Detection of power-drain denial-of-service attacks in wireless networks
First Claim
1. A method for detecting a denial-of-service (DoS) attack in a wireless network, comprising:
- (a) generating a statistical measure characterizing a relationship between power consumption by a mobile unit of the wireless network and data transmitted to and from the mobile unit during normal operations of the wireless network;
(b) comparing the statistical measure to a current measure of the relationship; and
(c) detecting the DoS attack if the current measure differs from the statistical measure by more than a specified threshold.
14 Assignments
0 Petitions
Accused Products
Abstract
In a wireless network, an architecture for wireless attack resistance (AWARE) detects power-drain denial-of-service (DoS) attacks by generating statistical measures relating the power consumption by a mobile unit and data transmitted to and from the mobile unit during normal operations of the wireless network. The AWARE architecture compares those statistical measures to current measures to detect a DoS attack if the current measure differs from the statistical measure by more than a specified threshold. If a DoS attack is detected, then the AWARE architecture can inhibit communications with the mobile unit to prevent the mobile from consuming too much power. The statistical measure may be an energy efficiency ratio relating the number of bits of data transmitted to or from the mobile unit over a specified time interval to the amount of power consumed by the mobile unit during that time interval.
-
Citations
20 Claims
-
1. A method for detecting a denial-of-service (DoS) attack in a wireless network, comprising:
-
(a) generating a statistical measure characterizing a relationship between power consumption by a mobile unit of the wireless network and data transmitted to and from the mobile unit during normal operations of the wireless network; (b) comparing the statistical measure to a current measure of the relationship; and (c) detecting the DoS attack if the current measure differs from the statistical measure by more than a specified threshold. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. An architecture for detecting a denial-of-service (DoS) attack in a wireless network, the architecture adapted to:
-
(a) generate a statistical measure characterizing a relationship between power consumption by a mobile unit of the wireless network and data transmitted to and from the mobile unit during normal operations of the wireless network; (b) compare the statistical measure to a current measure of the relationship; and (c) detect the DoS attack if the current measure differs from the statistical measure by more than a specified threshold. - View Dependent Claims (17, 18, 19)
-
-
20. A wireless network comprising:
-
an access node adapted to provide access between the wireless network and an internet; one or more radio network controllers (RNCs) adapted to communicate with the access node; one or more base stations for each RNC and adapted to communicate with the RNC and with one or more mobile units; and an architecture adapted to; (a) generate a statistical measure characterizing a relationship between power consumption by a mobile unit of the wireless network and data transmitted to and from the mobile unit during normal operations of the wireless network; (b) compare the statistical measure to a current measure of the relationship; and (c) detect the DoS attack if the current measure differs from the statistical measure by more than a specified threshold.
-
Specification