JellyFish attack: Analysis, detection and countermeasure in TCP-based MANET

Mobile ad hoc networks (MANETs) are vulnerable to various types of attacks due to inherently in-secure wireless communication medium and multihop routing communication process. In this paper, we analyze the behavior and impact of JellyFish attack over TCP-based MANETs. We have implemented and evaluated all three variants of JellyFish attack namely JF-reorder, JF-delay and JF-drop through simulation processes. These attacks exploit the behavior of closed loop protocols such as TCP and disturb the communication process without disobeying any protocol rules, thus the detection process becomes difficult. Consequently, traffic is disrupted leading to degradation in network throughput. Through extensive simulation results that are obtained using an industry standard scalable network simulator called EXata-Cyber, impact of these attacks in terms of network throughput, overhead incurred and end-to-end delay is analyzed and used for devising detection and countermeasure. We have proposed a light-weight direct trust-based detection (DTD) algorithm which detect and remove a JellyFish node from an active communication route. In our proposed DTD algorithm, each node uses locally calculated trust values which are collected over a time period to identify whether its neighbor node is a JF-attacker or not.