Practical defenses against pollution attacks in wireless network coding

Jing Dong, Reza Curtmola, Cristina Nita-Rotaru

Research output: Contribution to journalArticlepeer-review

33 Scopus citations

Abstract

Recent studies have shown that network coding can provide significant benefits to network protocols, such as increased throughput, reduced network congestion, higher reliability, and lower power consumption. The core principle of network coding is that intermediate nodes actively mix input packets to produce output packets. This mixing subjects network coding systems to a severe security threat, known as a pollution attack, where attacker nodes inject corrupted packets into the network. Corrupted packets propagate in an epidemic manner, depleting network resources and significantly decreasing throughput. Pollution attacks are particularly dangerous in wireless networks, where attackers can easily inject packets or compromise devices due to the increased network vulnerability. In this article, we address pollution attacks against network coding systems in wireless mesh networks. We demonstrate that previous solutions are impractical in wireless networks, incurring an unacceptable high degradation of throughput. We propose a lightweight scheme, DART, that uses time-based authentication in combination with random linear transformations to defend against pollution attacks. We further improve system performance and propose EDART, which enhances DART with an optimistic forwarding scheme. We also propose efficient attacker identification schemes for both DART and EDART that enable quick attacker isolation and the selection of attacker-free paths, achieving additional performance improvement. A detailed security analysis shows that the probability of a polluted packet passing our verification procedure is very low (less than 0.002% in typical settings). Performance results using the well-known MORE protocol and realistic link quality measurements from the Roofnet experimental testbed show that our schemes improve system performance over 20 times compared with previous solutions.

Original languageEnglish (US)
Article number7
JournalACM Transactions on Information and System Security
Volume14
Issue number1
DOIs
StatePublished - May 2011

All Science Journal Classification (ASJC) codes

  • General Computer Science
  • Safety, Risk, Reliability and Quality

Keywords

  • Network coding
  • Network coding security
  • Pollution attacks
  • Security
  • Wireless network security

Fingerprint

Dive into the research topics of 'Practical defenses against pollution attacks in wireless network coding'. Together they form a unique fingerprint.

Cite this