Pay the Piper: DDoS Mitigation Technique to Deter Financially-Motivated Attackers
-
- SASAKI Takayuki
- Graduate School of Environment and Information Sciences, Yokohama National University
-
- HERNANDEZ GAÑÁN Carlos
- TU Delft
-
- YOSHIOKA Katsunari
- Faculty of Environment and Information Sciences, Yokohama National University Institute of Advanced Sciences, Yokohama National University
-
- VAN EETEN Michel
- TU Delft
-
- MATSUMOTO Tsutomu
- Faculty of Environment and Information Sciences, Yokohama National University Institute of Advanced Sciences, Yokohama National University
Abstract
<p>Distributed Denial of Service attacks against the application layer (L7 DDoS) are among the most difficult attacks to defend against because they mimic normal user behavior. Some mitigation techniques against L7 DDoS, e.g., IP blacklisting and load balancing using a content delivery network, have been proposed; unfortunately, these are symptomatic treatments rather than fundamental solutions. In this paper, we propose a novel technique to disincentivize attackers from launching a DDoS attack by increasing attack costs. Assuming financially motivated attackers seeking to gain profit via DDoS attacks, their primary goal is to maximize revenue. On the basis of this assumption, we also propose a mitigation solution that requires mining cryptocurrencies to access servers. To perform a DDoS attack, attackers must mine cryptocurrency as a proof-of-work (PoW), and the victims then obtain a solution to the PoW. Thus, relative to attackers, the attack cost increases, and, in terms of victims, the economic damage is compensated by the value of the mined coins. On the basis of this model, we evaluate attacker strategies in a game theory manner and demonstrate that the proposed solution provides only negative economic benefits to attackers. Moreover, we implement a prototype to evaluate performance, and we show that this prototype demonstrates practical performance.</p>
Journal
-
- IEICE Transactions on Communications
-
IEICE Transactions on Communications E103.B (4), 389-404, 2020-04-01
The Institute of Electronics, Information and Communication Engineers
- Tweet
Details
-
- CRID
- 1390283659867643520
-
- NII Article ID
- 130007825038
-
- ISSN
- 17451345
- 09168516
-
- Text Lang
- en
-
- Data Source
-
- JaLC
- Crossref
- CiNii Articles
-
- Abstract License Flag
- Disallowed