DOS Attack and Defense in Mobile Ad Hoc Networks

Mobile ad hoc networks will often be deployed in environments where the nodes of the networks are unattended and have little or no physical protection against tampering. The nodes of mobile ad hoc networks are thus susceptible to compromise . The networks are particularly vulnerable to denial of service (DOS) attacks la unched through compromised nodes or intruders. Presented in this paper is the ad hoc flooding attack, a new attack, which results in denial of service when used against on-demand routing protocols for mobile ad hoc networks, such as AODV, D SR. The intruder broadcasts mass useless route request packets or sends a lot of useless DATA packets to exhaust the communication bandwidth and node resource s o that the valid communication can not be kept. After analyzing the attack, floo ding attack prevention (FAP) is developed, which is a generic defense against th e ad hoc flooding attacks in mobile ad hoc networks. The FAP is composed of neig hbor suppression and path cutoff. When the intruder broadcasts exceeding packets of route request, the immediate neighbors of the intruder observe a high rate o f route request and then they lower the corresponding priority according to the rate of incoming queries. Moreover, not serviced low priority queries are eventu ally discarded. When the intruder sends many useless DATA packets to the victim node, the node may cut off the path and does not set up a path with the intruder any more. The results of the implementation show that FAP can prevent the ad ho c flooding attack efficiently.