I-D Action: draft-fu-dots-ipfix-extension-01.txt
internet-drafts@ietf.org Tue, 14 June 2016 03:34 UTC
Return-Path: <internet-drafts@ietf.org>
X-Original-To: i-d-announce@ietf.org
Delivered-To: i-d-announce@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id BEBDC12D771 for <i-d-announce@ietf.org>; Mon, 13 Jun 2016 20:34:49 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: internet-drafts@ietf.org
To: i-d-announce@ietf.org
Subject: I-D Action: draft-fu-dots-ipfix-extension-01.txt
X-Test-IDTracker: no
X-IETF-IDTracker: 6.22.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <20160614033449.6911.64471.idtracker@ietfa.amsl.com>
Date: Mon, 13 Jun 2016 20:34:49 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/i-d-announce/wXlOgydlNQIJrcPY_mAMwto8LwE>
X-BeenThere: i-d-announce@ietf.org
X-Mailman-Version: 2.1.17
Reply-To: internet-drafts@ietf.org
List-Id: Internet Draft Announcements only <i-d-announce.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/i-d-announce>, <mailto:i-d-announce-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/i-d-announce/>
List-Post: <mailto:i-d-announce@ietf.org>
List-Help: <mailto:i-d-announce-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/i-d-announce>, <mailto:i-d-announce-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 14 Jun 2016 03:34:50 -0000
A New Internet-Draft is available from the on-line Internet-Drafts directories.
Title : IPFIX IE Extensions for DDoS Attack Detection
Authors : Tianfu Fu
DaCheng Zhang
Liang Xia
Min Li
Filename : draft-fu-dots-ipfix-extension-01.txt
Pages : 21
Date : 2016-06-13
Abstract:
DDoS Open Threat Signaling (DOTS) Working Group is for developing
the standard signaling mechanisms, together with the DDoS related
telemetry and threat handling requests and data transmitted by them
used in DDoS problem space. Although IP Flow Information Export
(IPFIX), Packet Sampling (PSAMP), and Packet Selection methods are
useful for network security inspection, there are still some gaps
existing to identify some categories of DDoS attacks. To fill in
the gaps, this document describes the connection sampling mechanism
and explains why it is needed for detecting DDoS attacks. It also
defines several new IPFIX Information Elements (IEs). Then, it
presents some examples to show how to use these new IPFIX IEs
together with the existing IPFIX IEs to detect specific DDoS attacks.
The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-fu-dots-ipfix-extension/
There's also a htmlized version available at:
https://tools.ietf.org/html/draft-fu-dots-ipfix-extension-01
A diff from the previous version is available at:
https://www.ietf.org/rfcdiff?url2=draft-fu-dots-ipfix-extension-01
Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
- I-D Action: draft-fu-dots-ipfix-extension-01.txt internet-drafts