Cover Image

Security enhanced dynamic bandwidth allocation algorithm against degradation attacks in next generation passive optical networks

The dynamic bandwidth allocation (DBA) algorithm is highly impactful in improving the network performance of gigabit passive optical networks (GPON). However, reports delineating its vulnerability to certain attacks can be found in the literature, thus raising concerns. A degradation attack manipula...

Full description

Saved in:
Bibliographic Details
Main Authors: Atan, F. M., Zulkifli, N., Idrus, S. M., Ismail, N. A., Zin, A. M., Ramli, A., Yusoff, N. M.
Format: Article
Published: Institute of Electrical and Electronics Engineers Inc. 2021
Subjects:
T Technology (General)
Online Access:http://eprints.utm.my/id/eprint/95438/
http://dx.doi.org/10.1364/JOCN.434739
Tags: Add Tag
No Tags, Be the first to tag this record!
id my.utm.95438
record_format eprints
spelling my.utm.954382022-05-31T12:38:11Z http://eprints.utm.my/id/eprint/95438/ Security enhanced dynamic bandwidth allocation algorithm against degradation attacks in next generation passive optical networks Atan, F. M. Zulkifli, N. Idrus, S. M. Ismail, N. A. Zin, A. M. Ramli, A. Yusoff, N. M. T Technology (General) The dynamic bandwidth allocation (DBA) algorithm is highly impactful in improving the network performance of gigabit passive optical networks (GPON). However, reports delineating its vulnerability to certain attacks can be found in the literature, thus raising concerns. A degradation attack manipulates the transmission control protocol (TCP) congestion control algorithm, which may impact the received bandwidth of targeted network users. Here, the absence of electronics within the passive splitter renders attack identification in GPONs a significant challenge. Therefore, the current study aimed to propose a secured DBA mechanism known as security enhanced DBA capable of overcoming this particular threat. A detection phase served as a critical component for sensing and subsequently mitigating any abnormal behaviors observed among optical network units (ONUs). Upon identification of the attacker, penalties were imposed to deter the next attack attempt and reestablish the fairness to previously attacked ONUs. The simulation findings revealed throughput improvement of up to 63% due to the security feature offered by the mechanism. Besides, significant improvements for the upstream delay performance recorded at 52%, 60%, and 65% for traffic containers (TCONT) TCONT2, TCONT3, and TCONT4, respectively, were observed in comparison to the non-secure DBA mechanism. Hence, the integration of the security mechanisms in DBA renders it possible to avoid any exploitation of GPON vulnerability in hacking other users' bandwidth. Institute of Electrical and Electronics Engineers Inc. 2021 Article PeerReviewed Atan, F. M. and Zulkifli, N. and Idrus, S. M. and Ismail, N. A. and Zin, A. M. and Ramli, A. and Yusoff, N. M. (2021) Security enhanced dynamic bandwidth allocation algorithm against degradation attacks in next generation passive optical networks. Journal of Optical Communications and Networking, 13 (12). ISSN 1943-0620 http://dx.doi.org/10.1364/JOCN.434739 DOI: 10.1364/JOCN.434739
institution Universiti Teknologi Malaysia
building UTM Library
collection Institutional Repository
continent Asia
country Malaysia
content_provider Universiti Teknologi Malaysia
content_source UTM Institutional Repository
url_provider http://eprints.utm.my/
topic T Technology (General)
spellingShingle T Technology (General)
Atan, F. M.
Zulkifli, N.
Idrus, S. M.
Ismail, N. A.
Zin, A. M.
Ramli, A.
Yusoff, N. M.
Security enhanced dynamic bandwidth allocation algorithm against degradation attacks in next generation passive optical networks
description The dynamic bandwidth allocation (DBA) algorithm is highly impactful in improving the network performance of gigabit passive optical networks (GPON). However, reports delineating its vulnerability to certain attacks can be found in the literature, thus raising concerns. A degradation attack manipulates the transmission control protocol (TCP) congestion control algorithm, which may impact the received bandwidth of targeted network users. Here, the absence of electronics within the passive splitter renders attack identification in GPONs a significant challenge. Therefore, the current study aimed to propose a secured DBA mechanism known as security enhanced DBA capable of overcoming this particular threat. A detection phase served as a critical component for sensing and subsequently mitigating any abnormal behaviors observed among optical network units (ONUs). Upon identification of the attacker, penalties were imposed to deter the next attack attempt and reestablish the fairness to previously attacked ONUs. The simulation findings revealed throughput improvement of up to 63% due to the security feature offered by the mechanism. Besides, significant improvements for the upstream delay performance recorded at 52%, 60%, and 65% for traffic containers (TCONT) TCONT2, TCONT3, and TCONT4, respectively, were observed in comparison to the non-secure DBA mechanism. Hence, the integration of the security mechanisms in DBA renders it possible to avoid any exploitation of GPON vulnerability in hacking other users' bandwidth.
format Article
author Atan, F. M.
Zulkifli, N.
Idrus, S. M.
Ismail, N. A.
Zin, A. M.
Ramli, A.
Yusoff, N. M.
author_facet Atan, F. M.
Zulkifli, N.
Idrus, S. M.
Ismail, N. A.
Zin, A. M.
Ramli, A.
Yusoff, N. M.
author_sort Atan, F. M.
title Security enhanced dynamic bandwidth allocation algorithm against degradation attacks in next generation passive optical networks
title_short Security enhanced dynamic bandwidth allocation algorithm against degradation attacks in next generation passive optical networks
title_full Security enhanced dynamic bandwidth allocation algorithm against degradation attacks in next generation passive optical networks
title_fullStr Security enhanced dynamic bandwidth allocation algorithm against degradation attacks in next generation passive optical networks
title_full_unstemmed Security enhanced dynamic bandwidth allocation algorithm against degradation attacks in next generation passive optical networks
title_sort security enhanced dynamic bandwidth allocation algorithm against degradation attacks in next generation passive optical networks
publisher Institute of Electrical and Electronics Engineers Inc.
publishDate 2021
url http://eprints.utm.my/id/eprint/95438/
http://dx.doi.org/10.1364/JOCN.434739
_version_ 1735386804147716096
score 13.18916

Similar Items