Download presentation
Presentation is loading. Please wait.
Published byMarcus Davis Modified over 9 years ago
1
Denial of Service Resilience in Ad Hoc Networks (MobiCom 2004) Imad Aad, Jean-Pierre Hubaux, and Edward W. Knightly November 21 th, 2006 Jinkyu Lee
2
2 Contents Introduction DoS Attacks Analytical Model Assessment of Performance under DoS Attack Conclusion
3
3 Introduction Do ad hoc networks have sufficiently redundant paths and counter-DoS mechanisms to make DoS attacks largely ineffective? Or are there attack and system factors that can lead to devastating effects? Related Work Securing Routing Protocols Usage of Multiple Routes Securing Packet Forwarding Identification of the Attacking Nodes
4
4 Introduction Goal of the paper –To quantify via analytical models and simulation experiments the damage that a successful attacker (using DoS attack) can have on the performance of an ad hoc network
5
5 DoS Attacks System Model –To ensure node authentication –To ensure message authentication –To ensure one identity per node –To prevent control plane misbehavior (query floods, rushing attacks …)
6
6 DoS Attacks Jellyfish Attack –Target Closed-loop flows (such as TCP) –Protocol compliance To obey routing and forwarding protocol specification –Malicious behaviors Reorder attack Periodic dropping attack Delay variance attack
7
7 DoS Attacks Impact of Jellyfish Reorder Attack
8
8 DoS Attacks Impact of Jellyfish Drop Attack
9
9 DoS Attacks Impact of Jellyfish Jitter Attack
10
10 DoS Attacks Black Hole Attacks –Target Flows that are not congestion controlled –Protocol compliance To obey routing and forwarding protocol specification –Malicious behaviors To absorb all data packets –Hard to detect
11
11 DoS Attacks Misbehavior Diagnosis – Fail! –Detection of MAC layer failure Cross-layer design in DSR –Passive acknowledgement (PACK) Watchdog –Layer 4 endpoint detection Hard to detect the malicious node Victim Response –To establish an alternate path –To employ multi-path routing –To establish backup routes
12
12 Analytical Model # of total nodes: N # of Jellyfish or Black hole nodes: pN
13
13 Assessment of Performance under DoS Attack Methodology –System Fairness –Number of Hops for Received Packets –Total System Throughput –Probability of interception
14
14 Assessment of Performance under DoS Attack Baseline –200 nodes –2000m X 2000m –Random movement (Max velocity: 10m/s, pausing for 10s on average) –IEEE 802.11 MAC (transmission range: 250m) –100 nodes communicate with each other (50 flows) –Jellyfish nodes are placed in grid
15
15 Assessment of Performance under DoS Attack Distribution of the Number of Hops for Received Packets
16
16 Assessment of Performance under DoS Attack Fairness Index for the Baseline Case
17
17 Assessment of Performance under DoS Attack Average Number of Hops for Received Packets
18
18 Assessment of Performance under DoS Attack Offered Load and TCP 1 2 3 4 3 2 1 4 1 2 3 4 1 2 3 4
19
19 Assessment of Performance under DoS Attack Extensive Simulations –Jellyfish Placement –Mobility –Node Density –System Size
20
20 Conclusion This is the first paper to quantify DoS effects on ad hoc networks –DoS increases capacity, but blocks long flows –DoS decreses fairness –Throughput is not enough to measure DoS impacts
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.