Biblio

The 6L0WPAN adaptation layer is widely used in many Internet of Things (IoT) and vehicular networking applications. The current IoT framework [1], which introduced 6LoWPAN to the TCP/IP model, does not specif the implementation for managing its received-fragments buffer. This paper looks into the effect of current implementations of buffer management strategies at 6LoWPAN's response in case of fragmentation-based, buffer reservation Denial of Service (DoS) attacks. The Packet Drop Rate (PDR) is used to analyze how successful the attacker is for each management technique. Our investigation uses different defence strategies, which include our implementation of the Split Buffer mechanism [2] and a modified version of this mechanism that we devise in this paper as well. In particular, we introduce dynamic calculation for the average time between consecutive fragments and the use of a list of previously dropped packets tags. NS3 is used to simulate all the implementations. Our results show that using a ``slotted'' buffer would enhance 6LoWPAN's response against these attacks. The simulations also provide an in-depth look at using scoring systems to manage buffer cleanups.

In cyberspace, availability of the resources is the key component of cyber security along with confidentiality and integrity. Distributed Denial of Service (DDoS) attack has become one of the major threats to the availability of resources in computer networks. It is a challenging problem in the Internet. In this paper, we present a detailed study of DDoS attacks on the Internet specifically the attacks due to protocols vulnerabilities in the TCP/IP model, their countermeasures and various DDoS attack mechanisms. We thoroughly review DDoS attacks defense and analyze the strengths and weaknesses of different proposed mechanisms.