research-article

Game-theoretic modeling of DDoS attacks in cloud computing

Authors:

Joel CoffmanAuthors Info & Claims

UCC '21: Proceedings of the 14th IEEE/ACM International Conference on Utility and Cloud Computing

Article No.: 1, Pages 1 - 10

https://doi.org/10.1145/3468737.3494093

Published: 17 December 2021 Publication History

Abstract

The benefits of cloud computing have attracted many organizations to migrate their IT infrastructures into the cloud. In an infrastructure as a service (IaaS) model, the cloud service provider offers services to multiple consumers using shared physical hardware resources. However, by sharing a cloud environment with other consumers, organizations may also share security risks with their cotenants. Distributed denial of service (DDoS) attacks are considered one of the major security threats in cloud computing. Without a proper defense mechanism, an attack against one tenant can also affect the availability of cotenants. This work uses a game-theoretic approach to analyze the interactions between various entities when the cloud is under attack. The resulting Nash equilibrium shows that collateral damage to cotenants is unlikely if the cloud service provider is unbiased and chooses a rational strategy, but the Nash equilibrium can change when the cloud service provider does not treat cloud consumers equally. The cloud service provider's bias can influence its strategy selection and create a situation where untargeted users suffer unnecessary collateral damage from DDoS attacks.

References

[1]

Neha Agrawal and Shashikala Tapaswi. 2017. Defense schemes for variants of distributed denial-of-service (DDoS) attacks in cloud computing: A survey. Information Security Journal: A Global Perspective 26, 2 (2017), 61--73.

Digital Library

[2]

Neha Agrawal and Shashikala Tapaswi. 2019. Defense Mechanisms Against DDoS Attacks in a Cloud Computing Environment: State-of-the-Art and Research Challenges. IEEE Communications Surveys Tutorials 21, 4 (2019), 3769--3795.

Digital Library

[3]

Mohammad Abdelkareem Alarqan, Zarul Fitri Zaaba, and Ammar Almomani. 2020. Detection Mechanisms of DDoS Attack in Cloud Computing Environment: A Survey. In Advances in Cyber Security, Mohammed Anbar, Nibras Abdullah, and Selvakumar Manickam (Eds.). Springer Singapore, Singapore, 138--152.

[4]

Abdulaziz Aldribi and Issa Traore. 2015. A Game Theoretic Framework for Cloud Security Transparency. In Network and System Security, Meikang Qiu, Shouhuai Xu, Moti Yung, and Haibo Zhang (Eds.). Springer International Publishing, Cham, 488--500.

[5]

Harkeerat Singh Bedi and Sajjan Shiva. 2012. Securing Cloud Infrastructure against Co-Resident DoS Attacks Using Game Theoretic Defense Mechanisms. In Proceedings of the International Conference on Advances in Computing, Communications and Informatics (Chennai, India) (ICACCI '12). Association for Computing Machinery, New York, NY, USA, 463--469.

Digital Library

[6]

Bellal Ahmed Bhuiyan. 2018. An Overview of Game Theory and Some Applications. Philosophy and Progress 59, 1-2 (August 2018), 111--128.

[7]

Ankur Chowdhary, Sandeep Pisharody, Adel Alshamrani, and Dijiang Huang. 2017. Dynamic Game Based Security Framework in SDN-Enabled Cloud Networking Environments. In Proceedings of the ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization (Scottsdale, Arizona, USA) (SDN-NFVSec '17). Association for Computing Machinery, New York, NY, USA, 53--58.

Digital Library

[8]

Amrita Dahiya and Brij B. Gupta. 2021. A reputation score policy and Bayesian game theory based incentivized mechanism for DDoS attacks mitigation and cyber defense. Future Generation Computer Systems 117 (2021), 193--204.

[9]

Rashmi V. Deshmukh and Kailas K. Devadkar. 2015. Understanding DDoS Attack & its Effect in Cloud Environment. Procedia Computer Science 49 (2015), 202--210. Proceedings of 4th International Conference on Advances in Computing, Communication and Control (ICAC3'15).

[10]

Karim El Defrawy, Athina Markopoulou, and Katerina Argyraki. 2007. Optimal Allocation of Filters against DDoS Attacks. In 2007 Information Theory and Applications Workshop. IEEE, Piscataway, NJ, 140--149.

[11]

B. B. Gupta and Omkar P. Badve. 2017. Taxonomy of DoS and DDoS Attacks and Desirable Defense Mechanism in a Cloud Computing Environment. Neural Computing and Applications 28, 12 (December 2017), 3655--3682.

Digital Library

[12]

Geoffrey Heal and Howard Kunreuther. 2003. You Only Die Once: Managing Discrete Interdependent Risks. Working Paper 9885. National Bureau of Economic Research.

[13]

Joseph Idziorek, Mark Tannian, and Doug Jacobson. 2011. Detecting Fraudulent Use of Cloud Resources. In Proceedings of the 3rd ACM Workshop on Cloud Computing Security Workshop (Chicago, Illinois, USA) (CCSW '11). Association for Computing Machinery, New York, NY, USA, 61--72.

Digital Library

[14]

Bansidhar Joshi, A. Santhana Vijayan, and Bineet Kumar Joshi. 2012. Securing Cloud Computing Environment Against DDoS Attacks. In 2012 International Conference on Computer Communication and Informatics. IEEE, Piscataway, NJ, 1--5.

[15]

Charles A. Kamhoua, Luke Kwiat, Kevin A. Kwiat, Joon S. Park, Ming Zhao, and Manuel Rodriguez. 2014. Game Theoretic Modeling of Security and Interdependency in a Public Cloud. In 2014 IEEE 7th International Conference on Cloud Computing. IEEE, Piscataway, NJ, 514--521.

Digital Library

[16]

Sebastian Lehrig, Hendrik Eikerling, and Steffen Becker. 2015. Scalability, Elasticity, and Efficiency in Cloud Computing: A Systematic Literature Review of Definitions and Metrics. In Proceedings of the 11th International ACM SIGSOFT Conference on Quality of Software Architectures (Montréal, QC, Canada) (QoSA '15). Association for Computing Machinery, New York, NY, USA, 83--92.

Digital Library

[17]

Nikolaos Liakopoulos, Georgios Paschos, and Thrasyvoulos Spyropoulos. 2019. No Regret in Cloud Resources Reservation with Violation Guarantees. In IEEE INFOCOM 2019 - IEEE Conference on Computer Communications. IEEE, Piscataway, NJ, 1747--1755.

[18]

Peter Mell and Timothy Grance. 2011. The NIST Definition of Cloud Computing. Special Publication 800-145. National Institute of Standards and Technology. https://csrc.nist.gov/publications/detail/sp/800-145/final

Digital Library

[19]

Phil Muncaster. 2019. AWS Left Reeling After Eight-Hour DDoS. Infosecurity Magazine. https://www.infosecurity-magazine.com/news/aws-customers-hit-by-eighthour-ddos/ (accessed: 9 September 2021).

[20]

Opeyemi Osanaiye, Kim-Kwang Raymond Choo, and Mqhele Dlodlo. 2016. Distributed denial of service (DDoS) resilience in cloud: Review and conceptual cloud DDoS mitigation framework. Journal of Network and Computer Applications 67 (2016), 147--165.

Digital Library

[21]

Martin J. Osborne and Ariel Rubinstein. 1994. A Course in Game Theory. MIT press, Cambridge, MA.

[22]

Sonia Shahzadi, Muddesar Iqbal, Zia Ul Qayyum, and Tasos Dagiuklas. 2017. Infrastructure as a Service (IaaS): A Comparative Performance Analysis of Open-Source Cloud Platforms. In 2017 IEEE 22nd International Workshop on Computer Aided Modeling and Design of Communication Links and Networks (CAMAD '17). IEEE, Piscataway, NJ, 1--6.

[23]

Alireza Shameli-Sendi, Makan Pourzandi, Mohamed Fekih-Ahmed, and Mohamed Cheriet. 2015. Taxonomy of Distributed Denial of Service mitigation approaches for cloud computing. Journal of Network and Computer Applications 58 (2015), 165--179.

Digital Library

[24]

Karanpreet Singh, Paramvir Singh, and Krishan Kumar. 2017. Application layer HTTP-GET flood DDoS attacks: Research landscape and challenges. Computers & Security 65 (2017), 344--372.

Digital Library

[25]

Adam Smith. 2020. China Launched the Biggest DDoS Attack in History Against Google, Company Claims. The Independent (October 2020). https://www.independent.co.uk/life-style/gadgets-and-tech/google-ddos-attack-hack-biggest-china-b1155500.html

[26]

Gaurav Somani, Manoj Singh Gaur, Dheeraj Sanghi, Mauro Conti, and Rajkumar Buyya. 2017. DDoS attacks in cloud computing: Issues, taxonomy, and future directions. Computer Communications 107 (2017), 30--48.

Digital Library

[27]

K G Srinivasa, S Srinidhi, K Sharath Kumar, Vignesh Shenvi, U Shashank Kaushik, and Kushagra Mishra. 2014. Game Theoretic Resource Allocation in Cloud Computing. In The Fifth International Conference on the Applications of Digital Information and Web Technologies (ICADIWT 2014). IEEE, Piscataway, NJ, 36--42.

[28]

Qishi Wu, Sajjan Shiva, Sankardas Roy, Charles Ellis, and Vivek Datla. 2010. On Modeling and Simulation of Game Theory-Based Defense Mechanisms against DoS and DDoS Attacks. In Proceedings of the 2010 Spring Simulation Multiconference (Orlando, Florida) (SpringSim '10). Society for Computer Simulation International, San Diego, CA, USA, Article 159, 8 pages.

Digital Library

[29]

Qiao Yan, F. Richard Yu, Qingxiang Gong, and Jianqiang Li. 2016. Software-Defined Networking (SDN) and Distributed Denial of Service (DDoS) Attacks in Cloud Computing Environments: A Survey, Some Research Issues, and Challenges. IEEE Communications Surveys & Tutorials 18, 1 (February 2016), 602--622.

Digital Library

[30]

Shui Yu, Yonghong Tian, Song Guo, and Dapeng Oliver Wu. 2014. Can We Beat DDoS Attacks in Clouds? IEEE Transactions on Parallel and Distributed Systems 25, 9 (September 2014), 2245--2254.

[31]

Xiaoqun Yuan, Geyong Min, Laurence T. Yang, Yi Ding, and Qing Fang. 2017. A game theory-based dynamic resource allocation strategy in Geo-distributed Datacenter Clouds. Future Generation Computer Systems 76 (2017), 63--72.

Digital Library

Cited By

Gill KSharma ASaxena S(2024)A Systematic Review on Game-Theoretic Models and Different Types of Security Requirements in Cloud Environment: Challenges and OpportunitiesArchives of Computational Methods in Engineering10.1007/s11831-024-10095-6Online publication date: 1-Apr-2024
https://doi.org/10.1007/s11831-024-10095-6
Mvah FKengne Tchendji VTayou Djamegni CAnwar ATosh DKamhoua C(2023)GaTeBaSep: game theory-based security protocol against ARP spoofing attacks in software-defined networksInternational Journal of Information Security10.1007/s10207-023-00749-023:1(373-387)Online publication date: 26-Aug-2023
https://dl.acm.org/doi/10.1007/s10207-023-00749-0
Rathore SBhandari A(2022)Review of game theory approaches for DDoS mitigation by SDNProceedings of the Indian National Science Academy10.1007/s43538-022-00126-w88:4(634-650)Online publication date: 7-Oct-2022
https://doi.org/10.1007/s43538-022-00126-w

Index Terms

Game-theoretic modeling of DDoS attacks in cloud computing

Recommendations

DDoS attacks in cloud computing

Security issues related to the cloud computing are relevant to various stakeholders for an informed cloud adoption decision. Apart from data breaches, the cyber security research community is revisiting the attack space for cloud-specific solutions as ...
DDoS attacks in cloud computing

The effects of distributed denial-of-service (DDoS) attacks on cloud computing are not very similar to those in traditional fixed on-premise infrastructure. In the context of DDoS attacks in multi-tenant clouds, we argue that, instead of just the victim ...
Survey on DDoS Attacks and Defense Mechanisms in Cloud and Fog Computing

This article describes how cloud computing has emerged as a strong competitor against traditional IT platforms by offering low-cost and "pay-as-you-go" computing potential and on-demand provisioning of services. Governments, as well as organizations, ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

UCC '21: Proceedings of the 14th IEEE/ACM International Conference on Utility and Cloud Computing

December 2021

214 pages

ISBN:9781450385640

DOI:10.1145/3468737

Conference Chairs:
Ivona Brandic
Vienna University of Technology, Austria
,
Rizos Sakellariou
University of Manchester, UK
,
Josef Spillner
Zurich University of Applied Sciences, Switzerland

Copyright © 2021 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGARCH: ACM Special Interest Group on Computer Architecture

In-Cooperation

CIMPA: International Center for Pure and Applied Mathematics

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 17 December 2021

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

UCC '21

Sponsor:

SIGARCH

UCC '21: 2021 IEEE/ACM 14th International Conference on Utility and Cloud Computing

December 6 - 9, 2021

Leicester, United Kingdom

Acceptance Rates

UCC '21 Paper Acceptance Rate 21 of 62 submissions, 34%;

Overall Acceptance Rate 38 of 125 submissions, 30%

Upcoming Conference

UCC '24

Sponsor:
sigarch

2024 IEEE/ACM 17th International Conference on Utility and Cloud Computing

December 16 - 19, 2024

Sharjah , United Arab Emirates

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

3
Total Citations
View Citations
737
Total Downloads

Downloads (Last 12 months)79
Downloads (Last 6 weeks)3

Reflects downloads up to 28 Sep 2024

Other Metrics

View Author Metrics

Citations

Cited By

Gill KSharma ASaxena S(2024)A Systematic Review on Game-Theoretic Models and Different Types of Security Requirements in Cloud Environment: Challenges and OpportunitiesArchives of Computational Methods in Engineering10.1007/s11831-024-10095-6Online publication date: 1-Apr-2024
https://doi.org/10.1007/s11831-024-10095-6
Mvah FKengne Tchendji VTayou Djamegni CAnwar ATosh DKamhoua C(2023)GaTeBaSep: game theory-based security protocol against ARP spoofing attacks in software-defined networksInternational Journal of Information Security10.1007/s10207-023-00749-023:1(373-387)Online publication date: 26-Aug-2023
https://dl.acm.org/doi/10.1007/s10207-023-00749-0
Rathore SBhandari A(2022)Review of game theory approaches for DDoS mitigation by SDNProceedings of the Indian National Science Academy10.1007/s43538-022-00126-w88:4(634-650)Online publication date: 7-Oct-2022
https://doi.org/10.1007/s43538-022-00126-w

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents