Hi Mingzhe, At the minimum, you need to rename the draft to draft-cui-opsawg-savnet-anti-ddos for it to land in the OPSAWG list of documents.
Cheers. p.s. I have not read the document, but I hope it addresses how a SAV-D device is better than SAV from an operational and security considerations perspective. > On Oct 18, 2024, at 12:39 AM, 邢铭哲 <xingmz=40zgclab.edu...@dmarc.ietf.org> > wrote: > > > Dear OPSAWG Experts, > > > We have submitted a draft titled "SAV-based Anti-DDoS Architecture" > (https://datatracker.ietf.org/doc/draft-cui-savnet-anti-ddos/ > <https://datatracker.ietf.org/doc/draft-cui-savnet-anti-ddos/>), which > focuses on enhancing security operations to defend against DDoS attacks using > a SAV-D controller. The draft is motivated by the observation that spoofed IP > addresses can lead to severe DDoS attacks. While Source Address Validation > (SAV) schemes are an effective means of mitigating such attacks, the limited > deployment of SAV devices impairs their overall performance. > > In this context, we propose the SAV-D architecture to leverage information > from both SAV and non-SAV devices. This approach improves detection accuracy > and incentivizes broader deployment of SAV devices. Specifically, the > architecture allows SAV honeypots, legacy routers, and victim defense systems > to interact with the SAV-D controller, retrieving comprehensive threat > intelligence to inform defense strategies. Furthermore, the SAV honeypots > report malicious packet information to the SAV-D controller, enabling data > analysis and the creation of global threat intelligence. The SAV-D controller > can also provide comprehensive attack situation awareness, helping operators > manage their networks more effectively. Our draft introduces the overall > architecture of the SAV-D controller, the interaction with devices, the data > transmission protocol, workflow, deployment strategies, and examples of > connections. > > Based on SAV-D, we have set up a small-scale experimental environment and > validated the effectiveness of the framework against reflective DDoS attacks. > The details can be found in the paper(SAV-D: Defending DDoS with Incremental > Deployment of SAV ). > > This draft offers a practical operational solution for defending against > spoofed IP DDoS attacks while utilizing existing SAV devices, legacy routers, > and victim defense mechanisms. We submit this to OPSAWG and look forward to > your valuable feedback to improve the draft. > > > > Best regards, > Mingzhe > > <> > _______________________________________________ > OPSAWG mailing list -- opsawg@ietf.org <mailto:opsawg@ietf.org> > To unsubscribe send an email to opsawg-le...@ietf.org > <mailto:opsawg-le...@ietf.org> Mahesh Jethanandani mjethanand...@gmail.com
_______________________________________________ OPSAWG mailing list -- opsawg@ietf.org To unsubscribe send an email to opsawg-le...@ietf.org
