Skip to main content
SpringerLink
Log in
Book cover

International Conference on Dependability in Sensor, Cloud, and Big Data Systems and Applications

DependSys 2019: Dependability in Sensor, Cloud, and Big Data Systems and Applications pp 327–340Cite as

Optimal Personalized DDoS Attacks Detection Strategy in Network Systems

  • Conference paper
  • First Online:

  • 989 Accesses

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 1123))

Abstract

The wide application use of network systems extends people’s ability to access information, but its inherent network characteristics make it more vulnerable to DDoS attacks. Existing intrusion detection in network systems is usually only targeted at specific attacks, but will fail when dealing with strategic attacks. Therefore, based on game theory, the attack and defense process in the network system is analyzed, and the personalized DDoS attack detection is proposed. Considering that the attacker will observe the defender’s strategy before launching attacks, we model this problem as a Stackelberg security game and derive the optimal defensive strategy for the network system. After comparing the strategy with other non-strategic strategies, it is proved that our proposed method is more effective for detecting DDoS attack in network systems.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. Breton, M., Alj, A., Haurie, A.: Sequential Stackelberg equilibria in two-person games. J. Optim. Theory Appl. 59(1), 71–97 (1988)

    Article  MathSciNet  Google Scholar 

  2. Chen, Y., et al.: When traffic flow prediction and wireless big data analytics meet. IEEE Network 33(3), 161–167 (2019)

    Article  Google Scholar 

  3. Chen, Y., Zhang, Y., Maharjan, S., Alam, M., Wu, T.: Deep learning for secure mobile edge computing in cyber-physical transportation systems. IEEE Network (2019)

    Google Scholar 

  4. Garcia-Teodoro, P., Diaz-Verdejo, J., Macia-Fernandez, G., Vazquez, E.: Anomaly-based network intrusion detection: techniques, systems and challenges. Comput. Secur. 28(1), 18–28 (2009)

    Article  Google Scholar 

  5. Han, L., Zhou, M., Jia, W., Dalil, Z., Xu, X.: Intrusion detection model of wireless sensor networks based on game theory and an autoregressive model. Inf. Sci. 476, 491–504 (2019)

    Article  Google Scholar 

  6. Jain, M., et al.: Software assistants for randomized patrol planning for the LAX Airport Police and the Federal Air Marshal Service. Interfaces 40(4), 267–290 (2010)

    Article  Google Scholar 

  7. Khanna, S., Venkatesh, S.S., Fatemieh, O., Khan, F., Gunter, C.A.: Adaptive selective verification: an efficient adaptive countermeasure to thwart DoS attacks. IEEE/ACM Trans. Networking 20(3), 715–728 (2012)

    Article  Google Scholar 

  8. Kiekintveld, C., Islam, T., Kreinovich, V.: Security games with interval uncertainty. In: International Conference on Autonomous Agents and Multi-Agent Systems, pp. 231–238 (2013)

    Google Scholar 

  9. Laszka, A., Abbas, W., Sastry, S.S., Vorobeychik, Y., Koutsoukos, X.: Optimal thresholds for intrusion detection systems. In: Symposium and Bootcamp on the Science of Security, pp. 72–81 (2016)

    Google Scholar 

  10. Leitmann, G.: On generalized Stackelberg strategies. J. Optim. Theory Appl. 26(4), 637–643 (1978)

    Article  MathSciNet  Google Scholar 

  11. Liang, X., Xiao, Y.: Game theory for network security. IEEE Commun. Surv. Tutorials 15(1), 472–486 (2013)

    Article  Google Scholar 

  12. Liao, H.J., Lin, C.H.R., Lin, Y.C., Tung, K.Y.: Intrusion detection system: a comprehensive review. J. Netw. Comput. Appl. 36(1), 16–24 (2013)

    Article  Google Scholar 

  13. Mall, P., Bhuiyan, M.Z.A., Amin, R.: A lightweight secure communication protocol for IoT devices using physically unclonable function. In: Wang, G., Feng, J., Bhuiyan, M.Z.A., Lu, R. (eds.) SpaCCS 2019. LNCS, vol. 11611, pp. 26–35. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-24907-6_3

    Chapter  Google Scholar 

  14. Manikopoulos, C., Papavassiliou, S.: Network intrusion and fault detection: a statistical anomaly approach. IEEE Press (2002)

    Google Scholar 

  15. Manshaei, M.H., Zhu, Q., Alpcan, T., Hubaux, J.P.: Game theory meets network security and privacy. ACM Comput. Surv. 45(3), 1–39 (2013)

    Article  Google Scholar 

  16. Roy, S., Ellis, C., Shiva, S., Dasgupta, D., Shandilya, V., Wu, Q.: A survey of game theory as applied to network security. In: Hawaii International Conference on System Sciences, pp. 1–10 (2010)

    Google Scholar 

  17. Sarker, J.H., Nahhas, A.M.: Mobile RFID system in the presence of denial-of-service attacking signals. IEEE Trans. Autom. Sci. Eng. PP(99), 1–13 (2016)

    Google Scholar 

  18. Shieh, E., An, B.: Protect: an application of computational game theory for the security of the ports of the united states. In: Proceedings of the 11th International Conference on Autonomous Agents and Multiagent Systems (AAMAS 2012), pp. 13–20 (2012)

    Google Scholar 

  19. Wang, D., Wang, Z., Li, G., Wang, W.: Distributed filtering for switched nonlinear positive systems with missing measurements over sensor networks. IEEE Sens. J. 16(12), 4940–4948 (2016)

    Article  Google Scholar 

  20. Wu, H., Dang, X., Wang, L., He, L.: Information fusion-based method for distributed domain name system cache poisoning attack detection and identification. IET Inf. Secur. 10(1), 37–44 (2016)

    Article  Google Scholar 

  21. Wu, H., Wang, W.: A game theory based collaborative security detection method for Internet of Things systems. IEEE Trans. Inf. Forensics Secur. 13(6), 1432–1445 (2018)

    Article  Google Scholar 

  22. Wu, H., Wang, W., Wen, C., Li, Z.: Game theoretical security detection strategy for networked systems. Inf. Sci. 453, 346–363 (2018)

    Article  MathSciNet  Google Scholar 

  23. Yu, S., Zhou, W., Doss, R., Jia, W.: Traceback of DDoS attacks using entropy variations. IEEE Trans. Parallel Distrib. Syst. 22(3), 412–425 (2011)

    Article  Google Scholar 

  24. Zonouz, S.A., Khurana, H., Sanders, W.H., Yardley, T.M.: RRE: a game-theoretic intrusion response and recovery engine. In: IEEE/IFIP International Conference on Dependable Systems and Networks, pp. 439–448 (2009)

    Google Scholar 

Download references

Acknowledgments

This work is supported by the National Natural Science Foundation of China (Grant No. 61802097), and the Project of Qianjiang Talent (Grant No. QJD1802020).

Author information

Authors and Affiliations

  1. School of Software Technology, Dalian University of Technology, Dalian, 116621, China

    Mingchu Li & Xian Yang

  2. School of Cyberspace, Hangzhou Dianzi University, Hangzhou, 310018, China

    Yuanfang Chen

  3. Department of Computer and Information Sciences, Fordham University, New York, 10458, USA

    Zakirul Alam Bhuiyan

Authors
  1. Mingchu Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Xian Yang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Yuanfang Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Zakirul Alam Bhuiyan
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Xian Yang .

Editor information

Editors and Affiliations

  1. Guangzhou University, Guangzhou, China

    Guojun Wang

  2. Fordham University, New York, USA

    Md Zakirul Alam Bhuiyan

  3. Università degli Studi di Milano, Milan, Italy

    Sabrina De Capitani di Vimercati

  4. Hangzhou Dianzi University, Hangzhou, China

    Yizhi Ren

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Li, M., Yang, X., Chen, Y., Bhuiyan, Z.A. (2019). Optimal Personalized DDoS Attacks Detection Strategy in Network Systems. In: Wang, G., Bhuiyan, M.Z.A., De Capitani di Vimercati, S., Ren, Y. (eds) Dependability in Sensor, Cloud, and Big Data Systems and Applications. DependSys 2019. Communications in Computer and Information Science, vol 1123. Springer, Singapore. https://doi.org/10.1007/978-981-15-1304-6_26

Download citation

  • DOI: https://doi.org/10.1007/978-981-15-1304-6_26

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-15-1303-9

  • Online ISBN: 978-981-15-1304-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation