Professional Documents
Culture Documents
Reference 5
Reference 5
Reference 5
Networks
Shaomei Li, Qiang Liu, Hongchang Chen, Mantang Tan
National Digital Switching System Research Center, Zhengzhou, 450002, China
{lsm,lq, chc, tmt} @mail.ndsc.com.cn
2.2. Flooding Attack and its Effects on Responsive 3.2. Analysis on FAP Scheme
Routing
1) Comparing each RREQ’s priority to decide forwarding
Two typical kinds of flooding attack is RREQ flooding order is only effective when the traffic in the network is
attack and DATA flooding attack. heavy. And since each RREQ’s priority is depended on its
In RREQ flooding attack, the attacker selects many IP sender’s frequency of sending RREQ, each node must make
addresses which do not exist in the networks as destination record for every RREQ it receives and reserve space to
addresses. Then it successively originates mass RREQ calculate sending frequency for its neighbor nodes.
messages with max TTL value for these void IP addresses. Calculating frequency is a complicate process, which will
Then the whole network will be full of RREQ packets which burden mobile nodes in Ad Hoc networks.
the attacker sends. And because these destination addresses 2) As to data flooding attack, FAP scheme employs passive
are invalid, no node can answer RREP packets for these defense, it works when data flooding attack is happened and
RREQs, the reverse routes in the route table of midway detected. If many attackers set up routes with many legal
nodes will be occupied for longer and exhausted soon[2]. nodes and send large sum of useless data packages
In data flooding attack, the attacker firstly sets up paths to simultaneously, it will cost a lot to implement this scheme,
all nodes in the networks, after that, it steams large and easily leads to overwhelming consequences.
quantities of useless data packets to all nodes along these 3) If two or more attacking nodes cooperate in the network,
paths. The excessive data packets in network clog the and any two set up a link to send large numbers of useless
network and deplete the available network bandwidth for data packages, this will cause data flooding in Ad Hoc
communication among other nodes in the network [2]. network, but for both sender and receiver are illegal nodes,
The resource of nodes in Ad Hoc networks are very legal nodes cannot sense it then Path Cutoff could not work.
limited, so both attacks are to exhaust the available network So such attack cannot be resisted.
bandwidth for communication so that the other nodes can
not communicate with each other for the congestion in the 4. Principle and implement of AMTT scheme
network. Especially when attacking node employs RREQ
flooding attack and data flooding attack simultaneously, Based on FAP scheme, this paper developed AMTT
network will break out quickly. scheme.
We focus on bi-directional communication between a pair
3. Analysis on FAP scheme of nodes. It is also expected that a one-to-one mapping
between medium access control and IP addresses exists.
3.1. FAP scheme Every host can be uniquely identified and its ID cannot be
changed throughout the lifetime of the Ad Hoc network.
In FAP scheme, neighbor suppression is used to resist Two corresponding nodes take security scheme, such as
RREQ flooding attack. Node sets up the processing priority shared key or authentication to ensure link only can be built