Security and Privacy Issues in Wireless Mesh Networks: A Survey

This book chapter identifies various security threats in wireless mesh network (WMN). Keeping in mind the critical requirement of security and user privacy in WMNs, this chapter provides a comprehensive overview of various possible attacks on different layers of the communication protocol stack for WMNs and their corresponding defense mechanisms. First, it identifies the security vulnerabilities in the physical, link, network, transport, application layers. Furthermore, various possible attacks on the key management protocols, user authentication and access control protocols, and user privacy preservation protocols are presented. After enumerating various possible attacks, the chapter provides a detailed discussion on various existing security mechanisms and protocols to defend against and wherever possible prevent the possible attacks. Comparative analyses are also presented on the security schemes with regards to the cryptographic schemes used, key management strategies deployed, use of any trusted third party, computation and communication overhead involved etc. The chapter then presents a brief discussion on various trust management approaches for WMNs since trust and reputation-based schemes are increasingly becoming popular for enforcing security in wireless networks. A number of open problems in security and privacy issues for WMNs are subsequently discussed before the chapter is finally concluded.Comment: 62 pages, 12 figures, 6 tables. This chapter is an extension of the author's previous submission in arXiv submission: arXiv:1102.1226. There are some text overlaps with the previous submissio

A new connectivity strategy for wireless mesh networks using dynamic spectrum access

The introduction of Dynamic Spectrum Access (DSA) marked an important juncture in the evolution of wireless networks. DSA is a spectrum assignment paradigm where devices are able to make real-time adjustment to their spectrum usage and adapt to changes in their spectral environment to meet performance objectives. DSA allows spectrum to be used more efficiently and may be considered as a viable approach to the ever increasing demand for spectrum in urban areas and the need for coverage extension to unconnected communities. While DSA can be applied to any spectrum band, the initial focus has been in the Ultra-High Frequency (UHF) band traditionally used for television broadcast because the band is lightly occupied and also happens to be ideal spectrum for sparsely populated rural areas. Wireless access in general is said to offer the most hope in extending connectivity to rural and unconnected peri-urban communities. Wireless Mesh Networks (WMN) in particular offer several attractive characteristics such as multi-hopping, ad-hoc networking, capabilities of self-organising and self-healing, hence the focus on WMNs. Motivated by the desire to leverage DSA for mesh networking, this research revisits the aspect of connectivity in WMNs with DSA. The advantages of DSA when combined with mesh networking not only build on the benefits, but also creates additional challenges. The study seeks to address the connectivity challenge across three key dimensions, namely network formation, link metric and multi-link utilisation. To start with, one of the conundrums faced in WMNs with DSA is that the current 802.11s mesh standard provides limited support for DSA, while DSA related standards such as 802.22 provide limited support for mesh networking. This gap in standardisation complicates the integration of DSA in WMNs as several issues are left outside the scope of the applicable standard. This dissertation highlights the inadequacy of the current MAC protocol in ensuring TVWS regulation compliance in multi-hop environments and proposes a logical link MAC sub-layer procedure to fill the gap. A network is considered compliant in this context if each node operates on a channel that it is allowed to use as determined for example, by the spectrum database. Using a combination of prototypical experiments, simulation and numerical analysis, it is shown that the proposed protocol ensures network formation is accomplished in a manner that is compliant with TVWS regulation. Having tackled the compliance problem at the mesh formation level, the next logical step was to explore performance improvement avenues. Considering the importance of routing in WMNs, the study evaluates link characterisation to determine suitable metric for routing purposes. Along this dimension, the research makes two main contributions. Firstly, A-link-metric (Augmented Link Metric) approach for WMN with DSA is proposed. A-link-metric reinforces existing metrics to factor in characteristics of a DSA channel, which is essential to improve the routing protocol's ranking of links for optimal path selection. Secondly, in response to the question of “which one is the suitable metric?”, the Dynamic Path Metric Selection (DPMeS) concept is introduced. The principal idea is to mechanise the routing protocol such that it assesses the network via a distributed probing mechanism and dynamically binds the routing metric. Using DPMeS, a routing metric is selected to match the network type and prevailing conditions, which is vital as each routing metric thrives or recedes in performance depending on the scenario. DPMeS is aimed at unifying the years worth of prior studies on routing metrics in WMNs. Simulation results indicate that A-link-metric achieves up to 83.4 % and 34.6 % performance improvement in terms of throughput and end-to-end delay respectively compared to the corresponding base metric (i.e. non-augmented variant). With DPMeS, the routing protocol is expected to yield better performance consistently compared to the fixed metric approach whose performance fluctuates amid changes in network setup and conditions. By and large, DSA-enabled WMN nodes will require access to some fixed spectrum to fall back on when opportunistic spectrum is unavailable. In the absence of fully functional integrated-chip cognitive radios to enable DSA, the immediate feasible solution for the interim is single hardware platforms fitted with multiple transceivers. This configuration results in multi-band multi-radio node capability that lends itself to a variety of link options in terms of transmit/receive radio functionality. The dissertation reports on the experimental performance evaluation of radios operating in the 5 GHz and UHF-TVWS bands for hybrid back-haul links. It is found that individual radios perform differently depending on the operating parameter settings, namely channel, channel-width and transmission power subject to prevailing environmental (both spectral and topographical) conditions. When aggregated, if the radios' data-rates are approximately equal, there is a throughput and round-trip time performance improvement of 44.5 - 61.8 % and 7.5 - 41.9 % respectively. For hybrid links comprising radios with significantly unequal data-rates, this study proposes an adaptive round-robin (ARR) based algorithm for efficient multilink utilisation. Numerical analysis indicate that ARR provides 75 % throughput improvement. These results indicate that network optimisation overall requires both time and frequency division duplexing. Based on the experimental test results, this dissertation presents a three-layered routing framework for multi-link utilisation. The top layer represents the nodes' logical interface to the WMN while the bottom layer corresponds to the underlying physical wireless network interface cards (WNIC). The middle layer is an abstract and reductive representation of the possible and available transmission, and reception options between node pairs, which depends on the number and type of WNICs. Drawing on the experimental results and insight gained, the study builds criteria towards a mechanism for auto selection of the optimal link option. Overall, this study is anticipated to serve as a springboard to stimulate the adoption and integration of DSA in WMNs, and further development in multi-link utilisation strategies to increase capacity. Ultimately, it is hoped that this contribution will collectively contribute effort towards attaining the global goal of extending connectivity to the unconnected

Improving Performance for CSMA/CA Based Wireless Networks

Carrier Sense Multiple Access with Collision Avoidance (CSMA/CA) based wireless networks are becoming increasingly ubiquitous. With the aim of supporting rich multimedia applications such as high-definition television (HDTV, 20Mbps) and DVD (9.8Mbps), one of the technology trends is towards increasingly higher bandwidth. Some recent IEEE 802.11n proposals seek to provide PHY rates of up to 600 Mbps. In addition to increasing bandwidth, there is also strong interest in extending the coverage of CSMA/CA based wireless networks. One solution is to relay traffic via multiple intermediate stations if the sender and the receiver are far apart. The so called “mesh” networks based on this relay-based approach, if properly designed, may feature both “high speed” and “large coverage” at the same time. This thesis focusses on MAC layer performance enhancements in CSMA/CA based networks in this context. Firstly, we observe that higher PHY rates do not necessarily translate into corresponding increases in MAC layer throughput due to the overhead of the CSMA/CA based MAC/PHY layers. To mitigate the overhead, we propose a novel MAC scheme whereby transported information is partially acknowledged and retransmitted. Theoretical analysis and extensive simulations show that the proposed MAC approach can achieve high efficiency (low MAC overhead) for a wide range of channel variations and realistic traffic types. Secondly, we investigate the close interaction between the MAC layer and the buffer above it to improve performance for real world traffic such as TCP. Surprisingly, the issue of buffer sizing in 802.11 wireless networks has received little attention in the literature yet it poses fundamentally new challenges compared to buffer sizing in wired networks. We propose a new adaptive buffer sizing approach for 802.11e WLANs that maintains a high level of link utilisation, while minimising queueing delay. Thirdly, we highlight that gross unfairness can exist between competing flows in multihop mesh networks even if we assume that orthogonal channels are used in neighbouring hops. That is, even without inter-channel interference and hidden terminals, multi-hop mesh networks which aim to offer a both “high speed” and “large coverage” are not achieved. We propose the use of 802.11e’s TXOP mechanism to restore/enfore fairness. The proposed approach is implementable using off-the-shelf devices and fully decentralised (requires no message passing)

Performance Modelling and Optimisation of Multi-hop Networks

A major challenge in the design of large-scale networks is to predict and optimise the total time and energy consumption required to deliver a packet from a source node to a destination node. Examples of such complex networks include wireless ad hoc and sensor networks which need to deal with the effects of node mobility, routing inaccuracies, higher packet loss rates, limited or time-varying effective bandwidth, energy constraints, and the computational limitations of the nodes. They also include more reliable communication environments, such as wired networks, that are susceptible to random failures, security threats and malicious behaviours which compromise their quality of service (QoS) guarantees. In such networks, packets traverse a number of hops that cannot be determined in advance and encounter non-homogeneous network conditions that have been largely ignored in the literature. This thesis examines analytical properties of packet travel in large networks and investigates the implications of some packet coding techniques on both QoS and resource utilisation. Specifically, we use a mixed jump and diffusion model to represent packet traversal through large networks. The model accounts for network non-homogeneity regarding routing and the loss rate that a packet experiences as it passes successive segments of a source to destination route. A mixed analytical-numerical method is developed to compute the average packet travel time and the energy it consumes. The model is able to capture the effects of increased loss rate in areas remote from the source and destination, variable rate of advancement towards destination over the route, as well as of defending against malicious packets within a certain distance from the destination. We then consider sending multiple coded packets that follow independent paths to the destination node so as to mitigate the effects of losses and routing inaccuracies. We study a homogeneous medium and obtain the time-dependent properties of the packet’s travel process, allowing us to compare the merits and limitations of coding, both in terms of delivery times and energy efficiency. Finally, we propose models that can assist in the analysis and optimisation of the performance of inter-flow network coding (NC). We analyse two queueing models for a router that carries out NC, in addition to its standard packet routing function. The approach is extended to the study of multiple hops, which leads to an optimisation problem that characterises the optimal time that packets should be held back in a router, waiting for coding opportunities to arise, so that the total packet end-to-end delay is minimised

Modelling and Analysis of Smart Grids for Critical Data Communication

Practical models for the subnetworks of smart grid are presented and analyzed. Critical packet-delay bounds for these subnetworks are determined, with the overall objective of identifying parameters that would help in the design of smart grid with least end-to-end delay. A single-server non-preemptive queueing model with prioritized critical packets is presented for Home Area Network (HAN). Closed-form expressions for critical packet delay are derived and illustrated as a function of: i) critical packet arrival rate, ii) service rate, iii) utilization factor, and iv) rate of arrival of non-critical packets. Next, wireless HANs using FDMA and TDMA are presented. Upper and lower bounds on critical packet delay are derived in closed-form as functions of: i) average of signal-to interference-plus-noise ratio, ii) random channel scale, iii) transmitted power strength, iv) received power strength, v) number of EDs, vi) critical packet size, vii) number of channels, viii) path loss component, ix) distances between electrical devices and mesh client, x) channel interference range, xi) channel capacity, xii) bandwidth of the channel, and xiii) number of time/frequency slots. Analytical and simulation results show that critical packet delay is smaller for TDMA compared to FDMA. Lastly, an Intelligent Distributed Channel-Aware Medium Access Control (IDCA-MAC) protocol for wireless HAN using Distributed Coordination Function (DCF) is presented. The protocol eliminates collision and employs Multiple Input Multiple Output (MIMO) system to enhance system performance. Simulation results show that critical packet delay can be reduced by nearly 20% using MA-Aware protocol compared to IDCA-MAC protocol. However, the latter is superior in terms throughput. A wireless mesh backbone network model for Neighbourhood Area Network (NAN) is presented for forwarding critical packets received from HAN to an identified gateway. The routing suggested is based on selected shortest path using Voronoi tessellation. CSMA/CA and CDMA protocols are considered and closed{form upper and lower bounds on critical packet delay are derived and examined as functions of i) signal-to-noise ratio, ii) signal interference, iii) critical packet size, iv) number of channels, v) channel interference range, vi) path loss components, vii) channel bandwidth, and viii) distance between MRs. The results show that critical packet delay to gateway using CDMA is lower compared to CSMA/CA protocol. A fiber optic Wide Area Network (WAN) is presented for transporting critical packets received from NAN to a control station. A Dynamic Fastest Routing Strategy (DFRS) algorithm is used for routing critical packets to control station. Closed-form expression for mean critical packet delay is derived and is examined as a function of: i) traffic intensity, ii) capacity of fiber links, iii) number of links, iv) variance of inter-arrival time, v) variance of service time, and vi) the latency of links. It is shown that delay of critical packets to control station meets acceptable standards set for smart grid