Game-Theoretical Effectiveness Evaluation of DDoS Defense

Author

Shi, Pan ; Lian, Yifeng

Author_Institution

GUCAS, Beijing

fYear

2008

fDate

13-18 April 2008

Firstpage

427

Lastpage

433

Abstract

In the distributed denial of service (DDoS) defense research, rate-limiting methods have been proposed to alleviate the damage of attacks according to different congestion control mechanisms. This paper presents a new game-theoretical methodology to evaluate effectiveness of typical DDoS defense mechanisms quantitatively. A complete strategic game model is constituted for DDoS attack and defense warfare. Besides simulation studies, mixed strategic Nash equilibrium is computed to analysis and predict DDoS warfare behaviors in the end of the paper. In this model, the comparing performances of congestion control mechanisms such as aggregated-based congestion control (ACC) and pushback are denoted by the results of utility function. At last, probabilistic results are given to conclude and interpret the using and availability of this methodology.

Keywords

Internet; game theory; probability; telecommunication congestion control; telecommunication security; DDoS attack; DDoS warfare behavior; aggregated-based congestion control; defense warfare; distributed denial of service defense; game theory; probability; pushback; rate limiting; strategic Nash equilibrium; strategic game model; Aggregates; Availability; Computer crime; Degradation; Filtering; Information security; Monitoring; Nash equilibrium; Predictive models; Protocols; DDoS; Game Theory; congestion control; effectiveness evaluation;

fLanguage

English

Publisher

ieee

Conference_Titel

Networking, 2008. ICN 2008. Seventh International Conference on

Conference_Location

Cancun

Print_ISBN

978-0-7695-3106-9

Electronic_ISBN

978-0-7695-3106-9

Type

conf

DOI

10.1109/ICN.2008.121

Filename

4498199