Skip to main content
SpringerLink
Log in

An Experimental Study of the Performance Impact of Path-Based DoS Attacks in Wireless Mesh Networks

  • Published:
Mobile Networks and Applications Aims and scope Submit manuscript

Abstract

Wireless mesh networks (WMNs) are considered as cost effective, easily deployable and capable of extending Internet connectivity. However, one of the major challenges in deploying reliable WMNs is preventing their nodes from malicious attacks, which is of particular concern as attacks can severely degrade network performance. When a DoS attack is targeted over an entire communication path, it is called a path-based DoS attack. We study the performance impact of path-based DoS attacks by considering attack intensity, medium errors, physical diversity, collusion and hop count. We setup a wireless mesh testbed and configure a set of experiments to gather realistic measurements, and assess the effects of different factors. We find that medium errors have significant impact on the performance of WMNs when a path-based DoS attack is carried out, and the impact is exacerbated by the MAC layer retransmissions. We show that due to physical diversity, a far attacker can lead to an increased performance degradation than a close-by attacker. Additionally, we demonstrate that the joint impact of two colluding attackers is not as severe as the joint result of individual attacks. We also discuss a strategy to counter path-based DoS attacks which can potentially alleviate the impact of the attack significantly.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13
Fig. 14
Fig. 15
Fig. 16
Fig. 17
Fig. 18

Similar content being viewed by others

Notes

  1. In our work, by real-time testbed we mean that a prototype network is deployed physically and equipped with required hardware devices and their software modules.

  2. It is a kind of MAC layer jamming due to nodes, which are either inside the carrier sense (CS) range or act as hidden terminals in wireless networks.

  3. Communication and carrier sense ranges shown in circles are just for illustration purposes here. In real world, the coverage is almost never circular and varies a lot depending on obstacles (walls, doors), and interference sources.

  4. In our work, normal traffic (or flow) is generated by an authorized node, whereas, the attack traffic is generated by an unauthorized and malicious node.

  5. Just for differentiation, the attacker’s packet size is the same as IP packets, whereas the normal flow packet size is only the application payload.

References

  1. Aad I, Hubaux J-P, Knightly EW (2004) Denial of service resilience in ad hoc networks. In: Proc. of the ACM MOBICOM’04, pp 202–215

  2. Aguayo D, Bicket J, Biswas S, Judd G, Morris R (2004) Link-level measurements from an 802.11b mesh network. In: Proc. of SIGCOMM’04, pp 121–132

  3. Akyildiz IF, Wang X, Wang W (2005) Wireless mesh networks: a survey. Comput Networks 47(4):445–487

    Article  MATH  Google Scholar 

  4. Bechler M, Hof H-J, Kraft D, Pählke F, Wolf L (2004) A cluster-based security architecture for ad hoc networks. In: IEEE INFOCOM’04, vol 4, pp 2393–2403

  5. Bellardo J, Savage S (2003) 802.11 denial-of-service attacks: real vulnerabilities and practical solutions. In: USENIX security symposium, p 2-2

  6. Bianchi G, Di Stefano A, Giaconia C, Scalia L, Terrazzino G, Tinnirello I (2007) Experimental assessment of the backoff behavior of commercial IEEE 802.11b network cards. In: Proceedings of IEEE INFOCOM’07, pp 1181–1189

  7. Bicket J, Aguayo D, Biswas S, Morris R (2005) Architecture and evaluation of an unplanned 802.11b mesh network. In: Proc. of the ACM MOBICOM’05, pp 31–42

  8. Bohacek S, Wang P (2007) Toward tractable computation of the capacity of multi-hop wireless networks. In: Proceedings of IEEE INFOCOM’07, pp 2099–2107

  9. Brown TX, James JE, Sethi A (2006) Jamming and sensing of encrypted wireless ad hoc networks. In: ACM MobiHoc, pp 120–130

  10. Toh C-K, Delwar M, Allen D (2002) Evaluating the communication performance of an ad hoc wireless network. IEEE Trans Wirel Commun 1(3):402–414

    Article  Google Scholar 

  11. Chiang JT, Hu Y-C (2007) Cross-layer jamming detection and mitigation in wireless broadcast networks. In: ACM MobiCom, pp 346–349

  12. Das SR, Perkins CE, Royer EM (2000) Performance comparison of two on-demand routing protocols for ad hoc networks. In: Proc. of the IEEE INFOCOM’00, vol 1, pp 3–12

  13. Deng J, Han R, Mishra S (2005) Defending against path-based DoS attacks in wireless sensor networks. In: ACM SASN, pp 89–96

  14. Dong J, Curtmola R, Nita-Rotaru C (2009) Practical defenses against pollution attacks in intra-flow network coding for wireless mesh networks. In: ACM WiSe, pp 111–122

  15. Eisenman S, Campbell A (2007) E-CSMA: supporting enhanced CSMA performance in experimental sensor networks using per-neighbor transmission probability thresholds. In: Proceedings of IEEE INFOCOM’07, pp 1208–1216

  16. Eriksson J, Agarwal S, Bahl P, Padhye J (2006) Feasibility study of mesh networks for all-wireless offices. In: Proceedings of ACM MOBISYS’06. Uppsala, Sweden, pp 69–82

  17. Gummadi R, Wetherall D, Greenstein B, Seshan S (2007) Understanding and mitigating the impact of RF interference on 802.11 networks. ACM SIGCOMM Comput Commun Rev 37(4):385–396

    Article  Google Scholar 

  18. Hu N, Li L, Mao ZM, Steenkiste P, Wang J (2005) A measurement study of internet bottlenecks. In: IEEE INFOCOM’05

  19. Kashyap A, Ganguly S, Das SR (2007) A measurement-based approach to modeling link capacity in 802.11-based wireless networks. In: ACM MobiCom, pp 242–253

  20. Plesse T, Adjih C, Minet P, Laouiti A, Plakoo A, Badel M, Muhlethaler P, Jacquet P, Lecomte J (2005) OLSR performance measurement in a military mobile ad-hoc network. Ad Hoc Networks 3(5):575–588

    Article  Google Scholar 

  21. Hamed Mohsenian Rad A, Wong V (2007) Joint channel allocation, interface assignment and MAC design for multi-channel wireless mesh networks. In: Proceedings of IEEE INFOCOM’07, pp 1469–1477

  22. Radosavac S, Moustakides G, Baras JS, Koutsopoulos I (2008) An analytic framework for modeling and detecting access layer misbehavior in wireless networks. ACM Trans Inf Syst Secur (TISSEC) 11(4):1–28

    Article  Google Scholar 

  23. Raya M, Hubaux J-P, Aad I (2004) DOMINO: a system to detect greedy behavior in IEEE 802.11 hotspots. In: ACM MobiSys, pp 84–97

  24. Vasan A, Ramjee R, Woo T (2005) ECHOS: enhanced capacity 802.11 hotspots. In: IEEE INFOCOM’05

  25. Xu W, Trappe W, Zhang Y (2006) Channel surfing: defending wireless sensor networks from jamming and interference. In: ACM SenSys, pp 403–404

  26. Xu W, Trappe W, Zhang Y (2007) Channel surfing: defending wireless sensor networks from interference. In: IPSN, pp 499–508

  27. Xu W, Trappe W, Zhang Y, Wood T (2005) The feasibility of launching and detecting jamming attacks in wireless networks. In: ACM MobiHoc, pp 46–57

  28. Xu W, Wood T, Trappe W, Zhang Y (2004) Channel surfing and spatial retreats: defenses against wireless denial of service. In: ACM WiSe, pp 80–89

  29. Yang H, Shu J, Meng X, Lu S (2006) SCAN: self-organized network-layer security in mobile ad hoc network. IEEE J Sel Areas Commun 24(2):261–273

    Article  Google Scholar 

  30. Zhai H, Fang Y (2006) Impact of routing metrics on path capacity in multirate and multihop wireless ad hoc networks. In: Proceeedings of IEEE ICNP’06. Santa Barbara, CA, USA, pp 86–95

  31. Zhang Y, Fang Y (2007) A secure authentication and billing architecture for wireless mesh networks. ACM Wirel Netw 13(5):663–678

    Article  Google Scholar 

  32. Zhang Y, Fang Y (2006) ARSA: an attack-resilient security architecture for multihop wireless mesh networks. IEEE J Sel Areas Commun 24(10):1916–1928

    Article  MathSciNet  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. 3042 EBII, NC State University, 890 Oval Drive, Raleigh, NC, 27606, USA

    Avesh K. Agarwal

  2. 3056 EBII, NC State University, 890 Oval Drive, Raleigh, NC, 27606, USA

    Wenye Wang

Authors
  1. Avesh K. Agarwal
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Wenye Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Avesh K. Agarwal.

Additional information

This project is supported by National Science Foundation (NSF) under award ECS-0524519.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Agarwal, A.K., Wang, W. An Experimental Study of the Performance Impact of Path-Based DoS Attacks in Wireless Mesh Networks. Mobile Netw Appl 15, 693–709 (2010). https://doi.org/10.1007/s11036-009-0204-3

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11036-009-0204-3

Keywords

Search

Navigation