dos resilience in ad hoc networks€¦ · tcp congest. window minrto n x minrto time jf outage:...
TRANSCRIPT
![Page 1: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/1.jpg)
DoS Resilience in Ad Hoc Networks
I. Aad, J.-P. Hubaux and E. Knightly
MobiCom 2004, Sept. 29th 2004,
Philadelphia - PA, USA
1
![Page 2: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/2.jpg)
Outline
Introduction and system model
DoS attacks:“Protocol-compliant” attacks: JellyFishBlackHole
The cost of counter-measures
Network performance under DoS attacks
Conclusion
2
![Page 3: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/3.jpg)
Introduction
Significant work has been made in:
Key Establ.
General
Authentication
Group / Multic
ast
Arms ra
ce
Localisation
Cooperation
Routing
Intrusion detectio
n
Reputation
32P
erce
nta
ge
26
12
7 65 4 3
2 2
3
![Page 4: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/4.jpg)
Introduction
Significant work has been made in:
Key Establ.
General
Authentication
Group / Multic
ast
Arms ra
ce
Localisation
Cooperation
Routing
Intrusion detectio
n
Reputation
32P
erce
nta
ge
We are here
0
DoS assessment
26
12
7 65 4 3
2 2
Our goal: quantify the damage of a DoS attack on anad-hoc network
3
![Page 5: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/5.jpg)
Introduction
Significant work has been made in:
Key Establ.
General
Authentication
Group / Multic
ast
Arms ra
ce
Localisation
Cooperation
Routing
Intrusion detectio
n
Reputation
32P
erce
nta
ge
We are here
0
DoS assessment
26
12
7 65 4 3
2 2
Design (and study) a new class of “protocol-compliant”attacks
3
![Page 6: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/6.jpg)
System model
Ad-hoc multi-hop network, Mobile nodes, Secure routing,
Node Authentication, 1 ID/node, Packet Authentication and
Encryption...4
![Page 7: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/7.jpg)
System model
JF
JF: JellyFishBH: BlackHole
BH
JF
The dual role of hosts as routers introduces a criticalvulnerability!
4
![Page 8: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/8.jpg)
Outline
Introduction and system model
DoS attacks:
“Protocol-compliant” attacks: JellyFishBlackHole
The cost of counter-measures
Network performance under DoS attacks
Conclusion
5
![Page 9: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/9.jpg)
What is a "protocol-compliant" attack?
Just like any IP service, it can:
Drop packets
Reorder packets
Delay / jitter packets
6
![Page 10: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/10.jpg)
What is a "protocol-compliant" attack?
Just like any IP service, it can:
Drop packets
Reorder packets
Delay / jitter packets
BUT!in a MALICIOUS way...
6
![Page 11: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/11.jpg)
What is a "protocol-compliant" attack?
Just like any IP service, it can:
Drop packets
Reorder packets
Delay / jitter packets
Why use "protocol-compliant" attacks ?Detection and diagnosis are time consuming!
6
![Page 12: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/12.jpg)
Example: the JellyFish
� �� �� �� �� ���
���
� �� �� �� �� ���
���
� �� �� �� �� ���
���
Buffer size
JF−reordering node
Pkt Recv
SrcJF
Dst
Random select
Pkt Send
� �� �� �� �� ���
���
7
![Page 13: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/13.jpg)
Example: the JellyFish
0
0.1
0.2
0.3
0.4
0.5
0.6
0.7
0.8
1 1.5 2 2.5 3 3.5 4 4.5 5
Goo
dput
(M
b/s)
Reordering buffer size
2 hops3 hops4 hops5 hops
Reordering >3 packets reduces TCP throughput to ≈zero!7
![Page 14: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/14.jpg)
The JellyFish
For closed-loop traffic:TCP, TFRC-like...
Passive
Hard to detect...... until after the "sting"
End-to-end control protocols infer network status fromfeedback measurements.
JF interferes with these measurements...
... to attenuate the traffic flows.8
![Page 15: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/15.jpg)
The JellyFish
For closed-loop traffic:TCP, TFRC-like...
Passive
Hard to detect...... until after the "sting"
Species:
JF-Reorder → “multipath”
JF-drop → “congestion, buffer overflow...”
JF-Jitter (variable RTT) → “variable loads” 8
![Page 16: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/16.jpg)
JF-drop
For wired networks: the Shrew [Kuzmanovic & Knightly]
Dropping 5% of the packets periodically (@T = 1sec)
T
Time
SrcJF
Dst
T x d%
9
![Page 17: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/17.jpg)
JF-drop
Dropping 5% of the packets periodically (@T = 1sec)
0
0.1
0.2
0.3
0.4
0.5
0.6
0.7
0.8
0 0.5 1 1.5 2 2.5 3
Goo
dput
(M
b/s)
Time period (s)
2 hops3 hops4 hops5 hops
... reduces TCP throughput to zero!9
![Page 18: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/18.jpg)
JF-drop
TC
P c
on
ges
t. w
ind
ow
Time
JF Outage: ~RTT
9
![Page 19: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/19.jpg)
JF-drop
TC
P c
on
ges
t. w
ind
ow
minRTO
Time
JF Outage: ~RTT
9
![Page 20: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/20.jpg)
JF-drop
TC
P c
on
ges
t. w
ind
ow
minRTO n x minRTO
Time
JF Outage: ~RTT
9
![Page 21: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/21.jpg)
JF-drop
TC
P c
on
ges
t. w
ind
ow
1 sec n x 1 sec
Time
RFC 2988
JF Outage: ~RTT
9
![Page 22: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/22.jpg)
JF-drop
TC
P c
on
ges
t. w
ind
ow
1 sec n x 1 sec
Time
RFC 2988
JF Outage: ~RTT
9
![Page 23: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/23.jpg)
JF-jitter
������ �� �� �� �� �� �� �� ��� �����
JF−jitter−delay node
time
IDLE
Server with vacations
JFDst
Src
10
![Page 24: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/24.jpg)
JF-jitter
TCP infers network/congestion status using RTT...
0
0.1
0.2
0.3
0.4
0.5
0.6
0.7
0.8
0 1 2 3 4 5
Goo
dput
(M
b/s)
Idle period (s)
JF-jitter
JF interferes with RTT to attenuate the TCP flow!10
![Page 25: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/25.jpg)
The BlackHole
For non-responsive / open-loop traffic...
Passive
Forwards routing packets
"Absorbs" all data packets
Hard to detect...11
![Page 26: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/26.jpg)
The BlackHole
MAC/PHY
UpstreamBH
DstMAC/PHY
IP IP
Data
MAC−ACK
Drop!
of MAC layerfailure
Detection
neighbor
MAC ACK avoids immediate diagnosing
11
![Page 27: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/27.jpg)
The BlackHole
MAC/PHY
UpstreamBH
DstMAC/PHY
IP IP
Data
MAC−ACK
Drop!
of MAC layerfailure
Detection
neighbor
(zero throughput)
11
![Page 28: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/28.jpg)
Passive ACK (PACK) [DSR]
A is sending a packet to C via B
A B C
12
![Page 29: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/29.jpg)
Passive ACK (PACK) [DSR]
A overhears B’s transmission/forward to C
A B C
12
![Page 30: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/30.jpg)
Passive ACK (PACK) [DSR]
PACK can be fooled by low-power transmissions...
A B C
12
![Page 31: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/31.jpg)
Passive ACK (PACK) [DSR]
... Or by using directional antennas!
A B C
12
![Page 32: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/32.jpg)
Outline
Introduction and system model
DoS attacks:“Protocol-compliant” attacks: JellyFishBlackHole
The cost of counter-measures
Network performance under DoS attacks
Conclusion
13
![Page 33: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/33.jpg)
Non-goal: escalating the “arms race”
Diagnosis are inevitableLocally ?End-to-end ?
Our goal: how do they perform ?14
![Page 34: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/34.jpg)
The cost of counter-measures
Counter-measure parameters:
Diagnosis time → E(T ndiag)
(re)Route request → E(T nRR)
Routing protocol limitations:
Rate limiter → E(T nRL)
Let:
Flow lifetime → E(TL)
Proportion of JF → p
Path length (for recvd. pkts.) → h
15
![Page 35: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/35.jpg)
The cost of counter-measures
Goodput = E(TL)
E(TL)+(E(T ndiag
)+E(T nRL
)+E(T nRR
))(1−p)−h
0
0.2
0.4
0.6
0.8
1
0 0.1 0.2 0.3 0.4 0.5 0.6
Goo
dput
Fraction of JellyFish Nodes
3 relay nodes6 relay nodes9 relay nodes
Diagnosis and rerouting times get magnified by (1 − p)−h.
(h: average hop-count, p: proportion of JF)15
![Page 36: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/36.jpg)
The cost of counter-measures
Goodput = E(TL)
E(TL)+(E(T ndiag
)+E(T nRL
)+E(T nRR
))(1−p)−h
Mobility
Network size
“PACK++”
Watchdog, path-rater [Marti et al.]
Identifying “Byzantine nodes” [Awerbuch et al.]
Reputation systems [Buchegger et al., Michiardi et al.]
Rushing attack [Hu et al.]
15
![Page 37: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/37.jpg)
Rushing attack [Hu et al.]
16
![Page 38: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/38.jpg)
Rushing attack [Hu et al.]
JF
The malicious node increases its transmission range
16
![Page 39: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/39.jpg)
Rushing attack [Hu et al.]
JF
... to "attract" more flows, therefore increasing p!
16
![Page 40: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/40.jpg)
Rushing attack [Hu et al.]
Goodput = E(TL)
E(TL)+(E(T ndiag
)+E(T nRL
)+E(T nRR
))(1−p)−h
0
0.2
0.4
0.6
0.8
1
0 0.1 0.2 0.3 0.4 0.5 0.6
Goo
dput
Fraction of JellyFish Nodes
no rushing attack2x rushing4x rushing
The rushing attack makes things even worse,exponentiating the effect with hop length!
(h: average hop-count, p: proportion of JF) 16
![Page 41: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/41.jpg)
Rushing attack [Hu et al.]
Goodput = E(TL)
E(TL)+(E(T ndiag
)+E(T nRL
)+E(T nRR
))(1−p)−h
0
0.2
0.4
0.6
0.8
1
0 0.1 0.2 0.3 0.4 0.5 0.6
Goo
dput
Fraction of JellyFish Nodes
no rushing attack2x rushing4x rushing
The goodput collapses under 10% of attackers!
16
![Page 42: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/42.jpg)
Outline
Introduction and system model
DoS attacks:“Protocol-compliant” attacks: JellyFishBlackHole
The cost of counter-measures
Network performance under DoS attacks
Conclusion
17
![Page 43: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/43.jpg)
What about the network resistance?
Simulation setup:
2000m × 2000m topology
200 mobile nodes
Velocity: 0 to 10m/s
Average pause time: 10s
50 UDP flows: 500B packets / 5s, (800b/s)
Clear non-fading channel
Simulation: 100s warmup + 500s simulation
(50 simulations, 18 topologies) / point, 95% conf.intervals
18
![Page 44: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/44.jpg)
What about the network resistance?
System-wide total throughput = sum of E-2-E throughputs:
%
Sys
tem
Th
rpt.
Percentage of JF
18
![Page 45: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/45.jpg)
What about the network resistance?
System-wide total throughput = sum of E-2-E throughputs:
100%
Sys
tem
Th
rpt.
Percentage of JF
18
![Page 46: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/46.jpg)
What about the network resistance?
System-wide total throughput = sum of E-2-E throughputs:
100%
Sys
tem
Th
rpt.
Percentage of JF
18
![Page 47: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/47.jpg)
What about the network resistance?
System-wide total throughput = sum of E-2-E throughputs:
100%
Sys
tem
Th
rpt.
Percentage of JF
18
![Page 48: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/48.jpg)
again ?
DoS increases the capacity of ad-hoc networks!
19
![Page 49: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/49.jpg)
Path length for received packets
0
0.05
0.1
0.15
0.2
0.25
0.3
0.35
0 5 10 15 20
Pro
babi
lity
Number of hops
0 JF / 200 nodes16 JF, Grid. plac. / 200 nodes25 JF, Grid. plac. / 200 nodes49 JF, Grid. plac. / 200 nodes
After DoS: → Long paths are extinguished...
→ Short paths will survive...20
![Page 50: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/50.jpg)
Path length for received packets
− End−to−End throughput = channel capacity− Less interference− More channel reuse
After DoS: → Long paths are extinguished...
→ Short paths will survive...20
![Page 51: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/51.jpg)
Path length for received packets
− End−to−End throughput = channel capacity− Less interference− More channel reuse
− E2E throughput = ch. capacity / 3− More interference− Less channel reuse
After DoS: → Long paths are extinguished...
→ Short paths will survive...20
![Page 52: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/52.jpg)
Path length for received packets
− End−to−End throughput = channel capacity− Less interference− More channel reuse
− E2E throughput = ch. capacity / 3− More interference− Less channel reuse
System throughput maximizer
After DoS: → Long paths are extinguished...
→ Short paths will survive...20
![Page 53: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/53.jpg)
Path length for received packets
− End−to−End throughput = channel capacity− Less interference− More channel reuse
− E2E throughput = ch. capacity / 3− More interference− Less channel reuse
System throughput maximizer
and this is what JF and BlackHoles are doing!20
![Page 54: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/54.jpg)
System throughput
0
0.5
1
1.5
2
2.5
0 5 10 15 20 25
Nor
mal
ized
sys
tem
thro
ughp
ut
Percentage of JFs
50 1Mb/s CBR flows250 1Mb/s CBR flows
5 TCP flows
System throughput often increases after DoS!21
![Page 55: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/55.jpg)
BUT!
0
0.2
0.4
0.6
0.8
1
0 5 10 15 20 25
Jain
’s in
dex
of fa
irnes
s
Percentage of JF
50 1Mb/s CBR flows250 1Mb/s CBR flows
5 TCP50 TCP
System becomes unfair, in favor of short paths.22
![Page 56: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/56.jpg)
After DoS...
Network gets severely partitioned
Short flows survive
Long flows are attenuated
Aggregated system throughput may increase!
23
![Page 57: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/57.jpg)
More in the paper...
We analyze the performance of the system when varyingthe:
Offered load
Network size
Node density
Node mobility
JF placement strategy
24
![Page 58: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/58.jpg)
Outline
Introduction and system model
DoS attacks:“Protocol-compliant” attacks: JellyFishBlackHole
The cost of counter-measures
Network performance under DoS attacks
Conclusion
25
![Page 59: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/59.jpg)
Conclusion
TCP collapses with malicious:Dropping, reordering, jitter ...
More generally, all closed-loop mechanisms arevulnerable to malicious tampering
“Protocol-compliance” makes defense moreproblematic
First paper to quantify DoS effects on ad-hoc networks:DoS increases capacity! BUT!Network gets partitionedFairness decreases→ System throughput, alone, is not enough tomeasure DoS impacts
26
![Page 60: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/60.jpg)
PACK
PACK power
i j k i j k
27
![Page 61: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/61.jpg)
PACK
PACK fool
i j k i j k
27
![Page 62: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/62.jpg)
PACK
PACK directional antenna
i j k i j k
27
![Page 63: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/63.jpg)
Reminder on TCP
TimersCong. Window
Pkt Recv(ACK recv)
Sender Receiver
Data Pkt
ACK
8x
8x
9x
Sender Receiver
Slow Start (SS)
Congest. Avoid. (CA)(cwnd > ssthresh)
b |SRTT−RTT|
SRTT = (1−a) SRTT + a RTT
RTTVAR = (1−b) RTTVAR +
SRTT+ max(G, 4 RTTVAR))
Timers
cwnd += 1/cwnd (CA)
ssthresh
RTO = max(minRTO ,
Cong. Window
Pkt Recv(ACK recv)
cwnd += 1 (SS)
1 RTT
28
![Page 64: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/64.jpg)
Reminder on TCP
TimersCong. Window
Pkt Recv(ACK recv)
Data Pkt
Sender Receiver
28
![Page 65: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/65.jpg)
Reminder on TCP
b |SRTT−RTT|
SRTT = (1−a) SRTT + a RTT
RTTVAR = (1−b) RTTVAR +
SRTT+ max(G, 4 RTTVAR))
Timers
ssthresh
RTO = max(minRTO ,
Cong. Window
Pkt Recv(ACK recv)
cwnd += 1 (SS)
1 RTT
Data Pkt
ACK
Sender Receiver
28
![Page 66: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/66.jpg)
Reminder on TCP
b |SRTT−RTT|
SRTT = (1−a) SRTT + a RTT
RTTVAR = (1−b) RTTVAR +
SRTT+ max(G, 4 RTTVAR))
Timers
ssthresh
RTO = max(minRTO ,
Cong. Window
Pkt Recv(ACK recv)
cwnd += 1 (SS)
1 RTT
Data Pkt
ACK
Sender Receiver
28
![Page 67: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/67.jpg)
Reminder on TCP
b |SRTT−RTT|
SRTT = (1−a) SRTT + a RTT
RTTVAR = (1−b) RTTVAR +
SRTT+ max(G, 4 RTTVAR))
Timers
ssthresh
RTO = max(minRTO ,
Cong. Window
Pkt Recv(ACK recv)
cwnd += 1 (SS)
1 RTT
Data Pkt
ACK
Sender Receiver
28
![Page 68: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/68.jpg)
Reminder on TCP
b |SRTT−RTT|
SRTT = (1−a) SRTT + a RTT
RTTVAR = (1−b) RTTVAR +
SRTT+ max(G, 4 RTTVAR))
Timers
ssthresh
RTO = max(minRTO ,
Cong. Window
Pkt Recv(ACK recv)
cwnd += 1 (SS)
1 RTT
Data Pkt
ACK
Sender Receiver
Slow Start (SS)
28
![Page 69: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/69.jpg)
Reminder on TCP
b |SRTT−RTT|
SRTT = (1−a) SRTT + a RTT
RTTVAR = (1−b) RTTVAR +
SRTT+ max(G, 4 RTTVAR))
Timers
ssthresh
RTO = max(minRTO ,
Cong. Window
Pkt Recv(ACK recv)
cwnd += 1 (SS)cwnd += 1/cwnd (CA)
1 RTT
Data Pkt
ACK
8x
8x
Sender Receiver
Slow Start (SS)
28
![Page 70: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/70.jpg)
Reminder on TCP
b |SRTT−RTT|
SRTT = (1−a) SRTT + a RTT
RTTVAR = (1−b) RTTVAR +
SRTT+ max(G, 4 RTTVAR))
Timers
ssthresh
RTO = max(minRTO ,
Cong. Window
Pkt Recv(ACK recv)
cwnd += 1 (SS)cwnd += 1/cwnd (CA)
1 RTT
Data Pkt
ACK
8x
8x
9x
Sender Receiver
Slow Start (SS)
28
![Page 71: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/71.jpg)
Reminder on TCP
28
![Page 72: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/72.jpg)
Reminder on TCP
1 RTT
Data Pkt
ACK
Sender Receiver
Slow Start (SS)
b |SRTT−RTT|
SRTT = (1−a) SRTT + a RTT
RTTVAR = (1−b) RTTVAR +
SRTT+ max(G, 4 RTTVAR))
Timers
cwnd += 1/cwnd (CA)cwnd += 1 (SS)
ssthresh
RTO = max(minRTO ,
Cong. Window
Pkt loss
Pkt Recv
T.O.)
(dup. ACKs,
(ACK recv)
Duplicate ACK
28
![Page 73: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/73.jpg)
Reminder on TCP
1 RTT
Data Pkt
ACK
Sender Receiver
Slow Start (SS)
b |SRTT−RTT|
SRTT = (1−a) SRTT + a RTT
RTTVAR = (1−b) RTTVAR +
SRTT+ max(G, 4 RTTVAR))
Timers
cwnd += 1/cwnd (CA)cwnd += 1 (SS)
ssthresh
RTO = max(minRTO ,
Cong. Window
Pkt loss
Pkt Recv
T.O.)
(dup. ACKs,
(ACK recv)
Duplicate ACK
28
![Page 74: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/74.jpg)
Reminder on TCP
1 RTT
Data Pkt
ACK
Sender Receiver
Slow Start (SS)
b |SRTT−RTT|
SRTT = (1−a) SRTT + a RTT
RTTVAR = (1−b) RTTVAR +
SRTT+ max(G, 4 RTTVAR))
Timers
cwnd += 1/cwnd (CA)cwnd += 1 (SS)
ssthresh
RTO = max(minRTO ,
Cong. Window
Pkt loss
Pkt Recv
T.O.)
(dup. ACKs,
(ACK recv)
Duplicate ACK
28
![Page 75: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/75.jpg)
Reminder on TCP
1 RTT
Data Pkt
ACK
Sender Receiver
Slow Start (SS)
b |SRTT−RTT|
SRTT = (1−a) SRTT + a RTT
cwnd = 1
RTTVAR = (1−b) RTTVAR +
SRTT+ max(G, 4 RTTVAR))
ssthresh = cwnd / 2
Timers
RTO = RTO x 2
cwnd += 1/cwnd (CA)cwnd += 1 (SS)
ssthresh
RTO = max(minRTO ,
Cong. Window
Pkt loss
Pkt Recv
T.O.)
(dup. ACKs,
(ACK recv)
Duplicate ACK
28
![Page 76: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/76.jpg)
Reminder on TCP
1 RTT
Data Pkt
ACK
Sender Receiver
Slow Start (SS)
b |SRTT−RTT|
SRTT = (1−a) SRTT + a RTT
cwnd = 1
RTTVAR = (1−b) RTTVAR +
SRTT+ max(G, 4 RTTVAR))
ssthresh = cwnd / 2
Timers
RTO = RTO x 2
cwnd += 1/cwnd (CA)cwnd += 1 (SS)
ssthresh
RTO = max(minRTO ,
Cong. Window
Pkt loss
Pkt Recv
T.O.)
(dup. ACKs,
(ACK recv)
Duplicate ACK
/ T.O. ?
28
![Page 77: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/77.jpg)
Reminder on TCP
1 RTT
Data Pkt
ACK
Sender Receiver
Slow Start (SS)
b |SRTT−RTT|
SRTT = (1−a) SRTT + a RTT
cwnd = 1
RTTVAR = (1−b) RTTVAR +
SRTT+ max(G, 4 RTTVAR))
ssthresh = cwnd / 2
Timers
RTO = RTO x 2
cwnd += 1/cwnd (CA)cwnd += 1 (SS)
ssthresh
RTO = max(minRTO ,
Cong. Window
Pkt loss
Pkt Recv
T.O.)
(dup. ACKs,
(ACK recv)
Duplicate ACK
/ T.O. ?
28
![Page 78: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/78.jpg)
JF-drop
TimerRetx
1s
Time
TimersCong. Window
Pkt Recv
Pkt loss
29
![Page 79: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/79.jpg)
JF-drop
TimerRetx
1s−RTT1s
Time1s
1s
TimersCong. Window
Pkt Recv
Pkt losscwnd = 1 RTO = RTO x 2
29
![Page 80: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/80.jpg)
JF-drop
TimerRetx
2s−RTT
1s−RTT1s
2s
Time1s
1s 1s+R
TT
Timers
Pkt loss
Pkt Recv
Cong. Window
SRTT+ max(G, 4 RTTVAR))
RTO = max(minRTO,cwnd +=1 (SS)
29
![Page 81: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/81.jpg)
JF-drop
TimerRetx
2s−RTT
1s−RTT1s
2s
Time1s
1s 1s+2
RT
T1s
+RT
T
Timers
SRTT+ max(G, 4 RTTVAR))cwnd +=1 (SS)
RTO = max(minRTO,
Pkt Recv
Pkt loss
Cong. Window
29
![Page 82: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/82.jpg)
JF-drop
TimerRetx
2s−RTT
1s−RTT1s
2s
Time1s
1s 1s+2
RT
T1s
+RT
T
Timers
SRTT+ max(G, 4 RTTVAR))cwnd +=1 (SS)
RTO = max(minRTO,
Cong. Window
Pkt Recv
Pkt loss
29
![Page 83: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/83.jpg)
JF-drop
TimerRetx
2s−RTT
1s−RTT1s
2s
Time1s
1s 1s+2
RT
T1s
+RT
T
Timers
SRTT+ max(G, 4 RTTVAR))
RTO = max(minRTO,cwnd +=1 (SS)
Pkt Recv
Pkt loss
Cong. Window
29
![Page 84: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/84.jpg)
JF-drop
TimerRetx
2s−RTT
1s−RTT1s
2s
Time1s
1s 1s+2
RT
T1s
+RT
T
t 0
Timers
cwnd = 1 RTO = RTO x 2Pkt loss
Pkt Recv
Cong. Window
29
![Page 85: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/85.jpg)
JF-drop
TimerRetx
2s−RTT
1s−RTT1s
2s
Time1s
1s 1s+2
RT
T1s
+RT
T
t t +2s0
Timers
cwnd = 1 RTO = RTO x 2
0
Pkt loss
Pkt Recv
Cong. Window
29
![Page 86: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/86.jpg)
JF-drop
TimerRetx
SRTT+ max(G, 4 RTTVAR))
RTO = max(minRTO,cwnd +=1 (SS)
2s−RTT
1s−RTT1s
2s
Time1s
1s 1s+2
RT
T1s
+RT
T
t t +2s0
Timers
RTO = RTO x 2
0
cwnd = 1
Pkt Recv
Pkt loss
Cong. Window
29
![Page 87: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/87.jpg)
JF-drop
TimerRetx
SRTT+ max(G, 4 RTTVAR))
RTO = max(minRTO,cwnd +=1 (SS)
2s−RTT
1s−RTT1s
2s
Time1s
1s 1s+2
RT
T1s
+RT
T
t t +2s0
Timers
RTO = RTO x 2
0
cwnd = 1
Pkt Recv
Pkt loss
Cong. Window
t +1s0
29
![Page 88: DoS Resilience in Ad Hoc Networks€¦ · TCP congest. window minRTO n x minRTO Time JF Outage: ~RTT 9. JF-drop TCP congest. window 1 sec n x 1 sec Time RFC 2988 JF Outage: ~RTT 9](https://reader033.vdocuments.site/reader033/viewer/2022051915/6006ccd90d8b4e79150804a6/html5/thumbnails/88.jpg)
Simulation results: Number of hops
0
1
2
3
4
5
6
7
502512.580
Ave
rage
num
ber
of h
ops
Percentage of JF
Baseline: 50 1Mb/s CBR flows
30