A Novel Algorithm for Defending Path-Based Denial of Service Attacks in Sensor Networks
Existing end-to-end security mechanisms are vulnerable to path-based denial of service attacks (PDoS). If checking integrity and authenticity of a message is done only at the final destination, the intermediate nodes are going to forward bogus packets injected by an adversary many hops before they a...
Saved in:
| Main Authors: | , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Wiley
2010-12-01
|
| Series: | International Journal of Distributed Sensor Networks |
| Online Access: | https://doi.org/10.1155/2010/793981 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1832547301685460992 |
|---|---|
| author | Ramzi Saifan Omar Al-Jarrah |
| author_facet | Ramzi Saifan Omar Al-Jarrah |
| author_sort | Ramzi Saifan |
| collection | DOAJ |
| description | Existing end-to-end security mechanisms are vulnerable to path-based denial of service attacks (PDoS). If checking integrity and authenticity of a message is done only at the final destination, the intermediate nodes are going to forward bogus packets injected by an adversary many hops before they are detected. Therefore, the adversary can easily overwhelm intermediate nodes by bogus or replayed packets. This attack exhausts the nodes along the path. In addition, other downstream nodes that depend on the exhausted nodes as intermediate nodes will be isolated, and they have to find alternative paths. Regarding broadcast traffic that originated from the base station, if packets were injected by an adversary, the whole network's nodes will be exhausted. Therefore, there is a need to enable intermediate nodes to filter out bogus packets. We adopted a link layer security scheme to enable en route intermediate nodes to filter out any bogus or replayed packet as soon as it is injected into the network. Our scheme can handle different types of traffic. Simulation results show that our algorithm outperforms the one-way hash chain (OHC) algorithm and that it is more scalable. |
| format | Article |
| id | doaj-art-90017540a8a640e7ae8e81241203b18c |
| institution | Kabale University |
| issn | 1550-1477 |
| language | English |
| publishDate | 2010-12-01 |
| publisher | Wiley |
| record_format | Article |
| series | International Journal of Distributed Sensor Networks |
| spelling | doaj-art-90017540a8a640e7ae8e81241203b18c2025-02-03T06:45:25ZengWileyInternational Journal of Distributed Sensor Networks1550-14772010-12-01610.1155/2010/793981A Novel Algorithm for Defending Path-Based Denial of Service Attacks in Sensor NetworksRamzi Saifan0Omar Al-Jarrah1 Department of Computer Engineering, Jordan University of Science and Technology, Irbid 22110, Jordan Department of Computer Engineering, Jordan University of Science and Technology, Irbid 22110, JordanExisting end-to-end security mechanisms are vulnerable to path-based denial of service attacks (PDoS). If checking integrity and authenticity of a message is done only at the final destination, the intermediate nodes are going to forward bogus packets injected by an adversary many hops before they are detected. Therefore, the adversary can easily overwhelm intermediate nodes by bogus or replayed packets. This attack exhausts the nodes along the path. In addition, other downstream nodes that depend on the exhausted nodes as intermediate nodes will be isolated, and they have to find alternative paths. Regarding broadcast traffic that originated from the base station, if packets were injected by an adversary, the whole network's nodes will be exhausted. Therefore, there is a need to enable intermediate nodes to filter out bogus packets. We adopted a link layer security scheme to enable en route intermediate nodes to filter out any bogus or replayed packet as soon as it is injected into the network. Our scheme can handle different types of traffic. Simulation results show that our algorithm outperforms the one-way hash chain (OHC) algorithm and that it is more scalable.https://doi.org/10.1155/2010/793981 |
| spellingShingle | Ramzi Saifan Omar Al-Jarrah A Novel Algorithm for Defending Path-Based Denial of Service Attacks in Sensor Networks International Journal of Distributed Sensor Networks |
| title | A Novel Algorithm for Defending Path-Based Denial of Service Attacks in Sensor Networks |
| title_full | A Novel Algorithm for Defending Path-Based Denial of Service Attacks in Sensor Networks |
| title_fullStr | A Novel Algorithm for Defending Path-Based Denial of Service Attacks in Sensor Networks |
| title_full_unstemmed | A Novel Algorithm for Defending Path-Based Denial of Service Attacks in Sensor Networks |
| title_short | A Novel Algorithm for Defending Path-Based Denial of Service Attacks in Sensor Networks |
| title_sort | novel algorithm for defending path based denial of service attacks in sensor networks |
| url | https://doi.org/10.1155/2010/793981 |
| work_keys_str_mv | AT ramzisaifan anovelalgorithmfordefendingpathbaseddenialofserviceattacksinsensornetworks AT omaraljarrah anovelalgorithmfordefendingpathbaseddenialofserviceattacksinsensornetworks AT ramzisaifan novelalgorithmfordefendingpathbaseddenialofserviceattacksinsensornetworks AT omaraljarrah novelalgorithmfordefendingpathbaseddenialofserviceattacksinsensornetworks |