Pay the Piper: DDoS Mitigation Technique to Deter Financially-Motivated Attackers

Distributed Denial of Service attacks against the application layer (L7 DDoS) are among the most difficult attacks to defend against because they mimic normal user behavior. Some mitigation techniques against L7 DDoS, e.g., IP blacklisting and load balancing using a content delivery network, have been proposed; unfortunately, these are symptomatic treatments rather than fundamental solutions. In this paper, we propose a novel technique to disincentivize attackers from launching a DDoS attack by increasing attack costs. Assuming financially motivated attackers seeking to gain profit via DDoS attacks, their primary goal is to maximize revenue. On the basis of this assumption, we also propose a mitigation solution that requires mining cryptocurrencies to access servers. To perform a DDoS attack, attackers must mine cryptocurrency as a proof-of-work (PoW), and the victims then obtain a solution to the PoW. Thus, relative to attackers, the attack cost increases, and, in terms of victims, the economic damage is compensated by the value of the mined coins. On the basis of this model, we evaluate attacker strategies in a game theory manner and demonstrate that the proposed solution provides only negative economic benefits to attackers. Moreover, we implement a prototype to evaluate performance, and we show that this prototype demonstrates practical performance.

[1]  Meni Rosenfeld,et al.  Analysis of Bitcoin Pooled Mining Reward Systems , 2011, ArXiv.

[2]  Jeremy Clark,et al.  A First Look at Browser-Based Cryptojacking , 2018, 2018 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW).

[3]  A. Keromytis,et al.  I'm Not a Human: Breaking the Google reCAPTCHA , 2016 .

[4]  Ari Juels,et al.  $evwu Dfw , 1998 .

[5]  Jelena Mirkovic,et al.  A Framework for a Collaborative DDoS Defense , 2006, 2006 22nd Annual Computer Security Applications Conference (ACSAC'06).

[6]  C. Pandu Rangan,et al.  Game Theoretic Resistance to Denial of Service Attacks Using Hidden Difficulty Puzzles , 2010, ISPEC.

[7]  Satoshi Nakamoto Bitcoin : A Peer-to-Peer Electronic Cash System , 2009 .

[8]  Mohamed Cheriet,et al.  Taxonomy of Distributed Denial of Service mitigation approaches for cloud computing , 2015, J. Netw. Comput. Appl..

[9]  Steven Bethard,et al.  Decaptcha: Breaking 75% of eBay Audio CAPTCHAs , 2009, WOOT.

[10]  Angelos Stavrou,et al.  MOTAG: Moving Target Defense against Internet Denial of Service Attacks , 2013, 2013 22nd International Conference on Computer Communication and Networks (ICCCN).

[11]  Yao Zhang,et al.  SIBRA: Scalable Internet Bandwidth Reservation Architecture , 2015, NDSS.

[12]  Adam Back,et al.  Hashcash - A Denial of Service Counter-Measure , 2002 .

[13]  Rangarajan Vasudevan,et al.  MIDAS: An Impact Scale for DDoS attacks , 2007, 2007 15th IEEE Workshop on Local & Metropolitan Area Networks.

[14]  Theodore Tryfonas,et al.  A game theoretic defence framework against DoS/DDoS cyber attacks , 2013, Comput. Secur..

[15]  Yi Zhou,et al.  Understanding the Mirai Botnet , 2017, USENIX Security Symposium.

[16]  Lazy Susan: dumb waiting as proof of work , 2007 .

[17]  Damon McCoy,et al.  Understanding the Emerging Threat of DDoS-as-a-Service , 2013, LEET.

[18]  Ehab Al-Shaer,et al.  Openflow random host mutation: transparent moving target defense using software defined networking , 2012, HotSDN '12.

[19]  Adrian Perrig,et al.  A Practical System for Guaranteed Access in the Presence of DDoS Attacks and Flash Crowds , 2015, 2015 IEEE 23rd International Conference on Network Protocols (ICNP).

[20]  Chris Kanich,et al.  Re: CAPTCHAs-Understanding CAPTCHA-Solving Services in an Economic Context , 2010, USENIX Security Symposium.

[21]  Eric Wustrow,et al.  DDoSCoin: Cryptocurrency with a Malicious Proof-of-Work , 2016, WOOT.

[22]  Vicente Segura,et al.  Modeling the Economic Incentives of DDoS Attacks: femtocell case study , 2009, WEIS.