Paper Info
Title
Randomized Security Patrolling for Link Flooding Attack Detection
Abstract
With the advancement of large-scale coordinated attacks, the adversary is shifting away from traditional distributed denial of service (DDoS) attacks against servers to sophisticated DDoS attacks against Internet infrastructures. Link flooding attacks (LFAs) are such powerful attacks against Internet links. Employing network measurement techniques, the defender could detect the link under attack. However, given the large number of Internet links, the defender can only monitor a subset of the links simultaneously, whereas any link might be attacked. Therefore, it remains challenging to practically deploy detection methods. This paper addresses this challenge from a game-theoretic perspective, and proposes a randomized approach (like security patrolling) to optimize LFA detection strategies. Specifically, we formulate the LFA detection problem as a Stackelberg security game, and design randomized detection strategies in consideration of the adversary's behavior, where best and quantal response models are leveraged to characterize the adversary's behavior. We employ a series of techniques to solve the nonlinear and nonconvex NP-hard optimization problems for finding the equilibrium. The experimental results demonstrate the necessity of handling LFAs from a game-theoretic perspective and the effectiveness of our solutions. We believe our study is a significant step forward in formally understanding LFA detection strategies.
Year
DOI
Venue
2020
10.1109/TDSC.2019.2892370
IEEE Transactions on Dependable and Secure Computing
Keywords
DocType
Volume
Servers,Internet,Computer crime,Monitoring,Loss measurement,Degradation
Journal
17
Issue
ISSN
Citations 
4
1545-5971
1
PageRank 
References 
Authors
0.35
0
8
Name
Order
Citations
PageRank
Xiaobo Ma1437.98
Bo An2892106.05
Mengchen Zhao3285.10
Xiapu Luo41302110.23
Lei Xue510316.03
Zhenhua Li627643.77
TungNgai Miu7170.99
X. Guan81169137.97