Abstract
Wireless mesh networks (WMNs) are considered as cost effective, easily deployable and capable of extending Internet connectivity. However, one of the major challenges in deploying reliable WMNs is preventing their nodes from malicious attacks, which is of particular concern as attacks can severely degrade network performance. When a DoS attack is targeted over an entire communication path, it is called a path-based DoS attack. We study the performance impact of path-based DoS attacks by considering attack intensity, medium errors, physical diversity, collusion and hop count. We setup a wireless mesh testbed and configure a set of experiments to gather realistic measurements, and assess the effects of different factors. We find that medium errors have significant impact on the performance of WMNs when a path-based DoS attack is carried out, and the impact is exacerbated by the MAC layer retransmissions. We show that due to physical diversity, a far attacker can lead to an increased performance degradation than a close-by attacker. Additionally, we demonstrate that the joint impact of two colluding attackers is not as severe as the joint result of individual attacks. We also discuss a strategy to counter path-based DoS attacks which can potentially alleviate the impact of the attack significantly.
Similar content being viewed by others
Notes
In our work, by real-time testbed we mean that a prototype network is deployed physically and equipped with required hardware devices and their software modules.
It is a kind of MAC layer jamming due to nodes, which are either inside the carrier sense (CS) range or act as hidden terminals in wireless networks.
Communication and carrier sense ranges shown in circles are just for illustration purposes here. In real world, the coverage is almost never circular and varies a lot depending on obstacles (walls, doors), and interference sources.
In our work, normal traffic (or flow) is generated by an authorized node, whereas, the attack traffic is generated by an unauthorized and malicious node.
Just for differentiation, the attacker’s packet size is the same as IP packets, whereas the normal flow packet size is only the application payload.
References
Aad I, Hubaux J-P, Knightly EW (2004) Denial of service resilience in ad hoc networks. In: Proc. of the ACM MOBICOM’04, pp 202–215
Aguayo D, Bicket J, Biswas S, Judd G, Morris R (2004) Link-level measurements from an 802.11b mesh network. In: Proc. of SIGCOMM’04, pp 121–132
Akyildiz IF, Wang X, Wang W (2005) Wireless mesh networks: a survey. Comput Networks 47(4):445–487
Bechler M, Hof H-J, Kraft D, Pählke F, Wolf L (2004) A cluster-based security architecture for ad hoc networks. In: IEEE INFOCOM’04, vol 4, pp 2393–2403
Bellardo J, Savage S (2003) 802.11 denial-of-service attacks: real vulnerabilities and practical solutions. In: USENIX security symposium, p 2-2
Bianchi G, Di Stefano A, Giaconia C, Scalia L, Terrazzino G, Tinnirello I (2007) Experimental assessment of the backoff behavior of commercial IEEE 802.11b network cards. In: Proceedings of IEEE INFOCOM’07, pp 1181–1189
Bicket J, Aguayo D, Biswas S, Morris R (2005) Architecture and evaluation of an unplanned 802.11b mesh network. In: Proc. of the ACM MOBICOM’05, pp 31–42
Bohacek S, Wang P (2007) Toward tractable computation of the capacity of multi-hop wireless networks. In: Proceedings of IEEE INFOCOM’07, pp 2099–2107
Brown TX, James JE, Sethi A (2006) Jamming and sensing of encrypted wireless ad hoc networks. In: ACM MobiHoc, pp 120–130
Toh C-K, Delwar M, Allen D (2002) Evaluating the communication performance of an ad hoc wireless network. IEEE Trans Wirel Commun 1(3):402–414
Chiang JT, Hu Y-C (2007) Cross-layer jamming detection and mitigation in wireless broadcast networks. In: ACM MobiCom, pp 346–349
Das SR, Perkins CE, Royer EM (2000) Performance comparison of two on-demand routing protocols for ad hoc networks. In: Proc. of the IEEE INFOCOM’00, vol 1, pp 3–12
Deng J, Han R, Mishra S (2005) Defending against path-based DoS attacks in wireless sensor networks. In: ACM SASN, pp 89–96
Dong J, Curtmola R, Nita-Rotaru C (2009) Practical defenses against pollution attacks in intra-flow network coding for wireless mesh networks. In: ACM WiSe, pp 111–122
Eisenman S, Campbell A (2007) E-CSMA: supporting enhanced CSMA performance in experimental sensor networks using per-neighbor transmission probability thresholds. In: Proceedings of IEEE INFOCOM’07, pp 1208–1216
Eriksson J, Agarwal S, Bahl P, Padhye J (2006) Feasibility study of mesh networks for all-wireless offices. In: Proceedings of ACM MOBISYS’06. Uppsala, Sweden, pp 69–82
Gummadi R, Wetherall D, Greenstein B, Seshan S (2007) Understanding and mitigating the impact of RF interference on 802.11 networks. ACM SIGCOMM Comput Commun Rev 37(4):385–396
Hu N, Li L, Mao ZM, Steenkiste P, Wang J (2005) A measurement study of internet bottlenecks. In: IEEE INFOCOM’05
Kashyap A, Ganguly S, Das SR (2007) A measurement-based approach to modeling link capacity in 802.11-based wireless networks. In: ACM MobiCom, pp 242–253
Plesse T, Adjih C, Minet P, Laouiti A, Plakoo A, Badel M, Muhlethaler P, Jacquet P, Lecomte J (2005) OLSR performance measurement in a military mobile ad-hoc network. Ad Hoc Networks 3(5):575–588
Hamed Mohsenian Rad A, Wong V (2007) Joint channel allocation, interface assignment and MAC design for multi-channel wireless mesh networks. In: Proceedings of IEEE INFOCOM’07, pp 1469–1477
Radosavac S, Moustakides G, Baras JS, Koutsopoulos I (2008) An analytic framework for modeling and detecting access layer misbehavior in wireless networks. ACM Trans Inf Syst Secur (TISSEC) 11(4):1–28
Raya M, Hubaux J-P, Aad I (2004) DOMINO: a system to detect greedy behavior in IEEE 802.11 hotspots. In: ACM MobiSys, pp 84–97
Vasan A, Ramjee R, Woo T (2005) ECHOS: enhanced capacity 802.11 hotspots. In: IEEE INFOCOM’05
Xu W, Trappe W, Zhang Y (2006) Channel surfing: defending wireless sensor networks from jamming and interference. In: ACM SenSys, pp 403–404
Xu W, Trappe W, Zhang Y (2007) Channel surfing: defending wireless sensor networks from interference. In: IPSN, pp 499–508
Xu W, Trappe W, Zhang Y, Wood T (2005) The feasibility of launching and detecting jamming attacks in wireless networks. In: ACM MobiHoc, pp 46–57
Xu W, Wood T, Trappe W, Zhang Y (2004) Channel surfing and spatial retreats: defenses against wireless denial of service. In: ACM WiSe, pp 80–89
Yang H, Shu J, Meng X, Lu S (2006) SCAN: self-organized network-layer security in mobile ad hoc network. IEEE J Sel Areas Commun 24(2):261–273
Zhai H, Fang Y (2006) Impact of routing metrics on path capacity in multirate and multihop wireless ad hoc networks. In: Proceeedings of IEEE ICNP’06. Santa Barbara, CA, USA, pp 86–95
Zhang Y, Fang Y (2007) A secure authentication and billing architecture for wireless mesh networks. ACM Wirel Netw 13(5):663–678
Zhang Y, Fang Y (2006) ARSA: an attack-resilient security architecture for multihop wireless mesh networks. IEEE J Sel Areas Commun 24(10):1916–1928
Author information
Authors and Affiliations
Corresponding author
Additional information
This project is supported by National Science Foundation (NSF) under award ECS-0524519.
Rights and permissions
About this article
Cite this article
Agarwal, A.K., Wang, W. An Experimental Study of the Performance Impact of Path-Based DoS Attacks in Wireless Mesh Networks. Mobile Netw Appl 15, 693–709 (2010). https://doi.org/10.1007/s11036-009-0204-3
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11036-009-0204-3