Hostname: page-component-76fb5796d-9pm4c Total loading time: 0 Render date: 2024-04-26T18:54:48.360Z Has data issue: false hasContentIssue false
  • English
  • Français

Game theoretic modeling of economic denial of sustainability (EDoS) attack in cloud computing

Published online by Cambridge University Press:  18 August 2021

KC Lalropuia  and
Vandana Khaitan (nee Gupta) Open the ORCID record for Vandana Khaitan (nee Gupta) [Opens in a new window]
KC Lalropuia
Affiliation:
Department of Operational Research, University of Delhi, Delhi, India. E-mails: kcvala15@gmail.com, vkhaitan@or.du.ac.in
Vandana Khaitan (nee Gupta)
Affiliation:
Department of Operational Research, University of Delhi, Delhi, India. E-mails: kcvala15@gmail.com, vkhaitan@or.du.ac.in
Get access Rights & Permissions [Opens in a new window]

Abstract

In this paper, we develop a novel game theoretic model of the interactions between an EDoS attacker and the defender based on a signaling game that is a dynamic game of incomplete information. We then derive the best defense strategies for the network defender to respond to the EDoS attacks. That is, we compute the perfect Bayesian Nash Equilibrium (PBE) of the proposed game model such as the pooling PBE, separating PBE and mixed strategy PBE. In the pooling equilibrium, each type of the attacker takes the same action and the attacker's type is not revealed to the defender, whereas in the separating equilibrium, each type of the attacker uses different actions and hence the attacker's type is completely revealed to the defender. On the other hand, in the mixed strategy PBE, both the attacker and the defender randomize their strategies to optimize their payoffs. Numerical illustration is also presented to show the efficacy of the proposed model.

Keywords

Cloud computingEDoS attackSecuritySignaling game
Type
Research Article
Information
Probability in the Engineering and Informational Sciences , Volume 36 , Issue 4 , October 2022 , pp. 1241 - 1265
Copyright
Copyright © The Author(s), 2021. Published by Cambridge University Press

Access options

Get access to the full version of this content by using one of the access options below. (Log in options will check for institutional or personal access. Content may require purchase if you do not have access.)

References

Al-Haidari, F., Sqalli, M., & Salah, K. (2015). Evaluation of the impact of EDoS attacks against cloud computing services. Arabian Journal for Science and Engineering 40: 773785.CrossRefGoogle Scholar
Al-Roomi, M., Al-Ebrahim, S.H., Buqrais, S., & Ahmad, I. (2013). Cloud computing pricing models: a survey. International Journal of Grid and Distributed Computing 6(5): 93106.CrossRefGoogle Scholar
Baig, Z.A., Sait, S.M., & Binbeshr, F. (2016). Controlled access to cloud resources for mitigating economic denial of sustainability (EDoS) attacks. Computer Networks 97: 3147.CrossRefGoogle Scholar
Biedermann, S., Mink, M., & Katzenbeisser, S. (2012). Fast dynamic extracted honeypots in cloud computing. In Proceedings of the ACM Workshop on Cloud Computing Security Workshop, pp. 13–18.CrossRefGoogle Scholar
Chowdhury, F.Z., Idna Idris, M.Y., Mat Kiah, M.L., & Manazir Ahsan, M.A. (2017). EDoS eye: a game theoretic approach to mitigate economic denial of sustainability attack in cloud computing. In IEEE 8th Control and System Graduate Research Colloquium, pp. 4–5.CrossRefGoogle Scholar
Dinh, P.T. & Park, M. (2021). R-EDoS: robust economic denial of sustainability detection in an SDN-based cloud through stochastic reward neural network. IEEE Access 9: 3505735074.CrossRefGoogle Scholar
DNS Amplification Attacks (2013). https://www.uscert.gov/ncas/alerts/TA13-088A.Google Scholar
Etesami, S.R. & Basar, T. (2019). Dynamic games in cyber-physical security: an overview. Dynamic Games and Applications 9: 884913.CrossRefGoogle Scholar
Ficco, M. (2019). Could emerging fraudulent energy consumption attacks make the cloud infrastructure costs unsustainable? Information Sciences 476: 474490.CrossRefGoogle Scholar
Fudenberg, D. & Tirole, J. (1991). Game theory. Cambridge, MA: MIT Press.Google Scholar
Gibbons, R. (1997). An introduction to applicable game theory. The Journal of Economic Perspectives 11(1): 127149.CrossRefGoogle Scholar
GreatFire.org. We are under attack. https://en.greatfire.org/blog/2015/mar/we-are-under-attack.Google Scholar
Gross, D., Shortle, J.F., Thompson, J.M., & Harris, C.M. (2008). Fundamentals of queuing theory. New York: Wiley.CrossRefGoogle Scholar
Heimovski, G.B., Turchetti, R.C., Wickboldt, J.A., Granville, L.Z., & Duarte, E.P. Jr. (2020). FT-Aurora: a highly available IaaS cloud manager based on replication. Computer Networks 168, 107041.CrossRefGoogle Scholar
Kumar, S. (2007). Smurf-based distributed denial of service (DDoS) attack amplification in internet. In Proceedings of the 2nd International Conference on Internet Monitoring and Protection.CrossRefGoogle Scholar
Lalropuia, K.C. & Gupta, V. (2020). A Bayesian game model and network availability model for small cells under denial of service (DoS) attack in 5G wireless communication network. Wireless Networks 26: 557572.CrossRefGoogle Scholar
Lalropuia, K.C. & Khaitan (nee Gupta), V. (2021). Availability and reliability analysis of cloud computing under economic denial of sustainability (EDoS) attack: a semi-Markov approach. Cluster Computing.CrossRefGoogle Scholar
Liu, B., Chang, X., Han, Z., Trivedi, K.S., & Rodriguez, R.J. (2018). Model-based sensitivity analysis of IaaS cloud availability. Future Generation Computer Systems 83: 113.CrossRefGoogle Scholar
Monge, M.S., Vidal, J.M., & Perez, G.M. (2019). Detection of economic denial of sustainability (EDoS) threats in self-organizing networks. Computer Communications 145: 284308.CrossRefGoogle Scholar
Ross, S.M. (2007). Introduction to probability models, 9th ed. Amsterdam; Boston: Academic Press (Elsevier).Google Scholar
Rossow, C. (2014). Amplification hell: revisiting network protocols for DDoS abuse. In Proceedings of the 21st Annual Network and Distributed System Security Symposium (NDSS).CrossRefGoogle Scholar
Shah, S.A., Khan, F.Z., & Ahmed, M. (2021). The impact and mitigation of ICMP based economic denial of sustainability attack in cloud computing environment using software defined network. Computer Networks 187, 107825.Google Scholar
Shawahna, A., Abu-Amara, M., Mahmoud, A.H., & Osais, Y. (2018). EDoS-ADS: an enhanced mitigation technique against economic denial of sustainability (EDoS) attacks. IEEE Transactions on Cloud Computing 8(3): 790804.Google Scholar
Tadelis, S. (2013). Game theory. Princeton, NJ: Princeton University Press.Google Scholar
Wang, H., Xi, Z., Li, F., & Chen, S. (2016). Abusing public third-party services for EDoS-attacks. In 10th USENIX Workshop on Offensive Technologies (WOOT 16), USENIX Association.Google Scholar
Zhang, Q., Cheng, L., & Boutaba, R. (2010). Cloud computing: state of the art and research challenges. Journal of Internet Services and Application 1: 1718.CrossRefGoogle Scholar