To lie or to comply: Defending against flood attacks in disruption tolerant networks

Qinghua Li, Wei Gao, Sencun Zhu, Guohong Cao

Research output: Contribution to journalArticlepeer-review

28 Scopus citations

Abstract

Disruption Tolerant Networks (DTNs) utilize the mobility of nodes and the opportunistic contacts among nodes for data communications. Due to the limitation in network resources such as contact opportunity and buffer space, DTNs are vulnerable to flood attacks in which attackers send as many packets or packet replicas as possible to the network, in order to deplete or overuse the limited network resources. In this paper, we employ rate limiting to defend against flood attacks in DTNs, such that each node has a limit over the number of packets that it can generate in each time interval and a limit over the number of replicas that it can generate for each packet. We propose a distributed scheme to detect if a node has violated its rate limits. To address the challenge that it is difficult to count all the packets or replicas sent by a node due to lack of communication infrastructure, our detection adopts claim-carry-and-check: each node itself counts the number of packets or replicas that it has sent and claims the count to other nodes; the receiving nodes carry the claims when they move, and cross-check if their carried claims are inconsistent when they contact. The claim structure uses the pigeonhole principle to guarantee that an attacker will make inconsistent claims which may lead to detection. We provide rigorous analysis on the probability of detection, and evaluate the effectiveness and efficiency of our scheme with extensive trace-driven simulations.

Original languageEnglish (US)
Article number6336753
Pages (from-to)168-182
Number of pages15
JournalIEEE Transactions on Dependable and Secure Computing
Volume10
Issue number3
DOIs
StatePublished - Jan 1 2013

All Science Journal Classification (ASJC) codes

  • Electrical and Electronic Engineering

Fingerprint Dive into the research topics of 'To lie or to comply: Defending against flood attacks in disruption tolerant networks'. Together they form a unique fingerprint.

Cite this