Game-theoretic modeling of the behavior of Domain Name System attacker

Abdul Aziz Al Abri; Ahmed Al Maashri; Mohamed Ould-Khaoua; Hadj Bourdoucen

doi:10.1016/j.compeleceng.2020.106801

Game-theoretic modeling of the behavior of Domain Name System attacker

Abdul Aziz Al Abri, Ahmed Al Maashri^*, Mohamed Ould-Khaoua, Hadj Bourdoucen

^*Corresponding author for this work

Electrical and Computer Engineering

Research output: Contribution to journal › Article › peer-review

2 Citations (Scopus)

Abstract

The last few years have witnessed a rapid increase in the number of cyber-attacks on governments and organizations. To combat these attacks, a number of works have developed mathematical models that attempt to capture the behavior of attackers. However, these works focus on the process of the attack rather than the behavior of the attacker, which hinders the effectiveness of these models. On the other hand, many applications in cyber security have utilized game theory to model both the defender and attacker. This paper combines the Markov Chain models with game theory in order to assess the security state of Domain Name System (DNS) servers. This assessment was performed using realistic values of reward and cost in the game model. The simulation results indicate that the proposed modifications to the model have improved the accuracy of modeling the behavior of attackers on DNS servers.

Original language	English
Article number	106801
Journal	Computers and Electrical Engineering
Volume	87
DOIs	https://doi.org/10.1016/j.compeleceng.2020.106801
Publication status	Published - Oct 2020

Keywords

Cyber security
DNS cache poisoning
Game theory
Intrusion detection systems
Markov chain

ASJC Scopus subject areas

Control and Systems Engineering
General Computer Science
Electrical and Electronic Engineering

Access to Document

10.1016/j.compeleceng.2020.106801

Cite this

@article{8c017613913147b1bbcde92e2e09ba11,

title = "Game-theoretic modeling of the behavior of Domain Name System attacker",

abstract = "The last few years have witnessed a rapid increase in the number of cyber-attacks on governments and organizations. To combat these attacks, a number of works have developed mathematical models that attempt to capture the behavior of attackers. However, these works focus on the process of the attack rather than the behavior of the attacker, which hinders the effectiveness of these models. On the other hand, many applications in cyber security have utilized game theory to model both the defender and attacker. This paper combines the Markov Chain models with game theory in order to assess the security state of Domain Name System (DNS) servers. This assessment was performed using realistic values of reward and cost in the game model. The simulation results indicate that the proposed modifications to the model have improved the accuracy of modeling the behavior of attackers on DNS servers.",

keywords = "Cyber security, DNS cache poisoning, Game theory, Intrusion detection systems, Markov chain",

author = "Abri, {Abdul Aziz Al} and Maashri, {Ahmed Al} and Mohamed Ould-Khaoua and Hadj Bourdoucen",

note = "Publisher Copyright: {\textcopyright} 2020",

year = "2020",

month = oct,

doi = "10.1016/j.compeleceng.2020.106801",

language = "English",

volume = "87",

journal = "Computers and Electrical Engineering",

issn = "0045-7906",

publisher = "Elsevier Limited",

}

TY - JOUR

T1 - Game-theoretic modeling of the behavior of Domain Name System attacker

AU - Abri, Abdul Aziz Al

AU - Maashri, Ahmed Al

AU - Ould-Khaoua, Mohamed

AU - Bourdoucen, Hadj

PY - 2020/10

Y1 - 2020/10

N2 - The last few years have witnessed a rapid increase in the number of cyber-attacks on governments and organizations. To combat these attacks, a number of works have developed mathematical models that attempt to capture the behavior of attackers. However, these works focus on the process of the attack rather than the behavior of the attacker, which hinders the effectiveness of these models. On the other hand, many applications in cyber security have utilized game theory to model both the defender and attacker. This paper combines the Markov Chain models with game theory in order to assess the security state of Domain Name System (DNS) servers. This assessment was performed using realistic values of reward and cost in the game model. The simulation results indicate that the proposed modifications to the model have improved the accuracy of modeling the behavior of attackers on DNS servers.

AB - The last few years have witnessed a rapid increase in the number of cyber-attacks on governments and organizations. To combat these attacks, a number of works have developed mathematical models that attempt to capture the behavior of attackers. However, these works focus on the process of the attack rather than the behavior of the attacker, which hinders the effectiveness of these models. On the other hand, many applications in cyber security have utilized game theory to model both the defender and attacker. This paper combines the Markov Chain models with game theory in order to assess the security state of Domain Name System (DNS) servers. This assessment was performed using realistic values of reward and cost in the game model. The simulation results indicate that the proposed modifications to the model have improved the accuracy of modeling the behavior of attackers on DNS servers.

KW - Cyber security

KW - DNS cache poisoning

KW - Game theory

KW - Intrusion detection systems

KW - Markov chain

UR - http://www.scopus.com/inward/record.url?scp=85089242640&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85089242640&partnerID=8YFLogxK

U2 - 10.1016/j.compeleceng.2020.106801

DO - 10.1016/j.compeleceng.2020.106801

M3 - Article

AN - SCOPUS:85089242640

SN - 0045-7906

VL - 87

JO - Computers and Electrical Engineering

JF - Computers and Electrical Engineering

M1 - 106801

ER -

Game-theoretic modeling of the behavior of Domain Name System attacker

Abstract

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this