Slander-Resistant Forwarding Isolation in Ad Hoc Networks
This paper focuses on how to isolate attackers that inject packets to cause Denial-of-Service (DoS) in ad hoc networks. Our security analysis shows that current hop-by-hop source authentication protocols only partially achieve the defence goals, although they allow legitimate nodes to effectively id...
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | text |
| Language: | English |
| Published: |
Institutional Knowledge at Singapore Management University
2006
|
| Subjects: | |
| Online Access: | https://ink.library.smu.edu.sg/sis_research/1192 http://dx.doi.org/10.1504/IJMNDI.2006.012086 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Singapore Management University |
| Language: | English |
| id |
sg-smu-ink.sis_research-2191 |
|---|---|
| record_format |
dspace |
| spelling |
sg-smu-ink.sis_research-21912011-01-24T05:32:45Z Slander-Resistant Forwarding Isolation in Ad Hoc Networks GU, Qijun CHU, Chao-Hsien LIU, Peng ZHU, Sencun This paper focuses on how to isolate attackers that inject packets to cause Denial-of-Service (DoS) in ad hoc networks. Our security analysis shows that current hop-by-hop source authentication protocols only partially achieve the defence goals, although they allow legitimate nodes to effectively identify and discard injected or modified packets. The other important defence goal, which has not been achieved yet, is to isolate the attackers so that they cannot inject in the future. Current authentication protocols provide evidence of injection attacks, since injected packets will incur verification failures. Nevertheless, the evidence may be exploited by attackers to deceive defenders. We find that a non-injection attacker can slander any good forwarding node in a route by modifying the authentication information carried in the packets. In order to correctly isolate suspicious nodes, we propose a new authentication approach. The approach not only preserve the function to filter junk packets as in current authentication approaches, but also help to isolate the attackers with a high probability. This approach ensures that defenders can focus on investigating only two nodes to find out the real attacker once failed verifications are detected. 2006-08-01T07:00:00Z text https://ink.library.smu.edu.sg/sis_research/1192 info:doi/10.1504/IJMNDI.2006.012086 http://dx.doi.org/10.1504/IJMNDI.2006.012086 Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University denial of service DoS attacks source authentication Chinese remainder theorem CRT slander-resistant forwarding isolation ad hoc networks wireless networks authentication protocols packet filters attacker isolation security packet injection attacks mobile networks Computer Sciences Digital Communications and Networking |
| institution |
Singapore Management University |
| building |
SMU Libraries |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
SMU Libraries |
| collection |
InK@SMU |
| language |
English |
| topic |
denial of service DoS attacks source authentication Chinese remainder theorem CRT slander-resistant forwarding isolation ad hoc networks wireless networks authentication protocols packet filters attacker isolation security packet injection attacks mobile networks Computer Sciences Digital Communications and Networking |
| spellingShingle |
denial of service DoS attacks source authentication Chinese remainder theorem CRT slander-resistant forwarding isolation ad hoc networks wireless networks authentication protocols packet filters attacker isolation security packet injection attacks mobile networks Computer Sciences Digital Communications and Networking GU, Qijun CHU, Chao-Hsien LIU, Peng ZHU, Sencun Slander-Resistant Forwarding Isolation in Ad Hoc Networks |
| description |
This paper focuses on how to isolate attackers that inject packets to cause Denial-of-Service (DoS) in ad hoc networks. Our security analysis shows that current hop-by-hop source authentication protocols only partially achieve the defence goals, although they allow legitimate nodes to effectively identify and discard injected or modified packets. The other important defence goal, which has not been achieved yet, is to isolate the attackers so that they cannot inject in the future. Current authentication protocols provide evidence of injection attacks, since injected packets will incur verification failures. Nevertheless, the evidence may be exploited by attackers to deceive defenders. We find that a non-injection attacker can slander any good forwarding node in a route by modifying the authentication information carried in the packets. In order to correctly isolate suspicious nodes, we propose a new authentication approach. The approach not only preserve the function to filter junk packets as in current authentication approaches, but also help to isolate the attackers with a high probability. This approach ensures that defenders can focus on investigating only two nodes to find out the real attacker once failed verifications are detected. |
| format |
text |
| author |
GU, Qijun CHU, Chao-Hsien LIU, Peng ZHU, Sencun |
| author_facet |
GU, Qijun CHU, Chao-Hsien LIU, Peng ZHU, Sencun |
| author_sort |
GU, Qijun |
| title |
Slander-Resistant Forwarding Isolation in Ad Hoc Networks |
| title_short |
Slander-Resistant Forwarding Isolation in Ad Hoc Networks |
| title_full |
Slander-Resistant Forwarding Isolation in Ad Hoc Networks |
| title_fullStr |
Slander-Resistant Forwarding Isolation in Ad Hoc Networks |
| title_full_unstemmed |
Slander-Resistant Forwarding Isolation in Ad Hoc Networks |
| title_sort |
slander-resistant forwarding isolation in ad hoc networks |
| publisher |
Institutional Knowledge at Singapore Management University |
| publishDate |
2006 |
| url |
https://ink.library.smu.edu.sg/sis_research/1192 http://dx.doi.org/10.1504/IJMNDI.2006.012086 |
| _version_ |
1770570893588692992 |