Skip to main content

A QoS Ensuring Two-Layered Multi-Attribute Auction Mechanism to Mitigate DDoS Attack

Abstract

Incentives are very important to be employed in any defensive mechanism against DDoS attack. Incentive is a major concept abandoned by most of the defensive mechanisms that have been proposed so far. It is a tool that can motivate users to send data wisely into the network. Therefore, in this paper, we have proposed a two layered multi-attribute auction mechanism for incentivising users by imposing payment schemes as well as by providing rewards. Apart from this, we have developed a reputation assessment procedure to identify malicious user by monitoring his credibility score calculated through his marginal utility. Identified malicious users are then mapped to different levels of suspiciousness. Identified legitimate users are forwarded towards first level of auction in which virtual users have been added by service provider to increase the competition among users. Critical values are computed for every user and the users satisfying the criteria are moved towards the second level. In second level, greedy method is utilized for resource allocation. Extensive simulations have been conducted on MatLab to check the validity of the proposed model. Rate of social welfare degradation and user’s satisfaction are utilized to check the appropriateness and validity of the model. Results from experimentation have shown that proposed model is able to generate enough revenue for the service provider and is able to provide acceptable QoS to identified legitimate users when there is an increase in number of malicious users.

This is a preview of subscription content, access via your institution.

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5

References

  1. 1.

    Poongodi M, Vijayakumar V, Al-Turjman F, Hamdi M, Ma M (2019) Intrusion prevention system for DDoS attack on VANET with reCAPTCHA controller using information based metrics. IEEE Access 7:158481–158491

    Article  Google Scholar 

  2. 2.

    Gupta BB (Ed) (2018) Computer and cyber security: principles, algorithm, applications, and perspectives. CRC Press, Taylor & Francis

  3. 3.

    Skottler (2018) February 28th DDoS Incident Report, Github report [online]. Available from: https://githubengineering.com/ddos-incident-report/. Accessed on Apr, 2020

  4. 4.

    Bhushan K, Gupta BB (2019) Distributed denial of service (DDoS) attack mitigation in software defined network (SDN)-based cloud computing environment. J Ambient Intell Humaniz Comput 10(5):1985–1997

    Article  Google Scholar 

  5. 5.

    Chhabra M, Gupta B, Almomani A (2013) A novel solution to handle DDOS attack in MANET. J Inform Security 4(3) Article ID: 34631:15

    Google Scholar 

  6. 6.

    Bhattacharya P, Guo M (2020) An incentive compatible mechanism for replica placement in peer-assisted content distribution. Int J Software Sci Comput Intell (IJSSCI) 12(1):47–67

    Article  Google Scholar 

  7. 7.

    Sharma P, Sengupta J, Suri PK (2019) Survey of intrusion detection techniques and architectures in cloud computing. Int J High Perform Comput Netw 13(2):184–198

    Article  Google Scholar 

  8. 8.

    DeviPriya K, Lingamgunta S (2020) Multi factor two-way hash-based authentication in cloud computing. Int J Cloud Appl Comput (IJCAC) 10(2):56–76

    Google Scholar 

  9. 9.

    Deebak BD, Al-Turjman F (2020) A hybrid secure routing and monitoring mechanism in IoT-based wireless sensor networks. Ad Hoc Netw 97:102022

    Article  Google Scholar 

  10. 10.

    Hurrah NN, Parah SA, Sheikh JA, Al-Turjman F, Muhammad K (2019) Secure data transmission framework for confidentiality in IoTs. Ad Hoc Netw 95:101989

    Article  Google Scholar 

  11. 11.

    Ullah F, Naeem H, Jabbar S, Khalid S, Latif MA, Al-Turjman F, Mostarda L (2019) Cyber security threats detection in internet of things using deep learning approach. IEEE Access 7:124379–124389

    Article  Google Scholar 

  12. 12.

    Al-Turjman F (2020) Intelligence and security in big 5G-oriented IoNT: an overview. Futur Gener Comput Syst 102:357–368

    Article  Google Scholar 

  13. 13.

    Ali Z, Chaudhry SA, Ramzan MS, Al-Turjman F (2020) Securing Smart City surveillance: a lightweight authentication mechanism for unmanned vehicles. IEEE Access 8:43711–43724

    Article  Google Scholar 

  14. 14.

    Jakub Kroustek, Vladislav Iliushin, Anna Shirokova, Jan Neduchal and Martin Hron (2018) Torii botnet-Not another variant, Avast Blog. Available from: https://blog.avast.com/new-torii-botnet-threat-research. Accessed on Apr 2020

  15. 15.

    Olakanmi OO, Dada A (2019) An efficient privacy-preserving approach for secure verifiable outsourced computing on untrusted platforms. Int J Cloud Appl Comput (IJCAC) 9(2):79–98

    Google Scholar 

  16. 16.

    Premkamal PK, Pasupuleti SK, Alphonse PJA (2020) Efficient escrow-free CP-ABE with constant size Ciphertext and secret key for big data storage in cloud. Int J Cloud Appl Comput (IJCAC) 10(1):28–45

    Google Scholar 

  17. 17.

    Letteri I, Penna GD, Gasperis GD (2019) Security in the internet of things: botnet detection in software-defined networks by deep learning techniques. Int J High Perform Comput Netw 15(3–4):170–182

    Article  Google Scholar 

  18. 18.

    Gou Z, Yamaguchi S, Gupta BB (2017) Analysis of various security issues and challenges in cloud computing environment: a survey. In identity theft: breakthroughs in research and practice (pp. 221-247). IGI global

  19. 19.

    Dahiya A, Gupta BB (2020) Multi attribute auction based incentivized solution against DDoS attacks. Comput Secur 92:101763

    Article  Google Scholar 

  20. 20.

    Paul K (2004) Auctions: theory and practice. The Toulouse Lectures in Economics

  21. 21.

    Li L, LIU YA, LIU KM, Ming YANG (2009) Pricing in combinatorial double auction-based grid allocation model. J China Univ Posts Telecommun 16(3):59–65

    Article  Google Scholar 

  22. 22.

    Baranwal G, Vidyarthi DP (2015) A fair multi-attribute combinatorial double auction model for resource allocation in cloud computing. J Syst Softw 108:60–76

    Article  Google Scholar 

  23. 23.

    Kumar D, Baranwal G, Raza Z, Vidyarthi DP (2017) A systematic study of double auction mechanisms in cloud computing. J Syst Softw 125:234–255

    Article  Google Scholar 

  24. 24.

    Samimi P, Teimouri Y, Mukhtar M (2016) A combinatorial double auction resource allocation model in cloud computing. Inf Sci 357:201–216

    Article  Google Scholar 

  25. 25.

    Kumar D, Baranwal G, Raza Z, Vidyarthi DP (2018) A truthful combinatorial double auction-based marketplace mechanism for cloud computing. J Syst Softw 140:91–108

    Article  Google Scholar 

  26. 26.

    AuYoung A, Chun B, Snoeren A, Vahdat A (2004) Resource allocation in federated distributed computing infrastructures. In proceedings of the 1st workshop on operating system and architectural support for the on-demand IT InfraStructure vol 9

  27. 27.

    Samimi P, Teimouri Y, Mukhtar M (2016) A combinatorial double auction resource allocation model in cloud computing. Inf Sci 357:201–216

    Article  Google Scholar 

  28. 28.

    Zaman S, Grosu D (2013) Combinatorial auction-based allocation of virtual machine instances in clouds. J Parallel Distribut Comput 73(4):495–508

    Article  Google Scholar 

  29. 29.

    Baranwal G, Vidyarthi DP (2015) A fair multi-attribute combinatorial double auction model for resource allocation in cloud computing. J Syst Softw 108:60–76

    Article  Google Scholar 

  30. 30.

    Moghaddam M, Davis JG (2019) Simultaneous service selection for multiple composite service requests: a combinatorial auction approach. Decis Support Syst 120:81–94

    Article  Google Scholar 

  31. 31.

    Tan X, Leon-Garcia A, Wu Y, Tsang DH (2020) Online combinatorial auctions for resource allocation with supply costs and capacity limits. IEEE J Select Areas Commun 38:655–668

    Article  Google Scholar 

  32. 32.

    Król, M., Sonnino, A., Tasiopoulos A, Psaras I, Rivière E (2020) PASTRAMI: privacy-preserving, auditable, Scalable & Trustworthy Auctions for multiple items. arXiv preprint arXiv:2004.06403

  33. 33.

    Chu LY (2009) Truthful bundle/multiunit double auctions. Manag Sci 55(7):1184–1198

    Article  Google Scholar 

  34. 34.

    Andersson A, Tenhunen M, Ygge F (2000) Integer programming for combinatorial auction winner determination. In Proceedings Fourth International Conference on MultiAgent Systems (pp. 39-46). IEEE

  35. 35.

    Lehmann D, Oćallaghan LI, Shoham Y (2002) Truth revelation in approximately efficient combinatorial auctions. J ACM (JACM) 49(5):577–602

    MathSciNet  Article  Google Scholar 

Download references

Acknowledgements

This publication is an outcome of the R&D work undertaken under the (i) YFRF fellowship grant, Visvesvaraya PhD Scheme of Ministry of Electronics & Information Technology, Government of India and being implemented by Digital India Corporation and (ii) sponsored project grant from SERB, DST, Government of India.

Author information

Affiliations

Authors

Corresponding author

Correspondence to Brij B. Gupta.

Additional information

Publisher’s note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and Permissions

About this article

Verify currency and authenticity via CrossMark

Cite this article

Dahiya, A., Gupta, B.B. A QoS Ensuring Two-Layered Multi-Attribute Auction Mechanism to Mitigate DDoS Attack. Mobile Netw Appl 26, 1043–1058 (2021). https://doi.org/10.1007/s11036-020-01665-6

Download citation

Keywords

  • DDoS attack
  • Incentive compatibility
  • Multi-attribute based auction
  • Truthfulness