Abstract
Incentives are very important to be employed in any defensive mechanism against DDoS attack. Incentive is a major concept abandoned by most of the defensive mechanisms that have been proposed so far. It is a tool that can motivate users to send data wisely into the network. Therefore, in this paper, we have proposed a two layered multi-attribute auction mechanism for incentivising users by imposing payment schemes as well as by providing rewards. Apart from this, we have developed a reputation assessment procedure to identify malicious user by monitoring his credibility score calculated through his marginal utility. Identified malicious users are then mapped to different levels of suspiciousness. Identified legitimate users are forwarded towards first level of auction in which virtual users have been added by service provider to increase the competition among users. Critical values are computed for every user and the users satisfying the criteria are moved towards the second level. In second level, greedy method is utilized for resource allocation. Extensive simulations have been conducted on MatLab to check the validity of the proposed model. Rate of social welfare degradation and user’s satisfaction are utilized to check the appropriateness and validity of the model. Results from experimentation have shown that proposed model is able to generate enough revenue for the service provider and is able to provide acceptable QoS to identified legitimate users when there is an increase in number of malicious users.
Similar content being viewed by others
References
Poongodi M, Vijayakumar V, Al-Turjman F, Hamdi M, Ma M (2019) Intrusion prevention system for DDoS attack on VANET with reCAPTCHA controller using information based metrics. IEEE Access 7:158481–158491
Gupta BB (Ed) (2018) Computer and cyber security: principles, algorithm, applications, and perspectives. CRC Press, Taylor & Francis
Skottler (2018) February 28th DDoS Incident Report, Github report [online]. Available from: https://githubengineering.com/ddos-incident-report/. Accessed on Apr, 2020
Bhushan K, Gupta BB (2019) Distributed denial of service (DDoS) attack mitigation in software defined network (SDN)-based cloud computing environment. J Ambient Intell Humaniz Comput 10(5):1985–1997
Chhabra M, Gupta B, Almomani A (2013) A novel solution to handle DDOS attack in MANET. J Inform Security 4(3) Article ID: 34631:15
Bhattacharya P, Guo M (2020) An incentive compatible mechanism for replica placement in peer-assisted content distribution. Int J Software Sci Comput Intell (IJSSCI) 12(1):47–67
Sharma P, Sengupta J, Suri PK (2019) Survey of intrusion detection techniques and architectures in cloud computing. Int J High Perform Comput Netw 13(2):184–198
DeviPriya K, Lingamgunta S (2020) Multi factor two-way hash-based authentication in cloud computing. Int J Cloud Appl Comput (IJCAC) 10(2):56–76
Deebak BD, Al-Turjman F (2020) A hybrid secure routing and monitoring mechanism in IoT-based wireless sensor networks. Ad Hoc Netw 97:102022
Hurrah NN, Parah SA, Sheikh JA, Al-Turjman F, Muhammad K (2019) Secure data transmission framework for confidentiality in IoTs. Ad Hoc Netw 95:101989
Ullah F, Naeem H, Jabbar S, Khalid S, Latif MA, Al-Turjman F, Mostarda L (2019) Cyber security threats detection in internet of things using deep learning approach. IEEE Access 7:124379–124389
Al-Turjman F (2020) Intelligence and security in big 5G-oriented IoNT: an overview. Futur Gener Comput Syst 102:357–368
Ali Z, Chaudhry SA, Ramzan MS, Al-Turjman F (2020) Securing Smart City surveillance: a lightweight authentication mechanism for unmanned vehicles. IEEE Access 8:43711–43724
Jakub Kroustek, Vladislav Iliushin, Anna Shirokova, Jan Neduchal and Martin Hron (2018) Torii botnet-Not another variant, Avast Blog. Available from: https://blog.avast.com/new-torii-botnet-threat-research. Accessed on Apr 2020
Olakanmi OO, Dada A (2019) An efficient privacy-preserving approach for secure verifiable outsourced computing on untrusted platforms. Int J Cloud Appl Comput (IJCAC) 9(2):79–98
Premkamal PK, Pasupuleti SK, Alphonse PJA (2020) Efficient escrow-free CP-ABE with constant size Ciphertext and secret key for big data storage in cloud. Int J Cloud Appl Comput (IJCAC) 10(1):28–45
Letteri I, Penna GD, Gasperis GD (2019) Security in the internet of things: botnet detection in software-defined networks by deep learning techniques. Int J High Perform Comput Netw 15(3–4):170–182
Gou Z, Yamaguchi S, Gupta BB (2017) Analysis of various security issues and challenges in cloud computing environment: a survey. In identity theft: breakthroughs in research and practice (pp. 221-247). IGI global
Dahiya A, Gupta BB (2020) Multi attribute auction based incentivized solution against DDoS attacks. Comput Secur 92:101763
Paul K (2004) Auctions: theory and practice. The Toulouse Lectures in Economics
Li L, LIU YA, LIU KM, Ming YANG (2009) Pricing in combinatorial double auction-based grid allocation model. J China Univ Posts Telecommun 16(3):59–65
Baranwal G, Vidyarthi DP (2015) A fair multi-attribute combinatorial double auction model for resource allocation in cloud computing. J Syst Softw 108:60–76
Kumar D, Baranwal G, Raza Z, Vidyarthi DP (2017) A systematic study of double auction mechanisms in cloud computing. J Syst Softw 125:234–255
Samimi P, Teimouri Y, Mukhtar M (2016) A combinatorial double auction resource allocation model in cloud computing. Inf Sci 357:201–216
Kumar D, Baranwal G, Raza Z, Vidyarthi DP (2018) A truthful combinatorial double auction-based marketplace mechanism for cloud computing. J Syst Softw 140:91–108
AuYoung A, Chun B, Snoeren A, Vahdat A (2004) Resource allocation in federated distributed computing infrastructures. In proceedings of the 1st workshop on operating system and architectural support for the on-demand IT InfraStructure vol 9
Samimi P, Teimouri Y, Mukhtar M (2016) A combinatorial double auction resource allocation model in cloud computing. Inf Sci 357:201–216
Zaman S, Grosu D (2013) Combinatorial auction-based allocation of virtual machine instances in clouds. J Parallel Distribut Comput 73(4):495–508
Baranwal G, Vidyarthi DP (2015) A fair multi-attribute combinatorial double auction model for resource allocation in cloud computing. J Syst Softw 108:60–76
Moghaddam M, Davis JG (2019) Simultaneous service selection for multiple composite service requests: a combinatorial auction approach. Decis Support Syst 120:81–94
Tan X, Leon-Garcia A, Wu Y, Tsang DH (2020) Online combinatorial auctions for resource allocation with supply costs and capacity limits. IEEE J Select Areas Commun 38:655–668
Król, M., Sonnino, A., Tasiopoulos A, Psaras I, Rivière E (2020) PASTRAMI: privacy-preserving, auditable, Scalable & Trustworthy Auctions for multiple items. arXiv preprint arXiv:2004.06403
Chu LY (2009) Truthful bundle/multiunit double auctions. Manag Sci 55(7):1184–1198
Andersson A, Tenhunen M, Ygge F (2000) Integer programming for combinatorial auction winner determination. In Proceedings Fourth International Conference on MultiAgent Systems (pp. 39-46). IEEE
Lehmann D, Oćallaghan LI, Shoham Y (2002) Truth revelation in approximately efficient combinatorial auctions. J ACM (JACM) 49(5):577–602
Acknowledgements
This publication is an outcome of the R&D work undertaken under the (i) YFRF fellowship grant, Visvesvaraya PhD Scheme of Ministry of Electronics & Information Technology, Government of India and being implemented by Digital India Corporation and (ii) sponsored project grant from SERB, DST, Government of India.
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher’s note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Dahiya, A., Gupta, B.B. A QoS Ensuring Two-Layered Multi-Attribute Auction Mechanism to Mitigate DDoS Attack. Mobile Netw Appl 26, 1043–1058 (2021). https://doi.org/10.1007/s11036-020-01665-6
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11036-020-01665-6