Skip to Main Content
We study data pollution attacks in wireless interflow network coding systems. Although several defenses for these attacks are known for intraflow network coding systems, none of them are applicable to interflow coding systems. We formulate a model for interflow network coding that encompasses all the existing systems, and use it to analyze the impact of pollution attacks. Our analysis shows that the effects of pollution attacks depend not only on the network topology, but also on the location and strategy of the attacker nodes. We propose CodeGuard, a reactive attestation-based defense mechanism that uses efficient bit-level traceback and a novel cross-examination technique to unequivocally identify attacker nodes. We analyze the security of CodeGuard and prove that it is always able to identify and isolate at least one attacker node on every occurrence of a pollution attack. We analyze the overhead of CodeGuard and show that the storage, computation, and communication overhead are practical. We experimentally demonstrate that CodeGuard is able to identify attacker nodes quickly (within 500 ms) and restore system throughput to a high level, even in the presence of many attackers, thus preserving the performance of the underlying network coding system.
Dependable and Secure Computing, IEEE Transactions on (Volume:9 , Issue: 5 )
Date of Publication: Sept.-Oct. 2012