CATCH: A protocol framework for cross-layer attacker traceback in mobile multi-hop networks

Authors:
Yongjin Kim;Ahmed Helmy
Affiliations:
Qualcomm, 5775 Morehouse Drive, San Diego, CA, USA;Computer and Information Science and Engineering (CISE) Department, University of Florida, Gainesville, FL, USA
Venue:
Ad Hoc Networks
Year:
2010

Citing 11
Cited 0

Towards trapping wily intruders in the large

Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue on recent advances in intrusion detection systems
Hash-based IP traceback

Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications
Tracing Anonymous Packets to Their Approximate Source

LISA '00 Proceedings of the 14th USENIX conference on System administration
CARD: a contact-based architecture for resource discovery in wireless ad hoc networks

Mobile Networks and Applications
Hotspot-based traceback for mobile ad hoc networks

Proceedings of the 4th ACM workshop on Wireless security
CAPTRA: coordinated packet traceback

Proceedings of the 5th international conference on Information processing in sensor networks
Novel Hybrid Schemes Employing Packet Marking and Logging for IP Traceback

IEEE Transactions on Parallel and Distributed Systems
Large-scale IP traceback in high-speed internet: practical techniques and information-theoretic foundation

IEEE/ACM Transactions on Networking (TON)
Defending against flooding-based distributed denial-of-service attacks: a tutorial

IEEE Communications Magazine
On IP traceback

IEEE Communications Magazine
Modeling path duration distributions in MANETs and their impact on reactive routing protocols

IEEE Journal on Selected Areas in Communications

Quantified Score

Hi-index	0.00

Visualization

Abstract

Flooding-type Denial-of-Service (DoS) and Distributed DoS (DDoS) attacks can cause serious problems in mobile multi-hop networks due to its limited network/host resources. Attacker traceback is a promising solution to take a proper countermeasure near attack origins, for forensics and to discourage attackers from launching the attacks. However, attacker traceback in mobile multi-hop networks is a challenging problem. Existing IP traceback schemes developed for the fixed networks cannot be directly applied to mobile multi-hop networks due to the peculiar characteristics of the mobile multi-hop networks (e.g., dynamic/autonomous network topology, limited network/host resources such as memory, bandwidth and battery life). We introduce a protocol framework for attacker traceback, CATCH, geared towards mobile multi-hop networks utilizing MAC and network cross-layer approach. We also perform systematic risk analysis on mobile multi-hop networks. Based on the risk analysis, we extend CATCH for a mobile attacker traceback scheme. We show that CATCH successfully tracks down attacker under diverse mobile multi-hop network environment with low communication, computation, and memory overhead. We provide comprehensive evaluation of our proposed protocols through extensive simulations.