Security and Privacy Issues in Wireless Mesh Networks: A Survey

This book chapter identifies various security threats in wireless mesh network (WMN). Keeping in mind the critical requirement of security and user privacy in WMNs, this chapter provides a comprehensive overview of various possible attacks on different layers of the communication protocol stack for WMNs and their corresponding defense mechanisms. First, it identifies the security vulnerabilities in the physical, link, network, transport, application layers. Furthermore, various possible attacks on the key management protocols, user authentication and access control protocols, and user privacy preservation protocols are presented. After enumerating various possible attacks, the chapter provides a detailed discussion on various existing security mechanisms and protocols to defend against and wherever possible prevent the possible attacks. Comparative analyses are also presented on the security schemes with regards to the cryptographic schemes used, key management strategies deployed, use of any trusted third party, computation and communication overhead involved etc. The chapter then presents a brief discussion on various trust management approaches for WMNs since trust and reputation-based schemes are increasingly becoming popular for enforcing security in wireless networks. A number of open problems in security and privacy issues for WMNs are subsequently discussed before the chapter is finally concluded.Comment: 62 pages, 12 figures, 6 tables. This chapter is an extension of the author's previous submission in arXiv submission: arXiv:1102.1226. There are some text overlaps with the previous submissio

Artificial-Noise-Aided Physical Layer Phase Challenge-Response Authentication for Practical OFDM Transmission

Recently, we have developed a PHYsical layer Phase Challenge-Response Authentication Scheme (PHY-PCRAS) for independent multicarrier transmission. In this paper, we make a further step by proposing a novel artificial-noise-aided PHY-PCRAS (ANA-PHY-PCRAS) for practical orthogonal frequency division multiplexing (OFDM) transmission, where the Tikhonov-distributed artificial noise is introduced to interfere with the phase-modulated key for resisting potential key-recovery attacks whenever a static channel between two legitimate users is unfortunately encountered. Then, we address various practical issues for ANA-PHY-PCRAS with OFDM transmission, including correlation among subchannels, imperfect carrier and timing recoveries. Among them, we show that the effect of sampling offset is very significant and a search procedure in the frequency domain should be incorporated for verification. With practical OFDM transmission, the number of uncorrelated subchannels is often not sufficient. Hence, we employ a time-separated approach for allocating enough subchannels and a modified ANA-PHY-PCRAS is proposed to alleviate the discontinuity of channel phase at far-separated time slots. Finally, the key equivocation is derived for the worst case scenario. We conclude that the enhanced security of ANA-PHY-PCRAS comes from the uncertainty of both the wireless channel and introduced artificial noise, compared to the traditional challenge-response authentication scheme implemented at the upper layer.Comment: 33 pages, 13 figures, submitted for possible publicatio

The Meeting of Acquaintances: A Cost-efficient Authentication Scheme for Light-weight Objects with Transient Trust Level and Plurality Approach

Wireless sensor networks consist of a large number of distributed sensor nodes so that potential risks are becoming more and more unpredictable. The new entrants pose the potential risks when they move into the secure zone. To build a door wall that provides safe and secured for the system, many recent research works applied the initial authentication process. However, the majority of the previous articles only focused on the Central Authority (CA) since this leads to an increase in the computation cost and energy consumption for the specific cases on the Internet of Things (IoT). Hence, in this article, we will lessen the importance of these third parties through proposing an enhanced authentication mechanism that includes key management and evaluation based on the past interactions to assist the objects joining a secured area without any nearby CA. We refer to a mobility dataset from CRAWDAD collected at the University Politehnica of Bucharest and rebuild into a new random dataset larger than the old one. The new one is an input for a simulated authenticating algorithm to observe the communication cost and resource usage of devices. Our proposal helps the authenticating flexible, being strict with unknown devices into the secured zone. The threshold of maximum friends can modify based on the optimization of the symmetric-key algorithm to diminish communication costs (our experimental results compare to previous schemes less than 2000 bits) and raise flexibility in resource-constrained environments.Comment: 27 page