A Game Theoretic Defence Framework Against DoS/DDoS Cyber Attacks

Theodoros Spyridopoulos, George Karanikas, Theo Tryfonas, George Oikonomou

Research output: Contribution to journalArticle (Academic Journal)peer-review

69 Citations (Scopus)


In the research area of network security, game-theoretic approaches have been previously employed in order to explore the interaction between an attacker and a defender during a Distributed Denial of Service (DDoS) attack scenario. Existing literature investigates payoffs and optimal strategies for both parties, in order to provide the defender with an optimal defence strategy. In this paper, we model a DDoS attack as a one-shot, non-cooperative, zero-sum game. We extend previous work by incorporating in our model a richer set of options available to the attacker compared to what has been previously achieved. We investigate multiple permutations in terms of the cost to perform an attack, the number of attacking nodes, malicious traffic probability distributions and their parameters. We analytically demonstrate that there exists a single optimal strategy available to the defender. By adopting it, the defender sets an upper boundary to attacker payoff, which can only be achieved if the attacker is a rational player. For all other attack strategies (those adopted by irrational attackers), attacker payoff will be lower than this boundary.
Original languageEnglish
Pages (from-to)39-50
JournalComputers and Security
Early online date3 Apr 2013
Publication statusPublished - Oct 2013


  • DoS
  • DDoS
  • Game Theory
  • Network Security
  • Defence Mechanism
  • Firewall


Dive into the research topics of 'A Game Theoretic Defence Framework Against DoS/DDoS Cyber Attacks'. Together they form a unique fingerprint.

Cite this