Introduce DoS type for DOTS signaling
draft-yang-dos-type-for-dots-00

Document Type Active Internet-Draft (individual)
Last updated 2018-07-02
Stream (None)
Intended RFC status (None)
Formats plain text xml pdf html bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state I-D Exists
Telechat date
Responsible AD (None)
Send notices to (None)
DOTS                                                             B. Yang
Internet-Draft                                              China Mobile
Intended status: Informational                              July 1, 2018
Expires: January 2, 2019

                 Introduce DoS type for DOTS signaling
                    draft-yang-dos-type-for-dots-00

Abstract

   The purpose of this document is to analyze the usage of DoS type in
   DOTS signaling, provide a classification framework for DoS type, and
   give suggestions on introducing DoS-Type into DOTS signaling.

Status of This Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list of current Internet-
   Drafts is at https://datatracker.ietf.org/drafts/current/.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   This Internet-Draft will expire on January 2, 2019.

Copyright Notice

   Copyright (c) 2018 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (https://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.

Yang                     Expires January 2, 2019                [Page 1]
Internet-Draft              DoS Type for DOTS                  July 2018

Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   2
   2.  Requirements Language . . . . . . . . . . . . . . . . . . . .   2
   3.  Terminology and Abbreviations . . . . . . . . . . . . . . . .   3
   4.  Usage of DoS-type in DOTS signaling . . . . . . . . . . . . .   3
   5.  Defination of DoS-type  . . . . . . . . . . . . . . . . . . .   4
   6.  Suggetion on adding DoS-type into DOTS signaling message  . .   6
   7.  Normative References  . . . . . . . . . . . . . . . . . . . .   6
   Author's Address  . . . . . . . . . . . . . . . . . . . . . . . .   6

1.  Introduction

   DOTS defines a method of coordinating defensive measures among
   willing peers to mitigate attacks quickly and efficiently, DOTS
   signaling enables hybrid attack coordination between DOTS client that
   talks with attack target and DOTS server that talks with Mitigators
   [draft-ietf-dots-architecture].  But in [draft-ietf-dots-signal-
   channel] the YANG module "ietf-dots-signal-channel" did not include
   the DoS-Type field, which is important for the DDoS mitigation as
   well as network operations.

   DoS attacks can be genrated using different mechanism, such as ICMP
   Flood, TCP Flag Misuse, DNS replay.  Here list some DoS that occurs
   in different layer:

   o  Network layer: ICMP

   o  Transport layer: TCP, UDP

   o  Application layer: HTTP, SIP, DNS, NTP, ...

   Different DDoS mechanism may requires different mitigation method.
   but currently, different vendors have different view point on
   classifying DoS, which leads to interoperating and interworking
   issues.

   This document is to analyze the usage of DoS type in DOTS signaling,
   provide a classification framework for DoS type, and give suggestions
   on introducing DoS-Type into DOTS signaling.

2.  Requirements Language

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in RFC 2119 [RFC2119].

Yang                     Expires January 2, 2019                [Page 2]
Internet-Draft              DoS Type for DOTS                  July 2018

3.  Terminology and Abbreviations

   The terminology and abbreviations used in this document are defined
   in this section.

   o  DDoS: A distributed denial-of-service attack, in which traffic
      originating from multiple sources is directed at a target on a
      network.  DDoS attacks are intended to cause a negative impact on
      the availability and/or other functionality of an attack target.
      Denial-of-service considerations are discussed in detail in [RFC
      4732].

   o  DDoS attack target: A network connected entity with a finite set
      of resources, such as network bandwidth, memory or CPU, that is
Show full document text