{"title":"Social network botnet attack mitigation model for cloud","authors":"Hooman Alavizadeh, Ahmad Salehi S., A.S.M. Kayes, Wenny Rahayu, Tharam Dillon","doi":"10.1016/j.comnet.2025.111160","DOIUrl":null,"url":null,"abstract":"<div><div>Online Social Network (OSN) botnet attacks pose a growing threat to the cloud environment and reduce the services’ availability and reliability for users by launching distributed denial of service (DDoS) attacks on crucial servers in the cloud. These attacks involve the deployment of sophisticated botnets that exploit the interconnected nature of social networks to identify targets, exploit vulnerabilities, and launch attacks. The prevalence and impact of these botnet-driven attacks have recently been studied. Although the detection of these botnet attacks is still a challenging process, it remains crucial to gain a comprehensive understanding of and evaluate the best defense strategies against botnet attacks. This evaluation can be further utilized to formulate effective defense plans to mitigate the impact of such botnet attacks. In this paper, we first investigate the properties of OSN botnet attack stages that eventually lead to launching DDoS attacks toward a cloud system. Then, we formalize a defensive model using a sequential game model to analyze both the attacker’s and defenders’ best equilibrium strategies for the proposed botnet attack scenario. Moreover, we formulate optimal strategies for the defender against various attack strategies. Our experiments reveal the best defense strategies against various attack rates to maintain cloud functionality. Finally, we discuss possible countermeasures for these OSN botnet threats.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"262 ","pages":"Article 111160"},"PeriodicalIF":4.4000,"publicationDate":"2025-03-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computer Networks","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1389128625001288","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}
引用次数: 0
Abstract
Online Social Network (OSN) botnet attacks pose a growing threat to the cloud environment and reduce the services’ availability and reliability for users by launching distributed denial of service (DDoS) attacks on crucial servers in the cloud. These attacks involve the deployment of sophisticated botnets that exploit the interconnected nature of social networks to identify targets, exploit vulnerabilities, and launch attacks. The prevalence and impact of these botnet-driven attacks have recently been studied. Although the detection of these botnet attacks is still a challenging process, it remains crucial to gain a comprehensive understanding of and evaluate the best defense strategies against botnet attacks. This evaluation can be further utilized to formulate effective defense plans to mitigate the impact of such botnet attacks. In this paper, we first investigate the properties of OSN botnet attack stages that eventually lead to launching DDoS attacks toward a cloud system. Then, we formalize a defensive model using a sequential game model to analyze both the attacker’s and defenders’ best equilibrium strategies for the proposed botnet attack scenario. Moreover, we formulate optimal strategies for the defender against various attack strategies. Our experiments reveal the best defense strategies against various attack rates to maintain cloud functionality. Finally, we discuss possible countermeasures for these OSN botnet threats.
期刊介绍:
Computer Networks is an international, archival journal providing a publication vehicle for complete coverage of all topics of interest to those involved in the computer communications networking area. The audience includes researchers, managers and operators of networks as well as designers and implementors. The Editorial Board will consider any material for publication that is of interest to those groups.