Playing Defense by Offense: Equilibrium in the DoS-Attack Problem

Free registration required

Executive Summary

The authors develop defenses from resource-exhausting Denial-of-Service attacks initiated by an attacker to a server. The attacker does not have a permanent identity but spoofs the IP addresses for other users. Generalizing the Defense-by-Offense approach they enable benign users to obtain low service time by re-submitting requests according to a game-theoretic strategy. The attacker that tries to overwhelm the server by a constant stream of requests cannot succeed as its requests are dropped by the server. They derive optimal strategies for the server, as well as the attacker. They show that in the equilibrium state, the server can successfully repel the attackers with selective processing of requests. Simulations using OMNeT++ support analytical results.

  • Format: PDF
  • Size: 136.19 KB