Article citationsMore >>

Juels, A. and Brainard, J., “Client Puzzles: A Cryptographic Countermeasure against Connection Depletion Attacks,” in Proc. Network and Distributed Systems Security Symposium, pp. 151-165, 1999.

has been cited by the following article:


A Security Scheme to Mitigate Denial of Service Attacks in Delay Tolerant Networks

1Department of Computer Science, Akwa Ibom State University, Mkpat Enin, Nigeria

2Institute of Communications Systems, University of Surrey, Guildford, United Kingdom

3Studies and Decision Support Center, Department of Planning and Development, Ministry of Haj, Saudi Arabia

Journal of Computer Sciences and Applications. 2017, Vol. 5 No. 2, 50-63
DOI: 10.12691/jcsa-5-2-2
Copyright © 2017 Science and Education Publishing

Cite this paper:
Godwin Ansa, Haitham Cruickshank, Zhili Sun, Mazin Alshamrani. A Security Scheme to Mitigate Denial of Service Attacks in Delay Tolerant Networks. Journal of Computer Sciences and Applications. 2017; 5(2):50-63. doi: 10.12691/jcsa-5-2-2.

Correspondence to: Godwin  Ansa, Department of Computer Science, Akwa Ibom State University, Mkpat Enin, Nigeria. Email:,


Denial of Service (DoS) attacks are a major network security threat which affects both wired and wireless networks. The effect of DoS attacks is even more damaging in Delay Tolerant Networks (DTNs) due to their unique features and network characteristics. DTN is vulnerable to resource exhaustion and flooding DoS attacks. Several DoS mitigating schemes for wired and wireless networks have been investigated and most of them have been found to be highly interactive requiring several protocol rounds, resource-consuming, complex, assume persistent connectivity and hence not suitable for DTN. To mitigate the impact of resource exhaustion and flooding attacks in DTN, we propose a security scheme which integrates ingress filtering, rate limiting and light-weight authentication security mechanisms to monitor, detect and filter attack traffic. We propose three variants of light-weight bundle authenticators called DTNCookies. To make the proposed DTNCookies random and hard to forge, we exploit the assumption that DTN nodes are loosely time-synchronized to generate different nonce values in different timeslots for the computation and verification of our proposed DTNCookies. The results demonstrate the efficiency and effectiveness of the proposed scheme to detect and drop attack traffic. The simulation results also show good performance for the proposed scheme in terms of energy and bandwidth efficiency, high delivery ratio and low latency.