Abstract
In a typical DDoS attack and defense scenario, both the attacker and the defender will take actions to maximize their utilities. However, each player does not know his opponent’s investment and cannot adopt the optimal strategies. We formalize a Bayesian game model to handle these uncertainties and specify two problems usually faced by the defender when choosing defense measures. A nonlinear programming method is proposed to handle policies’ permutation in order to maximize the defender’s utility. Followed the Nash equilibrium, security administrators can take optimal strategies. Finally, the practicality and effectiveness of the model and method are illustrated by an example.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Dewri, R., Poolsappasit, N., Ray, I., Whitley, D.: Optimal Security Hardening Using Multi-objective Optimization on Attack Tree Models of Networks. In: Proceedings of the 14th ACM Conference on Computer and Communications Security (CCS), pp. 204–213 (2007)
Butler, S.: Security Attribute Evaluation Method: A Cost-Benefit Approach. In: Proceedings of ICSE 2002 International Conference on Software Engineering, pp. 232–240 (2002)
Arora, K., Kumar, K., Sachdeva, M.: Impact Analysis of Recent DDoS Attacks. International Journal on Computer Science and Engineering (IJCSE) 3(2), 877–884 (2011)
Feinstein, L., Schnackenberg, D., Balupari, R., Kindred, D.: Statistical Approaches to DDoS Attack Detection and Response. In: Proceedings of the DARPA Information Survivability Conference and Exposition (2003)
Li, Q., Chang, E., Chan, M.: On the Effectiveness of DDoS Attacks on Statistical Filtering. In: Proceedings of INFOCOM 2005, pp. 1373–1383 (2005)
Kuznetsov, V., Sandström, H., Simkin, A.: An evaluation of Different IP Traceback Approaches. In: Deng, R., Qing, S., Bao, F., Zhou, J. (eds.) ICICS 2002. LNCS, vol. 2513, pp. 37–48. Springer, Heidelberg (2002)
Mirkovic, J., Reiher, P.: A Taxonomy of DDoS Attack and DDoS Defense Mechanisms. ACM SIGCOMM Computer Communications Review 34(2), 39–54 (2004)
Douligeris, C., Mitrokotsa, A.: DDoS Attacks and Defense Mechanisms: Classification and State–of–the–Art. Computer Networks 44, 643–666 (2004)
Böhme, R.: Security Metrics and Security Investment Models. In: Echizen, I., Kunihiro, N., Sasaki, R. (eds.) IWSEC 2010. LNCS, vol. 6434, pp. 10–24. Springer, Heidelberg (2010)
Böhme, R., Schwartz, G.: Modeling Cyber-Insurance: Towards A Unifying Framework. In: Workshop on the Economics of Information Security (WEIS). Harvard University, Cambridge (2010)
Lelarge, M., Bolot, J.: Economic Incentives to Increase Security in the Internet: The Case for Insurance. In: IEEE INFOCOM 2009, pp. 1494–1502 (2009)
Mao, Z., Sekar, V., Spatscheck, O., et al.: Analyzing Large DDoS Attacks Using Multiple Data Sources. In: Proceedings of the 2006 SIGCOMM Workshop on Large-Scale Attack Defense (LSAD), pp. 161–168 (2006)
Mirkovic, J., Arikan, E., Wei, S., Thomas, R., Fahmy, S., Reiher, P.: Benchmarks for DDoS defense evaluation. In: Military Communications Conference (2006)
Mahimkar, A., Shmatikov, V.: Game-based Analysis of Denial-of-Service Prevention Protocols. In: 18th IEEE Computer Security Foundations Workshop (CSFW), Aix-en-Provence, France, pp. 287–301. IEEE Computer Society, Los Alamitos (2005)
Ramachandran, V.: Analyzing DoS-Resistance of Protocols Using a Cost-Based Framework. Technical report, DCS/TR-1239, Yale University (2002)
Li, Z., Liao, Q., Striegel, A.: Botnet Economics: Uncertainty Matters. In: Johnson, M.E. (ed.) Managing Information Risk and the Economics of Security, pp. 245–267. Springer, New York (2008)
Kantarcioglu, M., Bensoussan, A., Hoe, S(C.): Investment in Privacy-Preserving Technologies under Uncertainty. In: Baras, J.S., Katz, J., Altman, E. (eds.) GameSec 2011. LNCS, vol. 7037, pp. 219–238. Springer, Heidelberg (2011)
Böhme, R., Félegyházi, M.: Optimal Information Security Investment with Penetration Testing. In: Alpcan, T., Buttyán, L., Baras, J.S. (eds.) GameSec 2010. LNCS, vol. 6442, pp. 21–37. Springer, Heidelberg (2010)
Elahi, G., Yu, E.: Modeling and Analysis of Security Trade-Offs - A Goal Oriented Approach. Data and Knowledge Engineering 68(7), 579–598 (2009); Special Issue: Parent, C., Schewe, K.-D., Storey, V.C., Thalheim, B. (eds.): ER 2007. LNCS, vol. 4801. Springer, Heidelberg (2007)
Böhme, R., Kataria, G.: Models and Measures for Correlation in Cyber-Insurance. In: Proceedings of the Fifth Annual Workshop on Economics and Information Security (WEIS 2006), Cambridge, UK (2006)
Johnson, B., Böhme, R., Grossklags, J.: Security Games with Market Insurance. In: Baras, J.S., Katz, J., Altman, E. (eds.) GameSec 2011. LNCS, vol. 7037, pp. 117–130. Springer, Heidelberg (2011)
Liu, Y., Comaniciu, C., Man, H.: A Bayesian Game Approach for Intrusion Detection in Wireless AD Hoc Networks. In: International Workshop on Game Theory for Communications and Networks (GameNets), pp. 3–14 (2006)
Huang, Y., Xianjun, G., Whinston, A.: Defeating DDoS Attacks by Fixing the Incentive Chain. ACM Transactions on Internet Technology 7(1), 1–5 (2007)
Wang, Y.Z., Lin, C., Wang, Y., Meng, K.: Security analysis of enterprise network based on Stochastic game nets model. In: ICC 2009 Communication and Information Systems Security Symposium (2009)
Lin, J., Liu, P., Jing, J.: Using Signaling Games to Model the Multi-step Attack-defense Scenarios on Confidentiality. In: Grossklags, J., Walrand, J. (eds.) GameSec 2012. LNCS, vol. 7638, pp. 118–137. Springer, Heidelberg (2012)
Roy, S., Ellis, C., Shiva, S., Dasgupta, D., Shandilya, V., Wu, Q.: A Survey of Game Theory as Applied to Network Security. In: 43rd Hawaii International Conference on System Sciences (HICSS), pp. 1–10 (2010)
Segura, V., Lahuerta, J.: Modeling the Economic Incentives of DDoS Attacks: Femtocell Case Study. In: Moore, T., et al. (eds.) Economic of Information Security and Privacy 2010, pp. 107–119. Springer Science + Business Media, LLC (2010)
Liu, P., Zang, W.: Incentive-based Modeling and Inference of Attacker Intent, Objectives, and Strategies. In: Proceedings of the 10th ACM Conference on Computer and Communications Security (CCS 2003), pp. 179–189. ACM, New York (2003)
Network Simulator, ns-2, http://nsnam.isi.edu/nsnam/index.php/Main_Page
Arbor Networks: The business Value of DDoS Protection. White Paper (2011)
McKelvey, R.D., McLennan, A.M., Turocy, T.L.: Gambit: Software Tools for Game Theory, Version 0.2010.09.01 (2010), http://www.gambit-project.org
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Liu, Y., Feng, D., Lian, Y., Chen, K., Zhang, Y. (2013). Optimal Defense Strategies for DDoS Defender Using Bayesian Game Model. In: Deng, R.H., Feng, T. (eds) Information Security Practice and Experience. ISPEC 2013. Lecture Notes in Computer Science, vol 7863. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-38033-4_4
Download citation
DOI: https://doi.org/10.1007/978-3-642-38033-4_4
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-38032-7
Online ISBN: 978-3-642-38033-4
eBook Packages: Computer ScienceComputer Science (R0)