A Game Theory based Rate Limiting Scheme against Distributed Denial-of-Service Attacks
Distributed DenialofService (DDoS) attacks are a critical threat to the Internet. This paper introduces a novel DDoS defense scheme that supports automated online attack characterizations and accurate attack packet discarding based on game theory. The key idea is to formulate the bandwidth computing as a noncooperative game. And then a high volume of simulations is done to compute the Nash equilibria of the game. DDoS attacks and which kinds of attacking strategies are more dangerous or more likely to be enforced by the attacker are given in the simulations. Our method may substantially improve people’s understanding about the nature of the DDoS threat and the defense system’s resilience against this threat.
Nash equilibrium Game theory Rate limit Distributed Denial-of-Service Attacks
Tian Zhihong Jiang Wei Wu Zhen Zou Xin
Research Center of Computer Network and InformationSecurity TechnologyHarbin Institute of Technology National Computer network Emergency Responsetechnical Team/Coordination Center of ChinaBeijing, 1000 National Computer network Emergency Response technical Team/Coordination Center of China Beijing, 10
国际会议
成都
英文
1-5
2010-04-16(万方平台首次上网日期,不代表论文的发表时间)