Strategic Defense Against Stealthy Link Flooding Attacks: A Signaling Game Approach

With the increasing diversity of Distributed Denial-of-Service (DDoS) attacks, it is becoming extremely challenging to design a fully protected network. For instance, Stealthy Link Flooding Attack (SLFA) variant DDoS attacks that strives block access target area by flooding small set links, and shown can bypass traditional defense mechanisms. One potential solution tackle such SLFAs apply Moving Target Defense (MTD) techniques in which network settings are dynamically changed confuse/deceive attackers, thus making highly expensive launch successful attack. However, since MTD comes with some overhead network, find best strategy (i.e., when and/or what extent) applying has been major challenge. The significantly influenced attacker's behavior often difficult guess. In this work, we address challenge obtaining optimal effectively mitigates while incurs minimal overhead. We problem as signaling game considering defender attacker players. A belief function established throughout engagement during SLFA campaign, utilized pick response/action for each player. analyze model derive mechanism based on equilibria game. evaluate technique Mininet-based environment where an performing applies results show our game-based dynamic provide similar level protection against like extensive solution, however, causing reduced