Lightweight packet-drop detection for ad hoc networks
First Claim
Patent Images
1. A method for determining nodes suspected of dropping packets in a network, the method comprising:
- creating statistics at a network node in an ad hoc network, wherein the statistics correspond to an Internet Protocol (IP) flow packet received at or transmitted from the network node, and wherein the statistics include a next hop structure comprising an IP address of a next-hop neighboring node and a number of flow packets transmitted from the network node to the next-hop neighboring node during a first time period;
transmitting the statistics from the network node to a coordination node for determining network nodes suspected of dropping packets;
storing the statistics in a database maintained by the network node; and
deleting a non-active flow from the database according to a timer corresponding to the non-active flow, wherein the statistics include the timer.
5 Assignments
0 Petitions
Accused Products
Abstract
In packet-drop attacks in ad hoc networks, a malicious network node chooses to selectively drop packets that are supposed to be forwarded, which results in adverse impact on application good-put and network stability. A method and system for detection of packet-drop attacks in ad hoc networks requires network nodes to report statistics on IP flow packets originated, received, or forwarded to neighbors. These statistics are analyzed and correlated to determine nodes suspected of dropping packets.
-
Citations
4 Claims
-
1. A method for determining nodes suspected of dropping packets in a network, the method comprising:
-
creating statistics at a network node in an ad hoc network, wherein the statistics correspond to an Internet Protocol (IP) flow packet received at or transmitted from the network node, and wherein the statistics include a next hop structure comprising an IP address of a next-hop neighboring node and a number of flow packets transmitted from the network node to the next-hop neighboring node during a first time period; transmitting the statistics from the network node to a coordination node for determining network nodes suspected of dropping packets; storing the statistics in a database maintained by the network node; and deleting a non-active flow from the database according to a timer corresponding to the non-active flow, wherein the statistics include the timer.
-
-
2. A method for determining nodes suspected of dropping packets in a network, the method comprising:
-
creating statistics at a network node in an ad hoc network, wherein the statistics correspond to an Internet Protocol (IF) flow packet received at or transmitted from the network node, and wherein the statistics include a next hop structure comprising an IP address of a next-hop neighboring node and a number of flow packets transmitted from the network node to the next-hop neighboring node during a first time period; transmitting the statistics from the network node to a coordination node for determining network nodes suspected of dropping packets; storing the statistics in a database maintained by the network node; and wherein the creating statistics further comprises; comparing a first flow identification corresponding to a source address of the IP flow packet and a destination address of the IP flow packet to a plurality of flow identifications stored in the database; and creating a new entry in the database corresponding to the first flow identification if the first flow identification does not match one of the plurality of flow identifications stored in the database.
-
-
3. A network node of an ad hoc network, the network node comprising:
-
a processor configured to create statistics corresponding to an Internet Protocol (IP) flow packet received at or transmitted from the network node, and wherein the statistics include a next hop structure comprising an IP address of a next-hop neighboring node and a number of flow packets transmitted from the network node to the next-hop neighboring node during a time period; and a transmitter configured to transmit the statistics from the network node to a coordination node for determining network nodes suspected of dropping packets; wherein the processor is further configured to store the statistics in a database maintained by the network node and to delete a non-active flow from the database according to a timer corresponding to the non-active flow, and wherein the statistics include the timer.
-
-
4. A network node of an ad hoc network, the network node comprising:
-
a processor configured to create statistics corresponding to an Internet Protocol (IP) flow packet received at or transmitted from the network node, and wherein the statistics include a next hop structure comprising an IP address of a next-hop neighboring node and a number of flow packets transmitted from the network node to the next-hop neighboring node during a time period; and a transmitter configured to transmit the statistics from the network node to a coordination node for determining network nodes suspected of dropping packets; wherein the processor is further configured to; store the statistics in a database maintained by the network node; compare a first flow identification corresponding to a source address of the IP flow packet and a destination address of the IP flow packet to a plurality of flow identifications stored in the database; and create a new entry in the database corresponding to the first flow identification if the first flow identification does not match one of the plurality of flow identifications stored in the database.
-
Specification