当前位置: X-MOL 学术IEEE Trans. Netw. Sci. Eng. › 论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
Strategic Defense Against Stealthy Link Flooding Attacks: A Signaling Game Approach
IEEE Transactions on Network Science and Engineering ( IF 6.6 ) Pub Date : 2021-01-18 , DOI: 10.1109/tnse.2021.3052090
Abdullah Aydeger , Mohammad Hossein Manshaei , Mohammad Ashiqur Rahman , Kemal Akkaya

With the increasing diversity of Distributed Denial-of-Service (DDoS) attacks, it is becoming extremely challenging to design a fully protected network. For instance, Stealthy Link Flooding Attack (SLFA) is a variant of DDoS attacks that strives to block access to a target area by flooding a small set of links, and it is shown that it can bypass traditional DDoS defense mechanisms. One potential solution to tackle such SLFAs is to apply Moving Target Defense (MTD) techniques in which network settings are dynamically changed to confuse/deceive attackers, thus making it highly expensive to launch a successful attack. However, since MTD comes with some overhead to the network, to find the best strategy (i.e., when and/or to what extent) of applying it has been a major challenge. The strategy is significantly influenced by the attacker's behavior that is often difficult to guess. In this work, we address the challenge of obtaining the optimal MTD strategy that effectively mitigates SLFAs while incurs a minimal overhead. We design the problem as a signaling game considering the network defender and the attacker as players. A belief function is established throughout the engagement of the attacker and the defender during this SLFA campaign, which is utilized to pick the best response/action for each player. We analyze the game model and derive a defense mechanism based on the equilibria of the game. We evaluate the technique on a Mininet-based network environment where an attacker is performing SLFAs and a defender applies MTD based on equilibria of the game. The results show that our signaling game-based dynamic defense mechanism can provide a similar level of protection against SLFAs like the extensive MTD solution, however, causing a significantly reduced overhead.

中文翻译:

防隐身链接泛洪攻击的战略防御:一种信号博弈方法

随着分布式拒绝服务(DDoS)攻击的多样性不断增加,设计一个完全受保护的网络变得越来越具有挑战性。例如,隐形链接泛洪攻击(SLFA)是DDoS攻击的一种变体,它通过泛洪一小组链接来努力阻止对目标区域的访问,并且它可以绕过传统的DDoS防御机制。解决此类SLFA的一种潜在解决方案是应用移动目标防御(MTD)技术,在该技术中,动态更改网络设置以迷惑/欺骗攻击者,因此发起成功的攻击非常昂贵。但是,由于MTD会给网络带来一些开销,因此找到最佳的应用策略(即何时和/或在什么程度上)是一项主要的挑战。该策略在很大程度上受到攻击者的影响 经常难以猜测的行为。在这项工作中,我们解决了获得最佳MTD策略的挑战,该策略可以有效地减轻SLFA,同时又需要最小的开销。我们将该问题设计为将网络防御者和攻击者视为玩家的信号游戏。在此SLFA战役期间,攻击者和防御者的互动过程中都建立起信念功能,该信念功能用于为每个玩家选择最佳的响应/动作。我们分析了博弈模型,并基于博弈的均衡性推导了防御机制。我们在基于Mininet的网络环境中评估该技术,在该网络环境中,攻击者执行SLFA,而防御者则根据游戏的均衡性应用MTD。
更新日期:2021-03-19
down
wechat
bug