Preventing Flooding Attack In Manets Using the Reserved Bits of AODV Messages
No Thumbnail Available
Date
2014-03
Authors
Journal Title
Journal ISSN
Volume Title
Publisher
Addis Ababa University
Abstract
The flexibility and other advantages of mobile ad-hoc networks come with different security flaws,
and flooding attack is one of the common attacks in reactive routing protocols. In ad-hoc flooding
attack, the attacker either broadcasts a lot of route request packets or sends a lot of attacking data
packets to exhaust the nodes’ resources. Most of the existing prevention mechanisms are based on the
concept of rate limit or trust values. In the former mechanisms, flooding attack below the rate limit
cannot be prevented and the later solutions are computationally intensive in high mobility networks.
The new prevention mechanism uses the reserved bits of the route request message and one of the
existing solutions called filtering to prevent flooding attacks from external and internal attackers
respectively. While sending route request packets, some information identifying the originator is
embedded into the reserved bits of the route request message, and the receiver verifies the request by
checking the value of the reserved bits or the rate limitation and blacklists the sender if it is an
attacker. Three scenarios are designed and four performance metrics are used to study the effect of the
flooding attack and the efficiency of the prevention mechanism.
The results of the scenarios show that the effect of flooding attack is severe for higher route request
flooding rates and increasing rate of attacking data packets. In addition, multiple attackers which do
not violate the rate limit can also significantly flood a given network. The new prevention solution
improves the network performance in all cases especially if the majority of the attackers are external.
For example, the packet delivery ratio for 16 attackers, abiding by a rate limit, is enhanced to about
99% by the new prevention when all the attackers are external and 73% when half of them are internal
compared to 13.3% in the case of the route request flooding attack. In data flooding too, the
improvement of the new solution is significant that there is 8.6% of packet delivery ratio increase
when all the attackers are external over the data flooding attack with attack rate of 50 packets/s.
The simulation, in general, illustrates that if some proportions of the attackers are external, then there
is a considerable improvement in network performance using the new mechanism to prevent both
route request and data flooding attacks as external attackers will be isolated the moment they start
sending route request packets.
Keyword: Preventing flooding attack, Data flooding attack, Route request flooding attack, AODV
Description
Keywords
Preventing Flooding Attack, Data Flooding Attack, Route Request Flooding Attack