skip to main content
10.1145/1023720.1023741acmconferencesArticle/Chapter ViewAbstractPublication PagesmobicomConference Proceedingsconference-collections
Article

Denial of service resilience in ad hoc networks

Published:26 September 2004Publication History

ABSTRACT

Significant progress has been made towards making ad hoc networks secure and DoS resilient. However, little attention has been focused on quantifying DoS resilience: Do ad hoc networks have sufficiently redundant paths and counter-DoS mechanisms to make DoS attacks largely ineffective? Or are there attack and system factors that can lead to devastating effects? In this paper, we design and study DoS attacks in order to assess the damage that difficult-to-detect attackers can cause. The first attack we study, called the JellyFish attack, is targeted against closed-loop flows such as TCP; although protocol compliant, it has devastating effects. The second is the Black Hole attack, which has effects similar to the JellyFish, but on open-loop flows. We quantify via simulations and analytical modeling the scalability of DoS attacks as a function of key performance parameters such as mobility, system size, node density, and counter-DoS strategy. One perhaps surprising result is that such DoS attacks can increase the capacity of ad hoc networks, as they starve multi-hop flows and only allow one-hop communication, a capacity-maximizing, yet clearly undesirable situation.

References

  1. F. M. Anjum. TCP algorithms and multiple paths: Considerations for the future of the Internet. Information Systems Frontiers, 1:91--104, March 2004.]] Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. Baruch Awerbuch, David Holmer, Cristina Nita-Rotaru, and Herbert Rubens. An on-demand secure routing protocol resilient to byzantine failures. In Proceedings of the ACM Workshop on Wireless Security (WiSe), Atlanta, Georgia, September 2002.]] Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. E. Blanton and M. Allman. On making TCP more robust to packet reordering. ACM Computer Communications Review, 32(1):20--30, January 2003.]] Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. S. Bohacek, J. Hespanha, J. Lee, C. Lim, and K. Obraczka. TCP-PR: TCP for persistent packet reordering. In Proceedings of the 23rd IEEE International Conference on Distributed Computing Systems, May 2003.]] Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. L. Brakmo, S. O'Malley, and L. Peterson. TCP Vegas: New techniques for congestion detection and avoidance. In Proceedings of ACM SIGCOMM '94, May 1994.]] Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. Sonja Buchegger and Jean-Yves~Le Boudec. Performance Analysis of the CONFIDANT Protocol: Cooperation Of Nodes --- Fairness In Dynamic Ad-hoc NeTworks. In Proceedings of IEEE/ACM Symposium on Mobile Ad Hoc Networking and Computing (MobiHoc), Lausanne, CH, June 2002.]] Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. L. Buttyan and J. P. Hubaux. Enforcing Service Availability in Mobile Ad-Hoc WANs. In Proceedings of IEEE/ACM Workshop on Mobile Ad Hoc Networking and Computing (MobiHoc), Boston, MA, USA, August 2000.]] Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. S. Capkun, J. P. Hubaux, and L. Buttyan. Mobility Helps Peer-to-Peer Security. To appear in IEEE Transactions on Mobile Computing, 2005.]] Google ScholarGoogle ScholarDigital LibraryDigital Library
  9. C. Casetti, M. Gerla, S. Mascolo, M. Sanadidi, and R. Wang. TCP Westwood: Bandwidth estimation for enhanced transport over wireless links. In Proceedings of ACM MobiCom 2001, Rome, Italy, July 2001.]] Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. M. Chan and R. Ramjee. TCP/IP performance over 3G wireless links with rate and delay variation. In Proceedings of ACM MobiCom 2002, Atlanta, GA, October 2002.]] Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. Bridget Dahill, Kimaya Sanzgiri, Brian~Neil Levine, Clay Shields, and Elizabeth M. Belding-Royer. A secure routing protocol for ad hoc networks. In Proceedings of ICNP, 2002.]] Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. K. Fall and S. Floyd. Simulation-based comparison of Tahoe, Reno and SACK TCP. ACM Computer Communications Review, 5(3):5--21, July 1996.]] Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. S. Floyd, M. Handley, J. Padhye, and J. Widmer. Equation-based congestion control for unicast applications. In Proceedings of ACM SIGCOMM '00, Stockholm, Sweden, August 2000.]] Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. M. Gerla, S. Lee, and G. Pau. TCP Westwood simulation studies in multiple-path cases. In Proceedings of SPECTS 2002, San Deigo, CA, July 2002.]]Google ScholarGoogle Scholar
  15. V. Gupta, S.V. Krishnamurthy, and M. Faloutsos. Denial of Service Attacks at the MAC Layer in Wireless Ad Hoc Networks. In Proceedings of MILCOM, 2002.]]Google ScholarGoogle ScholarCross RefCross Ref
  16. Yih-Chun Hu, David~B. Johnson, and Adrian Perrig. SEAD: Secure Efficient Distance Vector Routing for Mobile Wireless Ad Hoc Networks. Ad Hoc Networks, 1(1):175--192, 2003.]]Google ScholarGoogle ScholarCross RefCross Ref
  17. Yih-Chun Hu, Adrian Perrig, and David B. Johnson. Ariadne: A secure on-demand routing protocol for ad hoc networks. In Proceedings of the Eighth ACM International Conference on Mobile Computing and Networking (MobiCom 2002), September 2002.]] Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. Yih-Chun Hu, Adrian Perrig, and David B. Johnson. Efficient security mechanisms for routing protocols. In Network and Distributed System Security Symposium, NDSS '03, February 2003.]]Google ScholarGoogle Scholar
  19. Yih-Chun Hu, Adrian Perrig, and David B. Johnson. Packet leashes: A defense against wormhole attacks in wireless networks. In Proceedings of IEEE Infocom 2003, April 2003.]]Google ScholarGoogle ScholarCross RefCross Ref
  20. Yih-Chun Hu, Adrian Perrig, and David B. Johnson. Rushing attacks and defense in wireless ad hoc network routing protocols. In Proceedings of WiSe 2003, September 2003.]] Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. R. Jain. The Art of Computer System Performance Analysis. John Wiley and Sons, Inc., 1991.]]Google ScholarGoogle Scholar
  22. M. Jakobsson, S. Wetzel, and B. Yener. Stealth attacks on ad hoc wireless networks. In Proceedings of VTC, 2003.]]Google ScholarGoogle ScholarCross RefCross Ref
  23. David B. Johnson and D. Maltz. The dynamic source routing protocol for mobile ad hoc networks (DSR), April 2003. http://www.ietf.org/internet-drafts/draft-ietf-manet-dsr-09.txt.]]Google ScholarGoogle Scholar
  24. V. Kawadia and P. R. Kumar. Power control and clustering in ad hoc networks. In Proceedings of IEEE Infocom, 2003.]]Google ScholarGoogle Scholar
  25. A. Kuzmanovic and E. Knightly. Low-Rate TCP-Targeted Denial of Service Attacks (The Shrew vs. the Mice and Elephants. In Proceedings of ACM SIGCOMM 2003, Karlsruhe, Germany, August 2003.]] Google ScholarGoogle ScholarDigital LibraryDigital Library
  26. Haiyun Luo, Jiejun Kong, Petros Zerfos, Songwu Lu, and Lixia Zhang. URSA: Ubiquitous and Robust Access Control for Mobile Ad-Hoc Networks. To appear in IEEE/ACM Transactions on Networking. October 2004.]] Google ScholarGoogle ScholarDigital LibraryDigital Library
  27. Sergio Marti, T. J. Giuli, Kevin Lai, and Mary Baker. Mitigating routing misbehavior in mobile ad hoc networks. In Mobile Computing and Networking, pages 255--265, 2000.]] Google ScholarGoogle ScholarDigital LibraryDigital Library
  28. P. Michiardi and R. Molva. CORE: A Collaborative Reputation Mechanism To Enforce Node Cooperation In Mobile Ad Hoc Networks. In Proceedings of The 6th IFIP Communications and Multimedia Security Conference, Portorosz, Slovenia, September 2002.]] Google ScholarGoogle ScholarDigital LibraryDigital Library
  29. P. Papadimitratos and Z. Haas. Secure routing for mobile ad hoc networks. In Proceedings of CNDS, 2002.]]Google ScholarGoogle ScholarDigital LibraryDigital Library
  30. P. Papadimitratos and Z. Haas. Secure data transmission in mobile ad hoc networks. In Proceedings of WiSe, 2003.]] Google ScholarGoogle ScholarDigital LibraryDigital Library
  31. V. Paxson and M. Allman. Computing TCP's retransmission timer, November 2000. Internet RFC 2988.]] Google ScholarGoogle ScholarDigital LibraryDigital Library
  32. N. Sadagopan, F. Bai, B. Krishnamachari, and A. Helmy. PATHS: analysis of path duration Statistics and their impact on reactive MANET routing protocols. In Proceedings of MobiHoc, 2003.]] Google ScholarGoogle ScholarDigital LibraryDigital Library
  33. F. Wang and Y. Zhang. Improving TCP performance over mobile ad-hoc networks with out-of-order detection and response. In Proceedings of IEEE/ACM Symposium on Mobile Ad Hoc Networking and Computing (MobiHoc), Lausanne, CH, June 2002.]] Google ScholarGoogle ScholarDigital LibraryDigital Library
  34. Manuel Zapata and N. Asokan. Securing ad hoc routing protocols. In Proceedings of the ACM Workshop on Wireless Security (WiSe), Atlanta, Georgia, September 2002.]] Google ScholarGoogle ScholarDigital LibraryDigital Library
  35. M. Zhang, B. Karp, S. Floyd, and L. Peterson. RR-TCP: A reordering robust TCP with DSACK. In Proceedings of IEEE ICNP 2003, Atlanta, GA, November 2003.]] Google ScholarGoogle ScholarDigital LibraryDigital Library
  36. Sheng Zhong, Jiang Chen, and Yang~Richard Yang. Sprite: A simple, cheat-proof, credit-based system for mobile ad-hoc networks. In Proceedings of IEEE Infocom, 2003.]]Google ScholarGoogle ScholarCross RefCross Ref
  37. Lidong Zhou and Zygmunt~J. Haas. Securing ad hoc networks. IEEE Network, 13(6), 1999.]] Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. Denial of service resilience in ad hoc networks

      Recommendations

      Comments

      Login options

      Check if you have access through your login credentials or your institution to get full access on this article.

      Sign in
      • Published in

        cover image ACM Conferences
        MobiCom '04: Proceedings of the 10th annual international conference on Mobile computing and networking
        September 2004
        384 pages
        ISBN:1581138687
        DOI:10.1145/1023720

        Copyright © 2004 ACM

        Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

        Publisher

        Association for Computing Machinery

        New York, NY, United States

        Publication History

        • Published: 26 September 2004

        Permissions

        Request permissions about this article.

        Request Permissions

        Check for updates

        Qualifiers

        • Article

        Acceptance Rates

        Overall Acceptance Rate440of2,972submissions,15%

      PDF Format

      View or Download as a PDF file.

      PDF

      eReader

      View online with eReader.

      eReader