Skip to main content
SpringerLink
Log in

Cyber Security via Signaling Games: Toward a Science of Cyber Security

  • Conference paper
Distributed Computing and Internet Technology (ICDCIT 2014)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 8337))

Abstract

In March of 2013, what started as a minor dispute between Spamhaus and Cyberbunker quickly escalated to a distributed denial of service (DDoS) attack that was so massive, it was claimed to have slowed internet speeds around the globe. The attack clogged servers with dummy internet traffic at a rate of about 300 gigabits per second. By comparison, the largest observed DDoS attacks typically against banks had thus far registered only 50 gigabits per second. The record breaking Spamhaus/Cyberbunker conflict arose 13 years after the publication of best practices on preventing DDoS attacks, and it was not an isolated event.

Recently, NYU’s Courant Institute and Carnegie Mellon Software Engineering Institute have collaboratively devised a game-theoretic approaches to address various cyber security problems involving exchange of information (asymmetrically). This research aims to discover and understand complex structures of malicious use cases within the context of secure systems with the goal of developing an incentives-based measurement system that ensures a high level of resilience to attack.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  • Beitollahi, H., Deconinck, G.: Review: Analyzing Well-known Countermeasures Against Distributed Denial of Service Attacks. Comput. Commun. 35(11), 1312–1332 (2012)

    Article  Google Scholar 

  • Bhatia, S., Schmidt, D., Mohay, G.: Ensemble-based DDoS Detection and Mitigation Model. In: Proceedings of the Fifth International Conference on Security of Information and Networks, SIN 2012, pp. 79–86. ACM, New York (2012)

    Google Scholar 

  • Casey, W.: Deterrence for Malware: Towards a Deception-Free Internet (2013), http://blog.sei.cmu.edu/archives.cfm/author/will-casey+

  • Doron, E., Wool, A.: WDA: A Web Farm Distributed Denial of Service Attack Attenuator. Comput. Netw. 55(5), 1037–1051 (2011)

    Article  Google Scholar 

  • Fu, Z., Papatriantafilou, M., Tsigas, P.: CluB: A Cluster Based Framework for Mitigating Distributed Denial of Service Attacks. In: Proceedings of the ACM Symposium on Applied Computing, SAC, pp. 520–527. ACM, New York (2011)

    Google Scholar 

  • Gallagher, S.: How Spamhaus’ Attackers Turned DNS into a Weapon of Mass Destruction. arstechnica.com (2013), http://arstechnica.com/information-technology/2013/03/how-spamhaus-attackers-turned-dns-into-a-weapon-of-mass-destruction/

  • Huang, Y., Geng, X., Whinston, A.B.: Defeating DDoS Attacks by Fixing the Incentive Chain. ACM Trans. Internet Technol. 7(1) (February 2007)

    Google Scholar 

  • Kargl, F., Maier, J., Weber, M.: Protecting Web Servers from Distributed Denial of Service Attacks. In: Proceedings of the 10th International Conference on World Wide Web, WWW 2001, pp. 514–524. ACM, New York (2001)

    Google Scholar 

  • Lee, K.-W., Chari, S., Shaikh, A., Sahu, S., Cheng, P.-C.: Improving the Resilience of Content Distribution Networks to Large Scale Distributed Denial of Service Attacks. Comput. Netw. 51(10), 2753–2770 (2007)

    Article  MATH  Google Scholar 

  • Lee, D.: Global Internet Slows after Biggest Attack in History. BBC news (2013), http://www.bbc.co.uk/news/technology-21954636

  • Mitre. Science of Cyber-security. JASON, MITRE Corporation (2010), https://www.fas.org/irp/agency/dod/jason/cyber.pdf

  • Saint-Andre, P.: Best Practices to Discourage Denial of Service Attacks. XSF XEP (2009), http://xmpp.org/extensions/xep-0205.html

  • Schwartz, M.J.: DDoS Spam Feud Backfires: Bulletproof Cyberbunker Busted. Informationweek.com (2013), https://www.informationweek.com+/security/attacks/ddos-spam-+feud-backfires-+bulletproof-cyb/240151895

    Google Scholar 

  • Traulsen, A., Nowak, M.A.: Chromodynamics of Cooperation in Finite Populations. PLoS One 2(3), e270 (2007)

    Google Scholar 

  • van Veelen, M., García, J., Rand, D.G., Nowak, M.A.: Direct Reciprocity in Structured Populations. Proceedings of the National Academy of Sciences 109(25), 9929–9934 (2012)

    Article  Google Scholar 

  • Walfish, M., Vutukuru, M., Balakrishnan, H., Karger, D., Shenker, S.: DDoS Defense by Offense. ACM Trans. Comput. Syst. 28(1), 3:1–3:54 (2010)

    Google Scholar 

  • Williams, R.: DDoS Attack Against spamhaus Exposes Huge Security Threat on DNS Servers. hothardware.com (2013), http://hothardware.com/News/DDoS-Attack-Against-Spamhaus-Exposes-Huge-Security-Threat-On-DNS-Servers/

  • Xie, Y., Yu, S.-Z.: Monitoring the Application-layer DDoS Attacks for Popular Websites. IEEE/ACM Trans. Netw. 17(1), 15–25 (2009)

    Article  Google Scholar 

  • Yau, D.K.Y., Lui, J.C.S., Liang, F., Yam, Y.: Defending Against Distributed Denial-of-Service Attacks with Max-Min Fair Server-Centric Router Throttles. IEEE/ACM Trans. Netw. 13(1), 29–42 (2005)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Courant Institute, NYU, New York, USA

    William Casey, Jose A. Morales, Thomson Nguyen, Jonathan Spring, Rhiannon Weaver, Evan Wright & Bud Mishra

  2. Software Engineering Institute, CMU, Pittsburgh, USA

    William Casey, Jose A. Morales, Thomson Nguyen, Jonathan Spring, Rhiannon Weaver, Evan Wright & Bud Mishra

  3. Software Engineering Institute, CMU, USA

    Leigh Metcalf

Authors
  1. William Casey
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jose A. Morales
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Thomson Nguyen
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Jonathan Spring
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Rhiannon Weaver
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Evan Wright
    View author publications

    You can also search for this author in PubMed Google Scholar

  7. Leigh Metcalf
    View author publications

    You can also search for this author in PubMed Google Scholar

  8. Bud Mishra
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. School of Technology & Computer Science, Tata Institute of Fundamental Research, Homi Bhabha Road, Colaba, 400005, Mumbai, India

    Raja Natarajan

Rights and permissions

Reprints and permissions

Copyright information

© 2014 Springer International Publishing Switzerland

About this paper

Cite this paper

Casey, W. et al. (2014). Cyber Security via Signaling Games: Toward a Science of Cyber Security. In: Natarajan, R. (eds) Distributed Computing and Internet Technology. ICDCIT 2014. Lecture Notes in Computer Science, vol 8337. Springer, Cham. https://doi.org/10.1007/978-3-319-04483-5_4

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-04483-5_4

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-04482-8

  • Online ISBN: 978-3-319-04483-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation