Skip to content

A Game Theoretic Defence Framework Against DoS/DDoS Cyber Attacks

Research output: Contribution to journalArticle

Original languageEnglish
Pages (from-to)39-50
JournalComputers & Security
Volume38
Early online date3 Apr 2013
DOIs
StatePublished - Oct 2013

Abstract

In the research area of network security, game-theoretic approaches have been previously employed in order to explore the interaction between an attacker and a defender during a Distributed Denial of Service (DDoS) attack scenario. Existing literature investigates payoffs and optimal strategies for both parties, in order to provide the defender with an optimal defence strategy. In this paper, we model a DDoS attack as a one-shot, non-cooperative, zero-sum game. We extend previous work by incorporating in our model a richer set of options available to the attacker compared to what has been previously achieved. We investigate multiple permutations in terms of the cost to perform an attack, the number of attacking nodes, malicious traffic probability distributions and their parameters. We analytically demonstrate that there exists a single optimal strategy available to the defender. By adopting it, the defender sets an upper boundary to attacker payoff, which can only be achieved if the attacker is a rational player. For all other attack strategies (those adopted by irrational attackers), attacker payoff will be lower than this boundary.

Research areas

  • DoS, DDoS, Game Theory, Network Security, Defence Mechanism, Firewall

Documents

DOI

View research connections

Related faculties, schools or groups