Game Theoretic Defense Scheme for DDoS Attacks Based on Finite Rationality Analysis.

Distributed denial-of-service (DDoS) attacks continue to pose a significant threat to network security today and represent a constant and critical concern for network administrators and researchers. Unprotected systems are highly vulnerable to paralysis when subjected to DDoS attacks. Game-theoretic modeling and analysis schemes are gaining increasing popularity for defending against DDoS attacks. However, the majority of existing game-theoretic approaches assume that both attackers and defenders are perfectly rational, thereby overlooking situations where participants make mistakes, resulting in discrepancies between predicted and actual results. To address this issue, we propose a finite rational defense scheme for DDoS attacks that incorporates quantum response equilibrium (QRE) to analyze irrational participant behavior.Initially, we model the DDoS attack scenario as a zero-sum game. We then examine the primary function of the attacker’s and defender’s strategies. The attacker maliciously squeezes the bandwidth by adjusting the traffic size and the number of zombie nodes, while the defender adjusts the traffic threshold to defend against the attack. Finally, we construct a QRE analysis strategy and use QRE to model the error propensity of the attacker and defender, and we compare the Nash equilibrium with QRE for the optimal decision process.Through simulations and experiments, we have discovered that when the attacker transitions from irrational to rational behavior, the defender can utilize the QRE real-time analysis results in combination with Nash equilibrium conditions to adjust the defense threshold and further enhance the sensitivity of defense nodes to cope with DDoS attacks.