On modeling and simulation of game theory-based defense mechanisms against DoS and DDoS attacks

Qishi Wu; Sajjan Shiva; Sankardas Roy; Charles Ellis; Vivek Datla

doi:10.1145/1878537.1878703

On modeling and simulation of game theory-based defense mechanisms against DoS and DDoS attacks

Qishi Wu, Sajjan Shiva, Sankardas Roy, Charles Ellis, Vivek Datla

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

57 Scopus citations

Abstract

As cyber attacks continue to grow in number, scope, and severity, the cyber security problem has become increasingly important and challenging to both academic researchers and industry practitioners. We explore the applicability of game theoretic approaches to the cyber security problem with focus on active bandwidth depletion attacks. We model the interaction between the attacker and the defender as a two-player non-zero-sum game in two attack scenarios: (i) one single attacking node for Denial of Service (DoS) and (ii) multiple attacking nodes for Distributed DoS (DDoS). The defender's challenge is to determine optimal firewall settings to block rogue traffics while allowing legitimate ones. Our analysis considers the worst-case scenario where the attacker also attempts to find the most effective sending rate or botnet size. In either case, we build both static and dynamic game models to compute the Nash equilibrium that represents the best strategy of the defender. We validate the effectiveness of our game theoretic defense mechanisms via extensive simulation-based experiments using NS-3.

Original language	English (US)
Title of host publication	Spring Simulation Multiconference 2010, SpringSim'10
DOIs	https://doi.org/10.1145/1878537.1878703
State	Published - 2010
Externally published	Yes
Event	2010 Spring Simulation Multiconference, SpringSim'10 - Orlando, FL, United States Duration: Apr 11 2010 → Apr 15 2010

Publication series

Name	Spring Simulation Multiconference 2010, SpringSim'10

Other

Other	2010 Spring Simulation Multiconference, SpringSim'10
Country/Territory	United States
City	Orlando, FL
Period	4/11/10 → 4/15/10

All Science Journal Classification (ASJC) codes

Applied Mathematics
Modeling and Simulation

Keywords

DDoS
DoS
Dynamic games
Game theory
Static games

Access to Document

10.1145/1878537.1878703

Cite this

@inproceedings{176ec7c52c2348058a587d0edc49976c,

title = "On modeling and simulation of game theory-based defense mechanisms against DoS and DDoS attacks",

abstract = "As cyber attacks continue to grow in number, scope, and severity, the cyber security problem has become increasingly important and challenging to both academic researchers and industry practitioners. We explore the applicability of game theoretic approaches to the cyber security problem with focus on active bandwidth depletion attacks. We model the interaction between the attacker and the defender as a two-player non-zero-sum game in two attack scenarios: (i) one single attacking node for Denial of Service (DoS) and (ii) multiple attacking nodes for Distributed DoS (DDoS). The defender's challenge is to determine optimal firewall settings to block rogue traffics while allowing legitimate ones. Our analysis considers the worst-case scenario where the attacker also attempts to find the most effective sending rate or botnet size. In either case, we build both static and dynamic game models to compute the Nash equilibrium that represents the best strategy of the defender. We validate the effectiveness of our game theoretic defense mechanisms via extensive simulation-based experiments using NS-3.",

keywords = "DDoS, DoS, Dynamic games, Game theory, Static games",

author = "Qishi Wu and Sajjan Shiva and Sankardas Roy and Charles Ellis and Vivek Datla",

year = "2010",

doi = "10.1145/1878537.1878703",

language = "English (US)",

isbn = "9781450300698",

series = "Spring Simulation Multiconference 2010, SpringSim'10",

booktitle = "Spring Simulation Multiconference 2010, SpringSim'10",

note = "2010 Spring Simulation Multiconference, SpringSim'10 ; Conference date: 11-04-2010 Through 15-04-2010",

}

Wu, Q, Shiva, S, Roy, S, Ellis, C & Datla, V 2010, On modeling and simulation of game theory-based defense mechanisms against DoS and DDoS attacks. in Spring Simulation Multiconference 2010, SpringSim'10., 159, Spring Simulation Multiconference 2010, SpringSim'10, 2010 Spring Simulation Multiconference, SpringSim'10, Orlando, FL, United States, 4/11/10. https://doi.org/10.1145/1878537.1878703

TY - GEN

T1 - On modeling and simulation of game theory-based defense mechanisms against DoS and DDoS attacks

AU - Wu, Qishi

AU - Shiva, Sajjan

AU - Roy, Sankardas

AU - Ellis, Charles

AU - Datla, Vivek

PY - 2010

Y1 - 2010

N2 - As cyber attacks continue to grow in number, scope, and severity, the cyber security problem has become increasingly important and challenging to both academic researchers and industry practitioners. We explore the applicability of game theoretic approaches to the cyber security problem with focus on active bandwidth depletion attacks. We model the interaction between the attacker and the defender as a two-player non-zero-sum game in two attack scenarios: (i) one single attacking node for Denial of Service (DoS) and (ii) multiple attacking nodes for Distributed DoS (DDoS). The defender's challenge is to determine optimal firewall settings to block rogue traffics while allowing legitimate ones. Our analysis considers the worst-case scenario where the attacker also attempts to find the most effective sending rate or botnet size. In either case, we build both static and dynamic game models to compute the Nash equilibrium that represents the best strategy of the defender. We validate the effectiveness of our game theoretic defense mechanisms via extensive simulation-based experiments using NS-3.

AB - As cyber attacks continue to grow in number, scope, and severity, the cyber security problem has become increasingly important and challenging to both academic researchers and industry practitioners. We explore the applicability of game theoretic approaches to the cyber security problem with focus on active bandwidth depletion attacks. We model the interaction between the attacker and the defender as a two-player non-zero-sum game in two attack scenarios: (i) one single attacking node for Denial of Service (DoS) and (ii) multiple attacking nodes for Distributed DoS (DDoS). The defender's challenge is to determine optimal firewall settings to block rogue traffics while allowing legitimate ones. Our analysis considers the worst-case scenario where the attacker also attempts to find the most effective sending rate or botnet size. In either case, we build both static and dynamic game models to compute the Nash equilibrium that represents the best strategy of the defender. We validate the effectiveness of our game theoretic defense mechanisms via extensive simulation-based experiments using NS-3.

KW - DDoS

KW - DoS

KW - Dynamic games

KW - Game theory

KW - Static games

UR - http://www.scopus.com/inward/record.url?scp=78650626363&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=78650626363&partnerID=8YFLogxK

U2 - 10.1145/1878537.1878703

DO - 10.1145/1878537.1878703

M3 - Conference contribution

AN - SCOPUS:78650626363

SN - 9781450300698

T3 - Spring Simulation Multiconference 2010, SpringSim'10

BT - Spring Simulation Multiconference 2010, SpringSim'10

T2 - 2010 Spring Simulation Multiconference, SpringSim'10

Y2 - 11 April 2010 through 15 April 2010

ER -

On modeling and simulation of game theory-based defense mechanisms against DoS and DDoS attacks

Abstract

Publication series

Other

All Science Journal Classification (ASJC) codes

Keywords

Access to Document

Other files and links

Fingerprint

Cite this