Authors: Qijun Gu, Peng Liu, Chao-Hsien Chu, Sencun Zhu
Addresses: Department of Computer Science, Texas State University, San Marcos, TX 78666, USA. ' School of Information Sciences and Technology, Pennsylvania State University, University Park, PA 16802, USA. ' School of Information Sciences and Technology, Pennsylvania State University, University Park, PA 16802, USA. ' Department of Computer Science and Engineering, Pennsylvania State University, University Park, PA 16802, USA
Abstract: Wireless ad hoc networks have very limited network resources and are thus susceptible to attacks that focus on resource exhaustion, such as the injection of junk packets. These attacks cause serious denial-of-service via wireless channel contention and network congestion. Although ad hoc network security has been extensively studied, most previous work focuses on secure routing, but cannot prevent attackers from injecting a large number of junk data packets into a route that has been established. We propose an on-demand hop-by-hop source authentication protocol, namely Source Authentication Forwarding (SAF), to defend against this type of packet injection attacks. The protocol can either immediately filter out injected junk packets with very high probability or expose the true identity of an injector. Unlike other forwarding defences, this protocol is designed to fit in the unreliable environment of ad hoc networks and incurs lightweight overhead in communication and computation.
Keywords: packet injection; source authentication; secure forwarding; denial of service; DoS attacks; ad hoc networks; wireless networks; security; junk data packets.
International Journal of Security and Networks, 2007 Vol.2 No.1/2, pp.154 - 169
Published online: 16 Mar 2007 *Full-text access for editors Access for subscribers Purchase this article Comment on this article