Abstract
The IEEE Wireless LAN standard has been a true success story by enabling convenient, efficient and low-cost access to broadband networks for both private and professional use. However, the increasing density and uncoordinated operation of wireless access points, combined with constantly growing traffic demands have started hurting the users’ quality of experience. On the other hand, the emerging ubiquity of wireless access has placed it at the center of attention for network attacks, which not only raises users’ concerns on security but also indirectly affects connection quality due to proactive measures against security attacks.
In this work, we introduce an integrated solution to congestion avoidance and attack mitigation problems through cooperation among wireless access points. The proposed solution implements a Partially Observable Markov Decision Process (POMDP) as an intelligent distributed control system. By successfully differentiating resource hampering attacks from overload cases, the control system takes an appropriate action in each detected anomaly case without disturbing the quality of service for end users. The proposed solution is fully implemented on a small-scale testbed, on which we present our observations and demonstrate the effectiveness of the system to detect and alleviate both attack and congestion situations.
Keywords
This work was supported in part by the European Commission’s Seventh Framework Programme (FP7) through project ULOOP (User-centric Wireless Local Loop), grant agreement no. 257418.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Peng, T., Leckie, C., Ramamohanarao, K.: Survey of network-based defense mechanisms countering the dos and ddos problems. ACM Comput. Surv. 39 (April 2007)
Guirguis, M., Bestavros, A., Matta, I.: Exploiting the transients of adaptation for roq attacks on internet resources. In: IEEE ICNP, pp. 184–195 (2004)
Singh, J., Gupta, S., Kaur, L.: A MAC Layer Based Defense Architecture for Reduction of Quality (RoQ) Attacks in Wireless LAN, Arxiv preprint arXiv:1002.2423 (2010)
Peng, T., Leckie, C., Ramamohanarao, K.: Proactively Detecting Distributed Denial of Service Attacks Using Source IP Address Monitoring. In: Mitrou, N.M., Kontovasilis, K., Rouskas, G.N., Iliadis, I., Merakos, L. (eds.) NETWORKING 2004. LNCS, vol. 3042, pp. 771–782. Springer, Heidelberg (2004)
Kulkarni, A., Bush, S.: Detecting distributed denial-of-service attacks using kolmogorov complexity metrics. Journal of Network and Systems Management 14(1), 69–80 (2006)
Brickley, O., Rea, S., Pesch, D.: Load balancing for QoS enhance- ment in IEEE802. 11e WLANs using cell breathing techniques. In: IFIP MWCN (2005)
Yen, L., Yeh, T., Chi, K.: Load Balancing in IEEE802.11 Networks. IEEE Internet Computing, 56–64 (2009)
Vasudevan, S., Papagiannaki, K., Diot, C., Kurose, J., Towsley, D.: Facilitating access point selection in IEEE 802.11 wireless networks. In: ACM SIGCOMM, p. 26 (2005)
Yen, L., Yeh, T.: SNMP-based approach to load distribution in IEEE 802.11 networks. In: IEEE VTC, vol. 3, pp. 1196–1200 (2006)
Aleo, V.: Load distribution in IEEE 802.11 cells, MSc Thesis, KTH Royal Institute of Technology (2003)
Lee, M., Lai, D.: Enhanced algorithm for initial AP selection and roaming, uS Patent App. 10/228,668 (August 26, 2002)
Bertsekas, D.: Dynamic Programming and Optimal Control. In: Bertsekas, D. (ed.), vol. II. Athena Scientific, Belmont (1995)
Kaelbling, L.P., Littman, M.L., Cassandra, A.R.: Planning and acting in partially observable stochastic domains. Artif. Intell. 101, 99–134 (1998)
Botta, A., Dainotti, A., Pescape, A.: Multi-protocol and multi- platform traffic generation and measurement. In: IEEE INFOCOM, DEMO Session (2007)
Raychaudhuri, D., Seskar, I., Ott, M., Ganu, S., Ramachandran, K., Kremo, H., Siracusa, R., Liu, H., Singh, M.: Overview of the ORBIT radio grid testbed for evaluation of next-generation wireless network protocols. In: IEEE WCNC, vol. 3, pp. 1664–1669 (2005)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 ICST Institute for Computer Science, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Yildiz, M., Toker, A.C., Sivrikaya, F., Camtepe, S.A., Albayrak, S. (2012). User Facilitated Congestion and Attack Mitigation. In: Pentikousis, K., Aguiar, R., Sargento, S., Agüero, R. (eds) Mobile Networks and Management. MONAMI 2011. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 97. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-30422-4_26
Download citation
DOI: https://doi.org/10.1007/978-3-642-30422-4_26
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-30421-7
Online ISBN: 978-3-642-30422-4
eBook Packages: Computer ScienceComputer Science (R0)