DoS-resistant broadcast authentication protocol with low end-to-end delay

Ying Huang, Wenbo He, Klara Nahrstedt, Whay C. Lee

Research output: Chapter in Book/Report/Conference proceedingConference contribution


In mission-critical networks, command, alerts, and critical data are frequently broadcast over wireless networks. Broadcast traffic must be protected from malicious attacks, wherein sources are impersonated or broadcast packets are forged. Even though broadcast authentication eliminates such attacks, attackers can still launch Denial-of-Service attacks by injecting substantive false packets, which consume both communication and computation resources. Due to inevitable proliferation of duplicates of broadcast packets, it is especially important to limit false packet propagation range. Evidently, authenticating each packet before forwarding can effectively contain false packets within one hop. But it results in considerable end-to-end delay penalty on authentic packets. In this paper, we propose a randomized authentication scheme, DREAM, which contains most of false packets in one-hop range of attackers and yet keeps end-to-end delay relatively low. Dream also continuously monitors the contextual threat and dynamically adjusts the trade-off among containment and end-to-end delay performance. Extensive evaluations in ns2 validate our idea.

Original languageEnglish (US)
Title of host publication2008 IEEE INFOCOM Workshops
StatePublished - 2008
Event2008 IEEE INFOCOM Workshops - Phoenix, AZ, United States
Duration: Apr 13 2008Apr 18 2008

Publication series

NameProceedings - IEEE INFOCOM
ISSN (Print)0743-166X


Other2008 IEEE INFOCOM Workshops
Country/TerritoryUnited States
CityPhoenix, AZ

ASJC Scopus subject areas

  • General Computer Science
  • Electrical and Electronic Engineering


Dive into the research topics of 'DoS-resistant broadcast authentication protocol with low end-to-end delay'. Together they form a unique fingerprint.

Cite this