You are on page 1of 4

International Journal of Recent Advances in Engineering & Technology (IJRAET)


A Novel Approach to Defend and Detect Flood Attacks in Disruption

Tolerant Networks

S. Joshua Johnson, 2S. Vineela Krishna

Department of CSE, Gudlavalleru Engineering College

Department of CSE, Gudlavalleru Engineering College
Email: 1,

packet to that node. We must remember that the usable

bandwidth and buffer spaces are the limited resources in
DTNs. Let us have an illustration of why the bandwidth
and buffer spaces are limited. Let two nodes in DTN
contacted at a particular instance of time. The time for
which they are in contact is very minute, due to the
principle of mobility; the nodes need to exchange the
packets within that short span of contacted time. Also,
every node is having a limit on the total number of
packets it can store in its buffer due to the battery power
constraints. The more the buffer capacity, the more
processing of packets is needed and hence more battery
power is consumed for the operations to be carried out.
As the nodes are mobile, saving of battery power is very
much essential. This is the reason why nodes in the
DTNs have limited buffer space. The point of interest to
be notified here is that the routing protocols, packet
forwarding strategies, security issues, and data
dissemination theories of a general internet
infrastructure cannot be applied to the architecture of
Keywords -security, limited resources, attacks, detection,
DTNs. Therefore a new strategy must be identified to
resource optimization
answer all the challenges associated with the nodes in
Disruption Tolerant Networks. Many of the researches
have been carried out in the fields of communication,
Abbreviated as DTN, Disruption Tolerant Network is
routing strategies, data dissemination, but only a little
the network which is designed to establish
amount of work has been dedicated to the field of
communication in the most unstable and remote
security in DTNs. The two most important attacks posed
environments, where the nodes in the network are
on the nodes of DTNs are packet flood attacks and
subjected to frequent disconnections and even high bit
replica flood attacks. The previous work on the category
error rates which could severely degrade the normal
of attacks employed a concept called Rate Limiting
communication. DTNs are frequently used in disaster
Factor, which proposed a limit over the number of
relief missions, in vehicular networks and in areas where
replicas that a node can generate for each packet. A
there is no communication infrastructure. Most recently,
concept called claim-carry-and-check is used to detect
NASA has tested DTN technology for space craft
whether a particular node in the network is an attacker
communication. Generally the packet forwarding
node or not. Initially, the nodes construct p-claims and tstrategy of TCP/IP is not suitable to DTNs because, we
claims which are further used by the contacting nodes to
do not have a continuous connectivity among the nodes
verify the genuineness of the node in the network. The
in the network, and also the structure of nodes
important issue here is to generate a hash of the packet,
connected, cannot be predicted using the graph
and a further signature generation of all the parameters
structures as the connection is not persistent. Thus DTNs
involved either in p-claim or t-claim. The existing
use an approach called store and forward strategy which
algorithm employs a complex hash generation, which,
works as follows. Consider a scenario that, when a
leads to fast consumption of battery. It is already known
particular node in the network receives some packets,
that the DTNs have opportunistic contacts, and also, the
then the node stores the packets in its buffer, now carries
battery power available is a limited resource. Hence
the packets in the network until it contacts another node.
there is a need to reduce the time taken by the node to
Soon after contacting the other node, it forwards the
generate the hash for a packet and then the signature
ISSN (Online): 2347 - 2812, Volume-2, Issue -11,12 2014
AbstractNetworking plays a key role in the field of
communication among different nodes all over the world.
Many techniques are available on how to communicate
among different nodes for efficient data transfer. There
exists a specialized class of networks called Disruption
Tolerant Networks (DTN), where the nodes in the network
are not continuously connected without any specialized
communication infrastructure available to control the
network. Apart from the existing challenges like
communication, data dissemination, and routing, there
exists another major challenge in DTNs to protect nodes
from the attacks caused by the attackers. Existing
mechanisms tried to provide security by using a complex
hashing algorithm, which takes significant amount of time,
ultimately affecting the limited bandwidth and battery life
of the mobile nodes. In this paper, we employed an
optimized algorithm which helps reducing the complex
hash generation, in addition not compromising on the
security. The proposed algorithm optimizes both the
concepts of security and complexity of computation for the
nodes in Disruption Tolerant Networks.

International Journal of Recent Advances in Engineering & Technology (IJRAET)

generation too. In this paper, we employ an algorithm
which optimizes the hashing process, in addition
reducing the packet size by compression thereby
optimizing bandwidth and battery which saves the
limited available resources of DTNs.


As discussed, in the past, more significant work has
been dedicated to routing, data dissemination, black hole
attacks, wormhole attacks, but a major work has not
been done on flooding attacks. Researchers in [1]
present an algorithm called claim-carry-and-check,
which uses the claims carried by the nodes, when
contacted with each other, exchanges the claims and
then check the claims to identify an attacker. The
analysis of black hole attack tells that legitimate nodes
are compromised and adversary nodes launch black hole
attacks. Another kind of attack called worm hole attack,
illustrates that, malicious nodes records the packets at
one location and tunnels them to another colluding node,
which relays them locally into the network. So this
paper focuses on the flooding attacks on DTNs which is
the most important problem that is to be resolved.

A. Defining the problem
Nodes in DTNs frequently come across the following
two attacks. The first one is the packet flood attacks and
the second one is replica flood attacks. Let us consider
about how we are dealing with these two kinds of
B. Defending against flood attacks
Consider that a node sends packets with some limit L at
each time interval T. If the node generates the packets
by adhering to its limits, then the node is considered as a
legitimate node. If the node exceeds its fixed limit, then
the packets are considered as the flooded packets in the
C. Defending against replica attacks
Consider that a node is sending the packets to another
node in the network. Now, if the packets are sent within
the limit, and with unique packets, then there would not
be any problem. But if the source node intentionally
replicates the same packet several times and send them
into the network, then it can be identified as an attacker.

is currently operating, he/she can request them and can

get the request satisfied by the trusted authority.
E. The core idea
To identify the attackers in the network, the nodes, as a
source must violate the allocated limit L. We are aware
that we do not have specialized nodes to view the
activities of the other nodes. So, here we add a
capability to the nodes that every node, while sending
packets, it counts the number of packets it has sent into
the network. So, it claims a particular count into the
network. After claiming, the nodes which contact the
source node, carries this claims while travelling in the
network, and at some point of time, when two of the
nodes contact, then they check the claims with each
other. If the claims are consistent, then the source node
is not an attacker node. If the claims are inconsistent,
then the source node is an attacker.


A considerable amount of work has been done on the
flooding attacks in [1]. Our paper assumes the contact
times of the nodes to be very minute, and thus, helps in
reducing the number of attacks. Consider a scenario,
which illustrates this situation. A node wants to send
packets into the network, and communicates with other
nodes. The cryptographic construction used in [1] uses a
complex algorithm which takes a significant amount of
time to calculate the signatures. As we are aware that the
contact opportunities of the nodes are very less, and
now, if the signature calculation takes a lot of time, then
the limited resources of the mobile nodes such as battery
power and bandwidth cannot be efficiently used. Hence,
we propose a simple algorithm which takes less amount
of time for signature calculation, thereby, optimizing the
security as well as limited available resources of the
A. Protocols used
Assume that two nodes contact with each other and they
exchange packets to establish the communication. Then,
the protocol they use to forward the packet is as follows.
Algorithm: The following protocol is run by each node
when in contact.
1: Data exchange and identification of attacks.
2: if nodes have packets to transfer then

D. Approving the limit L

3: compress packets

There are several methods available to approve the limit

L of the nodes to send the packets in the network. The
following method can be used. Whenever a user wants
to use the network, he/she joins the network and
requests the network operator that he/she wants a
particular limit L to send the packets. Then the authority
approves the limit L, if the request is legitimate. If in the
network, at some or the other time, if the user wants to
have a more or lesser limit than the limit in which he/she

4: generate the claims

5: generate the signature using the less complex
6: end if
7: if node receives packet then
8: verify the claims
9: verify signatures using less complex algorithm

ISSN (Online): 2347 - 2812, Volume-2, Issue -11,12 2014

International Journal of Recent Advances in Engineering & Technology (IJRAET)

10: if signature verification fails then

discard the packet, identify the attacker


propagate information to network

13: end if
14: if detects consistency then

accept packet


proceed for further processing

17: end if
18: end if

A. Setting up the environment
To evaluate our scheme, we simulate the network with
an initial number of nodes, and we intentionally deploy
the attacker nodes into the network. We also decide the
parameter k which is a system parameter. After some
time, the system is capable of finding the intentionally
deployed attacker and thus, we are successful in
identifying the attacker.

Detection Delay: it is the time between the first invalid

packet sent and the identification of the attacker.
Computation cost: the total number of signature
generations and verifications per one contact.
Storage cost: total amount of storage required to store
the claims per a single node.


In this paper, we adopted the limits to nodes to alleviate
the attacks on DTNs, and proposed a scheme, which
reduces the complexity of signature generation and
verification. Our idea uses efficient methods to reduce
the consumption of limited resources like battery power
and bandwidth. Our simulation shows that we are
successful in detecting the flood attacks on DTNs, and
that too optimizing the security issues of the nodes in the
network. As the technology is enhancing day by day,
with lots of advantages, it also presents a lot of
challenges in the field of networking. DTNs have lots of
applications, as they can be used in places where there is
no infrastructure. These applications pose lots of
challenges to be resolved in future which gives a scope
for good research in the field of networking.

Here, we analyze the graphical representation for the

existing and proposed system in different perspectives.
Figure 1. Existing system for detection rate


Quinghua Li, Weigao, Sencun Zhu and Guohong

Cao, To Lie or to Comply: Defending against
Attacks in Disruption Tolerant
Networks, vol.10,no.3, pp.168-182,2013.


P. Hui, A. Chaintreau, J. Scott, R. Gass, J.

Crowcroft, and C. Diot,Pocket Switched
Networks and Human
Mobility in Conference
Environments, Proc. ACM SIGCOMM, 2005.


M. Motani, V. Srinivasan, and P. Nuggehalli,

PeopleNet: Engineering a Wireless Virtual
Social Network,
Proc. MobiCom,pp. 243257, 2005.


J. Burgess, B. Gallagher, D. Jensen, and B.

Levine, Maxprop: Routing for Vehicle-Based
DisruptionTolerant Networks, Proc. IEEE
INFOCOM, 2006.


J. Mirkovic, S. Dietrich, D. Dittrich, and P.

Reiher, Internet Denial ofService: Attack and
Defense Mechanisms. Prentice Hall, 2005".


C. Karlof and D. Wagner, Secure Routing in

Countermeasures, Proc.
IEEE First Intl
Workshop Sensor Network Protocols and
Applications, 2003.


E. Daly and M. Haahr, Social Network Analysis

for Routing in Disconnected Delay-Tolerant
Proc. MobiHoc, pp. 32-40,2007.

Figure 2. Proposed system for detection rate

Figure 3. Existing system for storage
Figure 4. Proposed system for storage
Figure 5. Existing system for energy consumption
Figure 6. Proposed system for energy consumption
B. Different algorithms for routing
Disruption Tolerant Networks, while communicating
and transferring the data may follow any of the routing
strategy, depending on the context in which they are
operated. Some of the routing strategies are
Forward: here, a packet is forwarded from one node to
another intermediate node, if that intermediate node has
more regular contacts with destination.
Simbet: a packet is forwarded to an intermediate node,
provided it has higher value for similarity and
Spray-and-wait: the source node duplicates the packet to
intermediate node, and then the intermediate node
transfers the packet to the destination node when they
contact with each other.
C. Different metrics for routing
We have the following metrics to evaluate the
performance of our work.

W. Gao, Q. Li, B. Zhao, and G. Cao,
Detection rate: can be calculated as the total number of
Multicasting in Delay Tolerant Networks: A
attackers that are identified out of all the available
ISSN (Online): 2347 - 2812, Volume-2, Issue -11,12 2014

International Journal of Recent Advances in Engineering & Technology (IJRAET)

Social Network
MobiHoc, 2009.



Perspective, Proc. ACM

F. Li, A. Srinivasan, and J. Wu, Thwarting

Blackhole Attacks in Distruption-Tolerant
Networks Using Encounter Tickets," Proc. IEEE
INFOCOM, 2009.
Y. Ren, M.C. Chuah, J. Yang, and Y. Chen,
Detecting Wormhole Attacks in Delay Tolerant
IEEE Wireless Comm.
Magazine, vol. 17, no. 5, pp. 36-42, Oct. 2010.


Q. Li and G. Cao, Mitigating Routing

Misbehavior in Disruption Tolerant Networks,
IEEE Trans.
Information Forensics and
Security, vol. 7, no. 2, pp. 664-675, Apr. 2012.


H. Zhu, X. Lin, R. Lu, X.S. Shen, D. Xing, and

Z. Cao, An Opportunistic Batch Bundle
Scheme for Energy
Constrained DTNS, Proc. IEEE INFOCOM,


B. Raghavan, K. Vishwanath, S. Ramabhadran,

K. Yocum, and A. Snoeren, Cloud Control with
Rate Limiting, Proc. ACM
SIGCOMM, 2007.

U. Shevade, H. Song, L. Qiu, and Y. Zhang,

Incentive-Aware Routing in DTNS, Proc. IEEE
Intl Conf.
Network Protocols (ICNP 08),

ISSN (Online): 2347 - 2812, Volume-2, Issue -11,12 2014