{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,18]],"date-time":"2025-11-18T23:15:15Z","timestamp":1763507715781,"version":"3.45.0"},"publisher-location":"New York, NY, USA","reference-count":51,"publisher":"ACM","license":[{"start":{"date-parts":[[2017,10,24]],"date-time":"2017-10-24T00:00:00Z","timestamp":1508803200000},"content-version":"vor","delay-in-days":365,"URL":"http:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/100000001","name":"National Science Foundation","doi-asserted-by":"publisher","award":["CNS-0953600"],"award-info":[{"award-number":["CNS-0953600"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2016,10,24]]},"DOI":"10.1145\/2976749.2978306","type":"proceedings-article","created":{"date-parts":[[2016,10,25]],"date-time":"2016-10-25T08:46:35Z","timestamp":1477385195000},"page":"1268-1279","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":33,"title":["MiddlePolice"],"prefix":"10.1145","author":[{"given":"Zhuotao","family":"Liu","sequence":"first","affiliation":[{"name":"University of Illinois at Urbana-Champaign, Urbana, IL, USA"}]},{"given":"Hao","family":"Jin","sequence":"additional","affiliation":[{"name":"Nanjing University, Nanjing, China"}]},{"given":"Yih-Chun","family":"Hu","sequence":"additional","affiliation":[{"name":"University of Illinois at Urbana-Champaign, Urbana, IL, USA"}]},{"given":"Michael","family":"Bailey","sequence":"additional","affiliation":[{"name":"University of Illinois at Urbana-Champaign, Urbana, IL, USA"}]}],"member":"320","published-online":{"date-parts":[[2016,10,24]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"PlanetLab. https:\/\/www.planet-lab.org\/. http:\/\/www.webcitation.org\/6jnE8SIOEWebCite archive."},{"key":"e_1_3_2_1_2_1","unstructured":"AT&T Denial of Service Protection. http:\/\/soc.att.com\/1IIlUec Accessed in 2016. http:\/\/www.webcitation.org\/6jnDvRIgBWebCite archive."},{"key":"e_1_3_2_1_3_1","unstructured":"NS-3: a Discrete-Event Network Simulator. http:\/\/www.nsnam.org\/ Accessed in 2016."},{"key":"e_1_3_2_1_4_1","volume-title":"Accessed in Dec","author":"Relationships CIDR","year":"2015","unstructured":"AS Relationships -- CIDR Report. http:\/\/www.caida.org\/data\/as-relationships\/, Accessed in Dec 2015. http:\/\/www.webcitation.org\/6jnEGOQwjWebCite archive."},{"key":"e_1_3_2_1_5_1","volume-title":"Dec","author":"Names CIDR","year":"2015","unstructured":"AS Names - CIDR Report. http:\/\/www.cidr-report.org\/as2.0\/autnums.html, Dec 2015."},{"key":"e_1_3_2_1_6_1","unstructured":"Akdemir K. Dixon M. Feghali W. Fay P. Gopal V. Guilford J. Ozturk E. Wolrich G. and Zohar R. Breakthrough AES Performance with Intel\u00ae AES New Instructions. Intel white paper (2010)."},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1145\/1402958.1402997"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1145\/972374.972382"},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1145\/1015467.1015499"},{"key":"e_1_3_2_1_10_1","volume-title":"Network Capabilities: The good, the Bad and the Ugly. ACM HotNets-IV","author":"Argyraki K.","year":"2005","unstructured":"Argyraki, K., and Cheriton, D. Network Capabilities: The good, the Bad and the Ugly. ACM HotNets-IV (2005)."},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.5555\/1247360.1247370"},{"key":"e_1_3_2_1_12_1","volume-title":"SIBRA: Scalable Internet Bandwidth Reservation Architecture. NDSS","author":"Basescu C.","year":"2016","unstructured":"Basescu, C., Reischuk, R. M., Szalachowski, P., Perrig, A., Zhang, Y., Hsiao, H.-C., Kubota, A., and Urakawa, J. SIBRA: Scalable Internet Bandwidth Reservation Architecture. NDSS (2016)."},{"key":"e_1_3_2_1_13_1","first-page":"6040","author":"Briscoe","year":"2010","unstructured":"Briscoe, B. Tunnelling of Explicit Congestion Notification. RFC 6040, 2010.","journal-title":"Tunnelling of Explicit Congestion Notification. RFC"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1145\/2785956.2787500"},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1016\/0169-7552(89)90019-6"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/1198255.1198259"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.5555\/1387589.1387593"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.5555\/2831143.2831195"},{"key":"e_1_3_2_1_19_1","volume-title":"Inherently Safe Backup Routing with BGP","author":"Gao L.","year":"2001","unstructured":"Gao, L., Griffin, T. G., and Rexford, J. Inherently Safe Backup Routing with BGP. In IEEE INFOCOM (2001)."},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1145\/2240276.2240277"},{"key":"e_1_3_2_1_21_1","volume-title":"CDN-on-Demand: An Affordable DDoS Defense via Untrusted Clouds. NDSS","author":"Gilad Y.","year":"2016","unstructured":"Gilad, Y., Herzberg, A., Sudkovitch, M., and Goberman, M. CDN-on-Demand: An Affordable DDoS Defense via Untrusted Clouds. NDSS (2016)."},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1145\/1851182.1851195"},{"key":"e_1_3_2_1_23_1","volume-title":"Intel","author":"Gueron S.","year":"2010","unstructured":"Gueron, S. Intel Advanced Encryption Standard (AES) Instructions Set. White Paper, Intel (2010)."},{"key":"e_1_3_2_1_24_1","volume-title":"T. UDP Encapsulation in Linux. In The Technical Conference on Linux Networking","author":"Herbert","year":"2015","unstructured":"Herbert, T. UDP Encapsulation in Linux. In The Technical Conference on Linux Networking (2015)."},{"key":"e_1_3_2_1_25_1","volume-title":"Implementing Pushback: Router-Based Defense Against DDoS Attacks. USENIX NSDI","author":"Ioannidis J.","year":"2002","unstructured":"Ioannidis, J., and Bellovin, S. M. Implementing Pushback: Router-Based Defense Against DDoS Attacks. USENIX NSDI (2002)."},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.5555\/1323128.1323135"},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1145\/633025.633032"},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1145\/1866307.1866404"},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.5555\/2671225.2671233"},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1145\/863955.863966"},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2014.12"},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.5555\/1387589.1387615"},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1145\/1402958.1402981"},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1145\/1851182.1851214"},{"key":"e_1_3_2_1_35_1","volume-title":"Using Machine Learning Technliques to Identify Botnet Traffic","author":"Livadas C.","year":"2006","unstructured":"Livadas, C., Walsh, R., Lapsley, D., and Strayer, W. T. Using Machine Learning Technliques to Identify Botnet Traffic. In IEEE LCN (2006)."},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1145\/571697.571724"},{"key":"e_1_3_2_1_37_1","volume-title":"Mirage: Towards Deployable DDoS Defense for Web Applications. arXiv preprint arXiv:1110.1060","author":"Mittal P.","year":"2011","unstructured":"Mittal, P., Kim, D., Hu, Y.-C., and Caesar, M. Mirage: Towards Deployable DDoS Defense for Web Applications. arXiv preprint arXiv:1110.1060 (2011)."},{"key":"e_1_3_2_1_38_1","volume-title":"Universal DDoS Mitigation Bypass. Black Hat USA","author":"Miu T. T.","year":"2013","unstructured":"Miu, T. T., Hui, A. K., Lee, W., Luo, D. X., Chung, A. K., and Wong, J. W. Universal DDoS Mitigation Bypass. Black Hat USA (2013)."},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1145\/2656877.2656885"},{"key":"e_1_3_2_1_40_1","volume-title":"Worldwide Infrastructure Security Report","author":"Networks A.","year":"2016","unstructured":"Networks, A. Worldwide Infrastructure Security Report, Volume IX. https:\/\/www.arbornetworks.com\/images\/documents\/WISR2016_EN_Web.pdf, 2016."},{"key":"e_1_3_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.1145\/1282380.1282413"},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1145\/2619239.2626318"},{"key":"e_1_3_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.1145\/347059.347560"},{"key":"e_1_3_2_1_44_1","volume-title":"NDSS","author":"Shin S.","year":"2013","unstructured":"Shin, S., Porras, P., Yegneswaran, V., Fong, M., Gu, G., and Tyson, M. FRESCO: Modular Composable Security Services for Software-Defined Detworks. In NDSS (2013)."},{"key":"e_1_3_2_1_45_1","volume-title":"INFOCOM","author":"Song D. X.","year":"2001","unstructured":"Song, D. X., and Perrig, A. Advanced and Authenticated Marking Schemes for IP Traceback. In INFOCOM (2001)."},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1145\/2018436.2018452"},{"key":"e_1_3_2_1_47_1","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813633"},{"key":"e_1_3_2_1_48_1","doi-asserted-by":"publisher","unstructured":"Walfish M. Vutukuru M. Balakrishnan H. Karger D. and Shenker S. DDoS Defense by Offense. In ACM SIGCOMM (2006). 10.1145\/1159913.1159948","DOI":"10.1145\/1159913.1159948"},{"key":"e_1_3_2_1_49_1","volume-title":"SIFF: A Stateless Internet Flow Filter to Mitigate DDoS Flooding Attacks","author":"Yaar A.","year":"2004","unstructured":"Yaar, A., Perrig, A., and Song, D. SIFF: A Stateless Internet Flow Filter to Mitigate DDoS Flooding Attacks. In IEEE S&P (2004)."},{"key":"e_1_3_2_1_50_1","doi-asserted-by":"publisher","DOI":"10.1145\/1080091.1080120"},{"key":"e_1_3_2_1_51_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2011.45"}],"event":{"name":"CCS'16: 2016 ACM SIGSAC Conference on Computer and Communications Security","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"],"location":"Vienna Austria","acronym":"CCS'16"},"container-title":["Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2976749.2978306","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2976749.2978306","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2976749.2978306","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,11,18]],"date-time":"2025-11-18T09:25:56Z","timestamp":1763457956000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2976749.2978306"}},"subtitle":["Toward Enforcing Destination-Defined Policies in the Middle of the Internet"],"short-title":[],"issued":{"date-parts":[[2016,10,24]]},"references-count":51,"alternative-id":["10.1145\/2976749.2978306","10.1145\/2976749"],"URL":"https:\/\/doi.org\/10.1145\/2976749.2978306","relation":{},"subject":[],"published":{"date-parts":[[2016,10,24]]},"assertion":[{"value":"2016-10-24","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}