On Modeling Link Flooding Attacks and Defenses

The increasing popularity of Internet of Things (IoTs) is making people universally connected and thus bringing the ease of life. Because of their sheer volume, weak security, and continual operation, IoT devices, along with many computer servers, are widely compromised to launch powerful distributed denial-of-service (DDoS) attacks. The emerging link flooding attacks (LFAs) are one type of such attacks that attract significant attention in both academia and industry against the routing infrastructure. The attack traffic flows originating from bots (e.g., compromised IoT devices) are deliberately aggregated at upstream critical links and grow intensified, gradually making a network connected to the critical links disconnected. Although LFAs are far more sophisticated than traditional DDoS attacks, whether such sophistication comes without a downside has never been investigated. In this paper, by modeling link flooding attacks and defenses, we tackle a series of questions concerning the practical issues of LFAs. Specifically, from the perspective of attacks, we advance a novel notion of strike precision, and reveal that LFAs may exhibit attack interference (i.e., unexpectedly interfere the connectivity of innocent networks) which might undermine the stealthiness and persistence of LFAs. From the perspective of defenses, we make the first step to study attack intention, i.e., inversely inferring the target network to disconnect based on the identified links under attack. Furthermore, we consider a strong defender who employs traffic engineering to mitigate LFAs, and formulate the game-theoretic interactions between attackers and defenders. Our formulation demonstrates that LFAs can be effectively mitigated based on traffic engineering from a game-theoretic perspective. We also study practical issues of non-cooperative defenses (e.g., light-weight probe deployment, multi-protocol-based measurement).


I. INTRODUCTION
The increasing popularity of Internet of Things (IoTs) is making people universally connected and thus bringing the ease of life. Because of their sheer volume, weak security, and continual operation, IoT devices, along with many computer servers, are widely compromised to build botnets and launch powerful distributed denial-of-service (DDoS) attacks. The emerging link flooding attacks (LFAs) are one type of such attacks that attract significant attention in both academia and industry against the routing infrastructure. In contrast to traditional (DDoS attacks that target (end) computer servers [1]- [4], LFAs target (intermediate) critical links that constitute the Internet backbone [5]- [7]. LFAs have recently come into practice after attracting the academia for years, posing severe threats to large-scale regional networks. For example, a few links of major Internet exchange points in Europe and Asia were flooded to disconnect the anti-spam service Spamhaus, with up to 300Gb/s traffic of LFAs [8].
LFAs are powerful, formidable and hard to defend against for three major reasons. First, stemming from coordinated flows between bots and public servers (e.g., web servers) or among bots, the attack traffic flows are aggregated at a critical link with a huge amount. As such, a network connected to the critical link will be gradually disconnected, as the aggregated attack traffic flows grow intensified. Second, the disconnected network, though having traditional DDoS countermeasures deployed at the network perimeter, might be blind to the attack, since the critical link is not within its administrative domain. Last, even for those ISPs who have the privilege to access the traffic flows crossing the critical link, it would be challenging for them to identify the attack traffic flows that are indistinguishable from legitimate ones.
Since the pioneering works of Studer and Perrig [9] and Kang et al. [10], considerable progress has been made to thwart LFAs, with a focus on detecting and mitigating the attack [5], [9]- [16]. In all state-of-the-art studies, it is commonly believed that LFAs are far more sophisticated than traditional server-targeted DDoS attacks by design. Nevertheless, whether such sophistication comes without a downside has never been investigated.
In this paper, by modeling link flooding attacks and defenses, we tackle a series of questions concerning the practical issues of LFAs. Specifically, we advance the notion of strike precision of LFAs, and reveal that LFAs may exhibit attack interference which might restrict their applicability from the adversary's standpoint. More precisely, when the adversary aims at disconnecting a specific network (e.g., N ) via attacking a critical link l, the connectivity of the networks surrounding N (e.g.,N ) might be interfered (i.e., attack interference), in whole or in part, depending on the connectivity importance of l forN . Due to attack interference, strike precision of LFAs would be lowered in the sense that LFAs, while disconnecting a network, may unexpectedly interfere the connectivity of some innocent networks nearby.
At first glance, the adversary lacks interest in attack interference. For a terrorist adversary interested in mass destruction, it is true. However, for a rational adversary in consideration of attack stealthiness and persistence, it is not true. The reason is that attack interference tends to incentivize different victim networks to collaborate in defending against LFAs. Such collaboration is an effective countermeasure against LFAs, since it increases individual networks' visibility of coordinated attack traffic flows. The severer attack interference is, the stronger the incentive is. Therefore, for a rational adversary, attack interference and strike precision would be big concerns, especially in the long run.
From the perspective of attacks, we attempt to answer the following research questions: • RQ1: To what extent does attack interference exist, and how do they affect strike precision, in traditional LFAs that only seeks strike efficiency, i.e., interrupting more routes (destined to N ) by flooding fewer selected links? • RQ2: What are the main factors affecting attack interference and strike precision? Can adversaries reduce attack interference and increase strike precision? From the perspective of defenses, we are interested in the following research questions: • RQ3: Given the identified target links that the adversary attacks, how to infer the target network that the adversary would like to disconnect (i.e., attack intention)?
• RQ4: Consider a defender who employs traffic engineering to mitigate LFAs, how to formulate the interactions between attackers and defenders from a gametheoretic perspective? • RQ5: When traffic engineering is used in defending against LFAs, how would the attack effect and strike precision would be? Can we effectively mitigate LFAs?
To answer RQ1, we first quantify strike precision, as well as strike efficiency. Then, we propose the Strike-Efficiency-Oriented (i.e., SEO) flooding strategy for traditional LFAs. The strategy interrupts more routes by flooding fewer selected links. Following the SEO flooding strategy, we perform traditional LFAs to gain insight into their strike precision. To tackle RQ2, taking into account the attack interference induced by attacking each link, we propose the Strike-Precision-Aware Hybrid (i.e., SPAH) flooding strategy, for impeding the attack toward links with more severe attack interference while achieving larger strike efficiency. To address RQ3, we construct a mapping from the target networks to the sets of target links to effectively infer the target networks from the set of target links under attack. Finally, we demystify RQ4 and RQ5 from a game-theoretic perspective. To answer these questions, all experiments are conducted using real-world traceroute data.
We have substantially extended our previous conference paper [17], which only focuses on RQ1 and RQ2, to include three more research questions, i.e., RQ3, RQ4, and RQ5. Additionally, we study practical issues of non-cooperative defenses (e.g., lightweight probe deployment, multi-protocolbased measurement) and perform more experiments for RQ1 and RQ2. To our best knowledge, we are the first to advance the notion of strike precision and attack intention, and study attack intention for LFAs. Moreover, we design a series of models to systematically study the questions under investigation. Our contributions are summarized below. • We quantify strike precision, as well as strike efficiency.
Our quantification sheds light on a new angle of understanding LFAs, potentially fostering more research concerning the practical aspects of LFAs. • Combining the greedy algorithm and the genetic algorithm, we propose the Strike-Efficiency-Oriented (SEO) flooding strategy for LFAs, for interrupting more routes by flooding fewer selected links. Following the SEO flooding strategy, we perform LFAs to gain insight into their strike precision. The experiments suggest that attack interference is pervasive and significantly lowers strike precision of LFAs. •

A. LINK FLOODING ATTACK
As illustrated in FIGURE 1, the goal of LFAs is to congest the target link so to disconnect the intended victim network from the rest of the network, wherein the intended victim network could be a university, a city or even a country. To accomplish such a goal, the adversary analyzes the routing topology and finds a target link (or a set of target links) connecting the intended victim network and the rest of the network. By clogging the target link, the adversary can disconnect the intended victim network, rendering legitimate users unable to communicate with the intended victim network. A typical way that the adversary clogs the target link is to coordinate a number of traffic flows originating from bots and destined to decoy servers (or bots) inside or near the intended victim network. Decoy servers refer to public servers with open services such as HTTP, FTP. The coordinated flows are required to be aggregated at the target link enormously. They are often indistinguishable from legitimate flows for evading detection.
In recent years, with the weak security configuration of IoT devices, IoT devices have been easily infected by hackers to launch massive LFAs. Mirai botnet, for example, takes advantage of the vulnerability and pervasiveness of IoT devices to overwhelm targets with massive DDoS attacks and potential LFAs. By scanning public IP addresses, using a bruteforce way to find the default credentials of IoT   Mirai since these devices have less protection. Traditional LFAs, initiated by PCs and servers, are limited by the upto-date patching, power-off time. In contrast, IoT devices are always online, lacking update-to-date patching. Therefore, IoT devices are rendering LFAs more powerful.

B. LINK FLOODING ATTACK DEFENSE
Defenders, on the other hand, tackle LFAs to keep the network working with little or no Internet connectivity degradation. Traffic Engineering (TE) is a powerful tool for defenders to react to LFAs [18]. The goal of TE is to find appropriate paths for minimizing the transmission delay and maximizing the available bandwidth [19] between sources and destinations.
Since LFAs' traffic flows are indistinguishable from legitimate ones, distributing and re-routing traffic flows (including legitimate ones and malicious ones) over available paths would be an effective method to tackle LFAs. As illustrated in FIGURE 2, when the target link is flooded, defenders can deploy parallel links to re-route traffic flows [20]. In FIGURE 3, finding new routes consisting of existing parallel links is also practical. TE methods such as load balancing, re-routing and finding new routes can be implemented in the IP networks based on OSPF-routing [21]. OSPF is a commonly used intra-domain link state routing protocol for IP networks within a single autonomous system (AS). In OSPF, the weight of links can be changed by the network operator to determine the path route adopted by different packets [21]. By adjusting the weights of the flooded links, defenders can mitigate LFAs congestion.

III. PROBLEM DESCRIPTION
By clogging the target link, the adversary can disconnect the intended victim network, while it is challenging for the intended victim network to defend against LFAs using countermeasures deployed at its network perimeter. However, it can be argued that, though more sophisticated, powerful and hard to defend against, LFAs were born to have limitations in comparison to traditional DDoS attacks. As depicted in VOLUME 4, 2016  , clogging the target link will also result in the disconnection of the innocent victim network from the rest of the network, since the communication between legitimate users and hosts within the innocent victim network also crosses the target link.
We term the disconnection of the innocent victim network as attack interference. Due to attack interference, strike precision of LFAs would be lowered. Specifically, while disconnecting a network, LFAs may unexpectedly interfere the connectivity of innocent networks nearby. The root cause is that, when selecting the target links, the adversary does not consider the influence of clogging the selected target links to the networks surrounding the intended victim network. It is strike efficiency that the adversary only seeks in traditional LFAs, meaning that the adversary wants to interrupt more routes (destined to the intended victim network) by flooding fewer selected target links.
At first glance, the adversary lacks interest in attack interference. For a terrorist adversary interested in mass destruction, it is true. However, for a rational adversary in consideration of attack stealthiness and persistence, it is not true. The reason is that attack interference tends to incentivize different victim networks to collaborate with each other in defending against LFAs. Such collaboration is an effective countermeasure against LFAs, since it increases individual networks' visibility of coordinated attack traffic flows. The severer attack interference is, the stronger the incentive is. Moreover, disconnecting the innocent victim network cannot make the adversary better off whereas it renders the adversary face a more severe penalty. Therefore, for a rational adversary, attack interference and strike precision would be big concerns, especially in the long run.
From the perspective of attacks, we will make the first effort to model attack interference and strike precision so to quantitatively understand such an inherent (yet never investigated) nature of LFAs. From the perspective of defenses, given the identified target links that the adversary attacks, inversely inferring the target network that the adversary would like to disconnect (i.e., attack intention) is also an important problem. In addition, we are interested in mitigating LFAs by formulating the game-theoretic interactions between attackers and defenders, where the defender is the network administrator who can perform traffic engineering.

IV. MODELING LINK FLOODING ATTACKS
In this section, from the perspective of attacks, we first systematically model attack interference. Then, we propose different link flooding strategies in consideration of their attack interference.

A. ATTACK INTERFERENCE
Consider an adversary who performs LFAs. Let N denote a network that the adversary would like to disconnect from the rest of the network. Essentially disconnecting N is to select a set of target (intermediate) links along the routes between hosts within N and hosts outside of it, and then clog them so that the routes can be interrupted. Note that a route comprises a sequence of links.
We denote the set of routes between hosts within N and hosts outside of it by R N , the set of links (that constitute R N ) by L N , and the set of selected target links by L N ⊆ L N . Normally, it is hard, if not impossible, to interrupt all routes in R N by clogging the links in L N . Suppose, by clogging the links in L N , the set of routes that the adversary interrupts is R N ⊆ R N . Let | · | be the operator calculating the cardinality of a set. On a limited budget of |L N |, the adversary can strategically derive L N for a larger value of |R N |/|R N |, i.e., interrupting the routes in R N as many as possible. We also refer |R N |/|R N | as Attack Effect in the following sections.
To quantify the adversary's return on investment (ROI), we define strike efficiency, denoted by SE, to represent the number routes that the adversary can interrupt by clogging one link on average. Definition 3.1 Strike Efficiency.
When the adversary performs LFAs to disconnect N , the connectivity of networks surrounding N may be interfered. LetN denote the network(s) whose connectivity is interfered, RN denote the set of routes between hosts withinN and hosts outside of it, and R N ⊆ RN denote the set of interrupted routes due to the adversary clogging the links in L N . We define attack interference, denoted by AI, posed toN due to disconnecting N , as |R N |/|RN |. To minimize AI, |R N | should be minimized, since |RN | is constant in a specific problem.
On a limited budget of |L N | and a certain value of SE, |R N | is determined. Therefore, minimizing AI is equivalent to maximizing |R N |/(|R N | + |R N |), which we define as strike precision and denote by SP .
It refers to the ratio of the number of interrupted routes associated with N to the total number of interrupted routes by clogging the links in L N .
We have three remarks on strike efficiency and strike precision. First, to evaluate LFAs comprehensively, both strike efficiency and strike precision should be measured, whereas existing studies neglect the latter. Second, for attack stealthiness and persistence, a rational adversary tends to seek larger strike efficiency while ensuring higher strike precision. Third, strategically deriving L N is the core to achieve larger strike efficiency and higher strike precision.
Next, we propose different link flooding strategies in consideration of strike efficiency and strike precision. Determining link flooding strategies are essentially to strategically derive L N by setting different priorities for strike efficiency and strike precision.

B. LINK FLOODING ATTACK STRATEGIES
When strategically deriving L N , traditional adversaries in LFAs seek high strike efficiency. We, accordingly, present two strike-efficiency-oriented (SEO) strategies, namely, the naive SEO strategy and the advanced SEO strategy that further improves strike efficiency of the naive one. Also, for rational adversaries concerning strike precision, we propose the strike-precision-aware hybrid strategy. The proposed strategy impedes the attack toward links with more severe attack interferences while achieving larger strike efficiency.

1) Naive Strike-Efficiency-Oriented (N-SEO) Strategy
Traditional adversaries heuristically derive L N (i.e., the set of selected target links to clog) greedily [10]. They calculate |R N |/|R N | to quantify the degradation severity of the attack against N . The N-SEO strategy is detailed in Algorithm 1.

end for end while
In the N-SEO strategy, adversaries iteratively select a new link l ∈ L N \ L N maximizing the reward gain, δ l (L N ) = |R N (L N ∪ {l})|/|R N | − |R N (L N )|/|R N |, and insert l into L N . Here, R N (·) is a function calculating the set of interrupted routes to N due to clogging a set of links. Note that we recalculate R N (l) for each l after removing the link with maximum reward gain at each iteration. This process repeats until |R N |/|R N | approaches a pre-specified goal ∇, or |L N | reaches the budget of the number of selected links Φ.

2) Advanced Strike-Efficiency-Oriented (A-SEO) Strategy
To further improve strike efficiency achievable by the N-SEO strategy, we devise the A-SEO strategy in Algorithm 2 to drive L N using the genetic algorithm. Specifically, the A-SEO strategy initializes n different genes of the first generation. A gene is a binary vector indicating and corresponding to a set of selected target links. We denote the function that transforms the former to the latter by gene2set(), while the latter to the former by set2gene(). All genes are constructed based on L N , differing from each other in the subset of selected target links (i.e., L N ). Particularly, among all the initialized genes, one gene is obtained according to the L N derived by the N-SEO strategy, while each of the remaining genes is generated according to randomly generated L N . Constituting the first generation, the set of initialized n different genes, denoted by G 1 , evolve from generation to generation, forming a sequence of generations G 1 , G 2 , G 3 , . . ..
The evolution consists of selection, crossover, and mutation. Selection is for retaining better genes in each generation via roulette-wheel selection [22]. That is, probabilistically selecting a gene, say g, among n different genes in each generation, and a gene with a larger value of strike efficiency, say SE(g), should be assigned a larger selection probability. In the early generations, SE(g) varies to a wide extent. Hence, assigning g with a larger value of SE(g) a larger selection probability is easy. However, as generations evolve, the value of SE(g) tends to become closer to each other, resulting in similar selection probabilities between genes. To signify the discrepancy of selection probabilities between genes, we assign g in G j a selection probability of Stoffa-SE j (g) (SSE j (g)) using the Stoffa method [23]. SSE j (g) is calculated as follows: where j = 1, 2, 3, . . . represents the sequence number of generations, and T j is the temperature of the jth generation. Crossover and mutation are leveraged to achieve crossgeneration gene improvement. The self-adaptive genetic (SAG) algorithm is employed to adaptively adjust P c (g k , g q ) (i.e., the probability of crossover between g k and g q acquired via roulette-wheel selection), P m (g) (i.e., the probability of mutation of g). Specifically, when the value of SSE(g) 1 becomes homogeneous, P c (g k , g q ) and P m (g) defined below should be increased and otherwise decreased [24] [25].
where P c1 ,P c2 ,P m1 ,P m2 are empirically specified constants, and the remaining notations are given in (7). Intuitively, the above equations render g with a value of SSE(g) smaller (resp. larger) than the average have larger (resp. smaller) P c (g k , g q ), P m (g). In this way, low-quality genes are likely to be improved.
To prevent a generation G j from degrading to genes of lower quality, we introduce the evolution-with-restart mechanism. Specifically, when SE max j = max{SE(g)|g ∈ G j } is smaller than 0.99SE max 1 , we assign all the elements in G 1 to G j . The evolution runs until we reach the j * th genera- We summarize the A-SEO strategy in Algorithm 2.
select g k and gq over probability distribution generate a random float r, 0 < r < 1; if r < Pc(g k , gq) then g k , g q = crossover(g k , gq);

3) Strike-Precision-Aware Hybrid (SPAH) Strategy
To seek strike precision along with strike efficiency, we propose the SPAH strategy in Algorithm 3. Specifi-cally, we maximize |R N |/|R N | and meanwhile minimize |R N |/|RN | (i.e., AI). Adversaries iteratively select a link l ∈ L N \ L N maximizing the reward gain, calculates the number of interrupted routes toN due to clogging a set of links. This process repeats until |R N |/|R N | approaches a pre-specified goal ∇, or |L N | reaches the budget of the number of selected links Φ.
end for end while

V. MODELING LINK FLOODING DEFENSES
In this section, from the perspective of defenses, we first study attack intention, i.e., inversely inferring the target network that the adversary would like to disconnect by LFAs. Then, we formulate the game-theoretic interactions between attackers and defenders so to effectively mitigate LFAs.

A. ATTACK INTENTION
Since the pioneering work of Xue [6], substantial progress has been made to detect LFAs and infer the target links under attack. Normally, sophisticated adversaries choose the target links that are over three hops away from the target area [10]. In this case, even though the target links under attack are successfully detected, the target network area that the adversary would like to disconnect, i.e., attack intention, remains unclear.
To effectively infer the target networks from the set of target links under attack, we construct a map from the target networks to the sets of target links. We take the set of target links when adversaries are trying to interrupt 50% of routes as the anchor target links. Let N 1 and N 2 denote the intended and innocent network respectively. We define the percentage of overlapped anchor links, denoted by O(N 1 , N 2 ), below: In TABLE 1, we measure O(N 1 , N 2 ) for each combination of target networks when attackers use the N-SEO strategy. The overlap for any combination of different target networks is small. Only a small number of anchor target links for the innocent networks will be flooded when adversaries are attacking the intended network. Therefore, we can easily infer the target network accordingly by monitoring the anchor target links. According to the mapping, the set of target links are unique for a specific target network. Assume the attacker only attacks a target network at a time. If most of the links in a set of the target links are flooded, we can figure out the target network. We also measure O(N 1 , N 2 ) for the SPAH strategy, and find that for each combination of N 1 and N 2 , O(N 1 , N 2 ) equals 0. Therefore, there is no overlap of the target links for the SPAH strategy. As a consequence, one can easily figure out the target network for the SPAH strategy.

B. A GAME-THEORETIC FORMULATION OF LINK FLOODING ATTACKS AND DEFENSES
We formally design the link flooding attack and defense game. As for attackers, they will select a set of target links L N to congest. By congesting these links, attackers will obtain a reward r(L N ) at the cost of c(L N ) due to renting bots. Attackers will also endure a loss i(L N ) brought by attack interference. Attackers will attack a set of links L X besides the intended ones, which brings their corresponding r(L X ), c(L X ), i(L X ). The overall gain of the attacker will be formulated as Defenders, on the other hand, will use a cost c d (L N ∪ L X ) to detect the flooded links. Successfully detecting the flooded links will assign the defender a reward r d (L N ∪ L X ). To tackle the LFAs, the defender will perform traffic engineering to reroute attack traffic to a set of links L P . The defender can obtain a reward r t (L P ) and a cost c t (L P ). Traffic engineering may also introduce attack interference i t (L P ) to the innocent areas. The overall gain of the defender equals The attacker needs to pay a cost c p on probing the network to figure out the traffic engineering method that the defender deployed. The probing results will provide the attack with a reward r p . Then, the attacker will flood a subset of parallel links L P ⊆ L P with a reward r(L P ) and a cost c(L P ). Therefore, the overall gain of the attacker becomes Apparently, attempting to flood all the parallel links is the optimal strategy for the adversary. If the adversary tries to flood a new set of links, defenders will be able to detect the adversary's attack intention and use traffic engineering to protect the new set of flooded links. In such a case, the adversary will never degrade the Internet connection.
Given L P , the adversary chooses L P ⊆ L P that maximize Equation (11). Formally, L P will be The defender should choose a set of links L P ⊇ L P to deploy traffic engineering. Therefore, L P should be Initially, the adversary should choose a set of target links L N and a set of links beyond the intended ones L X to congest. Considering the traffic engineering that a defender will use, the adversary would choose links with fewer parallel links to attack. To seek such links along with strike efficiency, we propose the LPSE strategy in Algorithm 4. Specifically, we maximize SE and minimize L P . Adversaries iteratively select a link l ∈ L N \ L N maximizing the reward gain, where L P (·) calculates the number of parallel links and ε denotes a parameter defenders choose to maximize his gain. This process repeats until |R N |/|R N | approaches a pre-specified goal ∇, or |L N | reaches the budget of the number of selected links Φ.
For attackers who are concerned about both attack interference and traffic engineering deployed by defenders. They will design an attack strategy to maximize SE, and minimize L P and AI. To seek such goals, we propose the LP-SPAH strategy in Algorithm 5. Adversaries iteratively select a link l ∈ L N \ L N maximizing the reward gain, Note that the defender will use traffic engineering to mitigate the congestion. For the defender, the best response is to choose a set of links L P that satisfy Equation (13) to perform traffic engineering. For the adversary, the best action is to VOLUME 4, 2016 Efficiency.
end for end while Algorithm 5: Least Parallel Links and Maximize Strike Efficiency.
end for end while maximize his reward considering the traffic engineering that will be used on the links. That is,

VI. PRACTICAL ISSUES OF NON-COOPERATIVE DEFENSES
The attack target of LFAs is the key links around the target network area. Attackers control a large number of zombies to access public servers around the target network area, congest the critical links along the access paths, and ultimately cut off the connection between legitimate users and the target network area. In order to achieve such a goal, attackers first need to get the topology around the target network and figure out the critical links.
A feasible defense strategy against LFAs is to carry out long-term monitoring of the status of target links. However, it is difficult to observe the status of a target link separately. As a consequence, we need to indirectly infer whether a link is under attack by measure the network path consisting of that link. Since a path normally contains many routers that cannot be directly controlled, we monitor a path through noncooperative measurement methods. Moreover, because there are many paths around the target network and the links of different paths are redundant, the efficiency of monitoring all paths is extremely low and will cause a large measurement overhead. Therefore, we design a lightweight and effective scheme that enables defenders to quickly select the most valuable paths for monitoring.

A. LIGHTWEIGHT PROBE DEPLOYMENT
A conventional approach for performing non-cooperative network measurement is to deploy many distributed probes that may be highly dispersed in various locations. These distributed probes have IP addresses of different networks, thereby offering plenty of measurement vantage points. However, deploying distributed probes is rather cost-intensive due to the high cost of renting and maintaining servers. To address such a limitation, we propose a lightweight probe deployment approach based on the dynamic virtual private server (VPS). The dynamic VPS can continuously switch IP addresses in different regions through keeping dialing-up repeatedly using just a single physical machine flexibly and randomly.
Our experimental results show that a dynamic VPS in China can randomly switch IP addresses in 26 provinces, including 181 cities. We deploy shell scripts on the dynamic VPS to periodically obtain new IP addresses and save the results to the database. The experiment lasted 335 days and obtained a total of 715,612 unique IP addresses. Based on the above finding, we propose s a method of topology discovery based on dynamic VPS. Using dynamic VPS, we can obtain a large number of highly dispersed IP addresses easily and quickly. These IP addresses will be used as the probe host for topology discovery, and their distribution will affect the coverage and redundancy of network topology discovery performance.
In practice, since the IP address pool of a dynamic VPS is generally composed of IP addresses in different cities, it is necessary to sample the approximate distribution of IP addresses for a period of time in advance. Then, we need to assign corresponding measurement targets to the dynamic VPS based on the distribution of the IP addresses. When performing topology discovery using the dynamic VPS, we adaptively adjust the corresponding target IP address (where the measurement packets are destined) according to the IP address of the dynamic VPS (where the measurement packets originate) and the historical measurement results. In this way, the efficiency of topology discovery could be improved and link redundancy could be reduced.
To be more specific, every time when the IP address of the dynamic VPS is switched randomly via automatic dial-up, we query the location of the current IP address, and compare it with historical IP address records. If the current IP address is close to historical IP address records, the redundancy of topology discovery result is expected to be high. In such a case, we dial up again to switch to a new IP address. Otherwise, we will assign the current IP address as the next scheduled measurement target. The above process repeats until we collect sufficient topology information of the target network using IP addresses of the dynamic VPS. Next, we integrate the information collected by different IP addresses to comprehensively analyze the topology around the target network.

B. EFFECTIVE TOPOLOGY PROBING
After completing topology collection of the target network, we analyze the data and find out paths suitable for long-term monitoring. To ensure the comprehensiveness of the monitoring, one needs to monitor all links around the target network to cover the set of target links that an attacker may attack. However, there are a large number of redundant links between different paths, and we need to select paths that can cover as many links as possible to reduce the number of paths to monitor.
Therefore, how to select an optimal set of paths from the collected topology data is an important issue. In addition, when measuring the optimal set of paths, the following requirements should also be satisfied to achieve good performance: (1) the paths should cover at least one target link; (2) the measurement traffic towards an individual target link is minimized (since measurement brings additional traffic load); (3) the tasks assigned to probe should not be parallized so to avoid mutual-interfere between measurement packets; (4) high-frequency measurement on the same public server should be prohibited so as not to be filtered by the firewall.
In order to find the optimal set of paths, we propose two path selection algorithms in consideration of the above requirements. We next detail the two path selection algorithms.

1) Path selection based on greedy algorithm
To find the smallest set of measurement paths to cover all links, an intuitive method is to choose a path that maximizes the intersection with the links of the remaining paths each time. We propose a fast path selection method based on the greedy algorithm. The greedy algorithm continuously expands the selection set. Therefore, it is necessary to choose the path that brings the highest profit under the current situation. In our experiment, how much profit a path can bring depends on its intersection with the remaining paths. The profit of a path, say a, is calculated as follows.
where #link(a) represents the number of links of a, link i denotes the ith link of a, and path(link i ) is the set of paths consisting of link i . At the beginning of the algorithm, the selected path set is empty. To calculate the profit of each path, all links along the path need to be included. We then compare different paths. In each round of the greedy algorithm, the path with the largest profit will be selected and added to the selected path set. Accordingly, the links of the selected path are added into the selected link set.
When calculating the profit of each path, only the links that do not appear in the selected link set are considered. Similarly, when calculating the total number of paths including a link, only the paths that have not been selected are considered, and paths in the selected path set would not be considered. This means that the profit of each path is not only determined by links that it contains, but also related to the previously selected path set. The path selection based on the greedy algorithm is shown in Algorithm 6.

2) Path selection based on improved genetic algorithm
The greedy algorithm chooses the path with the largest profit in each round. Although computationally effective, Borrowing from the theory of biological evolution, the core idea of the genetic algorithm is survival of the fittest. The path selection problem could be simulated as the process of biological evolution. The next generation of individuals is generated through selection, crossover, mutation. The elimination of individuals with low fitness means that individuals with high fitness survive. Therefore, after the N-generation selection of the survival of the fittest, the individuals who remain are highly adaptable individuals.
The detailed algorithm is shown in FIGURE 5. The major steps are presented below.

• Chromosome Coding
Each path is represented as a chromosome, and the genes on the chromosome represent the links that constitute the path. Let P = [p 1 , p 2 , . . . , p n ] represent a path, and p i (i = 1, 2, . . . , n) is an individual link.

• Population Initialization
To meet the requirements of the diversity and randomness of the initial population, we randomly pick up candidate paths. At the same time, there are certain restrictions when using the genetic algorithm for path selection. Specifically, when initializing the population, it is not enough to randomly select links to form a chromosome. Since the final requirement of covering all links with the least number of paths is required when constructing chromosomes, it must be satisfied that their descendants as many links as possible. • Genetic Operator Genetic operations mainly use a series of genetic operators to perform operations. Traditional genetic algo-rithms include selection, crossover and mutation operations. It is worth noting that the crossover operator we use adopts a single-point crossover method. At the same time, due to the characteristics of network path, we choose to cross at the common link of two paths to avoid path discontinuity after crossover. If there are multiple common links, we randomly select one link for crossover; if there is no common link, no crossover operation will be performed. In addition, since the mutation operation will select a path to replace the original path, it may cause breakpoints in the path. Therefore, after the mutation operation, it is necessary to determine whether the newly generated individual meets the actual requirements. If the requirements are not met, the mutation operation repeats again.

• Fitness function
The fitness function is a performance index to judge the pros and cons of individuals. It is crucial for the genetic algorithm to find the optimal solution. In our context, the optimal solution is to cover as many links as possible with a limited number of paths. Therefore, from the perspective of reducing link redundancy, we design the fitness function as follows: where n represents the number of links contained in the current path, and LR i represents the redundancy of the ith link in the current population. The above algorithm uses the roulette-based random sampling method to select genes. The sampling probability of each gene equals the proportion of its fitness value to the total fitness of all genes, thereby genes with larger fitness values having higher probabilities of being selected.
The crossover probability and mutation probability of genes are two key parameters affecting the convergence of the genetic algorithm. Increasing the crossover probability can speed up the generation of new genes at the risk of destroying high fitness genes. As the mutation probability grows large, the genetic algorithm will evolve into a random search algorithm. We employ adaptive cross mutation probability [26]. When the fitness of individuals in the gene population tends to be consistent or local optimal, the cross mutation probability is increased; Otherwise, the cross mutation probability is reduced [25]. The crossover probability P c and the mutation probability P m are calculated in equations (17) and (18), respectively.
where f max denotes the maximum fitness value of the gene in the population, f avg represents the average fitness value, f represents the larger fitness value of the two genes to cross, and f represents the fitness value of the gene to mutate. k 1 , k 2 , k 3 , and k 4 are constants satisfying k 1 < k 2 , k 3 < k 4 . The adaptive cross-mutation probability setting allows genes with low fitness to have a higher probability of evolution. The path selection based on the improved genetic algorithm is detailed in Algorithm 7.

C. MULTI-PROTOCOL-BASED LINK MEASUREMENT
Through path selection, we obtain a set of paths to monitor. Then, the real-time status of each path and link could be observed via non-cooperative measurement. Non-cooperative measurement means that the deployment of measurement tools are required to be only single-ended, hence drastically reducing the deployment overhead. However, when performing non-cooperative measurement, protocols like ICMP may be dropped by some intermediate routers or end servers. Therefore, we propose a multi-protocol-based link measure-ment method based on Linkscope [5] so to enhance the measurement robustness.
The measurement method we use is based on the packet train, i.e., a sequence of back-to-back packets. By sending a packet train, we can estimate the status of the links along a path based on the characteristics of response times. In addition, since the size of the packet train in our experiment is less than 50Kb, the amount of the measurement traffic is small. As a consequence, the measurement introduces limited overhead, hence suitable for long-term deployment.
As shown in FIGURE 6, our packet train is composed of measurement packets and load packets, which are represented by colored and shaded boxes, respectively. The measurement packet supports multiple protocol types, including TCP, UDP, and ICMP. The Time-to-Live (TTL) of the measurement packet increases symmetrically from both sides to the center of the train. Every time the packet train passes through a router, a pair of response packets will be triggered. Using these response packets, we can estimate the available bandwidth of each link along the path. In addition, because different networks may differ in packet filtering rules, packet train designed based on multiple protocols can adapt to sophisticated network environments. By default, we use the SYN connection request packet as TCPbased measurement packet, DNS request packet as UDPbased measurement packet, and ICMP echo request packet as ICMP-based measurement packet.
Using the multi-protocol-based link measurement method, we measure the selected path so to be aware of critical links of target network. Once an attacker launches an attack against a critical link, the defender could perceive the location of attacked link and in turn take defensive strategies based on the defense model in Sec. V.

A. DATASET PREPARATION
We perform traceroute from source (Planetlab) servers distributed all over the world to target (public) servers in five regional networks. We consider part of the networks in five different regions as intended victim networks, namely, SubA in A, SubB in B, SubC in C, SubD in D, subE in E, and the remaining part as innocent victim networks (e.g., the network in A except SubA). In each attack, the adversary aims to disconnect one intended victim network by selecting target links to clog through the N-SEO strategy, the A-SEO strategy and the SPAH strategy. In the N-SEO strategy and the SPAH strategy, we assume Φ = |L N |. In the A-SEO strategy, we set P c1 = 0.9, P c2 = 0.6, P m1 = 0.1, P m2 = 0.001.

B. MEASURING STRIKE PRECISION UNDER DIFFERENT STRATEGIES
FIGURE 8 shows attack interference (AI) when |R N |/|R N | (i.e., the percentage of interrupted routes) varies from 50% to 100%, with a step of 10%. Each line corresponds to a specific intended victim network.
We observe that, among the three strategies, the N-SEO strategy introduce the most attack interference, the SPAH strategy the least, while the A-SEO in the moderate, for a specific intended victim network. Apparently, the SPAH strategy substantially lowers attack interference by considering attack interference to innocent victim networks. In addition, for both the N-SEO strategy and the A-SEO strategy, AI grows roughly linearly as the percentage of interrupted routes increases. However, such a tendency is not significant for the SPAH strategy, indicating that no obvious attack interference would be introduced as more routes are interrupted.
Under a specific strategy, attack interference to networks such as SubD in D is relatively lower, whereas that to networks like SubA in A is relatively higher. The reason is that SubD is a small area for D, and SubA accounts for a large area for A. Therefore, the larger the ratio of the intended victim network size in the entire regional network is, the more interference to the entire network would be posed. FIGURE 9 reports strike precision (SP ) over |R N |/|R N | under different strategies, as further cross-validate the results about attack interference. Specifically, the SPAH strategy achieves the largest SP , the N-SEO strategy the least, while the A-SEO strategy in the moderate, for a specific intended victim network. Under the N-SEO strategy and the A-SEO strategy, the value of SP when SubD is disconnected is larger than those when the remaining intended victim networks are disconnected. This observation coincides with the lower attack interference when SubD is disconnected.
To exemplify the selected links intuitively, we plot the geographical locations of selected target links via the N-SEO strategy and the SPAH strategy, when N ="SubA" (i.e., SubA in A) and |R N |/|R N | = 0.8 in FIGURE 10. We label the links commonly selected by two strategies (20 links in red), and the links exclusively selected by each strategy (22 links by N-SEO, and 39 links by SPAH, both in black). This example demonstrates that the set of selected links by the SPAH strategy are different from and larger than those by the N-SEO strategy, suggesting that, when interrupting the same number of routes, the SPAH strategy comes at the cost of more selected links to clog.
For terrorist adversaries who are interested in mass destruction, they may disconnect the Internet connection of more than one target regions. We consider the network of A and the network of one of the other four regions as intended victim networks, namely, The network of the left three regions are the innocent victim networks (e.g., the networks of C, D and E when attacking A and B simultaneously). We also measure the percentage of interrupt routes for the intended victim networks to show the attack impact for an individual network (e.g., the percentage of interrupted routes for A and the percentage of interrupted routes for B when attacking A and B simultaneously). In each attack, the adversary selects target links to clog through the N-SEO strategy. In both strategies, we assume Φ = |L N |.
We measure the number of target links when attacking the target regions simultaneously and separately. As shown in FIGURE 11, |R N |/|R N | (i.e., the percentage of interrupted routes) varies from 50% to 100%, with a step of 10%.
As for attackers, simultaneously attacking multiple regions is more threatening since larger areas of networks are disconnected. Also, the defense can be harder to deploy because it is difficult for two separate regions to collaborate. We simulate LFAs when attackers want to interrupt the Internet connection of multiple regions. FIGURE 12 shows attack interference (AI) attacking two regions simultaneously. To make a comparison, we also simulate LFAs when attackers interrupt the Internet connection of one region in FIGURE 13. In this case, the other 4 regions are innocent networks. We observe that, AI is relatively higher for all the four attacks than the AI in FIGURE 13. This is because attacking multiple targets simultaneously requires more target links than attacking only one target. The extra target links result in more severe attack interference for the innocent networks. When adversaries launch LFAs to multiple targets, the attack also leads to more severe attack interference for the innocent networks. More severe attack interference tends to incentivize the victim networks to collaborate with the innocent networks in defending against LFAs. As shown in FIGURE 14, the SPAH strategy can effectively reduce the attack interference if attackers target one area.
We also measure the attack interference when attacking VOLUME 4, 2016  two regions simultaneously under the SPAH strategy. In FIG-URE 16, the innocent networks are the networks surrounding the target network. For example, if attackers intend to attack SubA and SubC, the complement part in A and C are the victim networks. According to our results in FIGURE 15, the SPAH strategy has less attack interference than the N-SEO strategy. In FIGURE 17, the innocent networks are all the available networks except the target networks. For example, if attackers intend to attack A and C, the networks in SubE, B and D are the victim networks.

C. MEASURING STRIKE EFFICIENCY UNDER DIFFERENT STRATEGIES
We measure strike efficiency (SE) over |R N |/|R N | under different strategies. The result is shown in Figure 18.
For all strategies, as the percentage of interrupted routes increases, SE drastically decreases. Compared with the N-SEO strategy, the A-SEO strategy has a higher value of SE. However, the strike efficiency of the SPAH strategy is just slightly lower than that of the SEO strategy. Since the SPAH strategy takes both strike precision and strike efficiency into account, it achieves high strike precision without significantly lowering strike efficiency. We also measure strike efficiency (SE) over |R N |/|R N | under different strategies for flooding multiple targets. As shown in FIGURE 19, the N-SEO strategy performs better than the SPAH strategies when attacking multiple targets. However, when the attacker intends to interrupt over 80% of routes to the target areas. The SPAH strategy performs as well as the N-SEO strategy.
Combining the results above, we have the following conclusions. First, according to FIGURE 8 and FIGURE 9, on average, when adversaries interrupt 80% of routes to the intended victim network by strategies that only consider strike efficiency, attack interference is severe and strike precision is low. More precisely, by the N-SEO strategy, we have AI = 46.82%, SP = 69.16%, and AI = 40.36%, SP = 72.18% for the A-SEO strategy. Second, the main factors affecting attack interference and strike precision include the percentage of routes adversaries would like to interrupt (i.e., a larger percentage results in more attack interference and lower strike precision), the ratio of the size of the intended victim network to that of the innocent victim network (i.e., a larger ratio generally leads to less attack interference and higher strike precision). To lower attack interference and improve strike precision, the SPAH strategy can be used. On average, when adversaries interrupt 80% of routes to the intended victim network by the SPAH strategy, AI = 13.34%, SP = 91.79%, at the cost of slightly more selected links to clog but without significantly decreasing strike efficiency.

D. MEASURING ATTACK EFFECT & STRIKE PRECISION USING TRAFFIC ENGINEERING
We evaluate the effects of traffic engineering against LFAs. Defenders, as illustrated in Sec. II-B, can deploy parallel links to defend against LFAs. Therefore, by distributing the flows to parallel links, the congestion of the target link can be relieved. However, as illustrated in FIGURE 20, it is possible to flood the succeeding link (i.e., the next link) of the target link. To measure the effect of LFAs when flooding the succeeding links of the target links, we measure the percent of interrupted routes when flooding the succeeding links and the corresponding attack interference in FIGURE 21. According to the results, it is effective to use parallel links to distribute routes because the percentage of interrupted routes and attack interference decreases significantly.
For the target link that has more than one succeeding link, LFAs may also congest the succeeding links of the target link. To figure out the scale of the congested links in the next hop and their corresponding attack effect, we calculate the percentage of interrupted routes if the succeeding links are congested. In FIGURE 22, we assume if 60%, 70%, 80%, 90% of routes of the target link traverses the succeeding link, the succeeding link is congested. In such a scenario, the corresponding attack effect is shown in FIGURE 22.
We measure the percentage of interrupted routes when flooding parallel links, and the corresponding attack interference is shown in FIGURE 23. We find that re-routing flows to parallel links can effectively relieve the congestion and lead to no significant attack interference to the target networks. For terrorist adversaries, they may be interested in flooding all parallel links. However, as the attack effect, attack interference and strike efficiency illustrated in FIGURE 24, attackers cannot interrupt more routes but have to endure more severe attack interference and less strike efficiency compared with the results in Sec. VII-B and Sec. VII-C. Therefore, re-routing flows to parallel links can effectively relieve the congestion.
Considering the traffic engineering that defenders use, adversaries will choose target links following the LPSE strategy. In FIGURE 25, we measure the attack effect, attack interference and strike efficiency of the LPSE strategy when ε equals 5. Using the LPSE strategy, adversaries can select the links that have fewer parallel links. Therefore, there are fewer parallel links for the defender to choose so to deploy traffic engineering. Meanwhile, adversaries can effectively improve their strike efficiency using the LPSE strategy.
For adversaries who are concerned about both attack interference, the traffic engineering defense and strike efficiency, they may use the LP-SPAH strategy to launch LFAs. In FIGURE 26, we measure the attack effect, attack interference and strike efficiency of the LP-SPAH strategy. Adversaries can lower their attack interference while keeping good attack effect and high strike efficiency. We therefore conclude that the LP-SPAH strategy can effectively help the attacker to launch LFAs in a sophisticated way.

E. EXPERIMENTS ON PRACTICAL ISSUES OF NON-COOPERATIVE DEFENSES 1) Path Selection Algorithm Evaluation
In order to evaluate the performance of the two path selection algorithms in Sec. VI-B, we rented several dynamic VPS servers and used them to collect real network topology data. To ensure the validity and diversity of the network topology data, we used 588 geographically dispersed IP addresses across China to detect 100 public servers in Xi'an, China. All these IP addresses originate from the dynamic VPS servers. Finally, we collected a dataset containing 58,800 paths and 27,279 unique links. We used the two algorithms to calculate the number of paths required to cover all links. The minimum path required when using the greedy algorithm is 13366, and the number is 12796 when using genetic algorithm. To compare the effects of the two algorithms, we randomly  also increases.It can be found that both the greedy-based and improved genetic-based path selection algorithms can cover the specified links with fewer paths, and the improved genetic algorithm slightly outperforms the greedy algorithm.

2) Multi-protocol Measurement Evaluation
Linkscope is capable of performing packet pair-based noncooperative measurement to perceive abnormal link performance changes [5], and the multi-protocol measurement method proposed in this paper mainly focuses on further enhancing its robustness. In our experiment, we use one host to probe 300 DNS servers, and compare measurement success rates of different protocols by changing the protocol type used by the packet train.   The success-num in the table refers to the number of IPs that can successfully receive the packet train and return response packets. When using Multi-protocol, as long as any one of the three protocols can get response packets, it will be considered as a successful measurement. We see that the suc- cess rate of multiple-protocol measurement is significantly higher than that of single-protocol measurement.

VIII. DISCUSSION
Adversaries can effectively increase the precision when performing LFAs via the SPAH strategy. However, such precision comes at the cost of lowered strike efficiency. That is, compared with the SEO strategy, the SPAH strategy has to clog more target links in order to interrupt the same number of routes. Fortunately, the number of target links VOLUME 4, 2016 is not increased substantially, whereas the precision is improved significantly. Furthermore, according to our data, the number of average (traceroute) hops from the target links selected by the SPAH strategy to the intended victim network equals 6.76, indicating that the attacked links are beyond the administrative domain of the intended victim network and thus defending these links against the attack remains difficult. We, therefore, envision that there is a tendency that adversaries take into account strike precision when performing LFAs for attack stealthiness and persistence. Terrorist attackers may deploy LFAs by Mirai or other IoT botnets to launch LFAs in a more powerful and sly way. By combining the pervasiveness of IoT devices and the slyness of LFAs concerning attack interference, defenders can design LFAs that is more challenging to defend against. By analyzing the behaviors of the TCP traffic, the attackers may use to launch congestion, we model the attack stages of the attacker and give suggestions for the defenders.
Besides the cost of lowered strike efficiency, seeking strike precision may lead to the increase of the ratio of the routes crossing the set of selected target links and destined to the intended victim network to all the routes crossing the set of selected target links. Consequently, when coordinating attack traffic flows, adversaries have more choices to send attack traffic flows to decoy servers inside the intended victim network. In this case, for attack stealthiness and persistence, rational adversaries would construct attack traffic flows meeting two requirements. First, each attack traffic flow, when being inspected separately, is indistinguishable from legitimate flows. Second, these attack flows should exhibit diversity without similar behavioral patterns (e.g., visit different websites at different times) to evade correlation-based detection.
To defend against rational adversaries in consideration of strike precision, one solution is to monitor the performance (e.g., available bandwidth) of the set of links selected by the SPAH strategy in real time and trigger warnings upon anomaly occurs [6]. Defenders can also employ traffic engineering methods to defend against LFAs. According to our results, traffic engineering can effectively help to relieve the congestion of target links and help to figure out the intended attacking target network by only observing the congestion of target links. Due to the strong power of LFAs, we argue that it is still challenging to tackle LFAs using traffic engineering. Therefore, we model and formulate the game-theoretic interactions between the attacker and defenders.
The experimental results demonstrate traffic engineering can effectively relieve the congestion brought by LFAs and help to figure out the intended attacking targets by observing the target links. According to our results, defenders should follow the strategies we propose to deploy their defense. In addition, from the perspective of routing topology design, one can also increase the overlapping of the (intermediate) links of different networks, as well as the entropy of the distribution of link importance to different networks. Consider the extreme case where all links are equally important to different networks in terms of connectivity. It would be challenging for rational adversaries in consideration of strike precision to determine which network to disconnect, since clogging one link may interfere many other networks.

IX. RELATED WORK
The layered architecture of the Internet enables various types of connectivity structures [27]. CAIDA's Archipelago project [28] and DIMES [29] measured the router-level Internet topology via traceroute. Kang et al. analyzed the pervasiveness of routing bottlenecks in 15 countries and 15 cities around the world. Albert et al. [30] showed that if an adversary disables 4% of the highly connected routers, the entire Internet will be broken up into small isolated pieces. However, later work by Magoni [31] and Wang et al. [32] concluded that breaking the entire Internet may not be infeasible because of the vast number of routers or links that need to be disconnected. The IoT-originated DDoS attacks have attracted much academic attention. The large volume, pervasiveness, and high vulnerability of IoT devices make IoT devices great threats to Internet security. [33], [34] Recently, LFAs have gained attention in the literature. Kang et al. proposed LFAs that can effectively cut off the Internet connections of a target area without being detected [10], [13]. The Coremelt attack could be considered a special case of LFAs [9]. Since LFAs result in abnormal link performance, traditional active link (and path) measurement techniques, such as packet pair and packet train, could naturally facilitate the detection of LFAs. To apply these techniques in detecting LFAs, LinkScope employs both endto-end and hop-by-hop measurement to detect the links under such attacks [5], [6].
To defend against LFAs, Gkounis et al. showed that both existing and novel traffic engineering modules can efficiently expose the attack. They implemented a defense prototype using simulation mechanisms and evaluated it extensively on multiple real typologies [16]. Attacks by cost-sensitive attackers try to fully utilize the bots' upstream bandwidth. Kang et al. tackled this root cause that it is sufficient to perform a rate change test, where they temporarily increased the effective bandwidth of the bottleneck core link and observed the response. Attackers will be detected since they are unable to demonstrably increase throughput after bandwidth expansion. Kang et al. designed a software-defined network (SDN) based system called SPIFFY that addresses key practical challenges in turning this high-level idea into a concrete defense mechanism, and provided a practical solution to force a trade-off between cost and detectability for LFAs [14]. Traffic Engineering methods have also been proposed to tackle LFAs, Gkounis et al. propose that Traffic Engineering can efficiently expose the attack [16]. Liaskos et al. proposed that by using Traffic Engineering, attackers have to adopt a suspicious behavior to keep their attack, which makes themselves reveal their presence [20].
Game theory has also provided a lot of inspiration for defending against LFAs. Ma et al. proposed a randomized approach based on Stackelberg security game to optimize the LFAs detection methods [35]. Aydeger et al. proposed a signaling game-based dynamic defense mechanism and prove that it can provide a good level of protection [36].

X. CONCLUSION
Despite making considerable research progresses regarding LFAs, existing studies do not consider attack interference and strike precision which might restrict the applicability of LFAs from the adversary's standpoint. We take the first step to take into account these issues, and model LFAs from both the attack and defense perspectives. For rational adversaries concerning attack stealthiness and persistence, attack interference and strike precision would be big concerns, especially in the long run. Using real-world traceroute data, we demonstrate that current link flooding strategies that only seek strike efficiency (i.e., interrupting more routes by flooding fewer links) may result in poor strike precision, severely interfering the connectivity of the networks surrounding the intended victim network. The proposed hybrid strategy improves strike precision significantly at the cost of limited degradation of strike efficiency. From the perspective of defenses, we study attack intention, i.e., inversely inferring the attack intention (i.e., the target network to disconnect) based on the identified attacked links. Furthermore, we consider a strong defender who employs traffic engineering to mitigate LFAs, and formulate the game-theoretic interactions between attackers and defenders. Our formulation demonstrates that LFAs can be effectively mitigated based on traffic engineering from a game-theoretic perspective. Our study also reveals that practical issues such as light-weight probe deployment and multi-protocol-based measurement are important in noncooperative defenses.