Background & Objective: DDoS attack poses a huge threat to the communication and security of mobile nodes in MANETs. The number of approaches proposed to defense against DDoS attacks in MANETs is much less as compared to those for the wire-based networks. The aim of this paper is to test the effectiveness of the proposed cluster-based DDoS attacks mechanism with various reactive routing protocols.
Methods: The scheme proposed here is the clustering-based DDoS defense mechanism, in which the cluster heads monitor the incoming traffic to identify the presence of suspicious behaviour. After the successful identification of suspicious behavior, the flow responsible behind it will be identified and confirmed whether it is related to DDoS attack or not. Once the DDoS attack is confirmed, all the packet related to it will be discarded.
Results & Discussion: OMNeT++ along with the INET framework is used to evaluate the effectiveness of the proposed defense scheme with different routing protocols. In attack situations, DYMO exhibited higher throughput and able to deliver approximately 95% legitimate packets. DYMO, in comparison to AODV and DSR, managed to control end-to-end delay at its best levels (i.e. 0.40 to 0.70 seconds). In terms of packet delivery ratio, AODV and DYMO both perform better than DSR and able to maintain PDR at their highest levels (i.e. 0.90 to 0.94).
Conclusion: The attack detection mechanism proposed here performs various tasks like monitoring, characterization, and identification of attack traffic from the incoming flow with the help neighbouring cluster heads. The flow identified as the attack is discarded and attack-related information would be shared with neighbouring cluster heads to achieve distributed defense. The performance of the proposed defense system is assessed with different reactive routing protocols and identified that DYMO protocols perform better than AODV and DSR.
Keywords: MANETs, DDoS defense, Ad Hoc networks, reactive routing protocols, AODV, DYMO.