A fast defense mechanism against IP spoofing traffic in a NEMO environment

Mihui Kim, Kijoon Chae

Research output: Contribution to journalConference articlepeer-review

3 Scopus citations

Abstract

The boundary of a distributed denial of service attack, one of the most threatening attacks in a wired network, now extends to wireless mobile networks, following the appearance of a DDoS attack tool targeted at mobile phones. Many protocols and architectures for mobile networks were designed without regard to the possibility of a DDoS attack. Moreover, the existing defense mechanisms against such attacks in a wired network are not effective in a wireless mobile network, because of differences in their characteristics. In this paper, we propose a fast defense mechanism against IP spoofing traffic for mobile networks. IP spoofing is one of the features of a DDoS attack against which it is most difficult to defend. Among the various mobile networks, we focus on the Network Mobility standard that is being established by the NEMO Working Group in the IETF. Our defense consists of the following five processes: speedy detection, filtering of attack packets, identification of attack agents, isolation of attack agents, and notification of neighboring routers. We simulated and analyzed the effects on normal traffic of moving attack agents, and the results of applying our defense to a mobile network. Our experimental results show that our mechanism provides a robust defense.

Original languageEnglish
Pages (from-to)843-852
Number of pages10
JournalLecture Notes in Computer Science
Volume3391
DOIs
StatePublished - 2005
EventInternational Conference on Information Networking, ICOIN 2005 - Jeju Island, Korea, Republic of
Duration: 31 Jan 20052 Feb 2005

Fingerprint

Dive into the research topics of 'A fast defense mechanism against IP spoofing traffic in a NEMO environment'. Together they form a unique fingerprint.

Cite this