98 research outputs found
Security and Privacy Issues in Wireless Mesh Networks: A Survey
This book chapter identifies various security threats in wireless mesh
network (WMN). Keeping in mind the critical requirement of security and user
privacy in WMNs, this chapter provides a comprehensive overview of various
possible attacks on different layers of the communication protocol stack for
WMNs and their corresponding defense mechanisms. First, it identifies the
security vulnerabilities in the physical, link, network, transport, application
layers. Furthermore, various possible attacks on the key management protocols,
user authentication and access control protocols, and user privacy preservation
protocols are presented. After enumerating various possible attacks, the
chapter provides a detailed discussion on various existing security mechanisms
and protocols to defend against and wherever possible prevent the possible
attacks. Comparative analyses are also presented on the security schemes with
regards to the cryptographic schemes used, key management strategies deployed,
use of any trusted third party, computation and communication overhead involved
etc. The chapter then presents a brief discussion on various trust management
approaches for WMNs since trust and reputation-based schemes are increasingly
becoming popular for enforcing security in wireless networks. A number of open
problems in security and privacy issues for WMNs are subsequently discussed
before the chapter is finally concluded.Comment: 62 pages, 12 figures, 6 tables. This chapter is an extension of the
author's previous submission in arXiv submission: arXiv:1102.1226. There are
some text overlaps with the previous submissio
Secure Routing in Wireless Mesh Networks
Wireless mesh networks (WMNs) have emerged as a promising concept to meet the
challenges in next-generation networks such as providing flexible, adaptive,
and reconfigurable architecture while offering cost-effective solutions to the
service providers. Unlike traditional Wi-Fi networks, with each access point
(AP) connected to the wired network, in WMNs only a subset of the APs are
required to be connected to the wired network. The APs that are connected to
the wired network are called the Internet gateways (IGWs), while the APs that
do not have wired connections are called the mesh routers (MRs). The MRs are
connected to the IGWs using multi-hop communication. The IGWs provide access to
conventional clients and interconnect ad hoc, sensor, cellular, and other
networks to the Internet. However, most of the existing routing protocols for
WMNs are extensions of protocols originally designed for mobile ad hoc networks
(MANETs) and thus they perform sub-optimally. Moreover, most routing protocols
for WMNs are designed without security issues in mind, where the nodes are all
assumed to be honest. In practical deployment scenarios, this assumption does
not hold. This chapter provides a comprehensive overview of security issues in
WMNs and then particularly focuses on secure routing in these networks. First,
it identifies security vulnerabilities in the medium access control (MAC) and
the network layers. Various possibilities of compromising data confidentiality,
data integrity, replay attacks and offline cryptanalysis are also discussed.
Then various types of attacks in the MAC and the network layers are discussed.
After enumerating the various types of attacks on the MAC and the network
layer, the chapter briefly discusses on some of the preventive mechanisms for
these attacks.Comment: 44 pages, 17 figures, 5 table
Investigating Open Issues in Swarm Intelligence for Mitigating Security Threats in MANET
The area of Mobile Adhoc Network (MANET) has being a demanded topic of research for more than a decade because of its attractive communication features associated with various issues. This paper primarily discusses on the security issues, which has been still unsolved after abundant research work. The paper basically stresses on the potential features of Swarm Intelligence (SI) and its associated techniques to mitigate the security issues. Majority of the previous researches based on SI has used Ant Colony Optimization (ACO) or Particle Swarm Optimization (PSO) extensively. Elaborated discussion on SI with respect to trust management, authentication, and attack models are made with support of some of the recent studies done in same area. The paper finally concludes by discussing the open issues and problem identification of the review
Collaboration Enforcement In Mobile Ad Hoc Networks
Mobile Ad hoc NETworks (MANETs) have attracted great research interest in recent years. Among many issues, lack of motivation for participating nodes to collaborate forms a major obstacle to the adoption of MANETs. Many contemporary collaboration enforcement techniques employ reputation mechanisms for nodes to avoid and penalize malicious participants. Reputation information is propagated among participants and updated based on complicated trust relationships to thwart false accusation of benign nodes. The aforementioned strategy suffers from low scalability and is likely to be exploited by adversaries. To address these problems, we first propose a finite state model. With this technique, no reputation information is propagated in the network and malicious nodes cannot cause false penalty to benign hosts. Misbehaving node detection is performed on-demand; and malicious node punishment and avoidance are accomplished by only maintaining reputation information within neighboring nodes. This scheme, however, requires that each node equip with a tamper-proof hardware. In the second technique, no such restriction applies. Participating nodes classify their one-hop neighbors through direct observation and misbehaving nodes are penalized within their localities. Data packets are dynamically rerouted to circumvent selfish nodes. In both schemes, overall network performance is greatly enhanced. Our approach significantly simplifies the collaboration enforcement process, incurs low overhead, and is robust against various malicious behaviors. Simulation results based on different system configurations indicate that the proposed technique can significantly improve network performance with very low communication cost
A Taxonomy on Misbehaving Nodes in Delay Tolerant Networks
Delay Tolerant Networks (DTNs) are type of Intermittently Connected Networks (ICNs) featured by long delay, intermittent connectivity, asymmetric data rates and high error rates. DTNs have been primarily developed for InterPlanetary Networks (IPNs), however, have shown promising potential in challenged networks i.e. DakNet, ZebraNet, KioskNet and WiderNet. Due to unique nature of intermittent connectivity and long delay, DTNs face challenges in routing, key management, privacy, fragmentation and misbehaving nodes. Here, misbehaving nodes i.e. malicious and selfish nodes launch various attacks including flood, packet drop and fake packets attack, inevitably overuse scarce resources (e.g., buffer and bandwidth) in DTNs. The focus of this survey is on a review of misbehaving node attacks, and detection algorithms. We firstly classify various of attacks depending on the type of misbehaving nodes. Then, detection algorithms for these misbehaving nodes are categorized depending on preventive and detective based features. The panoramic view on misbehaving nodes and detection algorithms are further analyzed, evaluated mathematically through a number of performance metrics. Future directions guiding this topic are also presented
Spectrum sharing security and attacks in CRNs: a review
Cognitive Radio plays a major part in communication technology by resolving the shortage of the spectrum through usage of dynamic spectrum access and artificial intelligence characteristics. The element of spectrum sharing in cognitive radio is a fundament al approach in utilising free channels. Cooperatively communicating cognitive radio devices use the common control channel of the cognitive radio medium access control to achieve spectrum sharing. Thus, the common control channel and consequently spectrum sharing security are vital to ensuring security in the subsequent data communication among cognitive radio nodes. In addition to well known security problems in wireless networks, cognitive radio networks introduce new classes of security threats and challenges, such as licensed user emulation attacks in spectrum sensing and misbehaviours in the common control channel transactions, which degrade the overall network operation and performance. This review paper briefly presents the known threats and attacks in wireless networks before it looks into the concept of cognitive radio and its main functionality. The paper then mainly focuses on spectrum sharing security and its related challenges. Since spectrum sharing is enabled through usage of
the common control channel, more attention is paid to the
security of the common control channel by looking into its
security threats as well as protection and detection mechanisms. Finally, the pros and cons as well as the comparisons of different CR - specific security mechanisms are presented with some open research issues and challenges
Secure Routing and Medium Access Protocols inWireless Multi-hop Networks
While the rapid proliferation of mobile devices along with the tremendous growth of various applications using
wireless multi-hop networks have significantly facilitate our human life, securing and ensuring high quality
services of these networks are still a primary concern. In particular, anomalous protocol operation in wireless
multi-hop networks has recently received considerable attention in the research community. These relevant security
issues are fundamentally different from those of wireline networks due to the special characteristics of
wireless multi-hop networks, such as the limited energy resources and the lack of centralized control. These issues
are extremely hard to cope with due to the absence of trust relationships between the nodes.
To enhance security in wireless multi-hop networks, this dissertation addresses both MAC and routing layers
misbehaviors issues, with main focuses on thwarting black hole attack in proactive routing protocols like OLSR,
and greedy behavior in IEEE 802.11 MAC protocol. Our contributions are briefly summarized as follows.
As for black hole attack, we analyze two types of attack scenarios: one is launched at routing layer, and the
other is cross layer. We then provide comprehensive analysis on the consequences of this attack and propose
effective countermeasures.
As for MAC layer misbehavior, we particularly study the adaptive greedy behavior in the context of Wireless
Mesh Networks (WMNs) and propose FLSAC (Fuzzy Logic based scheme to Struggle against Adaptive Cheaters)
to cope with it. A new characterization of the greedy behavior in Mobile Ad Hoc Networks (MANETs) is also
introduced. Finally, we design a new backoff scheme to quickly detect the greedy nodes that do not comply with
IEEE 802.11 MAC protocol, together with a reaction scheme that encourages the greedy nodes to become honest
rather than punishing them
Performance of management solutions and cooperation approaches for vehicular delay-tolerant networks
A wide range of daily-life applications supported by vehicular networks attracted the interest,
not only from the research community, but also from governments and the automotive
industry. For example, they can be used to enable services that assist drivers on the roads (e.g.,
road safety, traffic monitoring), to spread commercial and entertainment contents (e.g., publicity),
or to enable communications on remote or rural regions where it is not possible to have
a common network infrastructure. Nonetheless, the unique properties of vehicular networks
raise several challenges that greatly impact the deployment of these networks.
Most of the challenges faced by vehicular networks arise from the highly dynamic network
topology, which leads to short and sporadic contact opportunities, disruption, variable
node density, and intermittent connectivity. This situation makes data dissemination an interesting
research topic within the vehicular networking area, which is addressed by this study.
The work described along this thesis is motivated by the need to propose new solutions to deal
with data dissemination problems in vehicular networking focusing on vehicular delay-tolerant
networks (VDTNs).
To guarantee the success of data dissemination in vehicular networks scenarios it is important
to ensure that network nodes cooperate with each other. However, it is not possible
to ensure a fully cooperative scenario. This situation makes vehicular networks suitable to the
presence of selfish and misbehavior nodes, which may result in a significant decrease of the
overall network performance. Thus, cooperative nodes may suffer from the overwhelming load
of services from other nodes, which comprises their performance.
Trying to solve some of these problems, this thesis presents several proposals and studies
on the impact of cooperation, monitoring, and management strategies on the network performance
of the VDTN architecture. The main goal of these proposals is to enhance the network
performance. In particular, cooperation and management approaches are exploited to improve
and optimize the use of network resources. It is demonstrated the performance gains attainable
in a VDTN through both types of approaches, not only in terms of bundle delivery probability,
but also in terms of wasted resources.
The results and achievements observed on this research work are intended to contribute
to the advance of the state-of-the-art on methods and strategies for overcome the challenges
that arise from the unique characteristics and conceptual design of vehicular networks.O vasto número de aplicações e cenários suportados pelas redes veiculares faz com que
estas atraiam o interesse não só da comunidade científica, mas também dos governos e da indústria
automóvel. A título de exemplo, estas podem ser usadas para a implementação de serviços
e aplicações que podem ajudar os condutores dos veículos a tomar decisões nas estradas, para
a disseminação de conteúdos publicitários, ou ainda, para permitir que existam comunicações
em zonas rurais ou remotas onde não é possível ter uma infraestrutura de rede convencional.
Contudo, as propriedades únicas das redes veiculares fazem com que seja necessário ultrapassar
um conjunto de desafios que têm grande impacto na sua aplicabilidade.
A maioria dos desafios que as redes veiculares enfrentam advêm da grande mobilidade dos
veículos e da topologia de rede que está em constante mutação. Esta situação faz com que este
tipo de rede seja suscetível de disrupção, que as oportunidades de contacto sejam escassas e de
curta duração, e que a ligação seja intermitente. Fruto destas adversidades, a disseminação dos
dados torna-se um tópico de investigação bastante promissor na área das redes veiculares e por
esta mesma razão é abordada neste trabalho de investigação. O trabalho descrito nesta tese é
motivado pela necessidade de propor novas abordagens para lidar com os problemas inerentes
à disseminação dos dados em ambientes veiculares.
Para garantir o sucesso da disseminação dos dados em ambientes veiculares é importante
que este tipo de redes garanta a cooperação entre os nós da rede. Contudo, neste tipo de ambientes
não é possível garantir um cenário totalmente cooperativo. Este cenário faz com que
as redes veiculares sejam suscetíveis à presença de nós não cooperativos que comprometem
seriamente o desempenho global da rede. Por outro lado, os nós cooperativos podem ver o seu
desempenho comprometido por causa da sobrecarga de serviços que poderão suportar.
Para tentar resolver alguns destes problemas, esta tese apresenta várias propostas e estudos
sobre o impacto de estratégias de cooperação, monitorização e gestão de rede no desempenho
das redes veiculares com ligações intermitentes (Vehicular Delay-Tolerant Networks
- VDTNs). O objetivo das propostas apresentadas nesta tese é melhorar o desempenho global
da rede. Em particular, as estratégias de cooperação e gestão de rede são exploradas para
melhorar e optimizar o uso dos recursos da rede. Ficou demonstrado que o uso deste tipo de
estratégias e metodologias contribui para um aumento significativo do desempenho da rede,
não só em termos de agregados de pacotes (“bundles”) entregues, mas também na diminuição
do volume de recursos desperdiçados.
Os resultados observados neste trabalho procuram contribuir para o avanço do estado
da arte em métodos e estratégias que visam ultrapassar alguns dos desafios que advêm das
propriedades e desenho conceptual das redes veiculares
- …