A CIDS Mode DDoS Blacklist Mechanism Based on Smart Contract in SAVI-Enable IPv6 Network.

In current IPv6 networks, the increasing number of network devices also boosts the widespread DDoS attacks. Meanwhile, Intrusion Detection System (IDS) is evolved from the individual defense pattern to a distributed and collaborative mode, and Cooperative IDS (CIDS) becomes the mainstream technique. How to improve the overall defense capability through the coordination of information becomes worth studying. In this paper, we propose a DDoS blacklist mechanism with smart contract for IPv6-SAVI (Source Address Validation Improvements) network. In SAVI environment, DDoS source information detected by IDS is considered to be credible. Based on this observation, we design a dynamic update strategy for the reputation of trusted addresses based on the detection results and form a blacklist. Furthermore, we combine CIDS deployment with blockchain to design a blacklist sharing strategy based on smart contract, so that the individual IDS distributed on the chain can realize safe and reliable sharing and updating of the blacklist. Finally, extensive experiments evaluate the performance of our mechanism in terms of latency, overhead, reputation change accuracy, etc., which demonstrates that the blacklist can provide DDoS traffic filtering reference to improve the DDoS mitigation capability.