TY - JOUR
T1 - Defending against Link Flooding Attacks in Internet of Things
T2 - A Bayesian Game Approach
AU - Chen, Xu
AU - Feng, Wei
AU - Luo, Yantian
AU - Shen, Meng
AU - Ge, Ning
AU - Wang, Xianbin
N1 - Publisher Copyright:
© 2014 IEEE.
PY - 2022/1/1
Y1 - 2022/1/1
N2 - The link flooding attack (LFA) has emerged as a new category of distributed denial of service (DDoS) attacks in recent years. Along with the massive deployment of low-cost insecure Internet-of-Things (IoT) devices, the fast proliferation of IoT botnets dramatically increases the risk of LFAs. However, how to efficiently defend against LFAs in IoT still remains as an open problem. To overcome this challenge, we model the interaction between an LFA attacker and the network manager as a two-person Bayesian game in this article to precisely characterize the behaviors of both sides. Then, the rational behaviors of the attacker and the optimal strategies of the defender are unveiled by deriving the Bayesian Nash equilibrium (BNE). Inspired by the obtained BNEs, a cost-effective decision framework is proposed for the defender to make defense decisions. Furthermore, we numerically analyze the effect of all the related factors and present feasible suggestions to deter attack motivations fundamentally. Experimental results demonstrate that the proposed method not only consistently outperforms baseline methods in terms of the defender's utilities under different attack intensities, but also is robust to the changes in important parameters, including the value of benign traffic and the latency of traffic scrubbing.
AB - The link flooding attack (LFA) has emerged as a new category of distributed denial of service (DDoS) attacks in recent years. Along with the massive deployment of low-cost insecure Internet-of-Things (IoT) devices, the fast proliferation of IoT botnets dramatically increases the risk of LFAs. However, how to efficiently defend against LFAs in IoT still remains as an open problem. To overcome this challenge, we model the interaction between an LFA attacker and the network manager as a two-person Bayesian game in this article to precisely characterize the behaviors of both sides. Then, the rational behaviors of the attacker and the optimal strategies of the defender are unveiled by deriving the Bayesian Nash equilibrium (BNE). Inspired by the obtained BNEs, a cost-effective decision framework is proposed for the defender to make defense decisions. Furthermore, we numerically analyze the effect of all the related factors and present feasible suggestions to deter attack motivations fundamentally. Experimental results demonstrate that the proposed method not only consistently outperforms baseline methods in terms of the defender's utilities under different attack intensities, but also is robust to the changes in important parameters, including the value of benign traffic and the latency of traffic scrubbing.
KW - Bayesian game
KW - Internet of Things (IoT)
KW - defense decision-making
KW - link flooding attack (LFA)
UR - http://www.scopus.com/inward/record.url?scp=85112240253&partnerID=8YFLogxK
U2 - 10.1109/JIOT.2021.3093538
DO - 10.1109/JIOT.2021.3093538
M3 - Article
AN - SCOPUS:85112240253
SN - 2327-4662
VL - 9
SP - 117
EP - 128
JO - IEEE Internet of Things Journal
JF - IEEE Internet of Things Journal
IS - 1
ER -