{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,8]],"date-time":"2026-06-08T18:00:14Z","timestamp":1780941614818,"version":"3.54.1"},"reference-count":133,"publisher":"Elsevier BV","license":[{"start":{"date-parts":[[2026,8,1]],"date-time":"2026-08-01T00:00:00Z","timestamp":1785542400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.elsevier.com\/tdm\/userlicense\/1.0\/"},{"start":{"date-parts":[[2026,8,1]],"date-time":"2026-08-01T00:00:00Z","timestamp":1785542400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.elsevier.com\/legal\/tdmrep-license"},{"start":{"date-parts":[[2026,6,3]],"date-time":"2026-06-03T00:00:00Z","timestamp":1780444800000},"content-version":"vor","delay-in-days":0,"URL":"http:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"DOI":"10.13039\/100000083","name":"National Science Foundation Directorate for Computer and Information Science and Engineering","doi-asserted-by":"publisher","id":[{"id":"10.13039\/100000083","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["elsevier.com","sciencedirect.com"],"crossmark-restriction":true},"short-container-title":["Theoretical Computer Science"],"published-print":{"date-parts":[[2026,8]]},"DOI":"10.1016\/j.tcs.2026.116082","type":"journal-article","created":{"date-parts":[[2026,6,3]],"date-time":"2026-06-03T23:58:17Z","timestamp":1780531097000},"page":"116082","update-policy":"https:\/\/doi.org\/10.1016\/elsevier_cm_policy","source":"Crossref","is-referenced-by-count":0,"special_numbering":"C","title":["Bankrupting DoS attackers"],"prefix":"10.1016","volume":"1081","author":[{"given":"Trisha","family":"Chakraborty","sequence":"first","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Abir","family":"Islam","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Valerie","family":"King","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Daniel","family":"Rayborn","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Jared","family":"Saia","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-5251-8595","authenticated-orcid":false,"given":"Maxwell","family":"Young","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"78","reference":[{"key":"10.1016\/j.tcs.2026.116082_bib0001","unstructured":"Radware Inc., DDoS attacks history, 2017, https:\/\/www.radware.com\/security\/ddos-knowledge-center\/ddos-chronicles\/ddos-attacks-history."},{"key":"10.1016\/j.tcs.2026.116082_bib0002","unstructured":"T.Technology, business, DDoS attacks cost US businesses 10bn per year, 2019, https:\/\/techhq.com\/2019\/03\/ddos-attacks-cost-us-businesses-10bn-per-year."},{"key":"10.1016\/j.tcs.2026.116082_bib0003","series-title":"Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology","first-page":"139","article-title":"Pricing via processing or combatting junk mail","author":"Dwork","year":"1993"},{"key":"10.1016\/j.tcs.2026.116082_bib0004","series-title":"Proceedings of the Network and Distributed System Security Symposium (NDSS)","first-page":"151","article-title":"Client puzzles: a cryptographic countermeasure against connection depletion attacks","author":"Juels","year":"1999"},{"key":"10.1016\/j.tcs.2026.116082_bib0005","series-title":"Proceedings of the 2006 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications (SIGCOMM)","first-page":"303","article-title":"DDoS defense by offense","author":"Walfish","year":"2006"},{"key":"10.1016\/j.tcs.2026.116082_bib0006","series-title":"Proceedings of the 49th Annual IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN)","first-page":"617","article-title":"Revisiting client puzzles for state exhaustion attacks resilience","author":"Noureddine","year":"2019"},{"key":"10.1016\/j.tcs.2026.116082_bib0007","series-title":"Proceedings of the 2nd Conference on Symposium on Networked Systems Design & Implementation-Volume 2","first-page":"287","article-title":"Botz-4-sale: surviving organized DDoS attacks that mimic flash crowds","author":"Kandula","year":"2005"},{"key":"10.1016\/j.tcs.2026.116082_bib0008","series-title":"Annual International Cryptology Conference","first-page":"139","article-title":"Pricing via processing or combatting junk mail","author":"Dwork","year":"1992"},{"key":"10.1016\/j.tcs.2026.116082_bib0009","series-title":"Proceedings of the 5th Workshop on the Economics of Information Security (WEIS)","article-title":"Proof of work can work","author":"Liu","year":"2006"},{"issue":"1","key":"10.1016\/j.tcs.2026.116082_bib0010","doi-asserted-by":"crossref","first-page":"3","DOI":"10.1145\/1731060.1731063","article-title":"DDoS defense by offense","volume":"28","author":"Walfish","year":"2010","journal-title":"ACM Trans. Comput. Syst."},{"key":"10.1016\/j.tcs.2026.116082_bib0011","series-title":"International Conference on Networking and Services (ICNS\u201907)","first-page":"54","article-title":"A detection and offense mechanism to defend against application layer DDoS attacks","author":"Yu","year":"2007"},{"key":"10.1016\/j.tcs.2026.116082_bib0012","series-title":"Distributed Algorithms","author":"Lynch","year":"1996"},{"key":"10.1016\/j.tcs.2026.116082_bib0013","doi-asserted-by":"crossref","first-page":"51691","DOI":"10.1109\/ACCESS.2019.2908998","article-title":"Comprehensive review of artificial intelligence and statistical approaches in distributed denial of service attack and defense methods","volume":"7","author":"Khalaf","year":"2019","journal-title":"IEEE Access"},{"key":"10.1016\/j.tcs.2026.116082_bib0014","doi-asserted-by":"crossref","DOI":"10.1016\/j.comnet.2023.109895","article-title":"A comprehensive survey on DDoS defense systems: new trends and challenges","volume":"233","author":"Li","year":"2023","journal-title":"Comput. Netw."},{"issue":"2","key":"10.1016\/j.tcs.2026.116082_bib0015","doi-asserted-by":"crossref","first-page":"876","DOI":"10.1109\/TNSM.2020.2971776","article-title":"LUCID: a practical, lightweight deep learning solution for DDoS attack detection","volume":"17","author":"Doriguzzi-Corin","year":"2020","journal-title":"IEEE Trans. Netw. Serv. Manag."},{"key":"10.1016\/j.tcs.2026.116082_bib0016","series-title":"Proceedings of the IEEE International Conference on Smart Computing (SMARTCOMP)","first-page":"1","article-title":"DeepDefense: identifying DDos attack via deep learning","author":"Yuan","year":"2017"},{"key":"10.1016\/j.tcs.2026.116082_bib0017","first-page":"511","article-title":"An intelligent method for real-time detection of DDoS attack based on fuzzy logic","volume":"25","author":"Wang","year":"2008","journal-title":"J. Electron."},{"issue":"3","key":"10.1016\/j.tcs.2026.116082_bib0018","first-page":"537","article-title":"Proactive detection of DDoS attacks utilizing k-nn classifier in an anti-DDoS framework","volume":"4","author":"Nguyen","year":"2010","journal-title":"Int. J. Comput. Inf. Eng."},{"key":"10.1016\/j.tcs.2026.116082_bib0019","series-title":"2010 Sixth International Conference on Intelligent Information Hiding and Multimedia Signal Processing","first-page":"704","article-title":"Early warning system for DDoS attacking based on multilayer deployment of time delay neural network","author":"Tsai","year":"2010"},{"key":"10.1016\/j.tcs.2026.116082_bib0020","series-title":"IEEE Local Computer Network Conference","first-page":"408","article-title":"Lightweight DDoS flooding attack detection using NOX\/openflow","author":"Braga","year":"2010"},{"key":"10.1016\/j.tcs.2026.116082_bib0021","series-title":"The 2012 International Joint Conference on Neural Networks (IJCNN)","first-page":"1","article-title":"Extreme learning machines for intrusion detection","author":"Cheng","year":"2012"},{"issue":"2","key":"10.1016\/j.tcs.2026.116082_bib0022","doi-asserted-by":"crossref","first-page":"30","DOI":"10.1109\/MCOM.2018.1700621","article-title":"A multi-level DDoS mitigation framework for the industrial internet of things","volume":"56","author":"Yan","year":"2018","journal-title":"IEEE Commun. Mag."},{"issue":"2","key":"10.1016\/j.tcs.2026.116082_bib0023","first-page":"447","article-title":"A system for denial-of-service attack detection based on multivariate correlation analysis","volume":"25","author":"Tan","year":"2013","journal-title":"IEEE Trans. Parallel Distrib. Syst."},{"key":"10.1016\/j.tcs.2026.116082_bib0024","series-title":"Global Telecommunications Conference, 2002. GLOBECOM\u201902. IEEE","first-page":"2143","article-title":"Use of spectral analysis in defense against DoS attacks","volume":"vol. 3","author":"Cheng","year":"2002"},{"key":"10.1016\/j.tcs.2026.116082_bib0025","series-title":"2009 2nd International Congress on Image and Signal Processing","first-page":"1","article-title":"A new approach for detecting DDoS attacks based on wavelet analysis","author":"Li","year":"2009"},{"issue":"6","key":"10.1016\/j.tcs.2026.116082_bib0026","doi-asserted-by":"crossref","first-page":"945","DOI":"10.3233\/JCS-2009-0350","article-title":"A cascade architecture for DoS attacks detection based on the wavelet transform","volume":"17","author":"Dainotti","year":"2009","journal-title":"J. Comput. Secur."},{"key":"10.1016\/j.tcs.2026.116082_bib0027","series-title":"2011 Ninth Annual International Conference on Privacy, Security and Trust","first-page":"63","article-title":"A trust-based approach against ip-spoofing attacks","author":"Gonzalez","year":"2011"},{"key":"10.1016\/j.tcs.2026.116082_bib0028","series-title":"Proceedings of the 39th IEEE Annual Computer Software and Applications Conference","first-page":"261","article-title":"Web server protection against application layer DDoS attacks using machine learning and traffic authentication","author":"Ndibwile","year":"2015"},{"issue":"2","key":"10.1016\/j.tcs.2026.116082_bib0029","doi-asserted-by":"crossref","first-page":"141","DOI":"10.1109\/TDSC.2006.25","article-title":"PacketScore: a statistics-based packet filtering scheme against distributed denial-of-service attacks","volume":"3","author":"Kim","year":"2006","journal-title":"IEEE Trans. Dependable Secure Comput."},{"issue":"10","key":"10.1016\/j.tcs.2026.116082_bib0030","first-page":"390","article-title":"Preventing DDoS attack using data mining algorithms","volume":"6","author":"Bandara","year":"2016","journal-title":"Int. J. Sci. Res. Publ."},{"key":"10.1016\/j.tcs.2026.116082_bib0031","series-title":"Proceedings of International Conference on Advances in Computing","first-page":"511","article-title":"Hierarchical storage technique for maintaining hop-count to prevent DDoS attack in cloud computing","author":"Chouhan","year":"2012"},{"issue":"1","key":"10.1016\/j.tcs.2026.116082_bib0032","doi-asserted-by":"crossref","first-page":"40","DOI":"10.1109\/TNET.2006.890133","article-title":"Defense against spoofed IP traffic using hop-count filtering","volume":"15","author":"Wang","year":"2007","journal-title":"IEEE\/ACM Trans. Netw."},{"key":"10.1016\/j.tcs.2026.116082_bib0033","series-title":"Proceedings of the 2018 Conference of the North American Chapter of the Association for Computational Linguistics: Human Language Technologies, Volume 1 (Long Papers)","first-page":"1626","article-title":"Detecting denial-of-service attacks from social media text: applying nlp to computer security","author":"Chambers","year":"2018"},{"key":"10.1016\/j.tcs.2026.116082_bib0034","series-title":"2011 Third International Conference on Communication Systems and Networks (COMSNETS 2011)","first-page":"1","article-title":"A system approach to network modeling for DDoS detection using a naive bayesian classifier","author":"Vijayasarathy","year":"2011"},{"key":"10.1016\/j.tcs.2026.116082_bib0035","series-title":"2015 International Conference on Computing Communication Control and Automation (ICCCCA)","first-page":"280","article-title":"Detection of DoS\/DDoS attack against HTTP servers using naive bayesian","author":"Katkar","year":"2015"},{"key":"10.1016\/j.tcs.2026.116082_bib0036","series-title":"Computer Science\u2013CACIC 2017: 23rd Argentine Congress La Plata, Argentina, October 9\u201313, 2017, Revised Selected Papers","first-page":"219","article-title":"An anomaly detection model in a lan using k-nn and high performance computing techniques","volume":"23","author":"Barrionuevo","year":"2018"},{"issue":"17","key":"10.1016\/j.tcs.2026.116082_bib0037","doi-asserted-by":"crossref","first-page":"4018","DOI":"10.1016\/j.comcom.2008.08.009","article-title":"A lightweight web server anomaly detection method based on transductive scheme and genetic algorithms","volume":"31","author":"Li","year":"2008","journal-title":"Comput. Commun."},{"key":"10.1016\/j.tcs.2026.116082_bib0038","series-title":"The IEEE Symposium on Computers and Communications","first-page":"433","article-title":"Playing defense by offense: equilibrium in the DoS-attack problem","author":"Lukyanenko","year":"2010"},{"key":"10.1016\/j.tcs.2026.116082_bib0039","series-title":"30th USENIX Security Symposium (USENIX Security 21)","first-page":"3829","article-title":"Jaqen: a high-performanceswitch-native approach for detecting and mitigating volumetric DDos attacks with programmable switches","author":"Liu","year":"2021"},{"key":"10.1016\/j.tcs.2026.116082_bib0040","series-title":"Proc. IEEE Symp. Security Privacy","first-page":"1","article-title":"Dicodefense: distributed collaborative defense against DDoS flooding attacks","author":"Zargar","year":"2013"},{"key":"10.1016\/j.tcs.2026.116082_bib0041","series-title":"IEEE INFOCOM 2004","first-page":"2594","article-title":"Packetscore: statistics-based overload control against distributed denial-of-service attacks","volume":"vol. 4","author":"Kim","year":"2004"},{"key":"10.1016\/j.tcs.2026.116082_bib0042","series-title":"Proceedings of the 4th ACM\/IEEE Symposium on Architectures for Networking and Communications Systems","first-page":"1","article-title":"Implementing an openflow switch on the netfpga platform","author":"Naous","year":"2008"},{"key":"10.1016\/j.tcs.2026.116082_bib0043","series-title":"2010 IEEE 12th International Conference on Communication Technology","first-page":"385","article-title":"A novel design for future on-demand service and security","author":"YuHunag","year":"2010"},{"key":"10.1016\/j.tcs.2026.116082_bib0044","series-title":"2016 3rd International Conference on Signal Processing and Integrated Networks (SPIN)","first-page":"519","article-title":"Flowtrapp: an sdn based architecture for DDoS attack detection and mitigation in data centers","author":"Buragohain","year":"2016"},{"key":"10.1016\/j.tcs.2026.116082_bib0045","series-title":"2011 19Th IEEE International Conference on Network Protocols","first-page":"7","article-title":"Source address validation solution with openflow\/NOX architecture","author":"Yao","year":"2011"},{"key":"10.1016\/j.tcs.2026.116082_bib0046","series-title":"International Workshop on Security Protocols","first-page":"170","article-title":"DoS-resistant authentication with client puzzles","author":"Aura","year":"2000"},{"key":"10.1016\/j.tcs.2026.116082_bib0047","series-title":"2010 7th IEEE Consumer Communications and Networking Conference","first-page":"1","article-title":"A novel DDoS attack defending framework with minimized bilateral damages","author":"Chen","year":"2010"},{"key":"10.1016\/j.tcs.2026.116082_bib0048","series-title":"HotDep (Fifth Workshop on Hot Topics in System Dependability)","article-title":"spow: on-demand cloud-based EDDoS mitigation mechanism","author":"Khor","year":"2009"},{"key":"10.1016\/j.tcs.2026.116082_bib0049","series-title":"Proc. of the Intl\u2019Conf. on Advances in Engineering and Technology","article-title":"Mitigation of economic distributed denial of sustainability (EDDoS) in cloud computing","author":"Kumar","year":"2011"},{"key":"10.1016\/j.tcs.2026.116082_bib0050","series-title":"Technical Report","article-title":"Overdose: A Generic DDos Protection Service Using an Overlay Network","author":"Shi","year":"2006"},{"key":"10.1016\/j.tcs.2026.116082_bib0051","series-title":"NSDI","first-page":"45","article-title":"Phalanx: withstanding multimillion-node botnets","volume":"vol. 8","author":"Dixon","year":"2008"},{"issue":"4","key":"10.1016\/j.tcs.2026.116082_bib0052","doi-asserted-by":"crossref","first-page":"289","DOI":"10.1145\/1282427.1282413","article-title":"Portcullis: protecting connection setup from denial-of-capability attacks","volume":"37","author":"Parno","year":"2007","journal-title":"ACM SIGCOMM Comput. Commun. Rev."},{"key":"10.1016\/j.tcs.2026.116082_bib0053","series-title":"27th Network and Distributed System Security Symposium (NDSS 2020)","article-title":"Poseidon: mitigating volumetric DDos attacks with programmable switches","author":"Zhang","year":"2020"},{"key":"10.1016\/j.tcs.2026.116082_bib0054","series-title":"Proc. of 7th CEAS","article-title":"Kapow webmail: effective disincentives against spam","author":"Feng","year":"2010"},{"key":"10.1016\/j.tcs.2026.116082_bib0055","series-title":"Proceedings of the 2007 ACM CoNEXT Conference","first-page":"1","article-title":"mod_kapow: mitigating DoS with transparent proof-of-work","author":"Kaiser","year":"2007"},{"key":"10.1016\/j.tcs.2026.116082_bib0056","series-title":"2003 Symposium on Security and Privacy","first-page":"78","article-title":"Defending against denial-of-service attacks with puzzle auctions","author":"Wang","year":"2003"},{"key":"10.1016\/j.tcs.2026.116082_bib0057","series-title":"Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques","first-page":"294","article-title":"CAPTCHA: using hard AI problems for security","author":"Von Ahn","year":"2003"},{"issue":"5895","key":"10.1016\/j.tcs.2026.116082_bib0058","doi-asserted-by":"crossref","first-page":"1465","DOI":"10.1126\/science.1160379","article-title":"reCAPTCHA: human-based character recognition via web security measures","volume":"321","author":"Ahn","year":"2008","journal-title":"Science"},{"key":"10.1016\/j.tcs.2026.116082_bib0059","series-title":"2015 9th International Conference on Next Generation Mobile Applications, Services and Technologies","first-page":"47","article-title":"Denial of service attacks mitigation in the cloud","author":"Alosaimi","year":"2015"},{"issue":"4","key":"10.1016\/j.tcs.2026.116082_bib0060","doi-asserted-by":"crossref","first-page":"2046","DOI":"10.1109\/SURV.2013.031413.00127","article-title":"A survey of defense mechanisms against distributed denial of service (DDoS) flooding attacks","volume":"15","author":"Zargar","year":"2013","journal-title":"IEEE Commun. Surv. Tutor."},{"issue":"1","key":"10.1016\/j.tcs.2026.116082_bib0061","doi-asserted-by":"crossref","first-page":"22","DOI":"10.1109\/MCC.2017.14","article-title":"Combating DDoS attacks in the cloud: requirements, trends, and future directions","volume":"4","author":"Somani","year":"2017","journal-title":"IEEE Cloud Comput."},{"issue":"4","key":"10.1016\/j.tcs.2026.116082_bib0062","doi-asserted-by":"crossref","first-page":"2541","DOI":"10.1109\/TNSE.2020.2981449","article-title":"Minimizing financial cost of DDoS attack defense in clouds with fine-grained resource management","volume":"7","author":"Yuan","year":"2020","journal-title":"IEEE Trans. Netw. Sci. Eng."},{"key":"10.1016\/j.tcs.2026.116082_bib0063","series-title":"Proceedings of the 11th USENIX Workshop on Hot Topics in Cloud Computing (HotCloud 19)","article-title":"Dynashield: reducing the cost of DDoS defense using cloud services","author":"Zheng","year":"2019"},{"key":"10.1016\/j.tcs.2026.116082_bib0064","unstructured":"AWS, AWS best practices for DDoS resiliency, 2019."},{"key":"10.1016\/j.tcs.2026.116082_bib0065","series-title":"Security and Game Theory: Algorithms, Deployed Systems, Lessons Learned","author":"Tambe","year":"2011"},{"key":"10.1016\/j.tcs.2026.116082_bib0066","series-title":"Handbook of Game theory with Economic Applications","doi-asserted-by":"crossref","first-page":"1947","DOI":"10.1016\/S1574-0005(02)03014-X","article-title":"Inspection games","volume":"3","author":"Avenhaus","year":"2002"},{"key":"10.1016\/j.tcs.2026.116082_bib0067","series-title":"Technical Report","article-title":"Recursive Inspection Games","author":"von Stengel","year":"1991"},{"key":"10.1016\/j.tcs.2026.116082_bib0068","series-title":"IJCAI","first-page":"2589","article-title":"When security games go green: designing defender strategies to prevent poaching and illegal fishing","author":"Fang","year":"2015"},{"issue":"1","key":"10.1016\/j.tcs.2026.116082_bib0069","first-page":"23","article-title":"Paws\u2014a deployed game-theoretic application to combat poaching","volume":"38","author":"Fang","year":"2017","journal-title":"AI Mag."},{"key":"10.1016\/j.tcs.2026.116082_bib0070","series-title":"Proceedings of the Twenty-Sixth Annual ACM Symposium on Principles of Distributed Computing","first-page":"358","article-title":"Theory of bar games","author":"Clement","year":"2007"},{"key":"10.1016\/j.tcs.2026.116082_bib0071","series-title":"2008 IEEE International Conference on Dependable Systems and Networks with FTCS and DCC (DSN)","first-page":"287","article-title":"Bar primer","author":"Clement","year":"2008"},{"key":"10.1016\/j.tcs.2026.116082_bib0072","series-title":"Proceedings of the 2010 Spring Simulation Multiconference","first-page":"1","article-title":"On modeling and simulation of game theory-based defense mechanisms against DoS and DDoS attacks","author":"Wu","year":"2010"},{"key":"10.1016\/j.tcs.2026.116082_bib0073","doi-asserted-by":"crossref","first-page":"39","DOI":"10.1016\/j.cose.2013.03.014","article-title":"A game theoretic defence framework against DoS\/DDoS cyber attacks","volume":"38","author":"Spyridopoulos","year":"2013","journal-title":"Comput. Secur."},{"issue":"1","key":"10.1016\/j.tcs.2026.116082_bib0074","doi-asserted-by":"crossref","first-page":"5","DOI":"10.1109\/TDSC.2008.13","article-title":"A puzzle-based defense strategy against flooding attacks using game theory","volume":"7","author":"Fallah","year":"2008","journal-title":"IEEE Trans. Dependable Secure Comput."},{"key":"10.1016\/j.tcs.2026.116082_bib0075","series-title":"Proceedings of the third Annual Cyber Security and Information Infrastructure Research Workshop","first-page":"7","article-title":"Denial of service games","author":"Dingankar","year":"2007"},{"issue":"4","key":"10.1016\/j.tcs.2026.116082_bib0076","doi-asserted-by":"crossref","first-page":"2333","DOI":"10.1109\/TDSC.2021.3055559","article-title":"A game-theoretical approach for mitigating edge DDoS attack","volume":"19","author":"He","year":"2022","journal-title":"IEEE Trans. Dependable Secure Comput."},{"key":"10.1016\/j.tcs.2026.116082_bib0077","series-title":"International Colloquium on Structural Information and Communication Complexity","first-page":"19","article-title":"Resource burning for permissionless systems","author":"Gupta","year":"2020"},{"issue":"4","key":"10.1016\/j.tcs.2026.116082_bib0078","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/3396374","article-title":"Foundations, properties, and security applications of puzzles: a survey","volume":"53","author":"Ali","year":"2020","journal-title":"ACM Comput. Surv."},{"key":"10.1016\/j.tcs.2026.116082_bib0079","series-title":"Proceedings of the 25th Annual ACM Symposium on Parallelism in Algorithms and Architectures (SPAA)","first-page":"130","article-title":"Sybilcast: broadcast on the open airwaves","author":"Gilbert","year":"2013"},{"key":"10.1016\/j.tcs.2026.116082_bib0080","series-title":"Proceedings of the Seventh ACM Workshop on Scalable Trusted Computing","first-page":"67","article-title":"Sybilcontrol: practical sybil defense with computational puzzles","author":"Li","year":"2012"},{"key":"10.1016\/j.tcs.2026.116082_bib0081","series-title":"6th IEEE International Conference on Peer-to-Peer Computing (P2P)","first-page":"171","article-title":"Computational puzzles as sybil defenses","author":"Borisov","year":"2006"},{"issue":"5","key":"10.1016\/j.tcs.2026.116082_bib0082","first-page":"653","article-title":"A survey of blockchain security issues and challenges","volume":"19","author":"Lin","year":"2017","journal-title":"IJ Netw. Secur."},{"key":"10.1016\/j.tcs.2026.116082_bib0083","series-title":"Proceedings of the 2003IEEE Symposium on Security and Privacy","first-page":"78","article-title":"Defending against denial-of-service attacks with puzzle auctions","author":"Wang","year":"2003"},{"issue":"2","key":"10.1016\/j.tcs.2026.116082_bib0084","doi-asserted-by":"crossref","first-page":"299","DOI":"10.1145\/1064340.1064341","article-title":"Moderately hard, memory-bound functions","volume":"5","author":"Abadi","year":"2005","journal-title":"ACM Trans. Internet Technol."},{"key":"10.1016\/j.tcs.2026.116082_bib0085","series-title":"Proceedings of the IEEE International Conference on Communications","first-page":"1","article-title":"Modeling human behavior for defense against flash-crowd attacks","author":"Oikonomou","year":"2009"},{"key":"10.1016\/j.tcs.2026.116082_bib0086","series-title":"Proceedings of the 11th ACM Conference on Computer and Communications Security (CCS)","first-page":"246","article-title":"New client puzzle outsourcing techniques for DoS resistance","author":"Waters","year":"2004"},{"key":"10.1016\/j.tcs.2026.116082_bib0087","series-title":"Proceedings of the 33rd International Conference on Computer Communications and Networks (ICCCN)","first-page":"1","article-title":"DDD: a DNS-based DDoS defense scheme using puzzles","author":"Lee","year":"2024"},{"key":"10.1016\/j.tcs.2026.116082_bib0088","series-title":"Proceedings of the 7th ACM Conference on Information-Centric Networking","first-page":"117","article-title":"Persia: a puzzle-based interest flooding attack countermeasure","author":"Tourani","year":"2020"},{"issue":"3","key":"10.1016\/j.tcs.2026.116082_bib0089","doi-asserted-by":"crossref","first-page":"57","DOI":"10.1145\/2818936.2818949","article-title":"Resource-competitive algorithms","volume":"46","author":"Bender","year":"2015","journal-title":"SIGACT News"},{"key":"10.1016\/j.tcs.2026.116082_bib0090","series-title":"Proceedings of the 31st Symposium on Principles of Distributed Computing (PODC)","first-page":"145","article-title":"Making evildoers pay: resource-competitive broadcast in sensor networks","author":"Gilbert","year":"2012"},{"key":"10.1016\/j.tcs.2026.116082_bib0091","series-title":"Proceedings of the 26th ACM Symposium on Parallelism in Algorithms and Architectures (SPAA)","first-page":"257","article-title":"(Near) optimal resource-competitive broadcast with jamming","author":"Gilbert","year":"2014"},{"key":"10.1016\/j.tcs.2026.116082_bib0092","series-title":"Proceedings of the 30th Symposium on Principles of Distributed Computing (PODC)","first-page":"277","article-title":"Conflict on a communication channel","author":"King","year":"2011"},{"key":"10.1016\/j.tcs.2026.116082_bib0093","series-title":"24th International Conference on Principles of Distributed Systems (OPODIS)","first-page":"22:1","article-title":"Broadcasting competitively against adaptive adversary in multi-channel radio networks","volume":"vol. 184","author":"Chen","year":"2020"},{"key":"10.1016\/j.tcs.2026.116082_bib0094","series-title":"Proceedings of the 27th Annual ACM-SIAM Symposium on Discrete Algorithms (SODA)","first-page":"636","article-title":"How to scale exponential backoff: constant throughput, polylog access attempts, and robustness","author":"Bender","year":"2016"},{"key":"10.1016\/j.tcs.2026.116082_bib0095","series-title":"Proceedings of the 43rd ACM Symposium on Principles of Distributed Computing (PODC)","first-page":"231","article-title":"Fully energy-efficient randomized backoff: slow feedback loops yield fast contention resolution","author":"Bender","year":"2024"},{"key":"10.1016\/j.tcs.2026.116082_bib0096","series-title":"Proceedings of the Colloquium on Automata, Languages, and Programming (ICALP)","article-title":"Interactive communication with unknown noise rate","author":"Dani","year":"2015"},{"key":"10.1016\/j.tcs.2026.116082_bib0097","series-title":"Proceedings of the 15th International Conference on Distributed Computing and Networking (ICDCN)","article-title":"Secure one-way interactive communication","author":"Aggarwal","year":"2017"},{"key":"10.1016\/j.tcs.2026.116082_bib0098","series-title":"Proceedings of the 25th International Conference on Distributed Computing and Networking (ICDCN)","first-page":"134","article-title":"Defending hash tables from subterfuge with depth charge","author":"Chakraborty","year":"2024"},{"key":"10.1016\/j.tcs.2026.116082_bib0099","series-title":"International Symposium on Stabilization, Safety, and Security of Distributed Systems (SSS)","first-page":"426","article-title":"Torbricks: blocking-resistant tor bridge distribution","author":"Zamani","year":"2017"},{"key":"10.1016\/j.tcs.2026.116082_bib0100","series-title":"Proceedings of the 41st IEEE International Conference on Distributed Computing Systems (ICDCS)","article-title":"Bankrupting sybil despite churn","author":"Gupta","year":"2021"},{"key":"10.1016\/j.tcs.2026.116082_bib0101","doi-asserted-by":"crossref","first-page":"89","DOI":"10.1016\/j.jcss.2023.02.004","article-title":"Bankrupting sybil despite churn","volume":"135","author":"Gupta","year":"2023","journal-title":"J. Comput. Syst. Sci."},{"key":"10.1016\/j.tcs.2026.116082_bib0102","series-title":"Proceedings of the 19th International Conference on Distributed Computing and Networking (ICDCN)","article-title":"Proof of work without all the work","author":"Gupta","year":"2018"},{"key":"10.1016\/j.tcs.2026.116082_bib0103","series-title":"PODC \u201921: ACM Symposium on Principles of Distributed Computing","first-page":"127","article-title":"Contention resolution with predictions","author":"Gilbert","year":"2021"},{"key":"10.1016\/j.tcs.2026.116082_bib0104","article-title":"A model for learned bloom filters, and optimizing by sandwiching","volume":"abs\/1901.00902","author":"Mitzenmacher","year":"2019","journal-title":"CoRR"},{"key":"10.1016\/j.tcs.2026.116082_bib0105","series-title":"Advances in Neural Information Processing Systems 31: Annual Conference on Neural Information Processing Systems 2018, NeurIPS 2018","first-page":"9684","article-title":"Improving online algorithms via ML predictions","author":"Purohit","year":"2018"},{"key":"10.1016\/j.tcs.2026.116082_bib0106","series-title":"14-th Annual ACM-SIAM Symposium on Discrete Algorithms","first-page":"1859","article-title":"Online scheduling via learned weights","author":"Lattanzi","year":"2020"},{"key":"10.1016\/j.tcs.2026.116082_bib0107","series-title":"13th Innovations in Theoretical Computer Science Conference ITCS","first-page":"114:1","article-title":"Uniform bounds for scheduling with job size estimates","volume":"vol. 215","author":"Scully","year":"2022"},{"key":"10.1016\/j.tcs.2026.116082_bib0108","series-title":"Beyond the Worst-Case Analysis of Algorithms","article-title":"Algorithms with predictions","author":"Mitzenmacher","year":"2021"},{"issue":"7","key":"10.1016\/j.tcs.2026.116082_bib0109","doi-asserted-by":"crossref","first-page":"33","DOI":"10.1145\/3528087","article-title":"Algorithms with predictions","volume":"65","author":"Mitzenmacher","year":"2022","journal-title":"Commun. ACM"},{"key":"10.1016\/j.tcs.2026.116082_bib0110","series-title":"Algorithm Design","author":"Kleinberg","year":"2006"},{"key":"10.1016\/j.tcs.2026.116082_bib0111","series-title":"IEEE Symposium on Foundations of Computer Science","first-page":"222","article-title":"Probabilistic computations: toward a unified measure of complexity","author":"Yao","year":"1977"},{"key":"10.1016\/j.tcs.2026.116082_bib0112","series-title":"Online Computation and Competitive Analysis","author":"Borodin","year":"2005"},{"issue":"2\u20133","key":"10.1016\/j.tcs.2026.116082_bib0113","doi-asserted-by":"crossref","first-page":"77","DOI":"10.1016\/S0166-5316(01)00046-3","article-title":"Traffic model and performance evaluation of web servers","volume":"46","author":"Liu","year":"2001","journal-title":"Perform. Eval."},{"key":"10.1016\/j.tcs.2026.116082_bib0114","series-title":"Nonlinear Estimation and Classification","first-page":"83","article-title":"Internet traffic tends toward poisson and independent as the load increases","author":"Cao","year":"2003"},{"issue":"1","key":"10.1016\/j.tcs.2026.116082_bib0115","doi-asserted-by":"crossref","first-page":"82","DOI":"10.1109\/MIC.2006.5","article-title":"Denial-of-service attack-detection techniques","volume":"10","author":"Carl","year":"2006","journal-title":"IEEE Internet Comput."},{"key":"10.1016\/j.tcs.2026.116082_bib0116","series-title":"Proceedings of the 20th International Conference on Security and Cryptography (SECRYPT)","first-page":"62","article-title":"CAPoW: context-aware ai-assisted proof of work based DDoS defense","author":"Chakraborty","year":"2023"},{"issue":"4","key":"10.1016\/j.tcs.2026.116082_bib0117","doi-asserted-by":"crossref","first-page":"219","DOI":"10.1145\/1030194.1015492","article-title":"Diagnosing network-wide traffic anomalies","volume":"34","author":"Lakhina","year":"2004","journal-title":"ACM SIGCOMM Comput. Commun. Rev."},{"key":"10.1016\/j.tcs.2026.116082_bib0118","series-title":"2004 IEEE International Conference on Computer Communications. Proceedings. INFOCOM","first-page":"1546","article-title":"Stochastic models for generating synthetic http source traffic","volume":"vol. 3","author":"Cao","year":"2004"},{"key":"10.1016\/j.tcs.2026.116082_bib0119","series-title":"Proceedings. Seventh International Conference on Network Protocols","first-page":"327","article-title":"A behavioral model of web traffic","author":"Choi","year":"1999"},{"key":"10.1016\/j.tcs.2026.116082_bib0120","unstructured":"Wikipedia, Bernstein inequalities (probability theory), 2024, https:\/\/en.wikipedia.org\/wiki\/Bernstein_inequalities_(probability_theory)."},{"key":"10.1016\/j.tcs.2026.116082_bib0121","series-title":"Introduction to Mathematical Probability","author":"Uspensky","year":"1937"},{"issue":"1","key":"10.1016\/j.tcs.2026.116082_bib0122","doi-asserted-by":"crossref","first-page":"13","DOI":"10.1145\/363647.363659","article-title":"Adversarial queuing theory","volume":"48","author":"Borodin","year":"2001","journal-title":"J. ACM"},{"issue":"1","key":"10.1016\/j.tcs.2026.116082_bib0123","doi-asserted-by":"crossref","first-page":"114","DOI":"10.1109\/18.61109","article-title":"A calculus for network delay. i. network elements in isolation","volume":"37","author":"Cruz","year":"1991","journal-title":"IEEE Trans. Inf. Theory"},{"key":"10.1016\/j.tcs.2026.116082_bib0124","series-title":"33rd International Symposium on Distributed Computing (DISC)","first-page":"17:1","article-title":"Stable memoryless queuing under contention","volume":"vol. 146","author":"Garncarek","year":"2019"},{"key":"10.1016\/j.tcs.2026.116082_bib0125","series-title":"32nd International Symposium on Distributed Computing (DISC)","first-page":"28:1","article-title":"Local queuing under contention","volume":"vol. 121","author":"Garncarek","year":"2018"},{"key":"10.1016\/j.tcs.2026.116082_bib0126","series-title":"2010 Proceedings IEEE INFOCOM","first-page":"1","article-title":"Deterministic broadcast on multiple access channels","author":"Anantharamu","year":"2010"},{"issue":"2","key":"10.1016\/j.tcs.2026.116082_bib0127","doi-asserted-by":"crossref","first-page":"93","DOI":"10.1007\/s00446-009-0086-4","article-title":"Maximum throughput of multiple access channels in adversarial environments","volume":"22","author":"Chlebus","year":"2009","journal-title":"Distrib. Comput."},{"key":"10.1016\/j.tcs.2026.116082_bib0128","doi-asserted-by":"crossref","first-page":"155","DOI":"10.1016\/j.tcs.2015.03.034","article-title":"Broadcasting in ad hoc multiple access channels","volume":"584","author":"Anantharamu","year":"2015","journal-title":"Theor. Comput. Sci."},{"key":"10.1016\/j.tcs.2026.116082_bib0129","series-title":"Probability and Computing: Randomization and Probabilistic Techniques in Algorithms and Data Analysis","author":"Mitzenmacher","year":"2017"},{"issue":"8","key":"10.1016\/j.tcs.2026.116082_bib0130","doi-asserted-by":"crossref","first-page":"521","DOI":"10.1090\/S0002-9904-1937-06588-8","article-title":"Jensen\u2019s inequality","volume":"43","author":"McShane","year":"1937","journal-title":"Bull. Am. Math. Soc."},{"issue":"2","key":"10.1016\/j.tcs.2026.116082_bib0131","doi-asserted-by":"crossref","first-page":"518","DOI":"10.1016\/0022-247X(92)90177-F","article-title":"Some refinements of Jensen\u2019s inequality","volume":"168","author":"Dragomir","year":"1992","journal-title":"J. Math. Anal. Appl."},{"issue":"1","key":"10.1016\/j.tcs.2026.116082_bib0132","doi-asserted-by":"crossref","first-page":"65","DOI":"10.2140\/pjm.1954.4.65","article-title":"On von Neumann\u2019s minimax theorem","volume":"4","author":"Nikaid\u00f4","year":"1954","journal-title":"Pacific J. Math."},{"key":"10.1016\/j.tcs.2026.116082_bib0133","unstructured":"T. Chakraborty, Simulation code, 2022. https:\/\/github.com\/trishac97\/RB-Cost-DDOS."}],"container-title":["Theoretical Computer Science"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/api.elsevier.com\/content\/article\/PII:S0304397526003324?httpAccept=text\/xml","content-type":"text\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/api.elsevier.com\/content\/article\/PII:S0304397526003324?httpAccept=text\/plain","content-type":"text\/plain","content-version":"vor","intended-application":"text-mining"}],"deposited":{"date-parts":[[2026,6,8]],"date-time":"2026-06-08T17:30:20Z","timestamp":1780939820000},"score":1,"resource":{"primary":{"URL":"https:\/\/linkinghub.elsevier.com\/retrieve\/pii\/S0304397526003324"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2026,8]]},"references-count":133,"alternative-id":["S0304397526003324"],"URL":"https:\/\/doi.org\/10.1016\/j.tcs.2026.116082","relation":{},"ISSN":["0304-3975"],"issn-type":[{"value":"0304-3975","type":"print"}],"subject":[],"published":{"date-parts":[[2026,8]]},"assertion":[{"value":"Elsevier","name":"publisher","label":"This article is maintained by"},{"value":"Bankrupting DoS attackers","name":"articletitle","label":"Article Title"},{"value":"Theoretical Computer Science","name":"journaltitle","label":"Journal Title"},{"value":"https:\/\/doi.org\/10.1016\/j.tcs.2026.116082","name":"articlelink","label":"CrossRef DOI link to publisher maintained version"},{"value":"article","name":"content_type","label":"Content Type"},{"value":"\u00a9 2026 The Author(s). Published by Elsevier B.V.","name":"copyright","label":"Copyright"}],"article-number":"116082"}}