Abstract
Due to frequent joining and leaving of nodes and better performance, use of flooding algorithms is always proffered in Mobile Ad-hoc Networks (MANETs). A single query transmitted by a node can be received by hundreds of nodes at 3rd or 4th hop. But it is also fact that flooding algorithms provide an opportunity to attackers for launching query flooding attacks. On one side these query flooding attacks results in wastage of valuable processing resources and on the other side they cause in starvation and delay at legitimate user’s end. To solve this problem we proposed attack containment techniques by providing a fair share of processing resources to every node. Fair distribution is achieved by designing different query distribution techniques based on mathematical models. Results obtained through network simulator 2 prove that the proposed solution is resilient against various types of flooding attacks.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Daswani, N., & Garcia-Molina, H. (2002). Query-flood DoS attacks in Gnutella In ACM conference on computer and communications security, Washington, DC, November.
Daswani, N., & Garcia-Molina, H. (2005). Blasting in chord. Stanford CS technical report, January.
Daswani, N., & Garcia-Molina, H. (2004). Pong-cache poisoning in GUESS. In ACM conference on computer and communications security, Washington, DC, October.
Daswani, N., Garcia-Molina, H., & Yang, B. (2003). Open problems in data-sharing peer-to-peer systems. In International conference on database theory, Siena, Italy, January.
Bawa, M., Cooper, B. F., Crespo, A., Daswani, N., Ganesan, P., Garcia-Molina, H., Kamvar, S., Marti, S., Schlosser, M., Sun, Q., Vinograd, P., & Yang, B. Peer to peer research at Stanford. ACM SIGMOD record. http://www-db.stanford.edu/~bawa/./Pub/stanford.ps.
Sun, Q., Daswani, N., & Garcia-Molina, H. (2006). Maximizing RemoteWork in flooding-based peer-to-peer systems. J. Comput. Netw.
Sun, Q., Daswani, N., & Garcia-Molina, H. (2003). Maximizing remote work in flooding-based peer-to-peer systems. In 17th international symposium on distributed computing (DISC 2003), Sorrento, Italy, October.
Jung, S., Hundewale, N., & Zelikovsky, A. (2005). Energy efficiency of load balancing in MANET routing protocols. New York: IEEE Press.
Wu, H., et al. (2004). Mddv: a mobility-centric data dissemination algorithm for vehicular networks. In Proc. 1st int’l. wksp. vehic., Oct. (pp. 47–56). Networks (VANET): Ad Hoc.
Shen, M., & Zhao, D. (2006). Throughput analysis of IEEE 802.11 and IEEE 802.11e MAC In The third international conference on quality of service in heterogeneous wired/wireless networks, Waterloo, ON, Canada, August 7–9. New York: ACM.
Ni, S.-Y., Tseng, Y.-C., Chen, Y.-S., & Sheu, J.-P. (1999). The broadcast storm problem in mobile ad hoc networks. In Proc. MobiCom ’99, Seatle, USA, Aug. ACM, New York
Williams, B., & Camp, T. (2002). Comparison of broadcasting techniques for mobile ad hoc networks. In ACM MOBIHOC New York: ACM.
Yoo, J., Gil, H.-r., & Kim, C.-k. (2003). INK: implicit neighbor knowledge routing in ad hoc networks. New York: IEEE Press.
Korkmaz, G., & Ekici, E. (2004). Urban MultiHop broadcast protocol for InterVehicle communication systems. In VANET’04. ACM, New York, Philadelphia, Pennsylvania, USA, October 1. New York: ACM.
Niculescu, D., & Nath, B. (2003). Trajectory based forwarding and its applications. In MobiCom’03, ACM New York, San Diego, California, USA, September 14–19. New York: ACM.
Kosch, T., Adler, C. J., Eichler, S., Schroth, C., & Strassberger, M. (2006). The scalability problem of vehicular ad hoc networks and how to solve it. IEEE Wireless Communications, 13(5), 22–28.
Osafune, T., Lin, L., & Lenardi, M. (2006). Multi-hop vehicular broadcast (MHVB). In 6th international conferences on ITS telecommunications.
Tomar, G. S., Dixit, M., & Verma, S. (2009). AODV routing protocol with selective flooding. In Proceedings of the 2009 international conference of soft computing and pattern recognition.
Priya, L.R., & Chaki, N. (2009). A study on QoS issues for mobile ad-hoc networks In Proceedings of the 2nd international conference on interaction sciences: information technology, culture and human, Korea.
Hwang, R.-H., & Hoh, C.-C. (2009). Cross-layer design of P2P file sharing over mobile ad hoc networks. Telecommunications Systems, 42(1–2), 47–61.
Acknowledgement
We are very thankful to Stanford University and especially to Mr. Neil Daswani who provides us the basis to carry this research.
Author information
Authors and Affiliations
Corresponding author
Appendices
Appendix A: Remote work
Remote work is the work done by a specific node on behalf of other nodes. A node can consume its resources either to serve its own queries or those of remote nodes. Execution of remote node queries is called as remote work.
1.1 A.1 Comparison of legitimate and malicious remote work in case of blind flooding
In the first experiment we measured and compared the legitimate work done by each of the six proposed QDS in case of blind flooding. Results are summarized in Fig. 6.
Comparison of legitimate remote work-blind flooding
It can easily conclude from the Fig. 6 that Weighted Inverse strategy is delivering more as compared to other five strategies. Complete Trusted is second after the weighted inverse while Weighted QDS is performing very poor and at the last position. In the second experiment we measured and compared the malicious work done by each of the six proposed QDS in case of blind flooding. Results are summarized in Fig. 7.
Comparison of malicious remote work-blind flooding
In Weighted QDS malicious work is maximum and it is more vulnerable to attack. Weighted Inverse and Complete Trusted QDSs are performing better because malicious work is very low in these two strategies.
1.2 A.2 Comparison of legitimate and malicious remote work in case of intelligent flooding
In the first experiment we measured and compared the legitimate work done by each of the six proposed QDS in case of intelligent flooding. Results are summarized in Fig. 8.
Comparison of legitimate remote work-intelligent flooding
When the proposed six QDSs are compared in by applying intelligent flooding it is measured that Complete Trusted QDS becomes the best choice. The weighted inverse moves to number 2 and Weighted is still at the last number. In the second experiment we measured and compared the malicious work done by each of the six proposed QDS in case of intelligent flooding. Results are summarized in Fig. 9.
Comparison of malicious remote work-intelligent flooding
In Weighted QDS malicious work is maximum and it is more vulnerable to attack. Complete Trusted and Weighted Inverse QDSs are performing better because malicious work is very low in these two strategies.
1.3 A.3 Percentage of total legitimate queries served from the total legitimate queries received—blind flooding
In this experiment we measured that how many legitimate queries are served from the legitimate nodes. From the Fig. 10 it can be concluded that the complete trust strategy serves more percentage of legitimate queries as compared to the other five strategies. Weighted strategy is at the last and serves very few legitimate queries from the total legitimate queries received.
Percentage of total legitimate queries served from the total legitimate queries received—blind flooding
1.4 A.4 Percentage of total malicious queries served from the total malicious queries received—blind flooding
In this experiment it is measured that what percentage of malicious queries is served from the total malicious queries received. Figure 11 is showing that Weighted strategy serves the maximum number of malicious packets and weighted inverse serves the minimum number of malicious packets. Complete Trusted strategy also serves very few malicious queries and is on the 2nd last number in Fig. 11.
Percentage of total malicious queries served from the total malicious queries received—blind flooding
1.5 A.5 Percentage of total legitimate queries served from the total legitimate queries received—intelligent flooding
The above experiment is repeated by applying the intelligent flooding technique and it is found that by applying the intelligent flooding technique still complete trust strategy is serving the maximum number of legitimate queries while weighted and weighted inverse strategies are at the bottom and serve very few legitimate queries from the total received as shown in the Fig. 12.
Percentage of total legitimate queries served from the total legitimate queries received—intelligent flooding
1.6 A.6 Percentage of total malicious queries served from the total malicious queries received—intelligent flooding
This experiment gives very different results as compared to the above three experiments. Since the intelligent flooding is applied so the total malicious queries sent by the malicious nodes are very little in case of fractional, optimized fractional and weighted inverse strategy and maximum of the sent queries are served. The reason of high percentage of malicious query service in that the malicious nodes send the queries according to the strategy applied. The results are summarized in Fig. 13.
Percentage of total malicious queries served from the total malicious queries received—intelligent flooding
1.7 A.7 Total queries sent by malicious node in blind and intelligent flooding
Five from the six proposed QDSs performs same amount of legitimate and malicious remote work in case of blind and intelligent flooding. But the total number of queries sent by the malicious nodes is different in three of the proposed QDS (Fractional, Weighted Inverse, Optimized Fractional) when the underlying flooding strategy is changed from blind to intelligent. Figure 14 is explaining the total number of queries sent and served by malicious node in case of blind flooding and intelligent flooding when underlying strategy was Fractional QDS.
Total queries sent by malicious nodes-fractional QDS
From the Fig. 14 we can see that in case of blind flooding 10 malicious nodes sent up to 300,000 queries to get 67 % resources of a node. Sending of 300,000 queries itself requires too much power and resources at the attacker end. So in case of blind flooding malicious nodes are consuming too many resources to attack. While in case of intelligent flooding since the malicious nodes have knowledge about the underlying query distribution strategy so it sends requests accordingly. So in case of intelligent flooding malicious nodes send 67000 queries to occupy 67 % of the victim’s resources. So the total queries sent by malicious nodes in case of intelligent flooding are almost 4.5 times lower as compared to that of blind flooding.
In the next experiment we measured the total queries sent by malicious nodes in case of blind and intelligent flooding when the underlying strategy was Weighted Inverse QDS. Figure 15 is summarizing the results.
Total queries sent by malicious nodes-weighted inverse QDS
From the Fig. 15 we can see that in case of blind flooding 10 malicious nodes sent 300,000 queries to get 42 % resources of a node. In case of intelligent flooding malicious nodes send 50,000 queries to occupy 50 % of the victim’s resources. So the total queries sent by malicious nodes in case of intelligent flooding are almost 6 times lower as compared to that of blind flooding and the resources occupied in case of intelligent flooding are 8 % higher.
Appendix B: Energy
Since nodes of the ad-hoc network are battery operated so energy is one of the main performance parameter that should be considered while making any solution. After calculating the remote work we conducted number of experiments to calculate the consumption of energy by the proposed strategies. When there was no malicious node the total consumed energy was about 280 joules but with the addition of malicious nodes the total consumed energy starts to increase and when there was 10 malicious nodes the total consumed energy was 500 joules. With the addition of malicious nodes the portion of energy consumed by the total queries and served queries of legitimate nodes starts to decrease and that of malicious nodes starts to increase. When there was no malicious 280 joules all are consumed by the legitimate node but when there were 10 malicious nodes the total legitimate energy consumed was just 100 joules while energy consumed by the malicious nodes was 400 joules. The above mentioned values are same for all the remaining strategies. The difference is in case of served queries.
2.1 B.8 Comparison of all QDSs in terms of energy consumed by served queries of legitimate nodes
In this experiment we compared all the six strategies in terms of energy consumed by served queries of legitimate nodes. We find that Complete Trusted QDS consumes maximum of its energy to serve the legitimate queries while weighted QDS consumes very low amount of energy to serve the legitimate queries. The initial energy consumption of weighted inverse QDS is different from the other five QDSs because in the other five QDSs the numbers of served queries are equal to the capacity of the receiver but in weighted inverse the number of served queries are less than the total capacity of the receiver. The results are shown in the Fig. 16.
Comparison of all QDSs in terms of energy consumed by served queries of legitimate nodes
2.2 B.9 Comparison of all QDSs in terms of energy consumed by served queries of malicious nodes
In this experiment we compared all the six strategies in terms of energy consumed by served queries of legitimate nodes. We find that Weighted Inverse QDS consumes very less amount of its energy to serve the malicious queries while weighted QDS consumes a large amount of energy to serve the malicious queries. Complete Trusted QDS is on the 2nd number after weighted inverse which consumes very less amount of energy to serve the malicious queries. The results are summarized in Fig. 17.
Comparison of all QDSs in terms of energy consumed by served queries of malicious nodes
Rights and permissions
About this article
Cite this article
Azam, F., Shafi Khan, Z., Sher, M. et al. Attack containment in mobile ad-hoc networks through fair distribution of processing resources. Telecommun Syst 55, 93–103 (2014). https://doi.org/10.1007/s11235-013-9754-6
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11235-013-9754-6