Defence Strategy against Flooding Attacks Using Nash Equilibrium Game Theory
Defence Strategy against Flooding Attacks Using
Nash Equilibrium Game Theory
Kumar Dayanand1, S.Magesh2
Assistant Professor, Computer Science and Engineering, Cambridge Institute of Technology, Ranchi, India
2
Assistant Professor, Information Technology, SRM University, Chennai, India.
1
2
[email protected] , [email protected]
1
Abstract:
In recent years, a number of puzzle-based defence mechanisms have been proposed against flooding denial-of-service
attacks in networks. This paper Utilizes game theory to propose a series of optimal puzzle-based strategies for handling
sophisticated flooding attacks scenarios. In doing so, the solution concept of Nash equilibrium is used in a perspective way. The
concept of game consist three main elements: a set of players, a set of action and a payoff function for each player. If each player
has chosen a strategy and no player can benefit by changing its strategy while the other players keep their unchanged. Then the
current set of strategy choices and corresponding payoff constitute Nash equilibrium. The mechanism proposed in this paper can
also be integrated with reactive defence to achieve synergetic effects. A complete flooding attack solution is likely to require some
kind of defence during the attack traffic identification. The mechanism of this paper can provide such defences. On the other
hand, the estimation made by a reactive mechanism can be used in tuning the mechanism proposed in this paper.
Keywords: Denial-of-service, Nash equilibrium, Game Theory, Flooding Attacks
I INTRODUCTION
Availability of services in a networked
system is a security concern that has received enormous attention in
recent years. Most researches
in this area are on designing and verifying
defence mechanisms against
denial-of-service attacks. A DoS attack is characterized by a malicious behaviour, which prevents the legitimate users of a
network service from using that service. Flooding is a DoS attack that is designed to bring a service down by flooding it
with large amounts of traffic. Flood attacks occur when a network or service becomes so weighed down with packets
initiating incomplete connection requests that it can no longer process genuine connection requests. Once this buffer is full
no further connections can be made, and the result is a Denial of Service. A flooding attack such as SYN flood Smurf or
TFN2K sends an overwhelming number of requests for a service offered by the victim. SYN attacks also exploit a
weakness in the TCP/IP protocol. When a connection is established via TCP/IP, this involves a handshaking mechanism,
which consists of the exchange of SYN and ACK messages. The Smurf attack is one more way to paralyze a network, this
time from the inside. The mechanism of a Smurf attack is more sophisticated and the critical part is to discover a broadcast
server. When a hacker knows the broadcast servers in a network, he or she sends a ping request. The source IP address in
this ping request is fake and it looks as if the ping comes from inside the network. TFN2K are similar DDoS tools that
were also used to launch the aforementioned attacks. A large number of defences have been devised against flooding
attacks. A reactive mechanism such as pushback, trace back or filtering endeavours to alleviate the impact of a flooding
attack on the victim by detecting the attack and responding to it. A preventive
mechanism,
on the other
hand, enables the victim to tolerate the attack without denying the service to legitimate users done by enforcing
restrictive policies for resource consumption. A method for limiting resource consumption is the use of client puzzles
Nonetheless,
an attacker who knows
the defender’s possible actions and their corresponding costs may
rationally adopt his own
actions to defeat a puzzle-based
defence mechanism. For example, if the defender
produces difficult puzzles, the attacker responds them at random and with incorrect solutions. In this way, he may be able
to exhaust the defender’s resources engaged in solution verification. If the defender produces simple puzzles, the
mechanism is not effective in the sense that the attacker solves the puzzles and performs an intense attack. In this paper
shown that the interactions between the attacker who perpetrates a flooding attack, and the defender who
counters the attack using a puzzle-based defence mechanism can be modelled
as a two-player
infinitely
repeated game with discounting. The solution concept of perfect Nash equilibrium is then applied to the game.
II NETWORK MODEL
Nash equilibrium is a fundamental concept in the theory of games and it consists of the following three elements: a set
of players, a set of actions (or pure-strategies) available to each player, and a payoff (or utility) function for each player.
39
ACS – International Journal in Computational Intelligence, Vol–4, Issue – 1 March 2013
Kumar Dayanand, S.Magesh
The payoff functions represent each player’s preferences over action profiles, where an action profile is simply a list of
actions, one for each player. A pure strategy Nash equilibrium is an action profile with the property that no single player
can obtain a higher pay off by deviating unilaterally from this profile. Examples for consider first a game involving two
players, each of whom has two available actions, which we call A and B. If the players choose different actions, they each
get a payoff of 0. If they both choose A, they each get 2, and if they both choose B, they each get 1. This “coordination”
game may be represented as follows, where player 1 chooses a row, player 2 chooses a column, and the resulting payoffs
are listed in parentheses, with the first component corresponding to player 1’s payoff. The action profile (B,B) is an
equilibrium, since a unilateral deviation to A by any one player would result in a lower payoff for the deviating player.
Similarly, the action profile (A,A) is also an equilibrium.
Player 1 wins a dollar from player 2 if their choices are the same, and loses a dollar to player 2 if they are not.
This game has no pure-strategy Nash equilibrium instead of simply choosing an action; players may be able to
choose probability distributions over the set of actions available to them. Such randomizations over the set of actions are
referred to as mixed strategies. Any profile of mixed strategies induces a probability distribution over action profiles in the
game. Under certain assumptions, a player’s preferences over all such lotteries can be represented by a function that
assigns a real number to each action profile. One lottery is preferred to another if and only if it results in a higher expected
value of this utility function, or expected utility. A mixed strategy Nash-equilibrium is then a mixed strategy profile with
the property that no single player can obtain a higher value of expected utility by deviating unilaterally from this profile.
The American mathematician John Nash (1950) showed that every game in which the set of actions avail-able to each
player is finite has at least one mixed-strategy equilibrium. In the matching pennies game, there is a mixed-strategy
equilibrium in which each player chooses heads with probability 1/2. Similarly, in the coordination game of the above
example, there is a third equilibrium in which each player chooses action A with probability 1/3 and B with probability 2/3.
Such multiplicity of equilibrium arises in many economically important games, and has prompted a large literature on
equilibrium refinements with the purpose of identifying criteria on the basis of which a single equilibrium might be
selected. It has sometimes been argued that the Nash prediction in the finitely repeated prisoner’s dilemma (and in many
other environments) is counterintuitive and at odds with experimental evidence the concept of Nash equilibrium has been
40
ACS – International Journal in Computational Intelligence, Vol–4, Issue – 1 March 2013
Defence Strategy against Flooding Attacks Using Nash Equilibrium Game Theory
generalized to allow for situations in which players are faced with incomplete information. If each player is drawn from
some set of types, such that the probability distribution governing the likelihood of each type is itself commonly known to
all players, then we have a Bayesian game. A pure strategy in this game is a function that associates with each type a
particular action. Bayes Nash equilibrium is then a strategy profile such that no player can obtain greater expected utility
by deviating to a different strategy, given his or her beliefs about the distribution of types from which other players are
drawn.
Example: Let (S, f) be a game with n players, where Si is the strategy set for player i, S=S1 X S2 ... X Sn is the set of strategy
profiles and f= (f1(x),..., fn(x)) is the payoff function. Let x − i be a strategy profile of all players except for player i. When
each player i {1, ..., n} chooses strategy xi resulting in strategy profile x = (x1, ..., xn) then player i obtains payoff fi (x).
Note that the payoff depends on the strategy profile chosen, i.e. on the strategy chosen by player i as well as the strategies
chosen by all the other players. A strategy profile x* S is a Nash equilibrium (NE) if no unilateral deviation in strategy by
any single player is profitable for that player, that is:
A game can have either a pure-strategy or a mixed Nash Equilibrium, (in the latter a pure strategy is chosen stochastically
with a fixed frequency). Nash proved that if we allow mixed strategies, then every n-player game in which every player
can choose from finitely many strategies admits at least one Nash equilibrium. When the inequality above holds strictly
(with > instead of ≥) for all players and all feasible alternative strategies, then the equilibrium is classified as a strict Nash
equilibrium. If instead, for some player, there is exact equality between and some other strategy in the set S, then the
equilibrium is classified as a weak Nash equilibrium.
III PROTECTION STRATEGIES
Two categories of protection strategies:
1. History independent (open loop) and
2. History dependent (closed loop).
A) Open loop solution:
The action profiles adopted at previous periods are not involved in a player’s decision at the current period. More
formally, in the repeated game of the
client-puzzle approach,
is an open-loop strategy for player i if
,where i=1,2,γ(1)=Г1,and
.
One of the open-loop solution to an infinitely repeated game is to play any one of the stage-game Nash
equilibrium at a period regardless of what actually happened in the corresponding history. Nash equilibrium for any t, then
is a sub game perfect equilibrium for the repeated game .In a flooding attack-defence scenario, the defender may not
perfectly know the actions taken by the attacker at previous periods. Thus, adopting an open-loop strategy, as stated above,
may be the simplest way he can attain equilibrium. The following theorem identifies the stage-game Nash equilibrium for
the game of the client-puzzle approach.
Fig. 3: the puzzle-based defence mechanism against flooding attacks derived from the open-loop solution concept of
discounted infinitely repeated games.
41
ACS – International Journal in Computational Intelligence, Vol–4, Issue – 1 March 2013
Kumar Dayanand, S.Magesh
B) Closed-Loop Solutions:
In a fair open-loop solution, the defender’s maximum average payoff is
. However, there are
many payoff vectors in the convex hull with greater payoffs for the defender. Thus, here, a natural question arises, Is there
a better fair solution to the game, which results in a greater payoff to the defender As proven in the games of perfect
information, there is a large subset of the convex hull whose payoff vectors can be supported by perfect Nash equilibrium
provided that suitable closed-loop strategies are adopted. This subset is denoted by V* and its elements are called strictly
individually rational payoffs (SIRP). In the game of the client-puzzle approach client-puzzle approach
Where
and
is the minmax point defined by
,
,
In which ∆(X) is the set of all probability distributions over X. Furthermore, the mixed strategies resulting in
and
are
denoted by
and
, respectively. The strategy
is the player 1’s minmax strategy against
the player 2. Similarly,
is the player 2’s minmax strategy against the player 1.
Fig. 4: shows the convex hull of payoff vectors for the game of the client-puzzle approach when αm =0.2, αSP1=0.15,
, αPP=0.01, αVP=0.02, η=0.5 As seen in Fig. 3, the defender’s maximum average payoff in PDM1, i.e.,
is, though many payoffs greater than -0.145 can be supported if the game is of perfect information and
suitable closed-loop strategies are adopted. The following theorem characterizes the set of payoff vectors that can be
supported by perfect Nash equilibrium in an infinitely repeated game of observable actions and complete information
where the payoffs are discounted. This reflects those attack-defence circumstances in which the player involved in the
defence mechanism knows his opponent’s payoff function as well as the actions chosen by his opponent at previous
periods. It is worth noting that the puzzles can be designed in such a way that the amounts of resources a machine uses to
solve a puzzle are independent of the machine’s processing power. Therefore, except for flooding attacks from an unknown
number of sources, it is reasonable to assume that the defender knows the attacker’s payoff function.
IV CONCLUSION
This paper utilizes game theory to propose a number of puzzle-based defences against flooding attacks using Nash
equilibrium game theory. It is shown that the interactions between an attacker who launches a flooding attack and a
defender who counters the attack using a puzzle-based defence can be modelled as an infinitely repeated game of
discounted payoffs. Then, the solution concepts of this type of games are deployed to find the solutions, i.e., the best
strategy a rational defender can adopt in the face of a rational attacker. In this way, the optimal puzzle-based defence
strategies are developed. More specifically, four defence mechanisms are proposed. Fig.3 is derived from the open-loop
solution concept in which the defender chooses his actions regardless of what happened in the game history. This
mechanism is applicable in defeating the single-source and distributed attacks, but it cannot support the higher payoffs
being feasible in the game. Fig.4 resolves this by using the closed-loop solution concepts, but it can only defeat a singlesource attack. This defence is based on the assumption that the defender knows the size of the attack coalition. Finally, the
ultimate defence mechanism is proposed in which the size of the attack coalition is assumed unknown. The mechanisms
proposed in this paper can also be integrated with reactive defences to achieve synergetic effects. A complete flooding
42
ACS – International Journal in Computational Intelligence, Vol–4, Issue – 1 March 2013
Defence Strategy against Flooding Attacks Using Nash Equilibrium Game Theory
attack solution is likely to require some kind of defence during the attack traffic identification. The mechanisms of this
paper can provide such defences. On the other hand, the estimations made by a reactive mechanism can be used in tuning
the mechanisms Proposed in this paper fixed strategy for the defender is of the form.
REFERENCES
[1] D. Moore, C. Shannon, D.J. Brown, G.M. Voelker, and S. Savage, “Inferring Internet Denial-of-Service Activity,” ACM Trans. Computer Systems,
vol. 24, no. 2, pp. 115-139, May 2006.
[2] A.R. Sharafat and M.S. Fallah, “A Framework for the Analysis of Denial of Service Attacks,” The Computer J., vol. 47, no. 2, pp. 179-192, Mar.
2004.
[3] Smurf IP Denial-of-Service Attacks. CERT Coordination Center, Carnegie Mellon Univ., 1998.
[4] Denial-of-Service Tools. CERT Coordination Center, Carnegie Mellon Univ1999.
[5] Denial-of-Service Attack via Ping. CERT Coordination Center, Carnegie Mellon Univ. ,1996.
[6] J. Mirkovic and P. Reiher, “A Taxonomy of DDOS Attacks and DDOS Defense Mechanisms,” ACM SIGCOMM Computer Communication
Rev., vol. 34, no. 2, pp. 39-53, Apr. 2004.
[7] J. Ioannidis and S. Bellovin, “Implementing Pushback: Router-Based Defence Against DDOS Attacks,” Proc. Network and Distributed System
Security Symp. (NDSS ’02), pp. 6-8, 2002.
[8] Merhan S. Fallah “A Puzzle-Based Defence Strategy against Flooding Attacks Using Game Theory” IEEE Jan-March 2010 Vol. 7 No. 1 pp. 15455971.
************** IJCI – 2K13 - 005 **************
43
ACS – International Journal in Computational Intelligence, Vol–4, Issue – 1 March 2013