{"title":"无线多跳网络跨层监控攻击者溯源","authors":"Yongjin Kim, A. Helmy","doi":"10.1145/1180345.1180361","DOIUrl":null,"url":null,"abstract":"Denial-of-Service (DoS) and Distributed DoS (DDoS) attacks can cause serious problems in wireless networks due to its limited network/host resources. Attacker traceback is a promising solution to take a proper countermeasure near the attack origin, for forensics, and to discourage attacker from launching attacks. However, attacker traceback in wireless multi-hop networks is a challenging problem, and existing attacker traceback schemes developed for the Internet cannot be directly applied to wireless multi-hop networks due to the peculiar characteristics of wireless multi-hop networks (e.g., dynamic/autonomous network topology, limited network/host resources such as memory and bandwidth). We introduce a protocol framework for attacker traceback geared toward wireless multi-hop networks with special attention to cross-layer abnormality monitoring. The basic building blocks of our protocol framework consist of abnormality detection, abnormality characterization, abnormality searching, abnormality matching, and countermeasure. We show that our protocol framework successfully tracks down attacker (Avg. of 100% in DoS attacker traceback, avg. of 96% in DDoS attacker traceback) under diverse network environments (e.g., high background traffic, DDoS attack, and partial node compromise) with low communication, computation, and memory overhead.","PeriodicalId":380051,"journal":{"name":"ACM Workshop on Security of ad hoc and Sensor Networks","volume":"29 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2006-10-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"6","resultStr":"{\"title\":\"Attacker traceback with cross-layer monitoring in wireless multi-hop networks\",\"authors\":\"Yongjin Kim, A. Helmy\",\"doi\":\"10.1145/1180345.1180361\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Denial-of-Service (DoS) and Distributed DoS (DDoS) attacks can cause serious problems in wireless networks due to its limited network/host resources. Attacker traceback is a promising solution to take a proper countermeasure near the attack origin, for forensics, and to discourage attacker from launching attacks. However, attacker traceback in wireless multi-hop networks is a challenging problem, and existing attacker traceback schemes developed for the Internet cannot be directly applied to wireless multi-hop networks due to the peculiar characteristics of wireless multi-hop networks (e.g., dynamic/autonomous network topology, limited network/host resources such as memory and bandwidth). We introduce a protocol framework for attacker traceback geared toward wireless multi-hop networks with special attention to cross-layer abnormality monitoring. The basic building blocks of our protocol framework consist of abnormality detection, abnormality characterization, abnormality searching, abnormality matching, and countermeasure. We show that our protocol framework successfully tracks down attacker (Avg. of 100% in DoS attacker traceback, avg. of 96% in DDoS attacker traceback) under diverse network environments (e.g., high background traffic, DDoS attack, and partial node compromise) with low communication, computation, and memory overhead.\",\"PeriodicalId\":380051,\"journal\":{\"name\":\"ACM Workshop on Security of ad hoc and Sensor Networks\",\"volume\":\"29 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2006-10-30\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"6\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"ACM Workshop on Security of ad hoc and Sensor Networks\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/1180345.1180361\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"ACM Workshop on Security of ad hoc and Sensor Networks","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/1180345.1180361","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Attacker traceback with cross-layer monitoring in wireless multi-hop networks
Denial-of-Service (DoS) and Distributed DoS (DDoS) attacks can cause serious problems in wireless networks due to its limited network/host resources. Attacker traceback is a promising solution to take a proper countermeasure near the attack origin, for forensics, and to discourage attacker from launching attacks. However, attacker traceback in wireless multi-hop networks is a challenging problem, and existing attacker traceback schemes developed for the Internet cannot be directly applied to wireless multi-hop networks due to the peculiar characteristics of wireless multi-hop networks (e.g., dynamic/autonomous network topology, limited network/host resources such as memory and bandwidth). We introduce a protocol framework for attacker traceback geared toward wireless multi-hop networks with special attention to cross-layer abnormality monitoring. The basic building blocks of our protocol framework consist of abnormality detection, abnormality characterization, abnormality searching, abnormality matching, and countermeasure. We show that our protocol framework successfully tracks down attacker (Avg. of 100% in DoS attacker traceback, avg. of 96% in DDoS attacker traceback) under diverse network environments (e.g., high background traffic, DDoS attack, and partial node compromise) with low communication, computation, and memory overhead.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
