Paper Info
Title
A Game-Theoretic Framework for Bandwidth Attacks and Statistical Defenses
Abstract
We introduce a game-theoretic framework for reasoning about bandwidth attacks, a common form of distributed denial of service (DDoS) attacks. In particular, our traffic injection game models the attacker as a rational but limited-resource entity who uses limited knowledge of traffic patterns to launch IP spoofing based bandwidth attacks on a server. We model the defender as a coarse-grained, relative volume based statistical filter. We analyze the effectiveness of the defender against the attacker by analyzing the payoffs of various strategies in the traffic injection game. Furthermore, we analyze how these payoffs change in the presence of random noise. Our results show that there is potential for using statistical methods for creating defense mechanisms that can detect a DDoS attack and that even when an attacker has a priori knowledge of the expected traffic volume for the dimension and divisions employed in the attack, the attack traffic can still be exposed to the defender.
Year
DOI
Venue
2007
10.1109/LCN.2007.11
LCN
Keywords
Field
DocType
traffic pattern,bandwidth attacks,traffic injection game model,bandwidth attack,ddos attack,game-theoretic framework,expected traffic volume,limited knowledge,traffic injection game,relative volume,payoffs change,statistical defenses,attack traffic,statistical analysis,defense mechanism,game theory,a priori knowledge,ip spoofing,internet traffic,distributed denial of service
Denial-of-service attack,Computer security,Computer science,IP address spoofing,A priori and a posteriori,Random noise,Computer network,Bandwidth (signal processing),Game theoretic,Game theory,Application layer DDoS attack
Conference
ISBN
Citations 
PageRank 
0-7695-3000-1
3
0.43
References 
Authors
7
3
Name
Order
Citations
PageRank
Mark E. Snyder191.07
Ravi Sundaram276272.13
Mayur Thakur310710.65