Security and Privacy Issues in Wireless Mesh Networks: A Survey

This book chapter identifies various security threats in wireless mesh network (WMN). Keeping in mind the critical requirement of security and user privacy in WMNs, this chapter provides a comprehensive overview of various possible attacks on different layers of the communication protocol stack for WMNs and their corresponding defense mechanisms. First, it identifies the security vulnerabilities in the physical, link, network, transport, application layers. Furthermore, various possible attacks on the key management protocols, user authentication and access control protocols, and user privacy preservation protocols are presented. After enumerating various possible attacks, the chapter provides a detailed discussion on various existing security mechanisms and protocols to defend against and wherever possible prevent the possible attacks. Comparative analyses are also presented on the security schemes with regards to the cryptographic schemes used, key management strategies deployed, use of any trusted third party, computation and communication overhead involved etc. The chapter then presents a brief discussion on various trust management approaches for WMNs since trust and reputation-based schemes are increasingly becoming popular for enforcing security in wireless networks. A number of open problems in security and privacy issues for WMNs are subsequently discussed before the chapter is finally concluded.Comment: 62 pages, 12 figures, 6 tables. This chapter is an extension of the author's previous submission in arXiv submission: arXiv:1102.1226. There are some text overlaps with the previous submissio

Traffic engineering multi-layer optimization for wireless mesh network transmission a campus network routing protocol transmission performance inhancement

This thesis was submitted for the degree of Doctor of Philosophy and awarded by Brunel UniversityThe wireless mesh network is a potential network for the future due to its excellent inherent characteristic for dynamic self-healing, self-configuration and self-organization. It also has the advantage of easy interoperability networking and the ability to form multi-linked ad-hoc networks. It has a decentralized topology, is cheap and highly scalable. Furthermore, its ease in deployment and easy maintenance are other inherent networking qualities. These aforementioned qualities of the wireless mesh network bring advantages to transmission capability of heterogeneous networks. However, transmissions in wireless mesh network create comparative performance based challenges such as congestion, load-balancing, scalability over increasing networks and coverage capacity. Consequently, these challenges and problems in the routing and switching of packets in the wireless mesh network routing protocols led to a proposal on the resolution of these failures with a combination algorithm and a management based security for the network and its transmitted packets. There are equally contentious services like reliability of the network and quality of service for real-time multimedia traffic flows with other challenges such as path computation and selection in the wireless mesh network. This thesis is therefore a cumulative proposal to the resolution of the outlined challenges and open research areas posed by using wireless mesh network routing protocol. It advances the resolution of these challenges in the mesh environment using a hybrid optimization – traffic engineering, to increase the effectiveness and the reliability of the network. It also proffers a cumulative resolution of the diverse contributions on wireless mesh network routing protocol and transmission. Adaptation and optimization are carried out on the wireless mesh network designed network using traffic engineering mechanism and technique. The research examines the patterns of mesh packet transmission and evaluates the challenges and failures in the mesh network packet transmission. It develops a solution based algorithm for resolutions and proposes the traffic engineering based solution.. These resultant performances and analysis are usually tested and compared over wireless mesh IEEE802.11n or other older proposed documented solution. This thesis used a carefully designed campus mesh network to show a comparative evaluation of an optimal performance of the mesh nodes and routers over a normal IEE802.11n based wireless domain network to show differentiation by optimization using the created algorithms. Furthermore, the indexes of performance being the metric are used to measure the utility and the reliability, including capacity and throughput at the destination during traffic engineered transmission. In addition, the security of these transmitted data and packets are optimized under a traffic engineered technique. Finally, this thesis offers an understanding to the security contribution using traffic engineering resolution to create a management algorithm for processing and computation of the wireless mesh networks security needs. The results of this thesis confirmed, completed and extended the existing predictions with real measurement

Efficient Security Protocols for Fast Handovers in Wireless Mesh Networks

Wireless mesh networks (WMNs) are gaining popularity as a flexible and inexpensive replacement for Ethernet-based infrastructures. As the use of mobile devices such as smart phones and tablets is becoming ubiquitous, mobile clients should be guaranteed uninterrupted connectivity and services as they move from one access point to another within a WMN or between networks. To that end, we propose a novel security framework that consists of a new architecture, trust models, and protocols to offer mobile clients seamless and fast handovers in WMNs. The framework provides a dynamic, flexible, resource-efficient, and secure platform for intra-network and inter-network handovers in order to support real-time mobile applications in WMNs. In particular, we propose solutions to the following problems: authentication, key management, and group key management. We propose (1) a suite of certificate-based authentication protocols that minimize the authentication delay during handovers from one access point to another within a network (intra-network authentication). (2) a suite of key distribution and authentication protocols that minimize the authentication delay during handovers from one network to another (inter-network authentication). (3) a new implementation of group key management at the data link layer in order to reduce the group key update latency from linear time (as currently done in IEEE 802.11 standards) to logarithmic time. This contributes towards minimizing the latency of the handover process for mobile members in a multicast or broadcast group

On Reliability of Smart Grid Neighborhood Area Networks

With the integration of the advanced computing and communication technologies, smart grid system is dedicated to enhance the efficiency and the reliability of future power systems greatly through renewable energy resources, as well as distributed communication intelligence and demand response. Along with advanced features of smart grid, the reliability of smart grid communication system emerges to be a critical issue, since millions of smart devices are interconnected through communication networks throughout critical power facilities, which has an immediate and direct impact on the reliability of the entire power infrastructure. In this paper, we present a comprehensive survey of reliability issues posted by the smart grid with a focus on communications in support of neighborhood area networks (NAN). Specifically, we focus on network architecture, reliability requirements and challenges of both communication networks and systems, secure countermeasures, and case studies in smart grid NAN. We aim to provide a deep understanding of reliability challenges and effective solutions toward reliability issues in smart grid NAN

Analysis of the security and reliability of packet transmission in Wireless Mesh Networks (WMNs) : a case study of Malicious Packet drop attack

Wireless Mesh Networks (WMNs) are known for possessing good attributes such as low up-front cost, easy network maintenance, and reliable service coverage. This has largely made them to be adopted in various areas such as; school campus networks, community networking, pervasive healthcare, office and home automation, emergency rescue operations and ubiquitous wireless networks. The routing nodes are equipped with self-organized and self-configuring capabilities. The routing mechanisms of WMNs depend on the collaboration of all participating nodes for reliable network performance. However, it has been noted that most routing algorithms proposed for WMNs in the last few years are designed with the assumption that all the participating nodes will collaboratively be involved in relaying the data packets originated from a source to a multi-hop destination. Such design approach exposes WMNs to vulnerability such as malicious packet drop attack. Therefore, it is imperative to design and implement secure and reliable packet routing mechanisms to mitigate this type of attack. While there are works that have attempted to implement secure routing approach, the findings in this research unearthed that further research works are required to improve the existing secure routing in order to provide more secure and reliable packet transmission in WMNs, in the event of denial of service (DoS) attacks such black hole malicious pack drop attack. This study further presents an analysis of the impact of the black hole malicious packet drop attack with other influential factors in WMNs. In the study, NS-3 simulator was used with AODV as the routing protocol. The results show that the packet delivery ratio and throughput of WMN under attack decreases sharply as compared to WMN free from attack

SECURING THE INTEGRITY OF THE POWER DISTRIBUTION SYSTEM FOR SMART GRID APPLICATIONS

The distribution system is one of the main components in a smart grid, readings are transferred from the distribution substations to the control center. Compromising transferred system data will result in drawing wrong conclusions about current operation status at the control center. Which leads to sending wrong operational commands that may result in very serious consequences. Firstly, we propose a scalable communications architecture for future smart grid distribution systems (i.e. Security Aware Distribution System Architecture - SADSA). The architecture is adaptable to use Wi-Fi or other technologies to transfer smart grid information. The architecture is studied from various angles. Both communication and cybersecurity challenges are extracted. In addition, the work provides a detailed discussion on how the proposed architecture meets National Institute of Standards and Technology (NIST) cybersecurity requirements for smart grids. Secondly, we propose the False Data Injection Prevention Protocol - FDIPP, the protocol prevents packet injection, duplication, alteration and node replication. In other words, it guarantees both system and data integrity. The protocol was analyzed using formal security analysis. Furthermore, Network Simulator 2 is used to evaluate both SADSA and FDIPP. The simulation is used to measure the delay and security overhead introduced from FDIPP and the proposed architectur

Secure Routing in Wireless Mesh Networks

Wireless mesh networks (WMNs) have emerged as a promising concept to meet the challenges in next-generation networks such as providing flexible, adaptive, and reconfigurable architecture while offering cost-effective solutions to the service providers. Unlike traditional Wi-Fi networks, with each access point (AP) connected to the wired network, in WMNs only a subset of the APs are required to be connected to the wired network. The APs that are connected to the wired network are called the Internet gateways (IGWs), while the APs that do not have wired connections are called the mesh routers (MRs). The MRs are connected to the IGWs using multi-hop communication. The IGWs provide access to conventional clients and interconnect ad hoc, sensor, cellular, and other networks to the Internet. However, most of the existing routing protocols for WMNs are extensions of protocols originally designed for mobile ad hoc networks (MANETs) and thus they perform sub-optimally. Moreover, most routing protocols for WMNs are designed without security issues in mind, where the nodes are all assumed to be honest. In practical deployment scenarios, this assumption does not hold. This chapter provides a comprehensive overview of security issues in WMNs and then particularly focuses on secure routing in these networks. First, it identifies security vulnerabilities in the medium access control (MAC) and the network layers. Various possibilities of compromising data confidentiality, data integrity, replay attacks and offline cryptanalysis are also discussed. Then various types of attacks in the MAC and the network layers are discussed. After enumerating the various types of attacks on the MAC and the network layer, the chapter briefly discusses on some of the preventive mechanisms for these attacks.Comment: 44 pages, 17 figures, 5 table