Attacker traceback with cross-layer monitoring in wireless multi-hop networks
Proceedings of the fourth ACM workshop on Security of ad hoc and sensor networks
ATTENTION: ATTackEr Traceback Using MAC Layer AbNormality DetecTION
ISA '09 Proceedings of the 3rd International Conference and Workshops on Advances in Information Security and Assurance
A hotspot-based protocol for attack traceback in mobile ad hoc networks
ASIACCS '10 Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security
DDoS detection and traceback with decision tree and grey relational analysis
International Journal of Ad Hoc and Ubiquitous Computing
AK-PPM: an authenticated packet attribution scheme for mobile ad hoc networks
RAID'12 Proceedings of the 15th international conference on Research in Attacks, Intrusions, and Defenses
Hi-index | 0.00 |
Mobile Ad hoc NETworks (MANETs) provide a lot of promise for many practical applications. However, MANETs are vulnerable to a number of attacks due to its autonomous nature. DoS/DDoS attacker traceback is especially challenging in MANETs for the lack of infrastructure. In this paper, we propose an efficient on-the-fly search technique, SWAT, to trace back DoS and DDoS attackers in MANETs. Our scheme borrows from small worlds, utilizes the concept of Contacts, and use Traffic Pattern Matching (TPM) and Traffic Volume Matching (TVM) techniques. We also propose multi-directional search, in-network processing and query suppression to reduce communication overhead in energyconstrained MANETs and increase traceback robustness against spoofing and collusion. Simulation results show that SWAT successfully traces back DoS and DDoS attacker under reasonable background traffic. In addition, SWAT incurs low communication overhead (22% compared to flooding-based search).