On modeling and simulation of game theory-based defense mechanisms against DoS and DDoS attacks

Qishi Wu, Sajjan Shiva, Sankardas Roy, Charles Ellis, Vivek Datla

Research output: Chapter in Book/Report/Conference proceedingConference contribution

55 Scopus citations


As cyber attacks continue to grow in number, scope, and severity, the cyber security problem has become increasingly important and challenging to both academic researchers and industry practitioners. We explore the applicability of game theoretic approaches to the cyber security problem with focus on active bandwidth depletion attacks. We model the interaction between the attacker and the defender as a two-player non-zero-sum game in two attack scenarios: (i) one single attacking node for Denial of Service (DoS) and (ii) multiple attacking nodes for Distributed DoS (DDoS). The defender's challenge is to determine optimal firewall settings to block rogue traffics while allowing legitimate ones. Our analysis considers the worst-case scenario where the attacker also attempts to find the most effective sending rate or botnet size. In either case, we build both static and dynamic game models to compute the Nash equilibrium that represents the best strategy of the defender. We validate the effectiveness of our game theoretic defense mechanisms via extensive simulation-based experiments using NS-3.

Original languageEnglish (US)
Title of host publicationSpring Simulation Multiconference 2010, SpringSim'10
StatePublished - 2010
Externally publishedYes
Event2010 Spring Simulation Multiconference, SpringSim'10 - Orlando, FL, United States
Duration: Apr 11 2010Apr 15 2010

Publication series

NameSpring Simulation Multiconference 2010, SpringSim'10


Other2010 Spring Simulation Multiconference, SpringSim'10
Country/TerritoryUnited States
CityOrlando, FL

All Science Journal Classification (ASJC) codes

  • Applied Mathematics
  • Modeling and Simulation


  • DDoS
  • DoS
  • Dynamic games
  • Game theory
  • Static games


Dive into the research topics of 'On modeling and simulation of game theory-based defense mechanisms against DoS and DDoS attacks'. Together they form a unique fingerprint.

Cite this