Abstract
One of serious threats on the Internet is a Distributed Reflective Denial-of-Service (DRDoS) attack. We are aiming to realize defenders that can deal with more sophisticated cooperative and strategic attacks which are becoming realistic and will be seen in the future. Specifically, we focus on an environment where there are attackers that can change their strategy of the DRDoS attacks in consideration of the alliance among the defenders, which we will require to develop the defenders which can give misleading information to fool the attackers about the recognition of alliance state and to coordinate their filtering strategy so that they utilize the current alliance among the defenders with maximum efficiency of the throughput for ordinary traffics. For achieving the final goal, we consider the simulation method of the DRDoS attacks including the attackers and the defenders that can respond dynamically according to the environment, and consider the method for building the environment. In our work, we also consider the DRDoS attackers that dynamically change their behavior, a method for a simulation in order to proceed the defenders’ Multi-Agent Reinforcement Learning (MARL) in an environment where there are the defenders against the attackers, the environment, and a MARL method to be applied there.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Boutilier, C., Dean, T., Hanks, S.: Decision-theoretic planning: structural assumptions and computational leverage. J. Artif. Int. Res. 11(1), 1–94 (1999)
Gao, Y., Feng, Y., Kawamoto, J., Sakurai, K.: A Machine learning based approach for detecting DRDoS attacks and its performance evaluation. In: 11th Asia Joint Conference on Information Security, AsiaJCIS 2016, Fukuoka, Japan, 4–5 August 2016, pp. 80–86. IEEE Computer Society (2016). https://doi.org/10.1109/AsiaJCIS.2016.24
Gmytrasiewicz, P.J., Doshi, P.: A framework for sequential planning in multi-agent settings. J. Artif. Int. Res. 24(1), 49–79 (2005)
Griffioen, H., Oosthoek, K., van der Knaap, P., Doerr, C.: Scan, test, execute: adversarial tactics in amplification ddos attacks. In: Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security, pp. 940–954. CCS 2021, Association for Computing Machinery, New York, NY, USA (2021). https://doi.org/10.1145/3460120.3484747
Jin, C., Wang, H., Shin, K.G.: Hop-count filtering: an effective defense against spoofed ddos traffic. In: Proceedings of the 10th ACM Conference on Computer and Communications Security, CCS 2003, pp. 30–41. Association for Computing Machinery, New York, NY, USA (2003). https://doi.org/10.1145/948109.948116
Kawazoe, T., Fukuta, N.: A cooperative multi-agent learning approach for avoiding DRDoS Attack. In: Proceedings of 10th IIAI International Congress on Advanced Applied Informatics (IIAI AAI2021/SCAI2021), pp. 518–523 (2021)
Li, Y., Li, H., Lv, Z., Yao, X., Li, Q., Wu, J.: Deterrence of intelligent DDoS via multi-hop traffic divergence. In: Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security, CCS 2021, pp. 923–939. Association for Computing Machinery, New York, NY, USA (2021). https://doi.org/10.1145/3460120.3484737
Liu, Z., Jin, H., Hu, Y.C., Bailey, M.: MiddlePolice: toward enforcing destination-defined policies in the middle of the Internet. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, CCS 2016, pp. 1268–1279. Association for Computing Machinery, New York, NY, USA (2016). https://doi.org/10.1145/2976749.2978306
Rossow, C.: Amplification hell: revisiting network protocols for DDoS abuse. In: 21st Annual Network and Distributed System Security Symposium, NDSS 2014, San Diego, California, USA, 23–26 February 2014. The Internet Society (2014). https://www.ndss-symposium.org/ndss2014/amplification-hell-revisiting-network-protocols-ddos-abuse
Sharafaldin, I., Lashkari, A.H., Hakak, S., Ghorbani, A.A.: Developing realistic distributed denial of service (DDoS) attack dataset and taxonomy. In: Thomas, G.L., John, M. (eds.) 2019 International Carnahan Conference on Security Technology, ICCST 2019, Chennai, India, 1–3 October 2019, pp. 1–8. IEEE (2019). https://doi.org/10.1109/CCST.2019.8888419
Shinde, A., Doshi, P., Setayeshfar, O.: Cyber attack intent recognition and active deception using factored interactive POMDPs. In: Proceedings of the 20th International Conference on Autonomous Agents and Multi-agent Systems, AAMAS 2021, pp. 1200–1208. International Foundation for Autonomous Agents and Multiagent Systems, Richland, SC (2021)
Shurman, M.M., Khrais, R.M., Yateem, A.A.: DoS and DDoS attack detection using deep learning and IDS. Int. Arab J. Inf. Technol. 17(4A), 655–661 (2020). https://doi.org/10.34028/iajit/17/4a/10
Snyder, M.E., Sundaram, R., Thakur, M.: A game-theoretic framework for bandwidth attacks and statistical defenses. In: 32nd IEEE Conference on Local Computer Networks (LCN 2007), pp. 556–566 (2007). https://doi.org/10.1109/LCN.2007.11
Wagner, D., et al.: United we stand: collaborative detection and mitigation of amplification DDoS attacks at scale. In: Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security, CCS 2021, pp. 970–987. Association for Computing Machinery, New York, NY, USA (2021). https://doi.org/10.1145/3460120.3485385
Wu, Q., Shiva, S., Roy, S., Ellis, C., Datla, V.: On modeling and simulation of game theory-based defense mechanisms against DoS and DDoS Attacks. In: Proceedings of the 2010 Spring Simulation Multiconference. SpringSim 2010, Society for Computer Simulation International, San Diego, CA, USA (2010). https://doi.org/10.1145/1878537.1878703
Yan, G., Lee, R., Kent, A., Wolpert, D.: Towards a Bayesian network game framework for evaluating DDoS attacks and defense. In: Proceedings of the 2012 ACM Conference on Computer and Communications Security, CCS 2012, pp. 553–566. Association for Computing Machinery, New York, NY, USA (2012). https://doi.org/10.1145/2382196.2382255
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Kawazoe, T., Fukuta, N. (2023). On Implementing a Simulation Environment for a Cooperative Multi-agent Learning Approach to Mitigate DRDoS Attacks. In: Hadfi, R., Aydoğan, R., Ito, T., Arisaka, R. (eds) Recent Advances in Agent-Based Negotiation: Applications and Competition Challenges. IJCAI 2022. Studies in Computational Intelligence, vol 1092. Springer, Singapore. https://doi.org/10.1007/978-981-99-0561-4_2
Download citation
DOI: https://doi.org/10.1007/978-981-99-0561-4_2
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-99-0560-7
Online ISBN: 978-981-99-0561-4
eBook Packages: EngineeringEngineering (R0)