Jian Song,Fan Hong,Yu Zhang

2006-01-01

Abstract:In mobile ad hoc networks (MANET), various types of denial of service attacks (DoS) are possible because of the inherent limitations of its routing protocols. The attack of initiating/forwarding fake route requests (RREQs) can lead to hogging of network resources and hence denial of service to genuine nodes. This type of attack is hard to detect since malicious nodes mimic normal nodes in all aspects except that they do route discoveries much more frequently than the other nodes. A distrusted filtering mechanism is proposed to mitigate such situations and reduce the loss of throughput. The proposed mechanism could prevent this specific kind of DoS attack and does not use any additional network bandwidth

Ping Yi,Zhoulin Dai,Shiyong Zhang,Yiping Zhong

2005-01-01

Abstract:Mobile ad hoc networks will often be deployed in environments where the nodes of the networks are unattended and have little or no physical protection against tampering. The nodes of mobile ad hoc networks are thus susceptible to compromise. The networks are particularly vulnerable to denial of service (DOS) attacks launched through compromised nodes or intruders. In this paper, we present a new DOS attack and its defense in ad hoc networks. The new DOS attack, called Ad Hoc Flooding Attack(AHFA), can result in denial of service when used against on-demand routing protocols for mobile ad hoc networks, such as AODV, DSR. The intruder broadcasts mass Route Request packets to exhaust the communication bandwidth and node resource so that the valid communication can not be kept. After analyzed Ad Hoc Flooding Attack, we develop Flooding Attack Prevention (FAP), a generic defense against the Ad Hoc Flooding Attack in mobile ad hoc networks. When the intruder broadcasts exceeding packets of Route Request, the immediate neighbors of the intruder record the rate of Route Request. Once the threshold is exceeded, nodes deny any future request packets from the intruder. The results of our implementation show FAP can prevent the Ad Hoc Flooding attack efficiently. Keyword: mobile ad hoc networks, routing protocol, security, denial of service, Ad Hoc Flooding Attack

P Yi,ZL Dai,YP Zhong,SY Zhang

DOI: https://doi.org/10.1109/itcc.2005.248

2006-01-01

Abstract:Mobile ad hoc networks will often be deployed in environments where the nodes of the networks are unattended and have little or no physical protection against tampering. The nodes of mobile ad hoc networks are thus susceptible to compromise. The networks are particularly vulnerable to denial of service (DOS) attacks launched through compromised nodes or intruders. In this paper, we present a new DOS attack and its defense in ad hoc networks. The new DOS attack, called ad hoc flooding attack, can result in denial of service when used against on-demand routing protocols for mobile ad hoc networks, such as AODV, DSR. The intruder broadcasts mass Route Request packets or sends a lot of attacking DATA packets to exhaust the communication bandwidth and node resource so that the valid communication can not be kept. After analyzed ad hoc flooding attack, we develop flooding attack prevention (FAP), a generic defense against the ad hoc flooding attack in mobile ad hoc networks. The FAP is composed of neighbor suppression and path cutoff. When the intruder broadcasts exceeding packets of route request, the immediate neighbors of the intruder observe a high rate of route request and then they lower the corresponding priority according to the rate of incoming queries. Moreover, not serviced low priority queries are eventually discarded. When the intruder sends many attacking DATA packets to the victim node, the node may cut off the path and does not set up a path with the intruder any more. Mobile ad hoc networks can prevent the ad hoc flooding attack by FAP with little overhead.

Hung-Min Sun,Chiung-Shun Chen,Ci-Lun Chen,Yao-Hsin Chen

2011-01-01

Abstract:Wireless network technology is demanding and continually growing. However, unconstrained dynamic nature of the topology of mobile ad hoc networks makes them vulnerable to various types of attacks including routing attacks. Black hole attacks belong to one such type of attacks which disrupt the routing functions in MANETs. Rushing attacks also enable the attackers with limited resources and no cryptographic material to destroy the operation in MANETs. Wormhole attacks which are more sophisticated attacks still can easily crumble the connection in MANETs. These attacks greatly reduce the performance of the networks. Moreover, they are able to partition the network and degrade the connectivity of the network. In this paper, we propose a robust scheme to defense these routing attacks in MANETs and improve the performance of the networks.

Ping Yi,Yue Wu,Jianqing Ma

DOI: https://doi.org/10.1109/ICCW.2009.5208014

2009-01-01

Abstract:Mobile ad hoc networks will often be deployed in environments where the nodes of the networks are unattended and have little or no physical protection against tampering. The nodes of mobile ad hoc networks are thus susceptible to compromise. The networks are particularly vulnerable to denial of service (DoS) attacks launched through compromised nodes or intruders. In this paper, we investigated the effects of flooding attacks in Network Simulation 2 (ns-2) and measured the packet delivery ratio and packet delay under different flooding frequency and different number of attack nodes. Simulation results show that with the increase the flooding frequency and the number of attack nodes, network performance drops. Meanwhile the packet delay firstly increases and then decline to a value of stability in the end.

Ping Yi,Yong-kai Zhou,Yue Wu,Ning Liu

DOI: https://doi.org/10.1007/s12204-009-0580-7

2009-01-01

Journal of Shanghai Jiaotong University (Science)

Abstract:Mobile ad hoc networks are often deployed in environments where the nodes of the networks are unattended and have little or no physical protection against tampering. The nodes of mobile ad hoc networks are thus susceptible to compromise. The networks are particularly vulnerable to denial of service (DoS) attacks launched through compromised nodes or intruders. In this paper, we investigated the effects of flooding attacks in network simulation 2 (NS-2) and measured the packet delivery ratio and packet delay under different flooding frequencies and different numbers of attack nodes. Simulation results show that with the increase the flooding frequencies and the numbers of attack nodes, network performance drops. But when the frequency of flooding attacks is greater than a value, the performance decrease gets smooth. Meanwhile the packet delay firstly increases and then declines to a value of stability at the end.

Hisham Mustafa,Yan Xiong

DOI: https://doi.org/10.1109/WOCC.2013.6676457

2013-01-01

Abstract:Due to the vulnerabilities of nodes and channels, absence of central management, and the resources constraints, mobile ad hoc network (MANET) is relatively vulnerable to malicious attacks. In MANET, routing attacks try to disrupt the routing protocol functions by intentionally or unintentionally dropping packets or by propagating faked routing messages. However, due to their computation requirements and inefficiency against internal attacks, the prevention only mechanisms are not powerful enough to secure MANET routing protocols. In this paper, we present a distributed and cooperative scheme for MANETs routing attacks detection. The scheme collects and analyzes data that are sensitive to routing attacks so as to detect anomalous events. In this scheme, both direct observations and indirect observations are used so as to characterize the behaviors of both neighboring and remote nodes. The scheme utilizes the Grubb's test to develop new methods for detecting routing attacks and evaluating the exchanged information. © 2013 IEEE.

Dan-Yang Qin,Lin Ma,Xue-Jun Sha,Yu-Bin Xu

DOI: https://doi.org/10.6180/jase.2011.14.1.09

2011-01-01

Abstract:Mobile Ad Hoc Network (MANET) is a centerless packet radio network without the use of any fixed infrastructure. In recent years, tremendous attentions have been received because of capabilities of self-configuration and self-maintenance especially in public safe and disaster recovery situations. However, attenuation and interference caused by node mobility and wireless channels sharing weaken the stability of communication links, which makes routing protocol design present nontrivial challenges such as broadcast storm, stale route and delay. The negative impact of link-discontinuity on communication is alleviated by an effective survivable routing strategy (SRS) proposed in this paper. SRS is achieved by restricting the route request (RREQ) zone on intermediate forwarding nodes according to the solution of optimal exploring equations. With the purpose of increasing survivability and reducing average end-to-end delay during route maintenance as well as allowing continuous packet forwarding for fault resilience, Network Simulator 2 (NS2) based simulation results show remarkable packets successful delivery rate and the total overhead improvements of this strategy will be obtained.

Ping Yi,Futai Zou,Yan Zou,Zhiyang Wang

DOI: https://doi.org/10.3969/j.issn.1004-4132.2011.02.022

2011-01-01

Abstract:Due to their characteristics of dynamic topology, wireless channels and limited resources, mobile ad hoc networks are particularly vulnerable to a denial of service (DoS) attacks launched by intruders. The effects of flooding attacks in network simulation 2 (NS2) and measured performance parameters are investigated, including packet loss ratio, average delay, throughput and average number of hops under different numbers of attack nodes, flooding frequency, network bandwidth and network size. Simulation results show that with the increase of the flooding frequency and the number of attack nodes, network performance sharply drops. But when the frequency of flooding attacks or the number of attack nodes is greater than a certain value, performance degradation tends to a stable value.

Hung-Min Sun,Chiung-Hsun Chen,Chih-Wen Yeh,Yao-Hsin Chen

DOI: https://doi.org/10.1007/s00779-012-0537-y

2013-01-01

Personal and Ubiquitous Computing

Abstract:Mobile ad hoc networks (MANETs) are vulnerable to active attacks, such as dropping attacks, replay attacks, collusion attacks, and tampering attacks. Many researches have been proposed to provide security transmission. However, they cannot effectively and efficiently resist colluding attacks. Therefore, we propose a collaborative routing protocol (CRP) to detect and isolate colluding attackers via monitor mechanism. Monitor nodes observe and record the behavior of intermediate nodes. Based on the records of intermediate nodes, source node can distinguish malicious nodes and isolate them. Finally, security analyses and simulation verify that CRP can effectively and efficiently resist black hole attacks, gray hole attacks, modify and fake packet attacks, rushing attacks, and collusion attacks.

Zhao Du,Wang Xueping,Yu Jianhua

DOI: https://doi.org/10.3969/j.issn.1000-386X.2008.09.097

2008-01-01

Abstract:When the mobile Ad Hoc Network (MANET) is widely used in many areas,the research on the security of the MANET is becoming more and more important.Because of its peculiarity,DDoS attacks have brought very serious threats to the MANET as well as to the wired network.A new efficient Neighbor Union-based defensive architecture is proposed to defend DDoS attacks in MANET.Attack data packets are detected and filtered.Experiments show that this detection and filtering policy can defend DDoS attacks effectively,while little storage space and time is consumed.

Akshai Aggarwal,Savita Gandhi,Nirbhay Chaubey,Naren Tada,Srushti Trivedi

DOI: https://doi.org/10.48550/arXiv.1405.6216

2014-02-10

Networking and Internet Architecture

Abstract:Mobile Ad Hoc Networks (MANETs) are collections of mobile nodes that can communicate with one another using multihop wireless links. MANETs are often deployed in the environments, where there is no fixed infrastructure and centralized management. The nodes of mobile ad hoc networks are susceptible to compromise. In such a scenario, designing an efficient, reliable and secure routing protocol has been a major challengesue over the last many years. The routing protocol Ad hoc On-demand Distance Vector (AODV) has no security measures in-built in it. It is vulnerable to many types of routing attacks. The flood attack is one of them. In this paper, we propose a simple and effective technique to secure Ad hoc Ondemand Distance Vector (AODV) routing protocol against flood attacks. To deal with a flood attack, we have proposed Neighbor Defense Technique for Ad hoc On-demand Distance Vector (NDTAODV). This makes AODV more robust. The proposed technique has been designed to isolate the flood attacker with the use of timers, peak value and hello alarm technique. We have simulated our work in Network Simulator NS-2.33 (NS-2) with different pause times by way of different number of malicious nodes. We have compared the performance of NDTAODV with the AODV in normal situation as well as in the presence of malicious attacks. We have considered Packet Delivery Fraction (PDF), Average Throughput (AT) and Normalized Routing Load (NRL) for comparing the performance of NDTAODV and AODV.

Minda Xiang,Yu Chen,Wei-Shinn Ku,Zhou Su

DOI: https://doi.org/10.1109/GLOCOM.2011.6134032

2011-01-01

Abstract:Mobile Ad Hoc Networks (MANETs) allow mobile hosts to form a communication network without a prefixed infrastructure. Although it provides high flexibility, it also brings more challenges for MANETs to fight against malicious attacks. However, the property of mobility and redundancy also inspires new ideas to design defence strategy. In this paper, we propose a strategy to mitigate DDoS attacks in MANETs. Assume that a malicious attacker normally targets specific victims. The attacker will give up if the attack failed to achieve the desired goals after a certain length of attacking time. In our protection strategy, we take advantage of high redundancy and select a protection node. Once a DDoS attack has been detected, the suspicious traffic will be redirected to the protection node. The victim will function normally, and it is reasonable to expect that the attacker will stop the meaningless efforts. Through intensive simulation experiment using NS-2, we have verified the effectiveness of our approach and evaluated the cost and overhead of the system.

Kanchan Sanjeev Rana,Rutvij H. Jhaveri,Ashish D. Patel,Jatin D. Parmar,Bhavin I. Shah,Abhay kumar Rai,Rajiv Ranjan Tewari,Saurabh Kant Upadhya,Sonali Bhargava,Dharma P. Agrawal,Ping Yi,Zhoulin Dai,Yiping Zhong,Shiyong Zhong,Sidra Akram,Izza Zubair,M Hasan Islam,Ahsan Habib,Debashish Roy,Sonja Buchegger,Jean-Yves Le Boudec

2011-01-01

Abstract:An ad hoc network is the assortment of cooperative wireless nodes without existence of any access point or infrastructure. The presence of malicious nodes in an ad hoc network deteriorates the network performance. A novel approach for malicious nodes detection is proposed here to protect against DoS attack in ad hoc on-demand distance vector routing protocol. The proposed approach employs a method for determining conditions under which malicious node should be monitored. Apart from identification of malicious node, it has been observed that this approach leads to less conservation and less communication breakage in ad hoc routing. The experimental results demonstrate that the proposed approach can effectively detect malicious nodes

Dalia Nashat,Xiaohong Jiang,Susumu Horiguchi

DOI: https://doi.org/10.1109/icebe.2008.18

2008-01-01

Abstract:The TCP SYN flooding attack is the most prevalent type of DDoS attacks that exhaust network resources. A router based detection scheme has been proposed to detect the SYN flooding agents based on the assumption that the SYN packets from the agent and the SYN/ACK packets from the victimpsilas server pass through different leaf routers. In the current IP spoofing techniques, however, the attacker can spoof a random address from any subnetwork, so the SYN packets from the agent and the SYN/ACK packets from the server may pass through the same leaf router. Therefore, a more general and flexible detection scheme is highly desirable for the efficient detection of these flooding agents under any type of IP spoofing. In this paper, we propose such a scheme to detect the flooding agents by considering all the possible kinds of IP spoofing. The proposed scheme is based on the TCP SYN-SYN/ACK protocol pair with the consideration of packet header information (both sequence and Ack. numbers). The Counting Bloom Filter is used to classify all the incoming SYN/ACK packets to the sub network into two streams, the first SYN/ACK packets (SYN/ACKf ) and the retransmission SYN/ACK packets (SYN/ACKr), to make our scheme generally applicable and the Cumulative Sum algorithm is applied to avoid the dependence of detection on sites and access patterns. Compared to the old detection scheme without the consideration of IP spoofing techniques, the proposed new scheme can significantly improve the accuracy in detecting the SYN flooding agents, as verified by extensive simulation results based on different IP spoofing techniques.

Hung-Min Sun,Chiung-Hsun Chen,Ling-Chun Hsu,Yen-Hsueh Chen

DOI: https://doi.org/10.1049/cp.2011.0922

2011-01-01

Abstract:Many routing protocols in MANET have been proposed to resist packet dropping attacks by removing suspicious node from route. However, when they cannot discovery who is an adversary, they cannot effectively deal with packet dropping attacks launch by the adversary. In other words, when there is anyone type of packet dropping attacks they cannot resist, the packet delivery rate will be influenced. In view of this, we propose a novel scheme to mitigate the influence of any kind of packet dropping attacks in MANET. Further, our scheme can cooperate with other protocols to acquire better packet delivery rate and to decrease overheads. The security analysis and simulation study in this paper verify the effectiveness and efficiency of our scheme.

Ping Yi,Jiwen Cai,Yue Wu,Yuan Li

2009-01-01

Journal of Computational Information Systems

Abstract:Mobile ad hoc networks are often deployed in environments where the nodes of the networks are unattended and have little or no physical protection against tampering. The nodes of mobile ad hoc networks are thus susceptible to compromise. The networks are particularly vulnerable to denial of service (DoS) attacks launched through compromised nodes or intruders. Firstly, we discuss security vulnerabilities and possible attacks in mobile ad hoc networks. Then, we analyze two kinds of DoS attacks, including flooding attack and black hole. We investigated the effects of two kinds of DoS attacks in Network Simulation 2 (ns-2). Simulation results show that flooding attack is more dangerous than hole attack. Copyright © 2009 Binary Information Press.

S.A.Arunmozhi,Y.Venkataramani

DOI: https://doi.org/10.5121/ijnsa.2011.3312

2011-06-07

Abstract:The wireless ad hoc networks are highly vulnerable to distributed denial of service(DDoS) attacks because of its unique characteristics such as open network architecture, shared wireless medium and stringent resource constraints. These attacks throttle the tcp throughput heavily and reduce the quality of service(QoS) to end systems gradually rather than refusing the clients from the services completely. In this paper, we discussed the DDoS attacks and proposed a defense scheme to improve the performance of the ad hoc networks. Our proposed defense mechanism uses the medium access control (MAC) layer information to detect the attackers. The status values from MAC layer that can be used for detection are Frequency of receiving RTS/CTS packets, Frequency of sensing a busy channel and the number of RTS/DATA retransmissions. Once the attackers are identified, all the packets from those nodes will be blocked. The network resources are made available to the legitimate users. We perform the simulation with Network Simulator NS2 and we proved that our proposed system improves the network performance.

Cryptography and Security,Distributed, Parallel, and Cluster Computing

Hai Liu,Pengjun Wan,Xiaohua Jia,Xinxin Liu,Frances Yao

DOI: https://doi.org/10.1109/tpds.2007.1023

IF: 5.3

2007-01-01

IEEE Transactions on Parallel and Distributed Systems

Abstract:Flooding is one of the most fundamental operations in mobile ad hoc networks. Traditional implementation of flooding suffers from the problems of excessive redundancy of messages, resource contention, and signal collision. This causes high protocol overhead and interference with the existing traffic in the networks. Some efficient flooding algorithms were proposed to avoid these problems. However, these algorithms either perform poorly in reducing redundant transmissions or require each node to maintain 2-hop (or more) neighbors information. In the paper, we study the sufficient and necessary condition of 100 percent deliverability for flooding schemes that are based on only 1-hop neighbors information. We further propose an efficient flooding algorithm that achieves the local optimality in two senses: 1) The number of forwarding nodes in each step is minimal and 2) the time complexity for computing forwarding nodes is the lowest, which is O(nlogn), where n is the number of neighbors of a node. Extensive simulations have been conducted and simulation results have shown the excellent performance of our algorithm.

S.M. Udhaya Sankar,D. Dhinakaran,C. Cathrin Deboral,M. Ramakrishnan

DOI: https://doi.org/10.14445/22315381/IJETT-V70I11P224

2023-04-21

Abstract:Wireless networks that are decentralized and communicate without using existing infrastructure are known as mobile ad-hoc networks. The most common sorts of threats and attacks can affect MANETs. Therefore, it is advised to utilize intrusion detection, which controls the system to detect additional security issues. Monitoring is essential to avoid attacks and provide extra protection against unauthorized access. Although the current solutions have been designed to defeat the attack nodes, they still require additional hardware, have considerable delivery delays, do not offer high throughput or packet delivery ratios, or do not do so without using more energy. The capability of a mobile node to forward packets, which is dependent on the platform's life quality, may be impacted by the absence of the network node power source. We developed the Safe Routing Approach (SRA), which uses behaviour analysis to track and monitor attackers who discard packets during the route discovery process. The attacking node recognition system is made for irregular routing node detection to protect the controller network's usual properties from becoming recognized as an attack node. The suggested method examines the nearby attack nodes and conceals the trusted node in the routing pathway. The path is instantly assigned after the initial discovery of trust nodes based on each node's strength value. It extends the network's life span and reduces packet loss. In terms of Packet Delivery Ratio (PDR), energy consumption, network performance, and detection of attack nodes, the suggested approach is contrasted with AIS, ZIDS, and Improved AODV. The findings demonstrate that the recommended strategy performs superior in terms of PDR, residual energy, and network throughput.

Networking and Internet Architecture,Cryptography and Security