University of Surrey

Test tubes in the lab Research in the ATI Dance Research

Mitigating Denial of Service (DoS) Attacks in Delay/Disruption Tolerant Networks (DTNs).

Ansa, Godwin Okon. (2012) Mitigating Denial of Service (DoS) Attacks in Delay/Disruption Tolerant Networks (DTNs). Doctoral thesis, University of Surrey (United Kingdom)..

[img]
Preview
Text
27557455.pdf
Available under License Creative Commons Attribution Non-commercial Share Alike.

Download (9MB) | Preview

Abstract

A Delay/Disruption Tolerant Network (DTN) is an overlay on top of a number of diverse networks such as mobile ad hoc networks, wireless sensor networks, satellite networks, vehicular networks and the Internet. In terrestrial DTNs, the effectiveness of data dissemination is greatly affected by node mobility and end-to-end disconnections. The inherent mobility of nodes is exploited to forward data opportunistically when a contact arises through the store-carry-and-forward technique. Thus a DTN is characterized by limited bandwidth, long queuing delays, low data rate, low power and intermittent connectivity. The real challenge is how to make DTN resilient against Denial of Service (DoS) attacks. In this thesis, we have investigated several DoS mitigating schemes for wired and wireless networks and found most of them to be highly interactive requiring several protocol rounds, resource-consuming, complex, assume persistent connectivity and hence not suitable for DTN. This thesis proposes three variants of DTN-Cookies of which any is selected as the light-weight authenticator based on the perceived Network Threat Level. For the intra-region scenario, it proposes a DoS-Resilient Authentication Mechanism to mitigate the effect of resource exhaustion DoS attacks. For the inter-region scenario, it proposes an enhanced version of the DoS-Resilient Authentication Mechanism. The proposed mechanism exploits the loose time-synchronization property of DTN, dividing communication contact time into timeslots. The mechanism uses variable seed values in different time slots for the computation and verification of DTN-Cookies, incorporates an ingress filter at the region gateways and uses the HMAC variant of DTN-Cookie. This work also proposes a comprehensive defence mechanism against flooding DoS attacks. The aim of the proposed mechanism is to restrict the volume of malicious traffic during an attack. The rate limiting component monitors the number of bundles per traffic flow and different nodes are assigned different threshold values based on their capability and role in the network. The results show that the proposed DTN-Cookies accurately detect DoS attacks and outperform RSA-1024 digital signatures in terms of energy and bandwidth efficiency. The proposed mechanisms have been verified through simulations and their superior performance is established over solutions which are based purely on Public-Key Cryptography.

Item Type: Thesis (Doctoral)
Divisions : Theses
Authors : Ansa, Godwin Okon.
Date : 2012
Additional Information : Thesis (Ph.D.)--University of Surrey (United Kingdom), 2012.
Depositing User : EPrints Services
Date Deposited : 24 Apr 2020 15:26
Last Modified : 24 Apr 2020 15:26
URI: http://epubs.surrey.ac.uk/id/eprint/854811

Actions (login required)

View Item View Item

Downloads

Downloads per month over past year


Information about this web site

© The University of Surrey, Guildford, Surrey, GU2 7XH, United Kingdom.
+44 (0)1483 300800