A Methodology to Counter DoS Attacks in Mobile IP Communication
Similar to wired communication, Mobile IP communication is susceptible to various kinds of attacks. Of these attacks, Denial of Service (DoS) attack is considered as a great threat to mobile IP communication. The number of approaches hitherto proposed to prevent DoS attack in the area of mobile IP communication is much less compared to those for the wired domain and mobile ad hoc networks. In this work, the effects of Denial of Service attack on mobile IP communication are analyzed in detail. We propose to use packet filtering techniques that work in different domains and base stations of mobile IP communication to detect suspicious packets and to improve the performance. If any packet contains a spoofed IP address which is created by DoS attackers, the proposed scheme can detect this and then filter the suspected packet. The proposed system can mitigate the effect of Denial of Service (DoS) attack by applying three methods: (i) by filtering in the domain periphery router (ii) by filtering in the base station and (iii) by queue monitoring at the vulnerable points of base-station node. We evaluate the performance of our proposed scheme using the network simulator NS-2. The results indicate that the proposed scheme is able to minimize the effects of Denial of Service attacks and improve the performance of mobile IP communication.