Skip to main content
SpringerLink
Log in

On Implementing a Simulation Environment for a Cooperative Multi-agent Learning Approach to Mitigate DRDoS Attacks

  • Conference paper
  • First Online:
Recent Advances in Agent-Based Negotiation: Applications and Competition Challenges (IJCAI 2022)

Part of the book series: Studies in Computational Intelligence ((SCI,volume 1092))

Included in the following conference series:

Abstract

One of serious threats on the Internet is a Distributed Reflective Denial-of-Service (DRDoS) attack. We are aiming to realize defenders that can deal with more sophisticated cooperative and strategic attacks which are becoming realistic and will be seen in the future. Specifically, we focus on an environment where there are attackers that can change their strategy of the DRDoS attacks in consideration of the alliance among the defenders, which we will require to develop the defenders which can give misleading information to fool the attackers about the recognition of alliance state and to coordinate their filtering strategy so that they utilize the current alliance among the defenders with maximum efficiency of the throughput for ordinary traffics. For achieving the final goal, we consider the simulation method of the DRDoS attacks including the attackers and the defenders that can respond dynamically according to the environment, and consider the method for building the environment. In our work, we also consider the DRDoS attackers that dynamically change their behavior, a method for a simulation in order to proceed the defenders’ Multi-Agent Reinforcement Learning (MARL) in an environment where there are the defenders against the attackers, the environment, and a MARL method to be applied there.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 119.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 159.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 159.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Notes

  1. 1.

    https://github.com/mshindo/NetFlow-Generator.

  2. 2.

    https://openports.se/net/nfdump.

  3. 3.

    https://www.openbsd.org/faq/pf/.

  4. 4.

    https://www.wireshark.org/docs/man-pages/tshark.html.

References

  1. Boutilier, C., Dean, T., Hanks, S.: Decision-theoretic planning: structural assumptions and computational leverage. J. Artif. Int. Res. 11(1), 1–94 (1999)

    MathSciNet  MATH  Google Scholar 

  2. Gao, Y., Feng, Y., Kawamoto, J., Sakurai, K.: A Machine learning based approach for detecting DRDoS attacks and its performance evaluation. In: 11th Asia Joint Conference on Information Security, AsiaJCIS 2016, Fukuoka, Japan, 4–5 August 2016, pp. 80–86. IEEE Computer Society (2016). https://doi.org/10.1109/AsiaJCIS.2016.24

  3. Gmytrasiewicz, P.J., Doshi, P.: A framework for sequential planning in multi-agent settings. J. Artif. Int. Res. 24(1), 49–79 (2005)

    MATH  Google Scholar 

  4. Griffioen, H., Oosthoek, K., van der Knaap, P., Doerr, C.: Scan, test, execute: adversarial tactics in amplification ddos attacks. In: Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security, pp. 940–954. CCS 2021, Association for Computing Machinery, New York, NY, USA (2021). https://doi.org/10.1145/3460120.3484747

  5. Jin, C., Wang, H., Shin, K.G.: Hop-count filtering: an effective defense against spoofed ddos traffic. In: Proceedings of the 10th ACM Conference on Computer and Communications Security, CCS 2003, pp. 30–41. Association for Computing Machinery, New York, NY, USA (2003). https://doi.org/10.1145/948109.948116

  6. Kawazoe, T., Fukuta, N.: A cooperative multi-agent learning approach for avoiding DRDoS Attack. In: Proceedings of 10th IIAI International Congress on Advanced Applied Informatics (IIAI AAI2021/SCAI2021), pp. 518–523 (2021)

    Google Scholar 

  7. Li, Y., Li, H., Lv, Z., Yao, X., Li, Q., Wu, J.: Deterrence of intelligent DDoS via multi-hop traffic divergence. In: Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security, CCS 2021, pp. 923–939. Association for Computing Machinery, New York, NY, USA (2021). https://doi.org/10.1145/3460120.3484737

  8. Liu, Z., Jin, H., Hu, Y.C., Bailey, M.: MiddlePolice: toward enforcing destination-defined policies in the middle of the Internet. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, CCS 2016, pp. 1268–1279. Association for Computing Machinery, New York, NY, USA (2016). https://doi.org/10.1145/2976749.2978306

  9. Rossow, C.: Amplification hell: revisiting network protocols for DDoS abuse. In: 21st Annual Network and Distributed System Security Symposium, NDSS 2014, San Diego, California, USA, 23–26 February 2014. The Internet Society (2014). https://www.ndss-symposium.org/ndss2014/amplification-hell-revisiting-network-protocols-ddos-abuse

  10. Sharafaldin, I., Lashkari, A.H., Hakak, S., Ghorbani, A.A.: Developing realistic distributed denial of service (DDoS) attack dataset and taxonomy. In: Thomas, G.L., John, M. (eds.) 2019 International Carnahan Conference on Security Technology, ICCST 2019, Chennai, India, 1–3 October 2019, pp. 1–8. IEEE (2019). https://doi.org/10.1109/CCST.2019.8888419

  11. Shinde, A., Doshi, P., Setayeshfar, O.: Cyber attack intent recognition and active deception using factored interactive POMDPs. In: Proceedings of the 20th International Conference on Autonomous Agents and Multi-agent Systems, AAMAS 2021, pp. 1200–1208. International Foundation for Autonomous Agents and Multiagent Systems, Richland, SC (2021)

    Google Scholar 

  12. Shurman, M.M., Khrais, R.M., Yateem, A.A.: DoS and DDoS attack detection using deep learning and IDS. Int. Arab J. Inf. Technol. 17(4A), 655–661 (2020). https://doi.org/10.34028/iajit/17/4a/10

  13. Snyder, M.E., Sundaram, R., Thakur, M.: A game-theoretic framework for bandwidth attacks and statistical defenses. In: 32nd IEEE Conference on Local Computer Networks (LCN 2007), pp. 556–566 (2007). https://doi.org/10.1109/LCN.2007.11

  14. Wagner, D., et al.: United we stand: collaborative detection and mitigation of amplification DDoS attacks at scale. In: Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security, CCS 2021, pp. 970–987. Association for Computing Machinery, New York, NY, USA (2021). https://doi.org/10.1145/3460120.3485385

  15. Wu, Q., Shiva, S., Roy, S., Ellis, C., Datla, V.: On modeling and simulation of game theory-based defense mechanisms against DoS and DDoS Attacks. In: Proceedings of the 2010 Spring Simulation Multiconference. SpringSim 2010, Society for Computer Simulation International, San Diego, CA, USA (2010). https://doi.org/10.1145/1878537.1878703

  16. Yan, G., Lee, R., Kent, A., Wolpert, D.: Towards a Bayesian network game framework for evaluating DDoS attacks and defense. In: Proceedings of the 2012 ACM Conference on Computer and Communications Security, CCS 2012, pp. 553–566. Association for Computing Machinery, New York, NY, USA (2012). https://doi.org/10.1145/2382196.2382255

Download references

Author information

Authors and Affiliations

  1. Shizuoka University, Shizuoka, Japan

    Tomoki Kawazoe

  2. Shizuoka University, Shizuoka, Japan

    Naoki Fukuta

Authors
  1. Tomoki Kawazoe
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Naoki Fukuta
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Tomoki Kawazoe .

Editor information

Editors and Affiliations

  1. Department of Social Informatics, Kyoto University, Kyoto, Japan

    Rafik Hadfi

  2. Computer Science, Özyeğin University, Alemdağ, Türkiye

    Reyhan Aydoğan

  3. Department of Social Informatics, Kyoto University, Kyoto, Japan

    Takayuki Ito

  4. Department of Social Informatics, Kyoto University, Kyoto, Japan

    Ryuta Arisaka

Rights and permissions

Reprints and permissions

Copyright information

© 2023 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Kawazoe, T., Fukuta, N. (2023). On Implementing a Simulation Environment for a Cooperative Multi-agent Learning Approach to Mitigate DRDoS Attacks. In: Hadfi, R., Aydoğan, R., Ito, T., Arisaka, R. (eds) Recent Advances in Agent-Based Negotiation: Applications and Competition Challenges. IJCAI 2022. Studies in Computational Intelligence, vol 1092. Springer, Singapore. https://doi.org/10.1007/978-981-99-0561-4_2

Download citation

  • DOI: https://doi.org/10.1007/978-981-99-0561-4_2

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-99-0560-7

  • Online ISBN: 978-981-99-0561-4

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation