A Low-Cost Distributed Denial-of-Service Attack Architecture

With the advent of Internet-of-Things (IoT) age, IoT-based distributed denial-of-service (DDoS) attacks have become the mainstream of DDoS attacks. This paper is devoted to exploring the possibility of launching an IoT-based DDoS attack at an extremely low cost. First, a new DDoS attack architecture is proposed. Since the proposed architecture enjoys the advantages of zero management cost, good undetectability, and strong robustness, it is especially suited to resource-limited DDoS attackers. In this architecture and based on a novel botnet growth model, the optimal design of attack strategy is reduced to a variational problem, where the objective functional stands for the estimated expected impact of the DDoS attack associated with a DDoS attack strategy. Finally, the variational problem is resolved for three different types of DDoS defense strategies. This work deepens our understanding of IoT-based DDoS attacks.

[1]  Lu-Xing Yang,et al.  Heterogeneous virus propagation in networks: a theoretical study , 2017 .

[2]  Xiang Gao,et al.  DDoS Defense Mechanism Analysis Based on Signaling Game Model , 2013, 2013 5th International Conference on Intelligent Human-Machine Systems and Cybernetics.

[3]  Ronaldo M. Salles,et al.  Botnets: A survey , 2013, Comput. Networks.

[4]  Yong Xiang,et al.  Effective Quarantine and Recovery Scheme Against Advanced Persistent Threat , 2021, IEEE Transactions on Systems, Man, and Cybernetics: Systems.

[5]  Sankardas Roy,et al.  Game theory-based defense mechanisms against DDoS attacks on TCP/TCP-friendly flows , 2011, 2011 IEEE Symposium on Computational Intelligence in Cyber Security (CICS).

[6]  Zhen Li,et al.  Botnet Economics: Uncertainty Matters , 2008, WEIS.

[7]  Ping Wang,et al.  An Advanced Hybrid Peer-to-Peer Botnet , 2007, IEEE Transactions on Dependable and Secure Computing.

[8]  Carol Simpson,et al.  Internet Relay Chat. , 2000 .

[9]  Pan Shi,et al.  Game-Theoretical Effectiveness Evaluation of DDoS Defense , 2008, Seventh International Conference on Networking (icn 2008).

[10]  Shaolei Ren,et al.  Game Theory for Cyber Security and Privacy , 2017, ACM Comput. Surv..

[11]  Taufik Abrao,et al.  A Game Theoretical Based System Using Holt-Winters and Genetic Algorithm With Fuzzy Logic for DoS/DDoS Mitigation on SDN Networks , 2017, IEEE Access.

[12]  Wanlei Zhou,et al.  Effective Repair Strategy Against Advanced Persistent Threat: A Differential Game Approach , 2019, IEEE Transactions on Information Forensics and Security.

[13]  Yichuan Wang,et al.  Game strategies for distributed denial of service defense in the Cloud of Things , 2017, Journal of Communications and Information Networks.

[14]  David M. Nicol,et al.  Methodologies for evaluating game theoretic defense against DDoS attacks , 2010, Proceedings of the 2010 Winter Simulation Conference.

[15]  Loucif Kharouni SDBOT IRC Botnet Continues to Make Waves , 2009 .

[16]  Managing Information Risk and the Economics of Security , 2009 .

[17]  Kai Chen,et al.  Optimal Defense Strategies for DDoS Defender Using Bayesian Game Model , 2013, ISPEC.

[18]  Jian Yuan,et al.  Monitoring the macroscopic effect of DDoS flooding attacks , 2005, IEEE Transactions on Dependable and Secure Computing.

[19]  Elisa Bertino,et al.  Botnets and Internet of Things Security , 2017, Computer.

[20]  J. K. Kalita,et al.  Botnet in DDoS Attacks: Trends and Challenges , 2015, IEEE Communications Surveys & Tutorials.

[21]  Yi Zhou,et al.  Understanding the Mirai Botnet , 2017, USENIX Security Symposium.

[22]  Manju Khari,et al.  Role of Cyber Security in Today's Scenario , 2017 .

[23]  Yuan Yan Tang,et al.  A Risk Management Approach to Defending Against the Advanced Persistent Threat , 2020, IEEE Transactions on Dependable and Secure Computing.

[24]  Shouhuai Xu,et al.  Adaptive Epidemic Dynamics in Networks , 2013, ACM Trans. Auton. Adapt. Syst..

[25]  Andrei Costin Lua Code: Security Overview and Practical Approaches to Static Analysis , 2017, 2017 IEEE Security and Privacy Workshops (SPW).

[26]  Gang Liu,et al.  Efficient DDoS attacks mitigation for stateful forwarding in Internet of Things , 2019, J. Netw. Comput. Appl..

[27]  Tansu Alpcan,et al.  Network Security , 2010 .

[28]  Hanan Mustapha,et al.  DDoS attacks on the internet of things and their prevention methods , 2018, ICFNDS.

[29]  John Aycock,et al.  Black Market Botnets , 2007 .

[30]  B. Tarnauca,et al.  Development of GTBoT, a high performance and modular indoor robot , 2010, 2010 IEEE International Conference on Automation, Quality and Testing, Robotics (AQTR).

[31]  Hyoungshick Kim,et al.  DDoS Attack Mitigation in Internet of Things Using Software Defined Networking , 2017, 2017 IEEE Third International Conference on Big Data Computing Service and Applications (BigDataService).

[32]  J. March Introduction to the Calculus of Variations , 1999 .

[33]  Manju Khari,et al.  Securing Data in Internet of Things (IoT) Using Cryptography and Steganography Techniques , 2020, IEEE Transactions on Systems, Man, and Cybernetics: Systems.

[34]  Guanhua Yan,et al.  Towards a bayesian network game framework for evaluating DDoS attacks and defense , 2012, CCS '12.

[35]  Syed Hassan Ahmed,et al.  NBC-MAIDS: Naïve Bayesian classification technique in multi-agent system-enriched IDS for securing IoT against DDoS attacks , 2018, The Journal of Supercomputing.

[36]  Xiaofan Yang,et al.  The impact of patch forwarding on the prevalence of computer virus: A theoretical assessment approach , 2017 .

[37]  Yanfei Sun,et al.  Strategic Honeypot Game Model for Distributed Denial of Service Attacks in the Smart Grid , 2017, IEEE Transactions on Smart Grid.

[38]  Yuan Yan Tang,et al.  A Bi-Virus Competing Spreading Model with Generic Infection Rates , 2018, IEEE Transactions on Network Science and Engineering.

[39]  Dhruba K. Bhattacharyya,et al.  DDoS Attacks: Evolution, Detection, Prevention, Reaction, and Tolerance , 2016 .

[40]  Liang Huang,et al.  A Game Theory Based Approach to the Generation of Optimal DDoS Defending Strategy , 2014 .

[41]  F. Richard Yu,et al.  A Multi-Level DDoS Mitigation Framework for the Industrial Internet of Things , 2018, IEEE Communications Magazine.

[42]  Joachim Fabini,et al.  Botnet Communication Patterns , 2017, IEEE Communications Surveys & Tutorials.

[43]  Yan Chen,et al.  Botnet Research Survey , 2008, 2008 32nd Annual IEEE International Computer Software and Applications Conference.

[44]  Guofei Gu,et al.  A Large-Scale Empirical Study of Conficker , 2012, IEEE Transactions on Information Forensics and Security.