Dempster-Shafer Theory for Intrusion Detection in Ad Hoc Networks
IEEE Internet Computing
Mitigating denial of service attacks: a tutorial
Journal of Computer Security
How to avoid packet droppers with proactive routing protocols for ad hoc networks
International Journal of Network Management
Record path header for triangle routing attacks in IPv6 networks
WSEAS TRANSACTIONS on COMMUNICATIONS
Record path header for triangle routing attacks in IPv6 networks
WSEAS TRANSACTIONS on COMMUNICATIONS
Resilience to dropping nodes in mobile ad hoc networks with link-state routing
NETWORKING'08 Proceedings of the 7th international IFIP-TC6 networking conference on AdHoc and sensor networks, wireless networks, next generation internet
Proactive resilience to dropping nodes in mobile ad hoc networks
AINTEC'06 Proceedings of the Second Asian international conference on Technologies for Advanced Heterogeneous Networks
Detecting disruptive routers in wireless sensor networks
ADHOC-NOW'06 Proceedings of the 5th international conference on Ad-Hoc, Mobile, and Wireless Networks
Hi-index | 0.00 |
An attractive target for a computer system attacker is the router. An attacker in control of a router can disrupt communication by dropping or misrouting packets passing through the router. We present a protocol called WATCHERS which detects and reacts to routers that drop or misroute packets. WATCHERS is based on the principle of conservation of flow in a network: all data bytes sent into a node, and not destined for that node, are expected to exit the node. WATCHERS tracks this flow, and detects routers that violate the conservation principle. We show that WATCHERS has several advantages over existing network monitoring techniques. We discuss WATCHERS response to several different types of bad router behavior. We demonstrate that in ideal conditions WATCHERS makes no false positive diagnoses, and we describe how WATCHERS can be tuned to perform nearly as well in realistic conditions. Also, we argue that WATCHERS impact on router performance and WATCHERS memory requirements are reasonable for many environments