Coping With Packet Replay Attacks in Wireless Networks
In this paper, the authors consider a variant of packet replay attacks wherein, an attacker simply replays overheard frames as they are, or with minor manipulations in the packet header; they refer to this as the copycat attack. When routers forward such replayed packets, the levels of congestion and interference increase in large portions of the network. The experiments indicate that even a single attacker can degrade the route throughput by up to 61%. While simple to use techniques such as digitally signing every packet can stem the dissemination of such packets, they are resource intense. Thus, they design a lightweight detection and prevention system, COPS (for Copycat Online Prevention System), that intelligently uses a combination of digital signatures and Bloom filters to cope with the attack.