ABSTRACT
A class of Denial-of-service (DoS) attacks on quality-of-service (QoS) based signaling protocols for mobile ad hoc networks (MANETs) can severely cripple network performance with relatively little effort expended by the attacker. We propose a new distributed QoS signaling scheme that is resilient to this class of attacks. The key elements of the scheme are: sensing of available bandwidth, traffic policing, and rate monitoring. The proposed scheme provides QoS differentiation for best effort and real-time traffic, and achieves a compromise between signaling protocols that require the maintenance of per-flow state and those that are completely stateless. We demonstrate how the scheme can defend against DoS attacks and show that it scales gracefully in terms of the number of nodes and/or trafic flows in the MANET.
- B. T. Doshi. Deterministic rule-based traffic descriptors for broadband ISDN: Worst case behavior and connection acceptance control. In J. Labetoulle and J. W. Roberts, editors, The Fundamental Role of Traffic in the Evolution of Telecommunication Networks, pages 559--569. Elsevier Science, 1994.Google Scholar
- M. Frodigh, P. Johansson, and P. Larsson. Wireless ad hoc networking: the art of networking without a network. Ericsson Review, (4):248--263, 2000.Google Scholar
- M. Kazantzidis and M. Gerla. Permissible Throughput Network Feedback for Adaptive Multimedia in AODV MANETs. J. Parallel and Distributed Computing, 2001.Google Scholar
- S. Lee, A. Gahng-Seop, X. Zhang, and A. Campbell. INSIGNIA: An IP Based Quality of Service Framework for Mobile Ad Hoc Networks. J. Parallel and Distributed Computing, April 2000. Google ScholarDigital Library
- J. Mirkovic and P. Reiher. A Taxonomy of DDoS Attacks and Defense Mechanisms. ACM Computer Communication Review, April 2004. Google ScholarDigital Library
- A. Veres, A. Campbell, M. Barry, and L. Sun. Supporting Service Differentiation in Wireless Packet Networks Using Distributed Control (SWAN). IEEE J. Select. Areas in Comm., 19(10):2094--2104, Oct. 2001. Google ScholarDigital Library
Index Terms
Denial-of-service resistant quality-of-service signaling for mobile ad hoc networks
Recommendations
A Denial-of-Service Resistant Quality-of-Service Signaling Protocol for Mobile Ad Hoc Networks
Proceedings of the Second International Conference on Quality of Service in Heterogeneous Wired/Wireless NetworksQuality-of-service (QoS) signaling protocols for mobile ad hoc networks (MANETs) are highly vulnerable to attacks. In particular, a class of Denial-of-service (DoS) attacks can severely cripple network performance with relatively little effort expended ...
Securing quality-of-service route discovery in on-demand routing for ad hoc networks
SASN '04: Proceedings of the 2nd ACM workshop on Security of ad hoc and sensor networksAn ad hoc network is a collection of computers (nodes) that cooperate to forward packets for each other over a multihop wireless network. Users of such networks may wish to use demanding applications such as videoconferencing, Voice over IP, and ...
Comments