Bandwidth Flooding

The idea behind bandwidth flooding is to exhaust all available bandwidth to particular organization the main target`s are Outside Links and Edge Routers.

Attack Vectors

There is no common pattern for such type of attack The attacker can use other well know type of attacks like DDoS , Smurf , Syn , UDP and ICMP flooding Zombies and etc.

On figure 1 you can see what the target of the attack is:

Untitled

By exhausting  all available link bandwidth attacker will successfully block all communication between internet and this particular autonomous system (AS) .

Mitigations

Setting filters on internal links to drop traffic will not help so much , traffic will still come to victim AS  disrupting all communications. Most affective way is to use RTBH or remote triggered black hole routing , black hole mean that traffic is switched to the router’s bit bucket and  dropped client AS can send particular prefix with special community to the ISP as result all router is ISP AS will install black hole routing entry for this host or network on the ISP boundaries  .