DDoS Mitigation in Non-cooperative Environments

  • Guanhua Yan
  • Stephan Eidenbenz
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4982)


Distributed denial of service (DDoS) attacks have plagued the Internet for many years. We propose a system to defend against DDoS attacks in a non-cooperative environment, where upstream intermediate networks need to be given an economic incentive in order for them to cooperate in the attack mitigation. Lack of such incentives is a root cause for the rare deployment of distributed DDoS mitigation schemes. Our system is based on game-theoretic principles that provably provide incentives to each participating AS (Autonomous Systems) to report its true defense costs to the victim, which computes and compensates the most cost-efficient (yet still effective) set of defenders ASs. We also present simulation results with real AS-level topologies to demonstrate the economic feasibility of our approach.


  1. 1.
  2. 2.
  3. 3.
  4. 4.
  5. 5.
    Anderegg, L., Eidenbenz, S.: Ad hoc-VCG: a truthful and cost-efficient rout- ing protocol for mobile ad hoc networks with selfish agents. In: Proceedings of MobiCom 2003 (September 2003)Google Scholar
  6. 6.
    Cormen, T.H., Leiserson, C.E., Rivest, R.L., Stein, C.: Introduction to Algorithms. The MIT Press and McGraw-Hill, Cambridge (2001)MATHGoogle Scholar
  7. 7.
    Eidenbenz, S., Resta, G., Santi, P.: COMMIT: A sender-centric truthful and energy-efficient routing protocol for ad hoc networks with selfish nodes. In: Proceedings of IPDPS 2005, April 2005, vol. 13 (2005)Google Scholar
  8. 8.
    Feigenbaum, J., Krishnamurthy, A., Sami, R., Shenker, S.: Approximation and collusion in multicast cost sharing. In: Proceedings of EC 2001 (2001)Google Scholar
  9. 9.
    Feigenbaum, J., Papadimitriou, C., Sami, R., Shenker, S.: A BGP-based mechanism for lowest-cost routing. In: Proc. of PODC 2002 (2002)Google Scholar
  10. 10.
    Green, J., Laffont, J.: Incentives in public decision making. Studies in Public Economies 1, 65–78 (1979)MATHGoogle Scholar
  11. 11.
    Huang, Y., Geng, X., Whinston, A.B.: Defeating DDoS attacks by fixing the incentive chain. ACM Trans. on Internet Technology (2006)Google Scholar
  12. 12.
    Krishnamurthy, B., Wang, J.: On network-aware clustering of web clients. In: Proceedings of SIGCOMM 2000 (2000)Google Scholar
  13. 13.
    Mao, Z.M., Qiu, L., Wang, J., Zhang, Y.: On AS-level path inference. In: Proceedings of SIGMETRICS 2005, Banff, Alberta, Canada (June 2005)Google Scholar
  14. 14.
    Mirkovic, J., Reiher, P.: A taxonomy of DDoS attack and DDoS defense mechanisms. ACM SIGCOMM Computer Communications Review 34(2) (April 2004)Google Scholar
  15. 15.
    Honeynet Project and Research Alliance. Know your enemy: Tracking botnets (2005), http://www.honeynet.org/papers/bots/
  16. 16.
    Savage, S., Wetherall, D., Karlin, A., Anderson, T.: Practical network support for IP traceback. In: Proceedings of ACM SIGCOMM 2000 (2000)Google Scholar
  17. 17.
    K. K. Singh. Botnets - an introduction. http://www- static.cc.gatech.edu/classes/AY2006/cs6262 spring/botnets.ppt.Google Scholar
  18. 18.
    Summary of the initial meeting of the dos-resistant internet working group (January 2005), http://www.thecii.org/dos-resistant/meeting-1/summary.html
  19. 19.
    Waldvogel, M.: GOSSIB vs. IP traceback rumors. In: Proc. of ACSAC 2002 (2002)Google Scholar
  20. 20.
    Yan, G., Eidenbenz, S.: Distributed DDoS mitigation in non-cooperative environments. Technical Report LAUR-07-3012, Los Alamos National Lab (2007)Google Scholar

Copyright information

© IFIP International Federation for Information Processing 2008

Authors and Affiliations

  • Guanhua Yan
    • 1
  • Stephan Eidenbenz
    • 1
  1. 1.Information Sciences (CCS-3)Los Alamos National LaboratoryLos AlamosUSA

Personalised recommendations