期刊名称:Journal of Computer Sciences and Applications
印刷版ISSN:2328-7268
电子版ISSN:2328-725X
出版年度:2017
卷号:5
期号:2
页码:50-63
DOI:10.12691/jcsa-5-2-2
出版社:Science and Education Publishing
摘要:Denial of Service (DoS) attacks are a major network security threat which affects both wired and wireless networks. The effect of DoS attacks is even more damaging in Delay Tolerant Networks (DTNs) due to their unique features and network characteristics. DTN is vulnerable to resource exhaustion and flooding DoS attacks. Several DoS mitigating schemes for wired and wireless networks have been investigated and most of them have been found to be highly interactive requiring several protocol rounds, resource-consuming, complex, assume persistent connectivity and hence not suitable for DTN. To mitigate the impact of resource exhaustion and flooding attacks in DTN, we propose a security scheme which integrates ingress filtering, rate limiting and light-weight authentication security mechanisms to monitor, detect and filter attack traffic. We propose three variants of light-weight bundle authenticators called DTNCookies. To make the proposed DTNCookies random and hard to forge, we exploit the assumption that DTN nodes are loosely time-synchronized to generate different nonce values in different timeslots for the computation and verification of our proposed DTNCookies. The results demonstrate the efficiency and effectiveness of the proposed scheme to detect and drop attack traffic. The simulation results also show good performance for the proposed scheme in terms of energy and bandwidth efficiency, high delivery ratio and low latency.
关键词:denial of service; DTNCookie; flooding; resource exhaustion
