Performance Analysis of Disable IP Broadcast Technique for Prevention of Flooding-Based DDoS Attack in MANET

In Mobile Ad hoc Networks (MANET), various types of Denial of Service Attacks (DoS) are possible because of the inherent limitations of its routing protocols. Considering the Ad hoc On Demand Vector (AODV) routing protocol as the base protocol it is possible to find a suitable solution to overcome the malicious flooding i.e. attack of initiating / forwarding Route Requests (RREQs) that lead to hogging of network resources and packet dropping is a technique in which a node drops data packets (conditionally or randomly) that it is supposed to forward hence denial of service to genuine nodes. In this paper, a technique is proposed that can prevent a specific kind of DoS attack i.e. flood attack which Disable IP Broadcast. The proposed scheme is distributed in nature it has the capability to prevent Distributed DoS (DDoS) attack. The performance of the proposed algorithm in a series of simulations reveals that the proposed scheme provides a better solution than existing approaches.

[1]  Kok-Keong Loo,et al.  Denial of service attacks and challenges in broadband wireless networks , 2008 .

[2]  Cheng-Zhong Xu,et al.  Distributed denial-of-service and intrusion detection , 2007, J. Netw. Comput. Appl..

[3]  Vasilios A. Siris,et al.  Provider-Based Deterministic Packet Marking against Distributed DoS Attacks , 2005, IPDPS.

[4]  Yong Tang,et al.  Stateful DDoS attacks and targeted filtering , 2007, J. Netw. Comput. Appl..

[5]  Wenke Lee,et al.  A cooperative intrusion detection system for ad hoc networks , 2003, SASN '03.

[6]  Vasilios A. Siris,et al.  Provider-based deterministic packet marking against distributed DoS attacks , 2005, 19th IEEE International Parallel and Distributed Processing Symposium.

[7]  M. Gerla,et al.  GloMoSim: a library for parallel simulation of large-scale wireless networks , 1998, Proceedings. Twelfth Workshop on Parallel and Distributed Simulation PADS '98 (Cat. No.98TB100233).

[8]  Evangelos Kranakis,et al.  Resisting Malicious Packet Dropping in Wireless Ad Hoc Networks , 2003, ADHOC-NOW.

[9]  Wei Chen,et al.  A novel approach to detecting DDoS Attacks at an Early Stage , 2006, The Journal of Supercomputing.

[10]  Dawn Xiaodong Song,et al.  StackPi: New Packet Marking and Filtering Mechanisms for DDoS and IP Spoofing Defense , 2006, IEEE Journal on Selected Areas in Communications.

[11]  Ruby B. Lee,et al.  Distributed Denial of Service: Taxonomies of Attacks, Tools, and Countermeasures , 2004, PDCS.

[12]  Joseph P. Macker,et al.  Mobile Ad hoc Networking (MANET): Routing Protocol Performance Issues and Evaluation Considerations , 1999, RFC.