Randomized security patrolling for link flooding attack detection

Randomized security patrolling for link flooding attack detection

With the advancement of large-scale coordinated attacks, the adversary is shifting away from traditional distributed denial of service (DDoS) attacks against servers to sophisticated DDoS attacks against Internet infrastructures. Link flooding attacks (LFAs) are such powerful attacks against Interne...

Full description

Saved in:
Bibliographic Details
Main Authors: Ma, Xiaobo, An, Bo, Zhao, Mengchen, Luo, Xiapu, Xue, Lei, Li, Zhenhua, Miu, Tony T. N., Guan, Xiaohong
Other Authors: School of Computer Science and Engineering
Format: Article
Language:English
Published: 2021
Subjects:
Engineering::Computer science and engineering
Internet Security
Link Flooding Attack
Online Access:https://hdl.handle.net/10356/150752
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Nanyang Technological University
Language: English
id sg-ntu-dr.10356-150752
record_format dspace
spelling sg-ntu-dr.10356-1507522021-06-14T04:41:24Z Randomized security patrolling for link flooding attack detection Ma, Xiaobo An, Bo Zhao, Mengchen Luo, Xiapu Xue, Lei Li, Zhenhua Miu, Tony T. N. Guan, Xiaohong School of Computer Science and Engineering Engineering::Computer science and engineering Internet Security Link Flooding Attack With the advancement of large-scale coordinated attacks, the adversary is shifting away from traditional distributed denial of service (DDoS) attacks against servers to sophisticated DDoS attacks against Internet infrastructures. Link flooding attacks (LFAs) are such powerful attacks against Internet links. Employing network measurement techniques, the defender could detect the link under attack. However, given the large number of Internet links, the defender can only monitor a subset of the links simultaneously, whereas any link might be attacked. Therefore, it remains challenging to practically deploy detection methods. This paper addresses this challenge from a game-Theoretic perspective, and proposes a randomized approach (like security patrolling) to optimize LFA detection strategies. Specifically, we formulate the LFA detection problem as a Stackelberg security game, and design randomized detection strategies in consideration of the adversary's behavior, where best and quantal response models are leveraged to characterize the adversary's behavior. We employ a series of techniques to solve the nonlinear and nonconvex NP-hard optimization problems for finding the equilibrium. The experimental results demonstrate the necessity of handling LFAs from a game-Theoretic perspective and the effectiveness of our solutions. We believe our study is a significant step forward in formally understanding LFA detection strategies. This work is supported in part by National Natural Science Foundation (61602371, 61772411, U1736205, 61632013), CCF-NSFOCUS KunPeng Research Fund (2018002), Hong Kong ITF (No. UIM/285) and Hong Kong RGC Project No. PolyU5389/13E, PolyU152279/16E, Natural Science Basic Research Plan in Shaanxi Province (2016JQ6034), SZSTI JCYJ20170816100819428, Special Foundation of China Postdoctoral Science (2018T111065), China Postdoctoral Science Foundation (2015M582663), the Fundamental Research Funds for the Central Universities, Shaanxi Province Postdoctoral Science Foundation, of China. 2021-06-14T02:55:28Z 2021-06-14T02:55:28Z 2019 Journal Article Ma, X., An, B., Zhao, M., Luo, X., Xue, L., Li, Z., Miu, T. T. N. & Guan, X. (2019). Randomized security patrolling for link flooding attack detection. IEEE Transactions On Dependable and Secure Computing, 17(4), 795-812. https://dx.doi.org/10.1109/TDSC.2019.2892370 1545-5971 0000-0002-0934-5035 0000-0002-9082-3208 0000-0001-5321-5740 0000-0001-7286-122X https://hdl.handle.net/10356/150752 10.1109/TDSC.2019.2892370 2-s2.0-85060277679 4 17 795 812 en IEEE Transactions on Dependable and Secure Computing © 2019 IEEE. All rights reserved.
institution Nanyang Technological University
building NTU Library
continent Asia
country Singapore
Singapore
content_provider NTU Library
collection DR-NTU
language English
topic Engineering::Computer science and engineering
Internet Security
Link Flooding Attack
spellingShingle Engineering::Computer science and engineering
Internet Security
Link Flooding Attack
Ma, Xiaobo
An, Bo
Zhao, Mengchen
Luo, Xiapu
Xue, Lei
Li, Zhenhua
Miu, Tony T. N.
Guan, Xiaohong
Randomized security patrolling for link flooding attack detection
description With the advancement of large-scale coordinated attacks, the adversary is shifting away from traditional distributed denial of service (DDoS) attacks against servers to sophisticated DDoS attacks against Internet infrastructures. Link flooding attacks (LFAs) are such powerful attacks against Internet links. Employing network measurement techniques, the defender could detect the link under attack. However, given the large number of Internet links, the defender can only monitor a subset of the links simultaneously, whereas any link might be attacked. Therefore, it remains challenging to practically deploy detection methods. This paper addresses this challenge from a game-Theoretic perspective, and proposes a randomized approach (like security patrolling) to optimize LFA detection strategies. Specifically, we formulate the LFA detection problem as a Stackelberg security game, and design randomized detection strategies in consideration of the adversary's behavior, where best and quantal response models are leveraged to characterize the adversary's behavior. We employ a series of techniques to solve the nonlinear and nonconvex NP-hard optimization problems for finding the equilibrium. The experimental results demonstrate the necessity of handling LFAs from a game-Theoretic perspective and the effectiveness of our solutions. We believe our study is a significant step forward in formally understanding LFA detection strategies.
author2 School of Computer Science and Engineering
author_facet School of Computer Science and Engineering
Ma, Xiaobo
An, Bo
Zhao, Mengchen
Luo, Xiapu
Xue, Lei
Li, Zhenhua
Miu, Tony T. N.
Guan, Xiaohong
format Article
author Ma, Xiaobo
An, Bo
Zhao, Mengchen
Luo, Xiapu
Xue, Lei
Li, Zhenhua
Miu, Tony T. N.
Guan, Xiaohong
author_sort Ma, Xiaobo
title Randomized security patrolling for link flooding attack detection
title_short Randomized security patrolling for link flooding attack detection
title_full Randomized security patrolling for link flooding attack detection
title_fullStr Randomized security patrolling for link flooding attack detection
title_full_unstemmed Randomized security patrolling for link flooding attack detection
title_sort randomized security patrolling for link flooding attack detection
publishDate 2021
url https://hdl.handle.net/10356/150752
_version_ 1703971202374041600

Similar Items