Sustaining Availability of Web Services under Distributed Denial of Service Attacks
IEEE Transactions on Computers
A taxonomy of DDoS attack and DDoS defense mechanisms
ACM SIGCOMM Computer Communication Review
Model-Based Evaluation: From Dependability to Security
IEEE Transactions on Dependable and Secure Computing
RINSE: The Real-Time Immersive Network Simulation Environment for Network Security Exercises
Proceedings of the 19th Workshop on Principles of Advanced and Distributed Simulation
Mayday: distributed filtering for internet services
USITS'03 Proceedings of the 4th conference on USENIX Symposium on Internet Technologies and Systems - Volume 4
Monitoring security events using integrated correlation-based techniques
Proceedings of the 5th Annual Workshop on Cyber Security and Information Intelligence Research: Cyber Security and Information Intelligence Challenges and Strategies
Design and Validation of PATRICIA for the Mitigation of Network Flooding Attacks
CSE '09 Proceedings of the 2009 International Conference on Computational Science and Engineering - Volume 02
FlowMonitor: a network monitoring framework for the network simulator 3 (NS-3)
Proceedings of the Fourth International ICST Conference on Performance Evaluation Methodologies and Tools
A Survey of Game Theory as Applied to Network Security
HICSS '10 Proceedings of the 2010 43rd Hawaii International Conference on System Sciences
Game theory for cyber security
Proceedings of the Sixth Annual Workshop on Cyber Security and Information Intelligence Research
Proceedings of the International Conference on Advances in Computing, Communications and Informatics
Towards a bayesian network game framework for evaluating DDoS attacks and defense
Proceedings of the 2012 ACM conference on Computer and communications security
Hi-index | 0.00 |
As cyber attacks continue to grow in number, scope, and severity, the cyber security problem has become increasingly important and challenging to both academic researchers and industry practitioners. We explore the applicability of game theoretic approaches to the cyber security problem with focus on active bandwidth depletion attacks. We model the interaction between the attacker and the defender as a two-player non-zero-sum game in two attack scenarios: (i) one single attacking node for Denial of Service (DoS) and (ii) multiple attacking nodes for Distributed DoS (DDoS). The defender's challenge is to determine optimal firewall settings to block rogue traffics while allowing legitimate ones. Our analysis considers the worst-case scenario where the attacker also attempts to find the most effective sending rate or botnet size. In either case, we build both static and dynamic game models to compute the Nash equilibrium that represents the best strategy of the defender. We validate the effectiveness of our game theoretic defense mechanisms via extensive simulation-based experiments using NS-3.