Information Model for DDoS Open Threat Signaling (DOTS)
draft-reddy-dots-info-model-00

Document Type Expired Internet-Draft (individual)
Last updated 2015-12-31 (latest revision 2015-06-29)
Stream (None)
Intended RFC status (None)
Formats
Expired & archived
pdf htmlized bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at
https://www.ietf.org/archive/id/draft-reddy-dots-info-model-00.txt

Abstract

This document discusses the need and the mechanisms to dynamically update configuration of network monitoring devices to help identify distributed denial-of-service (DDoS) attacks in a network. Once an attack is signalled by a client or detected locally, provisioning cycles are triggered to program a set of network elements to undertake appropriate actions (including, blackhole, drop, rate- limit, or add to watch list) on the suspect traffic.

Authors

Tirumaleswar Reddy.K (tireddy@cisco.com)
Prashanth Patil (praspati@cisco.com)
Mike Geller (mgeller@cisco.com)
Dan Wing (dwing@cisco.com)
Sandeep Rao (rsandeep@cisco.com)
Mohamed Boucadair (mohamed.boucadair@orange.com)

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)