This week, I continued my literary review of publications about DDoS attacks as well as made minor updates to our current game about phishing. I began with "Simulation and analysis of DDoS attacks" by M. Poongothai and M. Sathyakala. This paper aimed to provide an understanding of existing attack methods, tools and defense mechanisms, so that a better understanding of DDoS attacks could be achieved. They did so by simulating an environment by extending NS2, setting attacking topology and traffic, which can be used to evaluate and compare the methods of DDoS attacks and tools. The goal was to use the data collected to develop better algorithms to battle DDoS attacks. Overall, I believe their method of clarification for DDoS is something that can be integrated into our future work. They described it as "resource overloading attacks" that are capable of "either crashing the host such that it cannot communicate properly with the rest of the network, or disrupting / degrading the host's service and rendering it unavailable for legitimate users." I believe this definition should be the basis for our game development idea. They also break down DDoS attacks into 4 parts (attacker, handler nodes, daemon / agent nodes and a victim) which I find to be a useful way to view the concept from a game design perspective. There is not much that I would change about the way they conducted their research, other than maybe focusing in on one particular example of how DDoS has affected an IT infrastructure in the past.

I also reviewed "Game-based Simulation of Distributed Denial of Service (DDoS) Attack and Defense Mechanisms of Critical Infrastructures" by R. Poisel et al. My main take-away from this publication was their combination of agent-based modeling and simulation with game-theoretic elements (such as Anticipation Games). I found this interesting because it presented the idea of having a combination of features from different styles of projects. They also bring up an interesting thought, which is estimating and replicating the true impact of cyber attacks on critical infrastructure systems. This will be essential in creating an experience applicable to real life scenarios.

Lastly, I made an slight update to the UI display for our tips menu during the game. It now more clearer explains the attack and defense players should take in real phishing scenarios. I also made updates to the display of questions during the question gameplay.