Detecting flooding attack and accommodating burst traffic in delay-tolerant networks
Delay Tolerant Network (DTN) is developed to cope with intermittent connectivity and long delay in wireless networks. Due to limited connectivity, DTN is vulnerable to flooding attack in which malicious nodes flood the network with superfluous data to deplete the network resources. Existing works mi...
Saved in:
| Main Authors: | , , , |
|---|---|
| Other Authors: | |
| Format: | Article |
| Language: | English |
| Published: |
2019
|
| Subjects: | |
| Online Access: | https://hdl.handle.net/10356/104140 http://hdl.handle.net/10220/47864 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Nanyang Technological University |
| Language: | English |
| Summary: | Delay Tolerant Network (DTN) is developed to cope with intermittent connectivity and long delay in wireless networks. Due to limited connectivity, DTN is vulnerable to flooding attack in which malicious nodes flood the network with superfluous data to deplete the network resources. Existing works mitigate internal flooding attacks by rate-limit to constrain the number of messages that nodes can generate per time slot. However, rate-limit cannot flexibly accommodate burst traffic in which nodes may have sending demands higher than the rate-limit for a short period. In this paper, we propose FDER to detect flooding attack and yet allow legitimate burst traffic simultaneously. Nodes exchange their histories of encounter records (ER) which record the sent messages during their previous encounters. The ER history is used to infer a node’s new message transmission rate over time and the number of forwarded replicas per message. The adversary nodes that send too many messages or replicas can thus be detected. Since ERs serve as useful tools for monitoring the sending behavior of nodes over a long time period, FDER could detect the burst traffic violation efficiently. We also design FP - a fairness forwarding policy to ensure fairness in the delivery performance fairness between nodes with normal traffic and those with burst traffic. FP uses ER information to observe nodes’ rate of new message generation and adjust their forwarding priorities accordingly. Simulation results show that FDER can detect flooding attack at a higher accuracy and a lower delay compared to state-of-the-art
scheme with affordable overhead. Moreover, FP could mitigate the smart flooding attack and still provide the performance fairness to support bursty traffic scenario. |
|---|