Signal-based detection: on the physical plane or MAC plane, a detector the information
strength of the received signal can be measured by a detector DoS attack. Received
signal strength information (RSSI) to identify that a 87 attack has occurred (for instance
wireless jamming): provided that the multi-packet RSSI exceeds the limit (which means
that they must be received correctly by the receiver) but the package decoder shows
errors, attack detector may spell danger to the presence of an aggressor.
Package-based detection: solutions that fall into this category can be applied at each level
to measure the transmission effect of each package and the discovery of possible attacks
detecting a significant increase in failures of transmission packages. That is a general
and effective scheme for detection given that DoS attacks can result in degradation of
network performance in terms of loss or delay packages.
Preventative method: its essence is to design algorithms which try to detect DoS attacks
at an ea
rly stage by sending probing packages to test or measure the potential attackers’
situation.
Hybrid method: a scheme that combines different ideas to improve the accuracy of attack
detection may also be designed. For instance, the combining of packet-based and signal-
based detection for the effective detection of jamming attacks on wireless networks.
Most methods of detecting DoS attacks belong to passive detection which monitors the
status of the network, such as traffic load) and packet transmission ratio, and signals a
warning against an attack when there is an apparent lack of compatibility between new
specimens and historical data [3]. Thus, the available methodology for detecting DoS
attacks can be applied directly to communications networks in SG. For instance, probes
based on signals can be easily used in SG wireless applications and packet-based detection
methods are appropriate for detecting DoS attacks on Advanced Metering Infrastructure
(AMI) networks and substations [4]. Preventive methods may be limited to non-time
critical networks because inevitably add extra burden to communication (overhead) with
packet transmission crawler.
