Abstract
DDoS attacks deplete network bandwidth and render the services unavailable to normal users. In spite of various qualitative and rule based defense mechanisms, the threat persists continuously because such mechanisms do not capture the incentive oriented attacker’s intentions. Game theory promises to provide incentive based decision support system to defend against such attacks. The current work proposes a defense mechanism designed as two player zero sum finite horizon repeated game where decisions to allow or drop an incoming traffic at edge router are taken based on a flow-rate threshold. The flow-rate threshold is dynamically adjusted and updated based on maximum payoff obtained by the defender at a particular stage of the game. Payoff is computed by quantifying network conditions and parameters. The normal and attack traffic are modelled using normal and poisson distribution functions respectively. Using these functions, drop and pass probabilities of flows are computed. Further, costs and benefits in respect of the attacker and defender are computed based on the bandwidth utilized by the flows. Subsequently, payoff functions are designed for attacker and defender. Payoff functions are optimized to construct baseline optimal strategies. Nash Equilibrium is obtained using numerical computations which suggests an optimal flow-rate threshold to be set by the defender to secure the network against DDoS attacks round the clock.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Stephen J (2001) The changing face of distributed denial of service mitigation. Available via SANS Institute. https://www.sans.org/reading-room/whitepapers/threats/changing-face-distributed-denial-service-mitigation-462. Accessed 14 Feb 2020
Langner R (2011) Stuxnet: Dissecting a cyberwarfare weapon. IEEE Security & Privacy 9(3):49–51. https://doi.org/10.1109/MSP.2011.67
Corp Symantec (2017) Symanatec internet security threat report, vol 22. https://docs.broadcom.com/doc/istr-22-2017-enAccessed 14 Feb 2020
Innab N, Alamri A (2018) The impact of DDoS on e-commerce. In: IEEE 21st Saudi computer society national computer conference (NCC), Riyadh, Saudi Arabia, 25-26 Apr 2018, pp 1–4. https://doi.org/10.1109/NCG.2018.8593125
Said N B, Biondi F, Bontchev V et al (2018) Detection of Mirai by syntactic and behavioral analysis. In: IEEE 29th international symposium on software reliability engineering (ISSRE), Memphis, TN, USA, 15–18 Oct 2018, pp 224–235. https://doi.org/10.1109/ISSRE.2018.00032
Garg K, Chawla R (2011) Detection of DDoS attacks using data mining. Int J Comput Bus Res (IJCBR) 2(1)
Jaikumar P, Kak AC (2015) A graph-theoretic framework for isolating botnets in a network. Secur Commun Netw 8(16):2605–2623. https://doi.org/10.1002/sec.500
Singh S, Gyanchandani M (2010) Analysis of botnet behavior using queuing theory. Int J Comput Sci Commun 1(2):239-241. Available http://csjournals.com/IJCSC/PDF1-2/49.pdf. Accessed 07 Feb 2020
Zhang B, Zhang T, Yu Z (2017) DDoS detection and prevention based on artificial intelligence techniques. In: 3rd IEEE Int Conf on Computer and Communications (ICCC). p 1276-1280. https://doi.org/10.1109/CompComm.2017.8322748
He Z, Zhang T, Lee R B (2017) Machine learning based DDoS attack detection from source side in cloud. In: 4th international conference on cyber security and cloud computing (CSCloud), pp 114–120. https://doi.org/10.1109/CSCloud.2017.58
Bedi HS, Roy S, Shiva S (2011) Game theory based defense mechanism against DDoS attacks on TCP/TCP IP friendly flow. In: Proceedings of computational intelligence in cyber security (CICS), IEEE Symposium, pp 129–136. https://doi.org/10.1109/CICYBS.2011.5949407
Wu Q, Shiva S, Roy S et al (2010) On modeling and simulation of game theory-based defense mechanisms against DoS and DDoS attacks. In: Proceedings of 2010 spring simulation multiconference, pp 1–8. https://doi.org/10.1145/1878537.1878703
Liu P, Zang W, Yu M (2005) Incentive based modelling and inference of attacker intent, objectives, and strategies. ACM Trans Inf Syst Secur (TISSEC) 8(1):78–118. https://doi.org/10.1145/1053283.1053288
Kumar B, Bhuyan B (2019) Using game theory to model DoS attack and defence. Sadhana 44(12):245. https://doi.org/10.1007/s12046-019-1228-4
Osborne MJ (2004) An introduction to game theory. Oxford University Press, London. ISBN 978-0-19-808610-9
Zheng G, Choo L, Wong K (2011) Optimal cooperative jamming to enhance physical layer security using relays. IEEE Trans Sig Process 59(3):1317–1322. https://doi.org/10.1109/TSP.2010.2092774
Yang J, Kim IM, Kim DI (2013) Optimal cooperative jamming for multiuser broadcast channel with multiple eavesdroppers. IEEE Trans Wirel Commun 12(6):2840–2852. https://doi.org/10.1109/TWC.2013.040413.120972
Zhang N, Lu N, Cheng N et al (2013) Cooperative spectrum access towards secure information transfer for CRNS. IEEE J Sel Areas Commun 31(11):2453–2464. https://doi.org/10.1109/JSAC.2013.131130
Manshaei MH, Zhu Q, Alpcan T et al (2011) Game theory meets network security and privacy. ACM Comput Surv 45(3). https://doi.org/10.1145/2480741.2480742
Prasad R, Constantinos D, Margaret M et al (2003) Bandwidth estimation: metrics, measurement techniques, and tools. IEEE Netw 17(6):27–35. https://doi.org/10.1109/MNET.2003.1248658
Antoniades D, Manos A, Papadogiannakis A et al (2006) Available bandwidth measurement as simple as running wget. In: Proceedings of 7th international conference on passive and active measurements (PAM), Adelaide, Australia, 30–31 March 2006, pp 61–70
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Kumar, B., Bhuyan, B. (2021). Game Theoretical Defense Mechanism Against Bandwidth Based DDoS Attacks. In: Maji, A.K., Saha, G., Das, S., Basu, S., Tavares, J.M.R.S. (eds) Proceedings of the International Conference on Computing and Communication Systems. Lecture Notes in Networks and Systems, vol 170. Springer, Singapore. https://doi.org/10.1007/978-981-33-4084-8_58
Download citation
DOI: https://doi.org/10.1007/978-981-33-4084-8_58
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-33-4083-1
Online ISBN: 978-981-33-4084-8
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)