Detecting flooding attack and accommodating burst traffic in delay-tolerant networks

Detecting flooding attack and accommodating burst traffic in delay-tolerant networks

Delay Tolerant Network (DTN) is developed to cope with intermittent connectivity and long delay in wireless networks. Due to limited connectivity, DTN is vulnerable to flooding attack in which malicious nodes flood the network with superfluous data to deplete the network resources. Existing works mi...

Full description

Saved in:
Bibliographic Details
Main Authors: Pham, Thi Ngoc Diep, Yeo, Chai Kiat, Yanai, Naoto, Fujiwara, Toru
Other Authors: School of Computer Science and Engineering
Format: Article
Language:English
Published: 2019
Subjects:
DRNTU::Engineering::Computer science and engineering
DTN
Encounter Record
Online Access:https://hdl.handle.net/10356/104140
http://hdl.handle.net/10220/47864
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Nanyang Technological University
Language: English
id sg-ntu-dr.10356-104140
record_format dspace
spelling sg-ntu-dr.10356-1041402020-03-07T11:50:49Z Detecting flooding attack and accommodating burst traffic in delay-tolerant networks Pham, Thi Ngoc Diep Yeo, Chai Kiat Yanai, Naoto Fujiwara, Toru School of Computer Science and Engineering DRNTU::Engineering::Computer science and engineering DTN Encounter Record Delay Tolerant Network (DTN) is developed to cope with intermittent connectivity and long delay in wireless networks. Due to limited connectivity, DTN is vulnerable to flooding attack in which malicious nodes flood the network with superfluous data to deplete the network resources. Existing works mitigate internal flooding attacks by rate-limit to constrain the number of messages that nodes can generate per time slot. However, rate-limit cannot flexibly accommodate burst traffic in which nodes may have sending demands higher than the rate-limit for a short period. In this paper, we propose FDER to detect flooding attack and yet allow legitimate burst traffic simultaneously. Nodes exchange their histories of encounter records (ER) which record the sent messages during their previous encounters. The ER history is used to infer a node’s new message transmission rate over time and the number of forwarded replicas per message. The adversary nodes that send too many messages or replicas can thus be detected. Since ERs serve as useful tools for monitoring the sending behavior of nodes over a long time period, FDER could detect the burst traffic violation efficiently. We also design FP - a fairness forwarding policy to ensure fairness in the delivery performance fairness between nodes with normal traffic and those with burst traffic. FP uses ER information to observe nodes’ rate of new message generation and adjust their forwarding priorities accordingly. Simulation results show that FDER can detect flooding attack at a higher accuracy and a lower delay compared to state-of-the-art scheme with affordable overhead. Moreover, FP could mitigate the smart flooding attack and still provide the performance fairness to support bursty traffic scenario. Accepted version 2019-03-20T06:18:13Z 2019-12-06T21:27:22Z 2019-03-20T06:18:13Z 2019-12-06T21:27:22Z 2018 Journal Article Pham, T. N. D., Yeo, C. K., Yanai, N., & Fujiwara, T. (2018). Detecting flooding attack and accommodating burst traffic in delay-tolerant networks. IEEE Transactions on Vehicular Technology, 67(1), 795-808. doi:10.1109/TVT.2017.2748345 0018-9545 https://hdl.handle.net/10356/104140 http://hdl.handle.net/10220/47864 10.1109/TVT.2017.2748345 en IEEE Transactions on Vehicular Technology © 2018 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works. The published version is available at: https://doi.org/10.1109/TVT.2017.2748345. 13 p. application/pdf
institution Nanyang Technological University
building NTU Library
country Singapore
collection DR-NTU
language English
topic DRNTU::Engineering::Computer science and engineering
DTN
Encounter Record
spellingShingle DRNTU::Engineering::Computer science and engineering
DTN
Encounter Record
Pham, Thi Ngoc Diep
Yeo, Chai Kiat
Yanai, Naoto
Fujiwara, Toru
Detecting flooding attack and accommodating burst traffic in delay-tolerant networks
description Delay Tolerant Network (DTN) is developed to cope with intermittent connectivity and long delay in wireless networks. Due to limited connectivity, DTN is vulnerable to flooding attack in which malicious nodes flood the network with superfluous data to deplete the network resources. Existing works mitigate internal flooding attacks by rate-limit to constrain the number of messages that nodes can generate per time slot. However, rate-limit cannot flexibly accommodate burst traffic in which nodes may have sending demands higher than the rate-limit for a short period. In this paper, we propose FDER to detect flooding attack and yet allow legitimate burst traffic simultaneously. Nodes exchange their histories of encounter records (ER) which record the sent messages during their previous encounters. The ER history is used to infer a node’s new message transmission rate over time and the number of forwarded replicas per message. The adversary nodes that send too many messages or replicas can thus be detected. Since ERs serve as useful tools for monitoring the sending behavior of nodes over a long time period, FDER could detect the burst traffic violation efficiently. We also design FP - a fairness forwarding policy to ensure fairness in the delivery performance fairness between nodes with normal traffic and those with burst traffic. FP uses ER information to observe nodes’ rate of new message generation and adjust their forwarding priorities accordingly. Simulation results show that FDER can detect flooding attack at a higher accuracy and a lower delay compared to state-of-the-art scheme with affordable overhead. Moreover, FP could mitigate the smart flooding attack and still provide the performance fairness to support bursty traffic scenario.
author2 School of Computer Science and Engineering
author_facet School of Computer Science and Engineering
Pham, Thi Ngoc Diep
Yeo, Chai Kiat
Yanai, Naoto
Fujiwara, Toru
format Article
author Pham, Thi Ngoc Diep
Yeo, Chai Kiat
Yanai, Naoto
Fujiwara, Toru
author_sort Pham, Thi Ngoc Diep
title Detecting flooding attack and accommodating burst traffic in delay-tolerant networks
title_short Detecting flooding attack and accommodating burst traffic in delay-tolerant networks
title_full Detecting flooding attack and accommodating burst traffic in delay-tolerant networks
title_fullStr Detecting flooding attack and accommodating burst traffic in delay-tolerant networks
title_full_unstemmed Detecting flooding attack and accommodating burst traffic in delay-tolerant networks
title_sort detecting flooding attack and accommodating burst traffic in delay-tolerant networks
publishDate 2019
url https://hdl.handle.net/10356/104140
http://hdl.handle.net/10220/47864
_version_ 1681038778264715264

Similar Items