In this paper, we consider a special case of denial of service (DoS) attack in wireless mesh networks (WMNs) known as selective forwarding attack (a.k.a gray hole attacks). With such an attack, a misbehaving mesh router just forwards a subset of the packets it receives but drops the others. While most of the existing studies on selective forwarding attacks focus on attack detection under the assumption of an error-free wireless channel, we consider a more practical and challenging scenario that packet dropping may be due to an attack, or normal loss events such as medium access collision or bad channel quality. Specifically, we develop a channel aware detection (CAD) algorithm that can effectively identify the selective forwarding misbehavior from the normal channel losses. The CAD algorithm is based on two strategies, channel estimation and traffic monitoring. If the monitored loss rate at certain hops exceeds the estimated normal loss rate, those nodes involved will be identified as attackers. Moreover, we carry out analytical studies to determine the optimal detection thresholds that minimize the summation of false alarm and missed detection probabilities. We also compare our CAD approach with some existing solutions, through extensive computer simulations, to demonstrate the efficiency of discriminating selective forwarding attacks from normal channel losses.
Read full abstract