Performance analysis of a Denial of Service protection scheme for optimized and QoS-aware handover

Quality of Service (QoS) mechanisms in networks supporting mobile Internet communications give rise to Denial of Service (DoS) threats: if the network cannot efficiently check the credibility of a QoS request during a handover process, malicious entities could flood the network with bogus QoS requests; if the authentication check is performed by means of an AAA protocol before the access network commits its resources, the authentication process may not only introduce a notable latency to the handover process, but also generate an extensive traffic in the presence of malicious requests, thus causing the network signaling capacity to degrade. In order to defend against these kinds of attacks and meet the low-latency micro-mobility handover requirement, we propose a preliminary authentication check with a cookie-based mechanism before processing the requests and performing authentication and authorization. Our performance evaluation shows that the cookie-based mechanism is efficient in dealing with the identified issues.