Journal of Korea Multimedia Society (한국멀티미디어학회논문지)

Korea Multimedia Society (한국멀티미디어학회)
권호 표지

A Security method and Performance evaluation of preventing DoS attack against DAD in MANET

MANET 환경에서 중복 주소 탐지에 대한 DoS 공격을 방지하는 보안 기법과 성능 평가

  • Published : 2009.08.30
Download PDF
⟨ Previous Next ⟩

Abstract

The study of IP address allocation in MANET can be categories into Stateful and Stateless. The one, special node monitors other nodes' IP address and allocates IF address. And the other, node generates IP address by itself. Nodes in MANET have mobility and restricted resource, so Stateless is more suitable than Stateful. But, in Stateless, node requires DAD process because of unique IP address allocation. And Dos attack can be happened in DAD precess. In this paper, we propose a security method on preventing DoS attack against DAD in MANET using one-way hash function. Since, Computation of one-way hash function is suitable for nodes' restricted resource character in MANET. And we evaluate performance using NS2 and compare with other security method which is CGA using signature.

MANET(Mobile Ad Hoc Network) 상에서 IP주소 할당에 관한 연구는 특정 노드가 다른 노드들의 IP주소를 모니터링 하여 할당하는 Stateful 방식과, 노드 스스로 IP주소를 생성하는 Stateless 방식이 있다. MANET 상의 노드들은 이동성과 제한된 자원의 특성으로 노드 스스로 IP 주소를 생성하는 Stateless 방식이 더 적합하다. 그러나, Stateless 방식에서는 중복되지 않는 주소를 할당하기 위한 DAD(Duplicate Address Detection)과정이 필요하고, 이 과정에서 DoS(Denial of Service) 공격이 발생할 수 있다. 본 논문에서는, MANET의 특성에 맞춰 계산량이 적게 드는 일방향 해쉬 함수를 이용하여, DAD과정에서 발생할 수 있는 DoS 공격을 방지하는 보안 기법을 제안한다. 그리고, NS2를 이용하여 기존의 서명을 이용한 CGA(Cryptographically Generated Addresses) 방식과 비교, 성능평가 한다.

Keywords

References

  1. R. Droms, "Dynamic host configuration protocol," RFC 2131, Mar. 1997.
  2. Bernardos C. J,. Calderon M, "A DHCP-based IP address autoconfiguration for MANETs," In Proceedings of the I International Conference on Ubiquitous Computing: Applications, Technology and Social Issues, 2006.
  3. T.Aura "Cryptographically Generated Addresses (CGA) draft-ietf-end-cga-06," IETF Internet-Draft, Apr. 16, 2004.
  4. P. Nikander, "Denial-of-Service, Address Ownership, and Early Authentication in the IPv6 World," presented at Cambridge Security Protocols Workshop 2001, Apr. 25-27, 2001, Cambridge University.
  5. H.Zhou, L. M. Ni, M. W. Mutka, "Prophet Address Allocation for Large Scale Manets," Proc, IEEE INFOCOM 2003, San Francisco, CA, Mar. 2003.
  6. IEEE. Guidelines for 64bit global identifer (eu64) registration authority. http://standards.ieee.org/regauth/oui/tutorials/EUI64.html, May 2001.
  7. M. Gunes, J. Reibel, "An ip address configuration algorithm for zeroconf. mobile multi-hop ad-hoc networks," in Proceedings of the International Workshop on Broadband Wireless. Ad-Hoc Networks and Services, Sophia Antipolis, France, Sep. 2002.
  8. Sanket Nesargi, Ravi Prakash, "MENTconf: Configuration of Hosts in a Mobile Ad hoc Network," In Proceedings of INFOCOM, 2002.
  9. Y.Sun, E.M.Belding-Royer, "Dynamic Address Configuration in Mobile Ad Hoc Networks," UCSB Technical Report 2003-11, June 2003.
  10. J. Boleng, "Efficient Network Layer Addressing for Mobile Ad hoc Networks," Proc, In, Conf, Wireless Networks, Las Vegas, NV, June 2002, pp. 271-77.
  11. P. Patchipulusu. "Dynamic Address Allocation Protocols for Mobile Ad Hoc Networks," Master's thesis, Computer Science, Texas A&M University, Aug. 1997.
  12. S. Thomson, T. Narten. "IPv6 Stateless Address Autoconfiguration," RFC 2462, IETF, Dec. 1998.
  13. Stuart Cheshire, Bernard Aboba. "Dynamic configuration of ipv4 link-local addresses." http://www.ietf.org/internet-drafts/draf-ietf-zeroconf-ipv4-linklocal-04.txt, July 2001.
  14. C. E. Perkins, J. T. Malinen, R. Wakikawa, E. M. Belding-Royer, and Y. Sun. Ad hoc Address Autoconfiguration. IETF Internet Draft, draft-ietf-manet-autoconf-01.txt, Nov. 2001.
  15. Ana R. Cavalli, Jean-Marie Orset "Secure hosts auto-configuration in mobile ad hoc networks," Ad Hoc Networks 3(5), 2005.
  16. Jaehoon Paul Jeong, Jungsoo Park, Hyoungjun Kim, Hongjong Jeong and Dongkyun Kim, "Ad Hoc IP Address Autoconfiguration," draft-jeong-adhoc-ip-addr-autoconf-06.txt, January 2006.
  17. K. Fall, K. Varadhan., "ns notes and documentation. Technical report," The VINT Project 2006.