TY - GEN
T1 - Resource-misuse attack detection in delay-tolerant networks
AU - Natarajan, Vivek
AU - Yang, Yi
AU - Zhu, Sencun
PY - 2011
Y1 - 2011
N2 - In a Delay-Tolerant Network (DTN), data originating from a source node may be delivered to the destination node, despite the non-existence of end-to-end connectivity between them at all times. In an adversarial environment such as a battlefield, DTN nodes could be compromised to launch Denial-of-Service (DoS) attacks by generating excess data, to cause an overflow of the limited resources of the legitimate nodes, hence decreasing the network throughput. A node may also display selfish behavior by generating more data than allowed, to increase its throughput and to decrease the latency of its data packets. In this paper, we term such a DoS attack and selfish data generation behavior, a resource-misuse attack. We study two types of resource-misuse attacks, breadth attacks and depth attacks. Accordingly, we propose different schemes to detect these attacks. Trace-driven simulations using both a synthetic and a real-world trace show that our detection schemes have low average detection latency and additionally, probabilistic detection of the depth attack has low false positive and false negative rates.
AB - In a Delay-Tolerant Network (DTN), data originating from a source node may be delivered to the destination node, despite the non-existence of end-to-end connectivity between them at all times. In an adversarial environment such as a battlefield, DTN nodes could be compromised to launch Denial-of-Service (DoS) attacks by generating excess data, to cause an overflow of the limited resources of the legitimate nodes, hence decreasing the network throughput. A node may also display selfish behavior by generating more data than allowed, to increase its throughput and to decrease the latency of its data packets. In this paper, we term such a DoS attack and selfish data generation behavior, a resource-misuse attack. We study two types of resource-misuse attacks, breadth attacks and depth attacks. Accordingly, we propose different schemes to detect these attacks. Trace-driven simulations using both a synthetic and a real-world trace show that our detection schemes have low average detection latency and additionally, probabilistic detection of the depth attack has low false positive and false negative rates.
UR - http://www.scopus.com/inward/record.url?scp=84862923316&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84862923316&partnerID=8YFLogxK
U2 - 10.1109/PCCC.2011.6108092
DO - 10.1109/PCCC.2011.6108092
M3 - Conference contribution
AN - SCOPUS:84862923316
SN - 9781467300100
T3 - Conference Proceedings of the IEEE International Performance, Computing, and Communications Conference
BT - 30th IEEE International Performance Computing and Communications Conference, IPCCC 2011
T2 - 30th IEEE International Performance, Computing and Communications Conference, IPCCC 2011
Y2 - 17 November 2011 through 19 November 2011
ER -