Please use this identifier to cite or link to this item:

Pulsing RoQ DDoS attack and defense scheme in mobile ad hoc networks

Authors Ren, Wei HKUST affiliated (currently or previously)
Jin, Hai
Yeung, Dit Yan View this author's profile
Yang, Mei
Issue Date 2007
Source International Journal of Network Security , v. 4, (2), 2007, p. 227-234
Summary Reduction of Quality (RoQ) attack is a new style of Distributed Denial of Service (DDoS) attack. The goodput and delay performance of TCP or UDP flows are very sensitive to such RoQ attacks. In this paper, we study in detail congestion-based RoQ DDoS attacks in mobile ad-hoc networks for the first time. Specifically, we study the attacking principles based on analysis of the network capacity and classify these attacks into four categories: pulsing attack, round robin attack, self-whisper attack, and flooding attack. We then propose a defense scheme that includes both the detection and response mechanisms. The detection signals include the frequency of receiving RTS/CTS packets, frequency of sensing a busy channel (signal interference), and number of RTS/DATA retransmissions. The response scheme is based on the ECN marking mechanism. Through extensive ns2 network simulations, we demonstrate the existence of high goodput and delay jitters under the pulsing attack mode. Increase in delay (by 110 times under five attacking flows) and decrease in goodput (to 77% under five attacking flows) can be observed especially when more attacking flows occurs. Moreover, we show through simulations that similar behaviors can also be observed for TCP flows as well as networks of other topology types.
ISSN 1816-353X
Language English
Format Article
Access View full-text via Scopus