00ab Utiliser les ressources re\u0301seaux pour atte\u0301nuer les attaques DDoS volume\u0301triques \u00bb"},"content":{"rendered":"<p>L&rsquo;Ecole doctorale EDITE &#8211; Ecole doctorale informatique, t\u00e9l\u00e9communications et \u00e9lectronique et T\u00e9l\u00e9com SudParis avec le Laboratoire de recherche SAMOVAR &#8211; Services r\u00e9partis, Architectures, MOd\u00e9lisation, Validation, Administration des R\u00e9seaux<\/p>\n<p>pr\u00e9sentent<br \/>\nl\u2019AVIS DE SOUTENANCE de <strong>Monsieur Pierre-Edouard FABRE<\/strong><br \/>\nAutoris\u00e9 \u00e0 pr\u00e9senter ses travaux en vue de l\u2019obtention du Doctorat de T\u00e9l\u00e9com SudParis avec l&rsquo;Universit\u00e9 Paris 6 en :<br \/>\nInformatique &#038; R\u00e9seaux<br \/>\n\u00ab Utiliser les ressources re\u0301seaux pour atte\u0301nuer les attaques DDoS volume\u0301triques \u00bb<\/p>\n<p><strong>le 13 d\u00e9cembre 2018 \u00e0 11:00 &#8211; Salle A003<\/strong><\/p>\n<p>Adresse : T\u00e9l\u00e9com SudParis &#8211; 9 Rue Charles Fourier, 91000 \u00c9vry<\/p>\n<p><em>Membres du jury :<\/em><\/p>\n<p>Directeur de th\u00e8se : Herv\u00e9 DEBAR &#8211; Professeur<\/p>\n<p><strong>Rapporteurs :<\/strong><\/p>\n<p>Isabelle CHRISMENT &#8211; Professeure &#8211; T\u00e9l\u00e9com Nancy &#8211; Universit\u00e9 de Lorraine<\/p>\n<p>Guillaume URVOY-KELLER &#8211; Professeur &#8211; Universit\u00e9 de Nice Sophia-Antipolis<\/p>\n<p><strong><br \/>\nExaminateurs :<\/strong><\/p>\n<p>Bruno DEFUDE &#8211; Professeur &#8211; T\u00e9l\u00e9com SudParis<\/p>\n<p>Guillaume DOYEN &#8211; Ma\u00eetre de conf\u00e9rences &#8211; Universit\u00e9 de Technologie de Troyes<\/p>\n<p>Jouni VIINIKKA &#8211; Ing\u00e9nieur &#8211;  6cure<\/p>\n<p><strong>R\u00e9sum\u00e9 :<\/strong><br \/>\nLes attaques massives par de\u0301ni de service repre\u0301sentent une menace pour les services Internet. Ils impactent aussi les fournisseurs de service re\u0301seau et menace me\u0302me la stabilite\u0301 de l&rsquo;Internet. Il y a donc un besoin pressant de contro\u0302ler les dommages cause\u0301s par ces attaques.<br \/>\nDe nombreuses recherches ont e\u0301te\u0301 mene\u0301es, mais aucune n&rsquo;a e\u0301te\u0301 capable de combiner le besoin d&rsquo;atte\u0301nuation de l&rsquo;attaque, avec l&rsquo;obligation de continuite\u0301 de service et les contraintes re\u0301seau. Les contre mesures propose\u0301es portent sur l&rsquo;authentification des clients le\u0301gitimes, le filtrage du trafic malicieux, une utilisation efficace des interconnections entre les e\u0301quipements re\u0301seaux, ou l&rsquo;absorption de l&rsquo;attaque par les ressources disponibles.<br \/>\nDans cette the\u0300se, nous proposons un me\u0301canisme de contro\u0302le de dommages. Base\u0301 sur une nouvelle signature d&rsquo;attaque et les fonctions re\u0301seaux du standard Multiprotocol Label Switching (MPLS), nous isolons le trafic malicieux du trafic le\u0301gitime et appliquons des contraintes sur la transmission du trafic malicieux. Le but est de rejeter suffisamment de trafic d&rsquo;attaque pour maintenir la stabilite\u0301 du re\u0301seau tout en pre\u0301servant le trafic le\u0301gitime.<br \/>\nConside\u0301rant que les ope\u0301rateurs re\u0301seaux n&rsquo;ont pas une me\u0302me visibilite\u0301 sur leur re\u0301seau, nous e\u0301tudions l&rsquo;impact du niveau d&rsquo;information de l&rsquo;attaque ainsi que du le trafic re\u0301seau, sur l\u2019efficacite\u0301 d&rsquo;une contre mesure re\u0301gulie\u0300rement recommande\u0301e, le filtrage par liste noire. Nous formulons des sce\u0301narios auxquels chaque ope\u0301rateur peut s&rsquo;identifier. Nous de\u0301montrons que la l&rsquo;algorithme de ge\u0301ne\u0301ration des listes noires doit e\u0302tre choisi avec pre\u0301caution afin de maximiser l&rsquo;efficacite\u0301 du filtrage.<\/p>\n<p><strong>Abstract:<\/strong><br \/>\nMassive Denial of Service attacks represent a genuine threat for Internet services, but also significantly impact network service providers and even threat the Internet stability. There is a pressing need to control damages caused by such attacks.<br \/>\nNumerous works have been carried out, but were unable to combine the need for mitigation, the obligation to provide continuity of service and network constraints. Proposed countermeasures focus on authenticating legitimate traffic, filtering malicious traffic, making better use of interconnection capacity network equipment or absorbing attack with the help of available resources.<br \/>\nIn this thesis, we propose a damage control mechanism against volumetric Denial of Services. Based on a novel attack signature and with the help of Multiprotocol Label Switching (MPLS) network functions, we isolate malicious from legitimate traffic. We apply a constraint-based forwarding to malicious traffic. The goals is to discard enough attack traffic to sustain network stability while preserving legitimate traffic. It is not only aware of attack details but also network resource, especially available bandwidth.<br \/>\nFollowing that network operators do not have equal visibility on their network, we also study the impact of operational constraints on the efficiency of a commonly recommended countermeasure, namely blacklist filtering. The operational criteria are the level of information about the attack and about the traffic inside the network. We then formulate scenario which operators can identify with. We demonstrate that the blacklist generation algorithm should be carefully chosen to fit the operator context while maximizing the filtering efficiency.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>L&rsquo;Ecole doctorale EDITE &#8211; Ecole doctorale informatique, t\u00e9l\u00e9communications et \u00e9lectronique et T\u00e9l\u00e9com SudParis avec le Laboratoire de recherche SAMOVAR &#8211; Services r\u00e9partis, Architectures, MOd\u00e9lisation, Validation, Administration des R\u00e9seaux pr\u00e9sentent l\u2019AVIS DE SOUTENANCE de Monsieur Pierre-Edouard FABRE Autoris\u00e9 \u00e0 pr\u00e9senter ses travaux en vue de l\u2019obtention du Doctorat de T\u00e9l\u00e9com SudParis avec l&rsquo;Universit\u00e9 Paris 6 en [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":1120,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"ocean_post_layout":"","ocean_both_sidebars_style":"","ocean_both_sidebars_content_width":0,"ocean_both_sidebars_sidebars_width":0,"ocean_sidebar":"","ocean_second_sidebar":"","ocean_disable_margins":"enable","ocean_add_body_class":"","ocean_shortcode_before_top_bar":"","ocean_shortcode_after_top_bar":"","ocean_shortcode_before_header":"","ocean_shortcode_after_header":"","ocean_has_shortcode":"","ocean_shortcode_after_title":"","ocean_shortcode_before_footer_widgets":"","ocean_shortcode_after_footer_widgets":"","ocean_shortcode_before_footer_bottom":"","ocean_shortcode_after_footer_bottom":"","ocean_display_top_bar":"default","ocean_display_header":"default","ocean_header_style":"","ocean_center_header_left_menu":"","ocean_custom_header_template":"","ocean_custom_logo":0,"ocean_custom_retina_logo":0,"ocean_custom_logo_max_width":0,"ocean_custom_logo_tablet_max_width":0,"ocean_custom_logo_mobile_max_width":0,"ocean_custom_logo_max_height":0,"ocean_custom_logo_tablet_max_height":0,"ocean_custom_logo_mobile_max_height":0,"ocean_header_custom_menu":"","ocean_menu_typo_font_family":"","ocean_menu_typo_font_subset":"","ocean_menu_typo_font_size":0,"ocean_menu_typo_font_size_tablet":0,"ocean_menu_typo_font_size_mobile":0,"ocean_menu_typo_font_size_unit":"px","ocean_menu_typo_font_weight":"","ocean_menu_typo_font_weight_tablet":"","ocean_menu_typo_font_weight_mobile":"","ocean_menu_typo_transform":"","ocean_menu_typo_transform_tablet":"","ocean_menu_typo_transform_mobile":"","ocean_menu_typo_line_height":0,"ocean_menu_typo_line_height_tablet":0,"ocean_menu_typo_line_height_mobile":0,"ocean_menu_typo_line_height_unit":"","ocean_menu_typo_spacing":0,"ocean_menu_typo_spacing_tablet":0,"ocean_menu_typo_spacing_mobile":0,"ocean_menu_typo_spacing_unit":"","ocean_menu_link_color":"","ocean_menu_link_color_hover":"","ocean_menu_link_color_active":"","ocean_menu_link_background":"","ocean_menu_link_hover_background":"","ocean_menu_link_active_background":"","ocean_menu_social_links_bg":"","ocean_menu_social_hover_links_bg":"","ocean_menu_social_links_color":"","ocean_menu_social_hover_links_color":"","ocean_disable_title":"default","ocean_disable_heading":"default","ocean_post_title":"","ocean_post_subheading":"","ocean_post_title_style":"","ocean_post_title_background_color":"","ocean_post_title_background":0,"ocean_post_title_bg_image_position":"","ocean_post_title_bg_image_attachment":"","ocean_post_title_bg_image_repeat":"","ocean_post_title_bg_image_size":"","ocean_post_title_height":0,"ocean_post_title_bg_overlay":0.5,"ocean_post_title_bg_overlay_color":"","ocean_disable_breadcrumbs":"default","ocean_breadcrumbs_color":"","ocean_breadcrumbs_separator_color":"","ocean_breadcrumbs_links_color":"","ocean_breadcrumbs_links_hover_color":"","ocean_display_footer_widgets":"default","ocean_display_footer_bottom":"default","ocean_custom_footer_template":"","ocean_post_oembed":"","ocean_post_self_hosted_media":"","ocean_post_video_embed":"","ocean_link_format":"","ocean_link_format_target":"self","ocean_quote_format":"","ocean_quote_format_link":"post","ocean_gallery_link_images":"on","ocean_gallery_id":[],"footnotes":""},"categories":[314],"tags":[],"class_list":["post-1121","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-theses-2018-fr","entry","has-media"],"_links":{"self":[{"href":"https:\/\/samovar.telecom-sudparis.eu\/index.php\/wp-json\/wp\/v2\/posts\/1121","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/samovar.telecom-sudparis.eu\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/samovar.telecom-sudparis.eu\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/samovar.telecom-sudparis.eu\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/samovar.telecom-sudparis.eu\/index.php\/wp-json\/wp\/v2\/comments?post=1121"}],"version-history":[{"count":1,"href":"https:\/\/samovar.telecom-sudparis.eu\/index.php\/wp-json\/wp\/v2\/posts\/1121\/revisions"}],"predecessor-version":[{"id":1497,"href":"https:\/\/samovar.telecom-sudparis.eu\/index.php\/wp-json\/wp\/v2\/posts\/1121\/revisions\/1497"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/samovar.telecom-sudparis.eu\/index.php\/wp-json\/wp\/v2\/media\/1120"}],"wp:attachment":[{"href":"https:\/\/samovar.telecom-sudparis.eu\/index.php\/wp-json\/wp\/v2\/media?parent=1121"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/samovar.telecom-sudparis.eu\/index.php\/wp-json\/wp\/v2\/categories?post=1121"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/samovar.telecom-sudparis.eu\/index.php\/wp-json\/wp\/v2\/tags?post=1121"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}