Practical defenses against pollution attacks in intra-flow network coding for wireless mesh networks

Jing Dong, Reza Curtmola, Cristina Nita-Rotaru

Research output: Chapter in Book/Report/Conference proceedingConference contribution

87 Scopus citations

Abstract

Recent studies show that network coding can provide significant benefits to network protocols, such as increased throughput, reduced network congestion, higher reliability, and lower power consumption. The core principle of network coding is that intermediate nodes actively mix input packets to produce output packets. This mixing subjects network coding systems to a severe security threat, known as a pollution attack, where attacker nodes inject corrupted packets into the network. Corrupted packets propagate in an epidemic manner, depleting network resources and significantly decreasing throughput. Pollution attacks are particularly dangerous in wireless networks, where attackers can easily inject packets or compromise devices due to the increased network vulnerability. In this paper, we address pollution attacks against network coding systems in wireless mesh networks. We demonstrate that previous solutions to the problem are impractical in wireless networks, incurring an unacceptably high degradation of throughput. We propose a lightweight scheme, DART, that uses time-based authentication in combination with random linear transformations to defend against pollution attacks. We further improve system performance and propose EDART, which enhances DART with an optimistic forwarding scheme. A detailed security analysis shows that the probability of a polluted packet passing our verification procedure is very low. Performance results using the well-known MORE protocol and realistic link quality measurements from the Roofnet experimental testbed show that our schemes improve system performance over 20 times compared to previous solutions.

Original languageEnglish (US)
Title of host publicationProceedings of the 2nd ACM Conference on Wireless Network Security, WiSec'09
Pages111-122
Number of pages12
DOIs
StatePublished - 2009
Event2nd ACM Conference on Wireless Network Security, WiSec'09 - Zurich, Switzerland
Duration: Mar 16 2009Mar 18 2009

Publication series

NameProceedings of the 2nd ACM Conference on Wireless Network Security, WiSec'09

Other

Other2nd ACM Conference on Wireless Network Security, WiSec'09
Country/TerritorySwitzerland
CityZurich
Period3/16/093/18/09

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications
  • Software

Keywords

  • Network coding
  • Network coding security
  • Pollution attacks
  • Security
  • Wireless network security

Fingerprint

Dive into the research topics of 'Practical defenses against pollution attacks in intra-flow network coding for wireless mesh networks'. Together they form a unique fingerprint.

Cite this