{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,5]],"date-time":"2026-01-05T18:28:37Z","timestamp":1767637717430,"version":"3.48.0"},"reference-count":41,"publisher":"Maximum Academic Press","license":[{"start":{"date-parts":[[2020,4,14]],"date-time":"2020-04-14T00:00:00Z","timestamp":1586822400000},"content-version":"unspecified","delay-in-days":104,"URL":"https:\/\/www.cambridge.org\/core\/terms"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["The Knowledge Engineering Review"],"published-print":{"date-parts":[[2020]]},"abstract":"<jats:title>Abstract<\/jats:title>\n                  <jats:p>Network providers either attempt to handle massive distributed denial-of-service attacks themselves or redirect traffic to third-party scrubbing centers. If providers adopt the first option, it is sensible to counter such attacks in their infancy via provider collaborations deploying distributed security mechanisms across multiple domains in an attack path. This motivated our work presented in this paper. Specifically, we investigate the establishment of trusted federations among adjacent and disjoint network domains, that is, autonomous systems (ASes) that collectively mitigate malicious traffic. Our approach is based on Distributed Ledger Technologies for signaling, coordination, and orchestration of a collaborative mitigation schema via appropriate blockchain-based smart contracts. Reputation scores are used to rank ASes based on their mitigation track record. The allocation of defense resources across multiple collaborators is modeled as a combinatorial optimization problem considering reputation scores and network flow weights. Malicious flows are mitigated using programmable network data paths within the eXpress Data Path (XDP) framework; this enables operators with enhanced packet processing throughput and advanced filtering flexibility. Our schema was implemented in a proof-of-concept prototype and tested under realistic network conditions.<\/jats:p>","DOI":"10.1017\/s0269888920000259","type":"journal-article","created":{"date-parts":[[2020,4,14]],"date-time":"2020-04-14T04:38:15Z","timestamp":1586839095000},"source":"Crossref","is-referenced-by-count":11,"title":["Orchestrating DDoS mitigation via blockchain-based network provider collaborations"],"prefix":"10.48130","volume":"35","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-3803-2804","authenticated-orcid":false,"given":"Adam","family":"Pavlidis","sequence":"first","affiliation":[]},{"given":"Marinos","family":"Dimolianis","sequence":"additional","affiliation":[]},{"given":"Kostas","family":"Giotis","sequence":"additional","affiliation":[]},{"given":"Loukas","family":"Anagnostou","sequence":"additional","affiliation":[]},{"given":"Nikolaos","family":"Kostopoulos","sequence":"additional","affiliation":[]},{"given":"Theocharis","family":"Tsigkritis","sequence":"additional","affiliation":[]},{"given":"Ilias","family":"Kotinas","sequence":"additional","affiliation":[]},{"given":"Dimitrios","family":"Kalogeras","sequence":"additional","affiliation":[]},{"given":"Vasilis","family":"Maglaris","sequence":"additional","affiliation":[]}],"member":"27968","published-online":{"date-parts":[[2020,4,14]]},"reference":[{"key":"S0269888920000259_ref36","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-60774-0_2"},{"key":"S0269888920000259_ref37","unstructured":"Santanna, J. J. , van Rijswijk-Deij, R. , Hofstede, R. , Sperotto, A. , Wierbosch, M. , Granville, L. Z , & Pras, A. 2015. \u201cBooters\u2014An Analysis of DDoS-as-a-Service Attacks\u201d, Integrated Network Management (IM), in proc. of the 2015 IFIP\/IEEE International Symposium, pp. 243\u2013251."},{"key":"S0269888920000259_ref35","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2017.2708693"},{"key":"S0269888920000259_ref33","unstructured":"Phaal, P. & Lavine, M. 2004. \u201csFlow Version 5\u201d, available at: https:\/\/sflow.org\/sflow_version_5.txt"},{"key":"S0269888920000259_ref30","unstructured":"Mutually Agreed Norms for Routing Security. 2016. available at: https:\/\/www.manrs.org\/"},{"key":"S0269888920000259_ref29","doi-asserted-by":"publisher","DOI":"10.17487\/RFC8612"},{"key":"S0269888920000259_ref26","doi-asserted-by":"publisher","DOI":"10.17487\/rfc5575"},{"key":"S0269888920000259_ref34","unstructured":"Proof-of-Authority Chains. 2017. available at: https:\/\/wiki.parity.io\/Proof-of-Authority-Chains"},{"key":"S0269888920000259_ref24","doi-asserted-by":"publisher","DOI":"10.1007\/s11227-018-2385-7"},{"key":"S0269888920000259_ref9","unstructured":"Decentralized CDN, WAF, and DDoS protection. 2018. available at: https:\/\/gladius.io"},{"key":"S0269888920000259_ref41","unstructured":"Van Rijswijk-Deij, R. , Rijnders, G. , Bomhoff, M. & Allodi, L. 2019. \u201cPrivacy-Conscious Threat Intelligence Using DNSBLOOM\u201d, in proc. of the IFIP\/IEEE International Symposium on Integrated Network Management (IM 2019), Washington D.C., USA, pp. 98\u2013106, April."},{"key":"S0269888920000259_ref32","unstructured":"O\u2019Sullivan, M. , Lim, Q. S. , Walker, C. , Dunning, I. & Mitchell, S . 2011. \u201cDippy: A Simplified Interface for Advanced Mixed-integer Programming\u201d, Report 685, University of Auckland Faculty of Engineering."},{"key":"S0269888920000259_ref10","unstructured":"Dimolianis, M. , Pavlidis, A. , Kalogeras, D. & Maglaris, V. 2019. \u201cMitigation of Multi-vector Network Attacks via Orchestration of Distributed Rule Placement\u201d, in proc. of the IFIP\/IEEE International Symposium on Integrated Network Management (IM 2019), Washington D.C., USA, pp. 162\u2013170, April."},{"key":"S0269888920000259_ref11","unstructured":"Ethereum Network Intelligence API. 2016. available at: https:\/\/github.com\/cubedro\/eth-net-intelligence-api"},{"key":"S0269888920000259_ref8","unstructured":"ConsenSys \u2013 Harness the power of Ethereum. 2014. available at: https:\/\/new.consensys.net\/"},{"key":"S0269888920000259_ref15","doi-asserted-by":"publisher","DOI":"10.1109\/NOMS.2016.7502849"},{"key":"S0269888920000259_ref7","doi-asserted-by":"crossref","unstructured":"Claise, B. , Ed., 2004. \u201cCisco Systems NetFlow Services Export Version 9\u201d, October.","DOI":"10.17487\/rfc3954"},{"key":"S0269888920000259_ref17","unstructured":"Go Ethereum. 2019. available at: https:\/\/github.com\/ethereum\/go-ethereum"},{"key":"S0269888920000259_ref18","unstructured":"Gruhler, A. , Rodrigues, B. & Stiller, B. 2019. \u201cA Reputation Scheme for a Blockchain-based Network Cooperative Defense\u201d in proc. of the IFIP\/IEEE International Symposium on Integrated Network Management (IM 2019), Washington D.C., USA, pp. 71\u201379, April."},{"key":"S0269888920000259_ref6","unstructured":"Buterin, V. 2015. \u201cOn Public and Private Blockchains\u201d, available at: https:\/\/blog.ethereum.org\/2015\/08\/07\/on-public-and-private-blockchains\/"},{"key":"S0269888920000259_ref38","unstructured":"Solidity Programming Language. 2019. available at: https:\/\/github.com\/ethereum\/solidity"},{"key":"S0269888920000259_ref23","unstructured":"Kone\u010dn\u00fd, J. , McMahan, H. B. , Yu, F. X. , Richt\u00e1rik, P. , Suresh, A. T. & Bacon, D. , 2016. \u201cFederated Learning: Strategies for Improving Communication Efficiency\u201d, available at: https:\/\/arxiv.org\/pdf\/1610.05492."},{"key":"S0269888920000259_ref2","unstructured":"Back, A. , Matt, C ., Luke, D ., Mark, F ., Gregory, M ., Andrew, M ., Andrew, P ., Jorge, T . & Pieter, W . 2014. \u201cEnabling blockchain innovations with pegged sidechains\u201d, available at: http:\/\/www.opensciencereview.com\/papers\/123\/enablingblockchain-innovations-with-pegged-sidechains"},{"key":"S0269888920000259_ref27","doi-asserted-by":"publisher","DOI":"10.1145\/1355734.1355746"},{"key":"S0269888920000259_ref3","unstructured":"Bertin, G. 2017. \u201cXDP in practice: Integrating XDP into our DDoS Mitigation Pipeline\u201d, https:\/\/netdevconf.org\/2.1\/papers\/Gilberto_Bertin_XDP_in_practice.pdf"},{"key":"S0269888920000259_ref5","doi-asserted-by":"crossref","first-page":"485","DOI":"10.1080\/15427951.2004.10129096","article-title":"Network Applications of Bloom Filters: A Survey","volume":"1","author":"Broder","year":"2004","journal-title":"Internet Mathematics"},{"key":"S0269888920000259_ref1","unstructured":"3DCoP: DDoS Defense for a Community of Peers. 2016. available at: https:\/\/galois.com\/project\/3dcop-ddos-defense\/"},{"key":"S0269888920000259_ref13","unstructured":"Ethereum Project. 2015. available at: https:\/\/github.com\/ethereum\/"},{"key":"S0269888920000259_ref40","unstructured":"The Incident Object Description Exchange Format 2007. https:\/\/tools.ietf.org\/html\/rfc5070"},{"key":"S0269888920000259_ref39","unstructured":"The CAIDA UCSD Anonymized Internet Traces 2016. available at: http:\/\/www.caida.org\/data\/passive\/passive_2016_dataset.xml"},{"key":"S0269888920000259_ref19","doi-asserted-by":"publisher","DOI":"10.1145\/3281411.3281443"},{"key":"S0269888920000259_ref28","unstructured":"Memcached DDoS Attacks: 95,000 Servers Vulnerable to Abuse. 2018. available at: https:\/\/www.bankinfosecurity.com\/memcached-ddos-attacks-95000-servers-vulnerable-to-abuse-a-10705"},{"key":"S0269888920000259_ref20","unstructured":"InterPlanetary File System (IPFS). 2015. available at: https:\/\/ipfs.io\/"},{"key":"S0269888920000259_ref4","doi-asserted-by":"crossref","first-page":"422","DOI":"10.1145\/362686.362692","article-title":"Space\/Time Trade-offs in Hash-Coding with Allowable Errors","volume":"13","author":"Bloom","year":"1970","journal-title":"Communications of the ACM"},{"key":"S0269888920000259_ref12","unstructured":"Ethereum Network Stats. 2016. available at: https:\/\/github.com\/cubedro\/eth-netstats"},{"key":"S0269888920000259_ref16","unstructured":"Giotis, K. , Pavlidis, A. , Anagnostou, L. , Dimolianis, M. , Tsigkritis, T. , Kalogeras, D. , Kostopoulos, N. , Kotinas, I. & Maglaris, V. 2018. \u201cBlockchain-based Federation of Network Providers for Collaborative DDoS Mitigation\u201d, 3rd Symposium on Distributed Ledger Technology, Gold Coast, Australia, November."},{"key":"S0269888920000259_ref14","unstructured":"Giotis, K. , Androulidakis, G. & Maglaris, V. 2015. \u201cA Scalable Anomaly Detection and Mitigation Architecture for Legacy Networks via an OpenFlow Middlebox\u201d, in Security and Communication Networks, pp. 1958\u20131970."},{"key":"S0269888920000259_ref25","doi-asserted-by":"publisher","DOI":"10.1109\/DASC\/PiCom\/DataCom\/CyberSciTec.2018.00070"},{"key":"S0269888920000259_ref21","unstructured":"Josang, , A. & Ismail, R . 2002. \u201cThe Beta Reputation System\u201d, in proc. of the 15th Bled Electronic Commerce Conference. 5, 2502\u20132511, June."},{"key":"S0269888920000259_ref31","unstructured":"Netflow Processing Tools \u2013 nfdump. 2018. https:\/\/github.com\/phaag\/nfdump"},{"key":"S0269888920000259_ref22","doi-asserted-by":"publisher","DOI":"10.1109\/ICUFN.2018.8436643"}],"container-title":["The Knowledge Engineering Review"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.cambridge.org\/core\/services\/aop-cambridge-core\/content\/view\/S0269888920000259","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,1,5]],"date-time":"2026-01-05T14:42:17Z","timestamp":1767624137000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.cambridge.org\/core\/product\/identifier\/S0269888920000259\/type\/journal_article"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020]]},"references-count":41,"alternative-id":["S0269888920000259"],"URL":"https:\/\/doi.org\/10.1017\/s0269888920000259","relation":{},"ISSN":["0269-8889","1469-8005"],"issn-type":[{"type":"print","value":"0269-8889"},{"type":"electronic","value":"1469-8005"}],"subject":[],"published":{"date-parts":[[2020]]},"article-number":"e16"}}