Abstract | ||
---|---|---|
We present the design, implementation, and evaluation of CapMan, a capability-based security mechanism that prevents denial-of-service (DoS) attacks against mobile ad-hoc networks (MANETs). In particular, our approach is designed to mitigate insider attacks that exploit multi-path routing to flood with packets on other participating nodes in the network. CapMan is instantiated on every node and enforces capability limits that effectively regulate the traffic for all end-to-end network flows. Each capability is issued and advertised by the capability distribution module, and is globally maintained via the capability enforcement logic. By periodically exchanging small usage summaries, all cooperating nodes are informed of the global network state in a scalable and consistent manner. The distribution of summaries empowers individual nodes to make informed decisions and regulate traffic as dictated by the per-flow capabilities across multiple dynamic routing paths. We implemented a prototype of CapMan as a module of the NS2 simulator. We conducted extensive simulations with the prototype using AOMDV as the underlying multi-path routing protocol. Both theoretical analysis and experimental results validate that our mechanism can effectively curtail sophisticated DoS attacks that target multi-path routing in MANETs. We can protect the overall network health even when both the initiator and the responder are malicious insiders and collude in an attempt to deprive the network of valuable resources. Finally, our results show that CapMan introduces relatively small and configurable network overhead and imposes minimal impact on non-attacking traffic flows. |
Year | DOI | Venue |
---|---|---|
2013 | 10.1007/s11277-013-1297-3 | Wireless Personal Communications |
Keywords | Field | DocType |
MANETs,DoS attacks,Multi-path,Capability | Flow network,Mobile ad hoc network,Global network,Denial-of-service attack,Computer science,Network packet,Computer network,Exploit,Routing protocol,Distributed computing,Scalability | Journal |
Volume | Issue | ISSN |
73 | 1 | 0929-6212 |
Citations | PageRank | References |
1 | 0.34 | 33 |
Authors | ||
3 |
Name | Order | Citations | PageRank |
---|---|---|---|
Quan Jia | 1 | 64 | 5.01 |
Kun Sun | 2 | 142 | 12.80 |
Angelos Stavrou | 3 | 1288 | 98.69 |