A Survey on Wireless Security: Technical Challenges, Recent Advances and Future Trends

This paper examines the security vulnerabilities and threats imposed by the inherent open nature of wireless communications and to devise efficient defense mechanisms for improving the wireless network security. We first summarize the security requirements of wireless networks, including their authenticity, confidentiality, integrity and availability issues. Next, a comprehensive overview of security attacks encountered in wireless networks is presented in view of the network protocol architecture, where the potential security threats are discussed at each protocol layer. We also provide a survey of the existing security protocols and algorithms that are adopted in the existing wireless network standards, such as the Bluetooth, Wi-Fi, WiMAX, and the long-term evolution (LTE) systems. Then, we discuss the state-of-the-art in physical-layer security, which is an emerging technique of securing the open communications environment against eavesdropping attacks at the physical layer. We also introduce the family of various jamming attacks and their counter-measures, including the constant jammer, intermittent jammer, reactive jammer, adaptive jammer and intelligent jammer. Additionally, we discuss the integration of physical-layer security into existing authentication and cryptography mechanisms for further securing wireless networks. Finally, some technical challenges which remain unresolved at the time of writing are summarized and the future trends in wireless security are discussed.Comment: 36 pages. Accepted to Appear in Proceedings of the IEEE, 201

Heterogeneous networks using mobile-IP technology

Whenever a mobile user moves between networks a handover must occur. This basically means that a network-layer protocol must handle the moving of the mobile device. In a cellular phone a GSM/UMTS infrastructure performs horizontal handover and the user does not notices any call or ongoing session interruption while roaming. The handover procedure begins when the received signal strength identificator (RSSI) of a mobile device falls below a level, it discovers a neighbour access point with better quality of services (QoS) than its current access point. In heterogeneous wireless networks different portions of RF spectrum are used and is difficult or impossible for a mobile node to concurrently maintain its connectivity without signal interruptions. Thus, the different network environments must be integrated and support a common platform to achieve seamless handover. The seamless or vertical handover's target is to maintain the mobile user's IP address independently of user's location or of the physical parameters the current network is using. A mechanism that keeps a mobile device to an ongoing connection by maintaining its home-location IP address is the Mobile-IP protocol which operates at the network-layer of the Open System Interconnection (OSI) model. In this M.Sc. thesis we perform heterogeneous network scenarios with the Mobile-IP technology. Moreover, we have built the system practically and assist the applicability of such heterogeneous wireless networks through real-side measurements. We used Linux operating system (Ubuntu & Debian) between different network technologies, made at the National Center for Scientific Research (NCSR) ''Demokritos'' institute, in Greece. The required applications for the Mobile-IP and 3G technologies were implemented and configured in a platform of fixed and mobile devices at Demokrito's departmental laboratory. The idea of using the Mobile-IP protocol was to gather information about time differences that occurred in handover delay between different networks.fi=Opinnäytetyö kokotekstinä PDF-muodossa.|en=Thesis fulltext in PDF format.|sv=Lärdomsprov tillgängligt som fulltext i PDF-format

Secure and Privacy-Preserving Authentication Protocols for Wireless Mesh Networks

Wireless mesh networks (WMNs) have emerged as a promising concept to meet the challenges in next-generation wireless networks such as providing flexible, adaptive, and reconfigurable architecture while offering cost-effective solutions to service providers. As WMNs become an increasingly popular replacement technology for last-mile connectivity to the home networking, community and neighborhood networking, it is imperative to design efficient and secure communication protocols for these networks. However, several vulnerabilities exist in currently existing protocols for WMNs. These security loopholes can be exploited by potential attackers to launch attack on WMNs. The absence of a central point of administration makes securing WMNs even more challenging. The broadcast nature of transmission and the dependency on the intermediate nodes for multi-hop communications lead to several security vulnerabilities in WMNs. The attacks can be external as well as internal in nature. External attacks are launched by intruders who are not authorized users of the network. For example, an intruding node may eavesdrop on the packets and replay those packets at a later point of time to gain access to the network resources. On the other hand, the internal attacks are launched by the nodes that are part of the WMN. On example of such attack is an intermediate node dropping packets which it was supposed to forward. This chapter presents a comprehensive discussion on the current authentication and privacy protection schemes for WMN. In addition, it proposes a novel security protocol for node authentication and message confidentiality and an anonymization scheme for privacy protection of users in WMNs.Comment: 32 pages, 10 figures. The work is an extended version of the author's previous works submitted in CoRR: arXiv:1107.5538v1 and arXiv:1102.1226v

Authentication Mechanism for Ad Hoc Wireless Local Area Network

Wireless networks have grown rapidly over the last decade and they have been deployed in numerous applications due to their advantages over wired networks, specifically for its mobility and convenience. However, due to its wireless nature, some security issues in wireless network need to be addressed, such as unauthorized or rogue wireless devices which are relatively easy to connect to the network because they do not need any physical access. These issues might prevent further acceptance and adoption of wireless network technology. One of the solutions to overcome the wireless network security is the 802.1X specification. It is a mechanism for port-based network access control, which based on Extensible Authentication Protocol (EAP). It is an authentication framework that can support multiple authentication methods. This research is looking into the possibility of using EAP as a generic authentication mechanism in ad hoc wireless local area networks. One promising advantage of using EAP-based authentication mechanism in a network is its interoperability with other types of networks since EAP is already a platform for various authentication mechanisms. This thesis studies and explores the feasibility of using EAP in ad hoc wireless local area network and then proposes a mechanism to implement EAP in ad hoc wireless local area network based on EAP multiplexing model. This thesis also proposes an extension to EAP, a mechanism to select a suitable EAP method out of a set of EAP methods to be used in EAP authentication process in heterogeneous mobile devices environment, where the network consists of different types of nodes I devices with different specifications and capabilities, and each node may support different type of EAP authentication method. Toward the end of this thesis, formal specification and verification of the proposed authentication mechanism are derived and strong final beliefs are obtained. Furthermore, node architecture that can be used in simulation of EAP authentication is designed and the EAP method selection mechanism is simulated

Security-centric analysis and performance investigation of IEEE 802.16 WiMAX

fi=vertaisarvioitu|en=peerReviewed

An Overview of Security Challenges in Vehicular Ad-Hoc Networks

© 2017 IEEE. Vehicular Ad hoc Networks (VANET) is emerging as a promising technology of the Intelligent Transportation systems (ITS) due to its potential benefits for travel planning, notifying road hazards, cautioning of emergency scenarios, alleviating congestion, provisioning parking facilities and environmental predicaments. But, the security threats hinder its wide deployment and acceptability by users. This paper gives an overview of the security threats at the various layers of the VANET communication stack and discuss some of the existing solutions, thus concluding why designing a security framework for VANET needs to consider these threats for overcoming security challenges in VANET