An authentication scheme to defend against UDP DrDoS attacks in 5G networks

Huang, Haiou, Hu, Liang, Chu, Jianfeng and Cheng, Xiaochun ORCID: https://orcid.org/0000-0003-0371-9646 (2019) An authentication scheme to defend against UDP DrDoS attacks in 5G networks. IEEE Access, 7 . pp. 175970-175979. ISSN 2169-3536 (doi:10.1109/ACCESS.2019.2957565)

[img]
Preview
PDF - Published version (with publisher's formatting)
Available under License Creative Commons Attribution.

Download (4MB) | Preview

Abstract

5th generation wireless systems are coming. While we are excited about the delay-free high speeds 5G will bring, security problems are becoming more and more serious. Increasingly rampant Distributed Denial of service (DDoS) attacks, particularly Distributed Reflection Denial of Service (DrDoS) attacks with User Datagram Protocols (UDPs) have developed into a global problem. This article presents a design, implementation, analysis, and experimental evaluation of an authentication scheme, a defense against UDP DrDoS attacks, by which attackers cleverly use rebound server farms to bounce a flood of packets to a target host. We call our solution IEWA because it combines the concepts of increasing expenses and weak authentication. In this paper, we apply IEWA to Network Time Protocol (NTP). First, we simulate and compare the original and improved protocols. Next, we verify the effectiveness of our proposed scheme. We show that our improved scheme is safer than the original scheme. Finally, we compare our solution with existing state-of-the-art schemes, using indicators such as communication overhead, server storage costs, client storage costs, computation costs of server and computation costs of client. We find that our scheme improves system stability and security, reduces communication overhead, server storage cost and computational costs. Our solution not only improves the NTP protocol to mitigate DrDoS attacks, but also strengthens other UDP protocols that are vulnerable to DrDoS attacks. Therefore, our solution can be used as a solution to UDP DrDoS attacks in 5G Networks

Item Type: Article
Keywords (uncontrolled): Secure Communication for the Next Generation 5G and IoT Networks
Research Areas: A. > School of Science and Technology > Computer Science
Item ID: 29523
Notes on copyright: This work is licensed under a Creative Commons Attribution 4.0 License.
Useful Links:
Depositing User: Xiaochun Cheng
Date Deposited: 12 Mar 2020 15:47
Last Modified: 12 Mar 2020 15:47
URI: https://eprints.mdx.ac.uk/id/eprint/29523

Actions (login required)

Edit Item Edit Item

Full text downloads (NB count will be zero if no full text documents are attached to the record)

Downloads per month over the past year