Assessing the Sensitivity of WiMAX Parameters to MAC-level DoS Attacks Juan Deng and Richard Brooks*...
-
Upload
darcy-pearson -
Category
Documents
-
view
212 -
download
0
Transcript of Assessing the Sensitivity of WiMAX Parameters to MAC-level DoS Attacks Juan Deng and Richard Brooks*...
Assessing the Sensitivity of WiMAX Parameters to MAC-level DoS Attacks
Juan Deng and Richard Brooks*Clemson University
Abstract
The research community has established that WiMAX networks suffer Denial of Service (DoS) attacks. We consider a new type of DoS attacks on WiMAX networks exploiting WiMAX system parameter. The behavior of the WiMAX MAC level protocol is sensitive to the settings of core system parameters. DoS attacks resulting from parameter misconfiguration are difficult for network operators to detect. We focus on Bandwidth Contention Resolution (BCR) aspects of the WiMAX MAC protocol. Experiments are simulated using the ns-2 simulator. Analysis of Variance (ANOVA) techniques on the resulting simulation data identify which BCR parameter combinations are crucial for configuring WiMAX to be less vulnerable to DoS attacks. We migrate the experiments to GENI WiMAX testbed to verify the results using a hardware-in-the-loop test environment.
Research Objectives
There are many parameters DoS attackers can exploit. Our goal is to:•compare the effect of setting different values for a single parameter, •learn which parameter(s) are dominant,•compare the effect of important parameter interactions, and, •parameter interactions are dominant.
Fig. 1: Network Topology
The Research efforts have resulted in the following publications:
J. Deng, R. R. Brooks, J. Martin (under review), Assessing the Sensitivity of WiMAX Parameters to MAC-level DoS Attacks, International Journal of Performability Engineering.
Use of Glab/GENI InfrastructureWe plan to use GENI WiMAX testbed:•Experiment Setup•Experiment Run•Measurement Collection•Data Analysis•Results Comparisons
Future Work• Verify simulation results using GENI WiMAX testbed;• Verify the ns-2 WiMAX modules;• Verify the performance of radio model in ns-2 is
consistent with commercial settings.
Experiments Design
We simulate DoS attacks where attackers attempt to exploit the BCR mechanism using the ns-2 network simulator. Our simulations analyze the influence of six parameters (Table 1) on DoS attacks. Fig. 1 shows the network topology we use in the simulation, where DoS attackers are represented by ■ and SS are represented by .
We use the factorial experiment design to collect data. There are in total 36=729 parameter combinations. For each combination, we run 7 replicates, which gives a total of 729x7=5103 simulations. For each replicate, we measure the average traffic throughput and average traffic loss rate of all SSs.
1st DFG/GENI Doctoral Consortium,
San Juan, PRMarch 13th-15th, 2011
Parameters Values
low medium high
Frame_duration (X1) 0.004 0.01 0.02
Number_of_attackers/SSs (X2)
20/80 50/50 80/20
Dos_backoff_start (X3) 1 3 5
Dos_request_retry (X4) 2 4 6
Bw_backoff_start (X5) 1 3 5
Bw_request_retry (X6) 2 4 6
Table 1: Parameter Values
Experiment Results
We apply ANOVA on the throughput data. Table 2 shows the results, which suggest: X1 explains about 21% of the variability, while X6 accounts
for another 31%. The most significant 2nd order effect is the interaction
between X1 and X6, which accounts for an additional 18%. All 3rd order interactions are not significant.
X1 and X6 together explain over 70% of the total variability. Therefore, the average throughput of all SSs is determined mainly by these two parameters.
Table 2: ANOVA Results
Fig. 5: 3D Plot of (X1, X6, throughput)Fig. 3: Box Plot of Throughput corresponding to X1
Fig. 4: Box Plot of Throughput corresponding to X6
Fig. 2: PDF of Throughput