DDoS Mitigation in Non-cooperative Environments

  • Guanhua Yan
  • Stephan Eidenbenz
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4982)


Distributed denial of service (DDoS) attacks have plagued the Internet for many years. We propose a system to defend against DDoS attacks in a non-cooperative environment, where upstream intermediate networks need to be given an economic incentive in order for them to cooperate in the attack mitigation. Lack of such incentives is a root cause for the rare deployment of distributed DDoS mitigation schemes. Our system is based on game-theoretic principles that provably provide incentives to each participating AS (Autonomous Systems) to report its true defense costs to the victim, which computes and compensates the most cost-efficient (yet still effective) set of defenders ASs. We also present simulation results with real AS-level topologies to demonstrate the economic feasibility of our approach.


Central Bank Reserve Price Budget Balance Cost Vector IPv4 Address 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
  2. 2.
  3. 3.
  4. 4.
  5. 5.
    Anderegg, L., Eidenbenz, S.: Ad hoc-VCG: a truthful and cost-efficient rout- ing protocol for mobile ad hoc networks with selfish agents. In: Proceedings of MobiCom 2003 (September 2003)Google Scholar
  6. 6.
    Cormen, T.H., Leiserson, C.E., Rivest, R.L., Stein, C.: Introduction to Algorithms. The MIT Press and McGraw-Hill, Cambridge (2001)zbMATHGoogle Scholar
  7. 7.
    Eidenbenz, S., Resta, G., Santi, P.: COMMIT: A sender-centric truthful and energy-efficient routing protocol for ad hoc networks with selfish nodes. In: Proceedings of IPDPS 2005, April 2005, vol. 13 (2005)Google Scholar
  8. 8.
    Feigenbaum, J., Krishnamurthy, A., Sami, R., Shenker, S.: Approximation and collusion in multicast cost sharing. In: Proceedings of EC 2001 (2001)Google Scholar
  9. 9.
    Feigenbaum, J., Papadimitriou, C., Sami, R., Shenker, S.: A BGP-based mechanism for lowest-cost routing. In: Proc. of PODC 2002 (2002)Google Scholar
  10. 10.
    Green, J., Laffont, J.: Incentives in public decision making. Studies in Public Economies 1, 65–78 (1979)zbMATHGoogle Scholar
  11. 11.
    Huang, Y., Geng, X., Whinston, A.B.: Defeating DDoS attacks by fixing the incentive chain. ACM Trans. on Internet Technology (2006)Google Scholar
  12. 12.
    Krishnamurthy, B., Wang, J.: On network-aware clustering of web clients. In: Proceedings of SIGCOMM 2000 (2000)Google Scholar
  13. 13.
    Mao, Z.M., Qiu, L., Wang, J., Zhang, Y.: On AS-level path inference. In: Proceedings of SIGMETRICS 2005, Banff, Alberta, Canada (June 2005)Google Scholar
  14. 14.
    Mirkovic, J., Reiher, P.: A taxonomy of DDoS attack and DDoS defense mechanisms. ACM SIGCOMM Computer Communications Review 34(2) (April 2004)Google Scholar
  15. 15.
    Honeynet Project and Research Alliance. Know your enemy: Tracking botnets (2005),
  16. 16.
    Savage, S., Wetherall, D., Karlin, A., Anderson, T.: Practical network support for IP traceback. In: Proceedings of ACM SIGCOMM 2000 (2000)Google Scholar
  17. 17.
    K. K. Singh. Botnets - an introduction. http://www- spring/botnets.ppt.Google Scholar
  18. 18.
    Summary of the initial meeting of the dos-resistant internet working group (January 2005),
  19. 19.
    Waldvogel, M.: GOSSIB vs. IP traceback rumors. In: Proc. of ACSAC 2002 (2002)Google Scholar
  20. 20.
    Yan, G., Eidenbenz, S.: Distributed DDoS mitigation in non-cooperative environments. Technical Report LAUR-07-3012, Los Alamos National Lab (2007)Google Scholar

Copyright information

© IFIP International Federation for Information Processing 2008

Authors and Affiliations

  • Guanhua Yan
    • 1
  • Stephan Eidenbenz
    • 1
  1. 1.Information Sciences (CCS-3)Los Alamos National LaboratoryLos AlamosUSA

Personalised recommendations