A game theoretic defence framework against DoS/DDoS cyber attacks

Game-theoretic approaches have been previously employed in the research area of network security in order to explore the interaction between an attacker and a defender during a Distributed Denial of Service (DDoS) attack scenario. Existing literature investigates payoffs and optimal strategies for both parties, in order to provide the defender with an optimal defence strategy. In this paper, we model a DDoS attack as a one-shot, non-cooperative, zero-sum game. We extend previous work by incorporating in our model a richer set of options available to the attacker compared to what has been previously achieved. We investigate multiple permutations in terms of the cost to perform an attack, the number of attacking nodes, malicious traffic probability distributions and their parameters. We analytically demonstrate that there exists a single optimal strategy available to the defender. By adopting it, the defender sets an upper boundary to attacker payoff, which can only be achieved if the attacker is a rational player. For all other attack strategies (those adopted by irrational attackers), attacker payoff will be lower than this boundary. We preliminary validate this model via simulations with the ns2 network simulator. The simulated environment replicates the analytical model's parameters and the results confirm our model's accuracy. (C) 2013 Elsevier Ltd. All rights reserved.