On modeling and simulation of game theory-based defense mechanisms against DoS and DDoS attacks


As cyber attacks continue to grow in number, scope, and severity, the cyber security problem has become increasingly important and challenging to both academic researchers and industry practitioners. We explore the applicability of game theoretic approaches to the cyber security problem with focus on active bandwidth depletion attacks. We model the interaction between the attacker and the defender as a two-player non-zero-sum game in two attack scenarios: (i) one single attacking node for Denial of Service (DoS) and (ii) multiple attacking nodes for Distributed DoS (DDoS). The defender's challenge is to determine optimal firewall settings to block rogue traffics while allowing legitimate ones. Our analysis considers the worst-case scenario where the attacker also attempts to find the most effective sending rate or botnet size. In either case, we build both static and dynamic game models to compute the Nash equilibrium that represents the best strategy of the defender. We validate the effectiveness of our game theoretic defense mechanisms via extensive simulation-based experiments using NS-3. © 2010 SCS.

Publication Title

Spring Simulation Multiconference 2010, SpringSim'10