3rd International ICST Conference on Security and Privacy in Communication Networks

Research Article

Mitigating Denial-of-Service Attacks in MANET by Incentive-based Packet Filtering: A Game-theoretic Approach

  • @INPROCEEDINGS{10.1109/SECCOM.2007.4550349,
        author={Xiaoxin Wu and David K. Y. Yau},
        title={Mitigating Denial-of-Service Attacks in MANET by Incentive-based Packet Filtering: A Game-theoretic Approach},
        proceedings={3rd International ICST Conference on Security and Privacy in Communication Networks},
        publisher={IEEE},
        proceedings_a={SECURECOMM},
        year={2008},
        month={6},
        keywords={Bandwidth  Communication system security  Computer crime  Filtering  Game theory  Intrusion detection  Mobile ad hoc networks  Mobile communication  Routing protocols  Telecommunication traffic},
        doi={10.1109/SECCOM.2007.4550349}
    }
    
  • Xiaoxin Wu
    David K. Y. Yau
    Year: 2008
    Mitigating Denial-of-Service Attacks in MANET by Incentive-based Packet Filtering: A Game-theoretic Approach
    SECURECOMM
    IEEE
    DOI: 10.1109/SECCOM.2007.4550349
Xiaoxin Wu1,*, David K. Y. Yau2,*
  • 1: Intel Communication Beijing Lab Beijing, China
  • 2: Department of Computer Science Purdue University West Lafayette, IN 47907, USA
*Contact email: xiaoxin.wu@intel.com, yau@cs.purdue.edu

Abstract

Defending against denial-of-service attacks (DoS) in a mobile ad hoc network (MANET) is challenging because the network topology is dynamic and nodes are selfish. In this paper, we propose a DoS mitigation technique that uses digital signatures to verify legitimate packets, and drop packets that do not pass the verification. Since nodes are selfish, they may not perform the verification in order to avoid paying the overhead. A bad packet that escapes verification along the whole network path will bring a penalty to all its forwarders. A network game can be formulated in which nodes along a network path, in optimizing their own benefits, are encouraged to act collectively to filter out bad packets. Analytical results show that Nash equilibrium can be attained for players in the proposed game, and significant benefits can be provided to forwarders such that many of the bad packets will be eliminated by verification.