JIS  Vol.4 No.3 , July 2013
A Novel Solution to Handle DDOS Attack in MANET

Distributed Denial of Service (DDoS) attacks in the networks needs to be prevented or handled if it occurs, as early as possible and before reaching the victim. Dealing with DDoS attacks is difficult due to their properties such as dynamic attack rates, various kinds of targets, big scale of botnet, etc. Distributed Denial of Service (DDoS) attack is hard to deal with because it is difficult to distinguish legitimate traffic from malicious traffic, especially when the traffic is coming at a different rate from distributed sources. DDoS attack becomes more difficult to handle if it occurs in wireless network because of the properties of ad hoc network such as dynamic topologies, low battery life, multicast routing, frequency of updates or network overhead, scalability, mobile agent based routing, and power aware routing, etc. Therefore, it is better to prevent the distributed denial of service attack rather than allowing it to occur and then taking the necessary steps to handle it. This paper discusses various the attack mechanisms and problems due to DDoS attack, also how MANET can be affected by these attacks. In addition to this, a novel solution is proposed to handle DDoS attacks in mobile ad hoc networks (MANETs).

Cite this paper: M. Chhabra, B. Gupta and A. Almomani, "A Novel Solution to Handle DDOS Attack in MANET," Journal of Information Security, Vol. 4 No. 3, 2013, pp. 165-179. doi: 10.4236/jis.2013.43019.

[1]   C. S. R. Murthy and B. S. Manoj, “Ad-Hoc Wireless Networks Architectures and Protocols,” Prentice Hall Communications Engineering and Emerging Technologies Series, Pearson Education, Upper Saddle River, 2004.

[2]   S. K. Sarkar, T. G. Basavaraju and C. Puttamadappa, “Ad-Hoc Mobile Wireless Networks: Principles, Protocols, and Applications,” Auerbach Publications, Boca Raton, 2008.

[3]   S. Taneja and A. Kush, “A Survey of Routing Protocols in Mobile Ad Hoc Networks,” International Journal of Innovation, Management and Technology, Vol. 1, No. 3, 2010, ISSN: 2010-0248.

[4]   D. Lee, “Global Internet Slows after Biggest Attack in History,” 2013.

[5]   B. B. Gupta, R. C. Joshi and M. Misra, “Defending against Distributed Denial of Service Attacks: Issues and Challenges,” Information Security Journal: A Global Perspective, Vol. 18, No. 5, 2009, pp. 224-247.

[6]   B. Han, H. H. Fu, L. Lin and W. Jia, “Efficient Construction of Connected Dominating Set in Wireless Ad Hoc Networks,” IEEE International Conference on Mobile Ad-Hoc and Sensor Systems, Fort Lauderdale, 25-27 October 2004, pp. 570-572,

[7]   K. Biswas and Md. Liaqat Ali, “Security Threats in Mobile Ad-Hoc Network,” Master Thesis, Blekinge Institute of Technology, Blekinge, 2007.

[8]   A. Piskozub, “Denial of Service and Distributed Denial of Service Attacks,” Proceedings of the International Conference on Modern Problems of Radio Engineering, Telecommunications and Computer Science, Lviv-Slavsko, 18-23 February 2002, pp. 303-304.

[9]   X. J. Geng and A. B. Whinston, “Defeating Distributed Denial of Service Attacks,” IT Professional, Vol. 2, No. 4, 2000, pp. 36-41. doi:10.1109/6294.869381

[10]   V. Laurens, “Detecting DDoS attack traffic at the Agent Machines,” Canadian Conference on Electrical and Computer Engineering, CCECE’06, Ottawa, 7-10 May 2006, pp. 2369-2372.

[11]   S. M. Specht, “Distributed Denial of Service: Taxonomies of Attacks, Tools and Countermeasures,” ISCA 17th International Conference on Parallel and Distributed Computing Systems, San Francisco, 15-17 September 2004, pp. 543-550.

[12]   Q. M. Li, “On the Effectiveness of DDoS Attacks on Statistical Filtering,” INFOCOM 2005, 24th Annual Joint Conference of the IEEE Computer and Communications Societies, Miami, 13-17 March 2005, pp. 1373-1383.

[13]   F. Xing and W. Y. Wang, “Understanding Dynamic Denial of Service Attacks in Mobile Ad Hoc Networks,” Military Communications Conference, MILCOM 2006, Washington DC, 23-25 October 2006, pp. 1-7.

[14]   Y. H. Guo and M. Simon, “Network Forensics in MANET: Traffic Analysis of Source Spoofed DoS Attacks,” Fourth International Conference on Network and System Security, Melbourne, 1-3 September 2010, pp. 128-135. doi:10.1109/NSS.2010.45

[15]   B. Xiao, W. Chen and Y. Xian, “A Novel Approach to Detecting DDoS Attacks at an Early Stage,” The Journal of Supercomputing, Vol. 36, No. 3, 2006, pp. 235-248.

[16]   A. Challita, M. El Hassan, S. Maalouf and A. Zouheiry, “A Survey of DDoS Defense Mechanisms,” FEA Student Conference, 2004.

[17]   P. Joshi, “Security Issues in Routing Protocols in Manets at Network Layer,” Procedia Computer Science, Vol. 3 2011, pp. 954-960. doi:10.1016/j.procs.2010.12.156

[18]   K. S. Madhusudhananaga Kumar and G. Aghila, “A Survey on Black Hole Attacks on AODV Protocol in MANET,” International Journal of Computer Applications, Vol. 34, No. 5, 2011, pp. 23-30.

[19]   E. Alomari, S. Manickam, B. B. Gupta, S. Karuppayah and R. Alfaris, “Botnet-based Distributed Denial of Service (DDoS) Attacks on Web Servers: Classification and Art,” International Journal of Computer Applications, Vol. 49, No. 7, 2012, pp. 24-32.

[20]   B. B. Gupta, M. Misra and R. C. Joshi, “FVBA: A Combined Statistical Approach for Low Rate Degrading and High Bandwidth Disruptive DDoS Attacks Detection in ISP Domain,” Proceedings of 16th IEEE International Conference on Networks (ICON-2008), New Delhi, 12-14 December 2008, pp. 1-4. doi:10.1109/ICON.2008.4772654

[21]   A. Srivastava, B. B. Gupta, A. Tyagi, A. Sharma and A. Mishra, “A Recent Survey on DDoS Attacks and Defense Mechanisms,” Proceedings of the First International Conference on Parallel, Distributed Computing Technologies and Applications (PDCTA-2011), Tirunelveli, 23-25 September 2011, pp. 570-580.

[22]   B. B. Gupta, R. C. Joshi and M. Misra, “ANN Based Scheme to Predict Number of Zombies Involved in a DDoS Attack,” International Journal of Network Security (IJNS), Vol. 14, No. 1, 2012, pp. 36-45.

[23]   J. Lo, et al., “An IRC Tutorial,” 1997.

[24]   V. Paxson, “An Analysis of Using Reflectors for Distributed Denial-of-Service Attacks,” ACM SIGCOMM Computer Communication Review, Vol. 31, No. 3, 2001, pp. 38-47. doi:10.1145/505659.505664

[25]   R. Guo, G. R. Chang, R. D. Hou, Y. H. Qin, B. J. Sun, A. Liu, Y. Jia and D. Peng, “Research on Counter Bandwidth Depletion DDoS Attacks Based on Genetic Algorithm,” Third International Conference on Natural Computation, ICNC 2007, Haikou, 24-27 August 2007, pp. 155-159,.

[26]   H.-J. Kim, R. B. Chitti and J. S. Song, “Handling Malicious Flooding Attacks through Enhancement of Packet Processing Technique in Mobile Ad Hoc Networks,” Journal of Information Processing Systems, Vol. 7, No. 1, 2011, pp. 137-150.

[27]   U. D. Khartad and R. K. Krishna, “Route Request Flooding Attack Using Trust Based Security Scheme in Manet,” International Journal of Smart Sensors and Ad Hoc Networks (IJSSAN), Vol. 1, No. 4, 2012, p. 27.

[28]   P. J. Criscuolo, “Distributed Denial of Service Trinoo, Tribe Flood Network, Tribe Flood Network 2000, and Stacheldraht, CIAC-2319,” Department of Energy Computer Incident Advisory Capability (CIAC), UCRLID-136939, Rev.1, Lawrence Livermore National Laboratory, Livermore, 2000.

[29]   S. Bellovin, M. Leech and T. Taylor, “ICMP trace back messages,” Internet Draft: draft-ietf-itrace-01.txt, Work in Progress, 2001.

[30]   H. X. Tan, “Framework for Statistical Filtering against DDoS Attacks in MANETs,” Second International Conference on Embedded Software and Systems, Xi’an, 16-18 December 2005, 8 pp.

[31]   TFreak, 2003.

[32]   Fed CIRC, “Defense Tactics for Distributed Denial of Service Attacks,” Federal Computer Incident Response Center, Washington DC, 2000.

[33]   TFreak, “fraggle.c,” 2003.

[34]   M. J. Martin, “Router Expert: Smurf/Fraggle Attack Defense Using SACLS,” Networking Tips and Newsletters, 2002.

[35]   A. Mishra, B. B. Gupta and R. C. Joshi, “A Comparative Study of Distributed Denial of Service Attacks, Intrusion Tolerance and Mitigation Techniques,” European Intelligence and Security Informatics Conference, EISIC 2011, 12-14 September 2011, pp. 286, 289.

[36]   Y. Chaba, Y. Singh and P. Aneja, “Performance Analysis of Disable IP Broadcast Technique for Prevention of Flooding-Based DDoS Attack in MANET,” Journal of Networks, Vol. 4, No. 3, 2009, pp. 178-183.

[37]   S. A. Arunmozhi and Y. Venkataramani, “DDoS Attack and Defense Scheme in Wireless Ad Hoc Networks,” International Journal of Network Security & Its Applications, Vol. 3, No. 3, 2011, 6 pp.

[38]   A. Sun, “The Design and Implementation of Fisheye Routing Protocol for Mobile Ad Hoc Networks,” Master Thesis, Massachusetts Institute of Technology, Cambridge, 2002.

[39]   A. Nayyar “Enhanced Anomaly Detection IDS-Based Scheme for Dynamic MANET On-Demand (DYMO) Routing Protocol for MANETS,” International Journal of Computer Science and Mobile Computing, Vol. 2, No. 4, 2013, pp. 384-390.

[40]   P. Misra, “Routing Protocols for Ad Hoc Mobile Wireless Networks,” 2006. http://www.cse.wustl.ed u/~jain/cis788-99/adhoc_routing/

[41]   D. Johnson, D. Maltz and J. Broch, “DSR the Dynamic Source Routing Protocol for Multihop Wireless Ad Hoc Networks,” In: C. E. Perkins, Ed., Ad Hoc Networking, Addison-Wesley Longman Publishing Co., Inc., Boston, 2001, pp. 139-172.

[42]   C. E. Perkins, E. M. Belding-Royer and S. R. Das, “Ad Hoc On-Demand Distance Vector (AODV) Routing,” 2nd IEEE Workshop on Workshop Mobile Computing Systems and Applications, New Orleans, 25-26 February 1999, pp. 90-100.

[43]   S. Saraeian, F. Adibniya, M. G. Zadeh and S. A. Abtahi, “Performance Evaluation of AODV Protocol under DDoS Attacks in MANET,” World Academy of Science, Engineering and Technology, Vol. 45, 2008, p. 501.

[44]   G. S. Tomar, T. Sharma, D. Bhattacharyya and T.-H. Kim, “Performance Comparision of AODV, DSR and DSDV under Various Network Conditions: A Survey,” 2011 International Conference on Ubiquitous Computing and Multimedia Applications, Daejeon, 13-15 April 2011, pp. 3-7.

[45]   C. CenGen, “Allocations for Mobile Ad Hoc Network (MANET) Protocols,” IANA, Marina del Rey, 2009.

[46]   P. Ning and K. Sun, “How to Misuse AODV: A Case Study of Inside Attacks against Mobile Ad-Hoc Routing Protocols,” Proceedings of the 2003 IEEE Workshop on Information Assurance United States Military Academy, West Point, New York, 18-20 June 2003, pp. 60-67.

[47]   M. Y. Dangore and S. S. Sambare, “A Survey on Detection of Blackhole Attack Using AODV Protocol in MANET,” International Journal on Recent and Innovation Trends in Computing and Communication, Vol. 1, No. 1, 2013, pp. 55-61.

[48]   M. B. Guddhe and M. U. Kharat, “Core Assisted Defense against Flooding Attacks in MANET,” 2009.