An Experimental Study of the Performance Impact of Path-Based DoS Attacks in Wireless Mesh Networks

Wireless mesh networks (WMNs) are considered as cost effective, easily deployable and capable of extending Internet connectivity. However, one of the major challenges in deploying reliable WMNs is preventing their nodes from malicious attacks, which is of particular concern as attacks can severely degrade network performance. When a DoS attack is targeted over an entire communication path, it is called a path-based DoS attack. We study the performance impact of path-based DoS attacks by considering attack intensity, medium errors, physical diversity, collusion and hop count. We setup a wireless mesh testbed and configure a set of experiments to gather realistic measurements, and assess the effects of different factors. We find that medium errors have significant impact on the performance of WMNs when a path-based DoS attack is carried out, and the impact is exacerbated by the MAC layer retransmissions. We show that due to physical diversity, a far attacker can lead to an increased performance degradation than a close-by attacker. Additionally, we demonstrate that the joint impact of two colluding attackers is not as severe as the joint result of individual attacks. We also discuss a strategy to counter path-based DoS attacks which can potentially alleviate the impact of the attack significantly.

[1]  Wenyuan Xu,et al.  Channel surfing: defending wireless sensor networks from jamming and interference , 2006, SenSys '06.

[2]  Stefan Savage,et al.  802.11 Denial-of-Service Attacks: Real Vulnerabilities and Practical Solutions , 2003, USENIX Security Symposium.

[3]  Shivakant Mishra,et al.  Defending against path-based DoS attacks in wireless sensor networks , 2005, SASN '05.

[4]  Charles E. Perkins,et al.  Performance comparison of two on-demand routing protocols for ad hoc networks , 2001, IEEE Wirel. Commun..

[5]  Vincent W. S. Wong,et al.  Joint Channel Allocation, Interface Assignment and MAC Design for Multi-Channel Wireless Mesh Networks , 2007, IEEE INFOCOM 2007 - 26th IEEE International Conference on Computer Communications.

[6]  Ilenia Tinnirello,et al.  Experimental Assessment of the Backoff Behavior of Commercial IEEE 802.11b Network Cards , 2007, IEEE INFOCOM 2007 - 26th IEEE International Conference on Computer Communications.

[7]  Ian F. Akyildiz,et al.  Wireless mesh networks: a survey , 2005, Comput. Networks.

[8]  Hans-Joachim Hof,et al.  A cluster-based security architecture for ad hoc networks , 2004, IEEE INFOCOM 2004.

[9]  Andrew T. Campbell,et al.  E-CSMA: Supporting Enhanced CSMA Performance in Experimental Sensor Networks Using Per-Neighbor Transmission Probability Thresholds , 2007, IEEE INFOCOM 2007 - 26th IEEE International Conference on Computer Communications.

[10]  Songwu Lu,et al.  Self-organized network-layer security in mobile ad hoc networks , 2002, WiSE '02.

[11]  Srinivasan Seshan,et al.  Understanding and mitigating the impact of RF interference on 802.11 networks , 2007, SIGCOMM '07.

[12]  Peng Wang,et al.  Toward Tractable Computation of the Capacity of Multi-Hop Wireless Networks , 2007, IEEE INFOCOM 2007 - 26th IEEE International Conference on Computer Communications.

[13]  John S. Baras,et al.  An Analytic Framework for Modeling and Detecting Access Layer Misbehavior in Wireless Networks , 2008, TSEC.

[14]  Cheng Li,et al.  Wireless Mesh Networks: A Survey , 2007 .

[15]  Wenyuan Xu,et al.  Channel Surfing: Defending Wireless Sensor Networks from Interference , 2007, 2007 6th International Symposium on Information Processing in Sensor Networks.

[16]  Hongqiang Zhai,et al.  Impact of Routing Metrics on Path Capacity in Multirate and Multihop Wireless Ad Hoc Networks , 2006, Proceedings of the 2006 IEEE International Conference on Network Protocols.

[17]  Jia Wang,et al.  A measurement study of Internet bottlenecks , 2005, Proceedings IEEE 24th Annual Joint Conference of the IEEE Computer and Communications Societies..

[18]  Wenyuan Xu,et al.  Channel surfing and spatial retreats: defenses against wireless denial of service , 2004, WiSe '04.

[19]  Yih-Chun Hu,et al.  Cross-Layer Jamming Detection and Mitigation in Wireless Broadcast Networks , 2007, IEEE/ACM Transactions on Networking.

[20]  Paramvir Bahl,et al.  Feasibility study of mesh networks for all-wireless offices , 2006, MobiSys '06.

[21]  Wenyuan Xu,et al.  The feasibility of launching and detecting jamming attacks in wireless networks , 2005, MobiHoc '05.

[22]  Maxim Raya,et al.  DOMINO: a system to detect greedy behavior in IEEE 802.11 hotspots , 2004, MobiSys '04.

[23]  Chai-Keong Toh,et al.  Evaluating the communication performance of an ad hoc wireless network , 2002, IEEE Trans. Wirel. Commun..

[24]  Songwu Lu,et al.  SCAN: self-organized network-layer security in mobile ad hoc networks , 2006, IEEE Journal on Selected Areas in Communications.

[25]  Timothy X. Brown,et al.  Jamming and sensing of encrypted wireless ad hoc networks , 2006, MobiHoc '06.

[26]  Yuguang Fang,et al.  A secure authentication and billing architecture for wireless mesh networks , 2007, Wirel. Networks.

[27]  Robert Tappan Morris,et al.  Architecture and evaluation of an unplanned 802.11b mesh network , 2005, MobiCom '05.

[28]  Samrat Ganguly,et al.  A measurement-based approach to modeling link capacity in 802.11-based wireless networks , 2007, MobiCom '07.

[29]  Reza Curtmola,et al.  Practical defenses against pollution attacks in intra-flow network coding for wireless mesh networks , 2009, WiSec '09.

[30]  Charles E. Perkins,et al.  Performance comparison of two on-demand routing protocols for ad hoc networks , 2001, IEEE Wirel. Commun..

[31]  Ramachandran Ramjee,et al.  ECHOS - enhanced capacity 802.11 hotspots , 2005, Proceedings IEEE 24th Annual Joint Conference of the IEEE Computer and Communications Societies..

[32]  Robert Morris,et al.  Link-level measurements from an 802.11b mesh network , 2004, SIGCOMM 2004.

[33]  Philippe Jacquet,et al.  OLSR performance measurement in a military mobile ad-hoc network , 2004, 24th International Conference on Distributed Computing Systems Workshops, 2004. Proceedings..

[34]  Edward W. Knightly,et al.  Denial of service resilience in ad hoc networks , 2004, MobiCom '04.

[35]  Yuguang Fang,et al.  ARSA: An Attack-Resilient Security Architecture for Multihop Wireless Mesh Networks , 2006, IEEE Journal on Selected Areas in Communications.