Mitigating denial-of-service attacks in MANET by incentive-based packet filtering: A game-theoretic approach

Defending against denial-of-service attacks (DoS) in a mobile ad hoc network (MANET) is challenging because the network topology is dynamic and nodes are selfish. In this paper, we propose a DoS mitigation technique that uses digital signatures to verify legitimate packets, and drop packets that do not pass the verification. Since nodes are selfish, they may not perform the verification in order to avoid paying the overhead. A bad packet that escapes verification along the whole network path will bring a penalty to all its forwarders. A network game can be formulated in which nodes along a network path, in optimizing their own benefits, are encouraged to act collectively to filter out bad packets. Analytical results show that Nash equilibrium can be attained for players in the proposed game, and significant benefits can be provided to forwarders such that many of the bad packets will be eliminated by verification.