Mitigating DBA Exploits: Enhanced Security Against Degradation Attacks in XG-PON

• Published in: Conference Proceedings - IEEE International Conference on Advanced Telecommunication and Networking Technologies: Empowering Telecommunication Technologies for Sustainable Future, ATNT 2024
• Main Author: Atan F.M.; Zulkifli N.; Idrus S.M.; Zin N.A.M.; Ismail N.A.
• Format: Conference paper
• Language: English
• Published: Institute of Electrical and Electronics Engineers Inc. 2024
• Online Access: https://www.scopus.com/inward/record.uri?eid=2-s2.0-85208425743&doi=10.1109%2fATNT61688.2024.10719283&partnerID=40&md5=3d238b15ccd5933e3161ecb4c9bbac73

Next-Generation Gigabit Passive Optical Networks (NG-PON) improve bandwidth and data rates, but their upstream channel security has been overlooked due to assumptions about its point-to-point nature. This paper introduces a Security-Enhanced Dynamic Bandwidth Allocation (SE-DBA) algorithm for XG-PON to address this vulnerability. SE-DBA includes a detection phase for abnormal behavior and a mitigation phase that reduces bandwidth allocation to identified attackers. Network simulations using OMNET++ demonstrate that SE-DBA improves SE-DBA increases the lawful ONU's network resilience during attacks by 50% compared to GIANT. The results also demonstrate SE-DBA's ability to penalize the malicious ONU by reducing its bandwidth request to 20% of its original request. © 2024 IEEE.