Loading...
Please wait, while we are loading the content...
Similar Documents
How Resilient is the Internet against DDoS attacks? — A Game Theoretic Analysis of Signature-based Rate Limiting
Content Provider | Semantic Scholar |
---|---|
Author | Zang, Wanyu Liu, Peng Meng, Yu |
Copyright Year | 2007 |
Abstract | DDoS attack is a serious threat to the Internet. Although some DDoS attacks with clear signatures can be effectively countered by existing DDoS defense measures, m ost DDoS attacks without clear signatures (e.g., brute-force DoS attacks) are very difficult to counter cost-effectively, si nce the defense system is not clear which packets are DDoS packets and which are not. Although several rate-limiting methods are proposed to counter the unclear signature DDoS attacks, eac h may drop good packets and their cost-effectiveness are not clearly understood. People would have a more urgent need to understand clearly the impact of the unclear signatures DDo S attacks on their network services. This paper presents a gam e theoretic analysis of the Internet’s resilience against un clear signatures DDoS attacks when signature-based rate limitin g is deployed, where (a) countering DDoS attacks is modeled as a Bayesian game, (b) a high volume of simulations is done to compute the Nash equilibria of the game, (c) a family of Nash equilibrium based resilience analyses are done, and (d) the upper bound of the defense system’s resilience under unclear sign atures DDoS attacks and which kinds of attacking strategies are mor e dangerous or more likely to be enforced by the attacker are given in the simulations. Our analysis may substantially improve people’s understanding about the nature of (a) the DDoS thre at and (b) the defense system’s resilience against this threat . |
File Format | PDF HTM / HTML |
Alternate Webpage(s) | http://www.asmemesa.org/ezconf/IJICS/files/100/final%203.pdf |
Language | English |
Access Restriction | Open |
Content Type | Text |
Resource Type | Article |