A game inspired defense mechanism against distributed denial of service attacks. Issue 12 (17th January 2014)
- Record Type:
- Journal Article
- Title:
- A game inspired defense mechanism against distributed denial of service attacks. Issue 12 (17th January 2014)
- Main Title:
- A game inspired defense mechanism against distributed denial of service attacks
- Authors:
- Bedi, Harkeerat
Shiva, Sajjan
Roy, Sankardas - Abstract:
- <abstract abstract-type="main" id="sec949-abs-0001"> <title>ABSTRACT</title> <p id="sec949-para-0001">Game theory offers a promising approach toward modeling cyber attacks and countermeasures as games played among attackers and system defenders. The widely accepted concept of Nash equilibrium can be used to determine the optimal strategy for all players playing the game. In this work, we demonstrate the applicability of game theory in modeling the defense against distributed denial of service attacks. In particular, we focus on attack scenarios that attempt to create congestion in bottleneck network links. We design a game model to determine the best defense strategy for the defender in such attack scenarios. In our model, the attacker uses a botnet consisting of multiple nodes to send rogue traffic in order to flood one or more links in the target network. The defender's challenge is to determine the best firewall settings to block rogue traffic while allowing legitimate traffic. We validate our game model using simulation. Furthermore, we build a comprehensive defense architecture called game inspired defense architecture and test its performance via emulation on one publicly available testbed called DeterLab. Open source software, such as Bro intrusion detection system, Dummynet network emulator, IP firewall, and Iperf network testing tool are used to build game inspired defense architecture. Our proposed defense solution exhibits promising results during both simulation<abstract abstract-type="main" id="sec949-abs-0001"> <title>ABSTRACT</title> <p id="sec949-para-0001">Game theory offers a promising approach toward modeling cyber attacks and countermeasures as games played among attackers and system defenders. The widely accepted concept of Nash equilibrium can be used to determine the optimal strategy for all players playing the game. In this work, we demonstrate the applicability of game theory in modeling the defense against distributed denial of service attacks. In particular, we focus on attack scenarios that attempt to create congestion in bottleneck network links. We design a game model to determine the best defense strategy for the defender in such attack scenarios. In our model, the attacker uses a botnet consisting of multiple nodes to send rogue traffic in order to flood one or more links in the target network. The defender's challenge is to determine the best firewall settings to block rogue traffic while allowing legitimate traffic. We validate our game model using simulation. Furthermore, we build a comprehensive defense architecture called game inspired defense architecture and test its performance via emulation on one publicly available testbed called DeterLab. Open source software, such as Bro intrusion detection system, Dummynet network emulator, IP firewall, and Iperf network testing tool are used to build game inspired defense architecture. Our proposed defense solution exhibits promising results during both simulation and emulation. Copyright © 2014 John Wiley &amp; Sons, Ltd.</p> </abstract> … (more)
- Is Part Of:
- Security and communication networks. Volume 7:Issue 12(2014:Dec.)
- Journal:
- Security and communication networks
- Issue:
- Volume 7:Issue 12(2014:Dec.)
- Issue Display:
- Volume 7, Issue 12 (2014)
- Year:
- 2014
- Volume:
- 7
- Issue:
- 12
- Issue Sort Value:
- 2014-0007-0012-0000
- Page Start:
- 2389
- Page End:
- 2404
- Publication Date:
- 2014-01-17
- Subjects:
- Computer networks -- Security measures -- Periodicals
Computer security -- Periodicals
Cryptography -- Periodicals
005.805 - Journal URLs:
- http://onlinelibrary.wiley.com/journal/10.1002/(ISSN)1939-0122 ↗
https://www.hindawi.com/journals/scn/ ↗
http://onlinelibrary.wiley.com/ ↗ - DOI:
- 10.1002/sec.949 ↗
- Languages:
- English
- ISSNs:
- 1939-0114
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library HMNTS - ELD Digital store
- Ingest File:
- 3481.xml