Distributed Detection of DoS using Clock Values in Wireless Broadband Networks
I.Diana Jeba Jingle1, Elijah Blessing Rajsingh2, P.Mano Paul3
1I.Diana Jeba Jingle, Department of Computer Science, Loyola Institute of Technology and Sciences, Nagercoil, India.
2Elijah Blessing Rajsingh, Department of Computer Science and Information Technology, Karunya University, Coimbatore, India.
3 P.Mano Paul, Department of Computer Science, Loyola Institute of Technology and Sciences, Nagercoil, India.
Manuscript received on May 17, 2012. | Revised Manuscript received on June 26, 2012. | Manuscript published on June 30, 2012. | PP: 409-413 | Volume-1 Issue-5, June 2012. | Retrieval Number: E0558061512/2012©BEIESP

Open Access | Ethics and Policies | Cite
© The Authors. Blue Eyes Intelligence Engineering and Sciences Publication (BEIESP). This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/)

Abstract: Wireless broadband networks are most vulnerable to denial-of-service attacks where attackers can disrupt legitimate communication between hosts in a network by flooding unwanted traffic between legitimate hosts. Flooding attack at the transport layer affects the TCP’s 3-way handshake process, thereby denying the services of TCP. It also denies the services of UDP. This paper proposes a novel flooding attack, the most severe denial-of-service attack that occurs at the transport layer of the internet. The main objective of this approach is to install local and global monitoring agents at various points in order to monitor and filter real-time TCP traffic and UDP traffic thereby allowing legitimate traffic to flow in the network during attack traffic filtration process and to avoid buffer overflow at the monitoring agents. Also, a novel algorithm has been proposed by taking the clock values of each node into account for effective detection of the attack. This distributed defense mechanism reduces the burden on a single global monitoring agent thereby introducing local monitoring agents at various points in the network. The performance results show that this approach effectively and accurately detects and filters DOS attacks within a short period. 
Keywords: DOS, Flooding, Handshake, Spoofing.