vioft2nntf2t|tblJournal|Abstract_paper|0xf4ff14e0070000007d4b010001000500
Defending against denial-of-service attacks (DoS) in a mobile ad hoc network (MANET) is challenging because of the dynamic network topology. Security primitives must be dynamically adjusted to cope with the network. The Reduction-of-Quality (RoQ) Distributed Denial of Service (DDoS) attack is one which throttles the tcp throughput heavily and reduces the quality-of-service (QoS) to end systems gradually rather than refusing the clients from the services completely. Supporting QoS in MANET is a challenging task, particularly in the presence of malicious users. In this paper, we propose a DoS resilient technique that uses a flow table to detect the attackers. The proposed defense mechanism identifies the attackers based on the congestion bit notification and asks the sending node to reduce the sending rate. Once the attackers are identified, all the packets from those nodes will be blocked. The throughput and delay performance of TCP or UDP flows are very sensitive to such RoQ attacks. Through extensive ns2 network simulations, we demonstrate the achievement of high throughput and low delay for a network under the RoQ attack.