Detection and mitigation of denial-of-service attacks in wireless communication networks
First Claim
1. A device, comprising:
- a processor; and
a memory that stores executable instructions that, when executed by the processor, facilitate performance of operations comprising;
obtaining data relating to a set of collision events on a shared channel of a communication network, wherein a plurality of terminals attempt to access the channel contemporaneously according to an access protocol, the data comprising time intervals between access attempts for each of the plurality of terminals, the channel being associated with a set of resource blocks, the terminals communicating with a base station on the network;
estimating a probability of collision in the channel;
generating a first probability distribution of the time intervals for each of the terminals, based on the estimated probability of collision;
calculating a second probability distribution of the time intervals for each of the terminals, based on the data;
calculating for each terminal a first cumulative distribution function and a second cumulative distribution function from the first probability distribution and the second probability distribution respectively;
comparing the first cumulative distribution function and the second cumulative distribution function for each terminal to identify a malfunctioning terminal not operating in accordance with the protocol, wherein the base station, responsive to estimating an angle of arrival of a signal incoming to the base station from the malfunctioning terminal, blocks the signal from the malfunctioning terminal; and
responsive to determining that the base station is not capable of estimating an angle of arrival of a signal incoming to the base station from the malfunctioning terminal, re-assigning the channel to a different set of resource blocks.
1 Assignment
0 Petitions
Accused Products
Abstract
A method that incorporates teachings of the subject disclosure may include, for example, obtaining data relating to a set of collision events on a shared channel on a wireless network according to a contention-based access protocol in which a plurality of terminals attempt to access the channel contemporaneously. A probability of collision in the channel is estimated and a probability distribution of time intervals between access attempts is generated based on the estimated probability of collision. Empirical and theoretical cumulative distribution functions for the time intervals are calculated, and compared to identify a malfunctioning terminal not operating in accordance with the protocol. Other embodiments are disclosed.
17 Citations
20 Claims
-
1. A device, comprising:
-
a processor; and a memory that stores executable instructions that, when executed by the processor, facilitate performance of operations comprising; obtaining data relating to a set of collision events on a shared channel of a communication network, wherein a plurality of terminals attempt to access the channel contemporaneously according to an access protocol, the data comprising time intervals between access attempts for each of the plurality of terminals, the channel being associated with a set of resource blocks, the terminals communicating with a base station on the network; estimating a probability of collision in the channel; generating a first probability distribution of the time intervals for each of the terminals, based on the estimated probability of collision; calculating a second probability distribution of the time intervals for each of the terminals, based on the data; calculating for each terminal a first cumulative distribution function and a second cumulative distribution function from the first probability distribution and the second probability distribution respectively; comparing the first cumulative distribution function and the second cumulative distribution function for each terminal to identify a malfunctioning terminal not operating in accordance with the protocol, wherein the base station, responsive to estimating an angle of arrival of a signal incoming to the base station from the malfunctioning terminal, blocks the signal from the malfunctioning terminal; and responsive to determining that the base station is not capable of estimating an angle of arrival of a signal incoming to the base station from the malfunctioning terminal, re-assigning the channel to a different set of resource blocks. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method comprising:
-
obtaining, by a device comprising a processor, data relating to a set of collision events associated with attempts to access a shared channel of a communication network, the data comprising time intervals between access attempts for each of a plurality of terminals communicating with a base station on the network; estimating, by the device, a probability of collision in the channel; generating, by the device, a first probability distribution of the time intervals for each of the terminals, based on the estimated probability of collision; calculating, by the device, a second probability distribution of the time intervals for each of the terminals, based on the data; calculating, by the device, for each terminal a first cumulative distribution function and a second cumulative distribution function from the first probability distribution and the second probability distribution respectively; comparing, by the device, the first cumulative distribution function and the second cumulative distribution function for each terminal to identify a malfunctioning terminal, wherein the base station, responsive to estimating an angle of arrival of a signal incoming to the base station from the malfunctioning terminal, blocks the signal from the malfunctioning terminal; and responsive to determining, by the device, that the base station is not capable of estimating an angle of arrival of a signal incoming to the base station from the malfunctioning terminal, re-assigning the channel. - View Dependent Claims (12, 13, 14, 15, 16)
-
-
17. A non-transitory machine-readable storage medium comprising executable instructions that, when executed by a processor, facilitate performance of operations comprising:
obtaining, by a device comprising a processor, data relating to a set of collision events associated with attempts to access a shared channel of a communication network according to an access protocol, the data comprising time intervals between access attempts for each of a plurality of terminals communicating with a base station on the network; estimating a probability of collision in the channel; generating a first probability distribution of the time intervals for each of the terminals, based on the estimated probability of collision; calculating a second probability distribution of the time intervals for each of the terminals, based on the data; calculating for each terminal a first cumulative distribution function and a second cumulative distribution function from the first probability distribution and the second probability distribution respectively; comparing the first cumulative distribution function and the second cumulative distribution function for each terminal to identify a malfunctioning terminal not operating in accordance with the protocol, wherein the base station, responsive to estimating an angle of arrival of a signal incoming to the base station from the malfunctioning terminal, blocks the signal from the malfunctioning terminal; responsive to determining that the base station is not capable of estimating an angle of arrival of a signal incoming to the base station from the malfunctioning terminal, re-assigning the channel; and broadcasting information regarding the re-assigning on a broadcast channel. - View Dependent Claims (18, 19, 20)
Specification