Research On DDoS Attack Source Tracking Method Based On Network Coding In Wireless Ad Hoc Networks

Ad hoc network, with its advantages of fast and flexible deployment, no need of infrastructure, low cost of networking, has broad application prospects. However the security issues that it faces have become increasingly prominent. The characteristics of ad hoc network like open radio channel, limited bandwidth resources, dynamically changing network topology, make it more vulnerable to attacks and harder to defend against than traditional fixed wired network.DDoS is one form of the attacks that are hardest to defense. IP traceback is a name given to any method for reliably determining the origin of a packet. It is a critical ability for identifying sources of attacks and instituting protection measures for the Internet. According to the tracking results, we can not only help an attacker to implement preventive measures in the sources, but also help it to play a deterrent role to attackers. Due to the differences between ad hoc network and wired network, the attack on ad hoc network has its own traits. Thus we cannot adopt Internet IP traceback method directly to ad hoc network.In this paper, we firstly introduce the attack principle and category of DDoS attack on the ad hoc network. Then we summarize the IP traceback technologies on the ad hoc network, and analysis the drawbacks of exiting schemes. Based on these, we propose a new kind of traceback scheme, called network coding based IP traceback scheme. Network coding is an information exchange technology that blends routing and coding together. Its core idea is that nodes in the network combine received information in a linear or non-linear manner and then forwarded to the downstream node. Intermediate node plays the role of the encoder or a signal processor. In this paper, we borrow the idea of network coding and propose an efficient network coding based traceback scheme that can adapt to ad hoc network. This scheme is not only able to adapt to ad-hoc networks and improves the success rate of tracking, but also significantly improve the efficiency of the tracking.This paper also proposes a concept of incremental traceback. Combined with the characteristics of network coding and the improved traceback scheme, we propose the concept of incremental attacks and an incremental traceback method. The experiments results show that this method performs well in the situation of incremental attacks and multi-source attacks. Finally, this paper also analyzes the method’s fault tolerance and security issues.