Security Framework against Denial of Service Attacks in Wireless Mesh Networks

Abstract

Wireless mesh networks (WMNs) are emerging as a solution for large scale high speed internet access through their scalability, self configuring and low cost. But as compared to wired networks, WMNs are largely prone to different security attacks due to its open medium nature, distributed architecture and dynamic topology. Denial of service (DoS) attacks is one of the most common types of attack which is possible in WMNs. DoS attacks are most common in networks which connect to internet and since WMNs are mainly designed for fast and long distance internet access this type of attacks are common in the network. In our work we mainly concentrate our study on two denial of service attacks namely gray hole attacks (a.k.a selective forwarding attacks) and black hole attacks. Wireless mesh networks consist of both mesh routers and mesh clients. We confine our studies to mesh routers which are stationary. We implement both gray hole attack and black hole attack in mesh routers and study the delivery ratio of the network with and without the presence of attack routers. By simulating the scenario with AODV protocol we studied the delivery ratio of packets and find out how it is affecting the network in the presence of an attack router. After studying the results we propose a new detection algorithm based on overhearing the neighboring node to which the packet is forwarded. By keeping the history of number packets forwarded and the number of packets overheard the algorithm determines the number of packets dropped and determines the probability of attack. This probability is checked with the threshold value of probability and determines whether a router is misbehaving or not. We also considered the possibility of false positives and took necessary measures in the algorithm to reduce it. If a router is found misbehaving it is removed from the network and excluded from further forwarding of packets. We analyze our algorithm in the presence of an attack router and detect the attack router and study the improvement in the delivery ratio. Through simulation we evaluate the performance of our algorithm depending on the packet delivery ratio achieved and time.