A game theory based rate limiting scheme against Distributed Denial-of-Service attacks

Author

Tian Zhihong ; Jiang Wei ; Wu Zhen ; Zou Xin

Author_Institution

Res. Center of Comput. Network & Inf. Security Technol., Harbin Inst. of Technol., Harbin, China

fYear

2010

fDate

16-18 April 2010

Firstpage

444

Lastpage

448

Abstract

Distributed Denial-of-Service (DDoS) attacks are a critical threat to the Internet. This paper introduces a novel DDoS defense scheme that supports automated online attack characterizations and accurate attack packet discarding based on game theory. The key idea is to formulate the bandwidth computing as a noncooperative game. And then a high volume of simulations is done to compute the Nash equilibria of the game. DDoS attacks and which kinds of attacking strategies are more dangerous or more likely to be enforced by the attacker are given in the simulations. Our method may substantially improve people´s understanding about the nature of the DDoS threat and the defense system´s resilience against this threat.

Keywords

Internet; computer network security; game theory; Internet; Nash equilibria; attack packet discarding; automated online attack characterizations; bandwidth computing; distributed denial-of-service attacks; game theory; noncooperative game; rate limiting scheme; Bandwidth; Computational modeling; Computer crime; Computer networks; Counting circuits; Game theory; IP networks; Information security; Matched filters; Telecommunication traffic; Distributed Denial-of-Service Attacks; Game theory; Nash equilibrium; Rate limit;

fLanguage

English

Publisher

ieee

Conference_Titel

Information Management and Engineering (ICIME), 2010 The 2nd IEEE International Conference on

Conference_Location

Chengdu

Print_ISBN

978-1-4244-5263-7

Type

conf

DOI

10.1109/ICIME.2010.5477866

Filename

5477866