Proactive defense mechanism against IP spoofing traffic on a NEMO environment

Mihui Kim, Kijoon Chae

Research output: Contribution to journalArticlepeer-review

1 Scopus citations

Abstract

The boundary of a distributed denial of service (DDoS) attack, one of the most threatening attacks in a wired network, now extends to wireless mobile networks, following the appearance of a DDoS attack tool targeted at mobile phones. However, the existing defense mechanisms against such attacks in a wired network are not effective in a wireless mobile network, because of differences in their characteristics such as the mobile possibility of attack agents. In this paper, we propose a proactive defense mechanism against IP spoofing traffic for mobile networks. IP spoofing is one of the features of a DDoS attack against which it is most difficult to defend. Among the various mobile networks, we focus on the Network Mobility standard that is being established by the NEMO Working Group in the IETF. Our defense consists of following five processes: speedy detection, filtering of attack packets, identification of attack agents, isolation of attack agents, and notification to neighboring routers. We simulated and analyzed the effects on normal traffic of moving attack agents, and the results of applying our defense to a mobile network. Our simulation results show that our mechanism provides a robust defense.

Original languageEnglish
Pages (from-to)1959-1967
Number of pages9
JournalIEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences
VolumeE89-A
Issue number7
DOIs
StatePublished - Jul 2006

Keywords

  • Defense mechanism
  • IP spoofing traffic
  • Mobile network
  • Neighbor graph
  • Network Mobility (NEMO)

Fingerprint

Dive into the research topics of 'Proactive defense mechanism against IP spoofing traffic on a NEMO environment'. Together they form a unique fingerprint.

Cite this