Title :
A game theory based rate limiting scheme against Distributed Denial-of-Service attacks
Author :
Tian Zhihong ; Jiang Wei ; Wu Zhen ; Zou Xin
Author_Institution :
Res. Center of Comput. Network & Inf. Security Technol., Harbin Inst. of Technol., Harbin, China
Abstract :
Distributed Denial-of-Service (DDoS) attacks are a critical threat to the Internet. This paper introduces a novel DDoS defense scheme that supports automated online attack characterizations and accurate attack packet discarding based on game theory. The key idea is to formulate the bandwidth computing as a noncooperative game. And then a high volume of simulations is done to compute the Nash equilibria of the game. DDoS attacks and which kinds of attacking strategies are more dangerous or more likely to be enforced by the attacker are given in the simulations. Our method may substantially improve people´s understanding about the nature of the DDoS threat and the defense system´s resilience against this threat.
Keywords :
Internet; computer network security; game theory; Internet; Nash equilibria; attack packet discarding; automated online attack characterizations; bandwidth computing; distributed denial-of-service attacks; game theory; noncooperative game; rate limiting scheme; Bandwidth; Computational modeling; Computer crime; Computer networks; Counting circuits; Game theory; IP networks; Information security; Matched filters; Telecommunication traffic; Distributed Denial-of-Service Attacks; Game theory; Nash equilibrium; Rate limit;
Conference_Titel :
Information Management and Engineering (ICIME), 2010 The 2nd IEEE International Conference on
Conference_Location :
Chengdu
Print_ISBN :
978-1-4244-5263-7
DOI :
10.1109/ICIME.2010.5477866
