Defense against Routing Disruption Denial-of- Service Attacks in Mobile Ad Hoc Networks

Mobile Ad hoc NETworks (MANETs) are decentralized environments comprised of mobile computing devices that interact among each other via multi-hop wireless links. MANET nodes forward packets on behalf of other nodes in the network. Such routing decisions are made autonomously by individual nodes. MANET characteristics make them highly vulnerable to a myriad of physical and cyber attacks. Cryptographic solutions, while effective for maintaining confidentiality and authentication, cannot mitigate some critical attacks on MANET availability, in particular insider and protocol-compliant routing disruption Denial-of-Service (DoS) attacks. This paper proposes a novel secure routing architecture for MANET called ThroughpUt-Feedback (TUF) routing, which is designed to be resilient against most known forms of routing disruption DoS attacks. Our approach is to monitor the end-to-end "good" throughput (or "goodput") of closed-loop flows to detect attacks that are impossible to detect using existing methods operating at the network layer. A major advantage of the TUF architecture is that it can be readily integrated into on-demand source routing protocols. TUF provides mechanisms that monitor the goodput of the current route to detect abnormalities (e.g., node or link failures, DoS attacks, etc.), and then initiates a route rebuilding process once the route has been determined to be abnormal. TUF is agile in that it is designed in a way that allows it to limit control overhead by using low-overhead schemes until an attack condition requires the use of higher-overhead route management schemes. Using analysis and simulations, we show that the TUF architecture is resilient against a wide range of attacks, including protocol-compliant (also known as "JellyFish") attacks. Keywords-Mobile Ad Hoc Networks; Denial-of-Service