Security and Privacy Issues in Wireless Mesh Networks: A Survey

This book chapter identifies various security threats in wireless mesh network (WMN). Keeping in mind the critical requirement of security and user privacy in WMNs, this chapter provides a comprehensive overview of various possible attacks on different layers of the communication protocol stack for WMNs and their corresponding defense mechanisms. First, it identifies the security vulnerabilities in the physical, link, network, transport, application layers. Furthermore, various possible attacks on the key management protocols, user authentication and access control protocols, and user privacy preservation protocols are presented. After enumerating various possible attacks, the chapter provides a detailed discussion on various existing security mechanisms and protocols to defend against and wherever possible prevent the possible attacks. Comparative analyses are also presented on the security schemes with regards to the cryptographic schemes used, key management strategies deployed, use of any trusted third party, computation and communication overhead involved etc. The chapter then presents a brief discussion on various trust management approaches for WMNs since trust and reputation-based schemes are increasingly becoming popular for enforcing security in wireless networks. A number of open problems in security and privacy issues for WMNs are subsequently discussed before the chapter is finally concluded.Comment: 62 pages, 12 figures, 6 tables. This chapter is an extension of the author's previous submission in arXiv submission: arXiv:1102.1226. There are some text overlaps with the previous submissio

Private and Mobile inter-network routing for Wireless Sensor Networks and Internet of Things

In the last few years, using the Internet of Things has been expanded in many areas, such as environmental monitoring, industries, and smart home. Since the Internet of Things has a direct relation to human life, its security is of paramount importance. Therefore, the communication between the nodes should be secured and the valuable private information should be kept private so that the attacker cannot detect the network structure. This article provides a protocol that can handle routing privately. To do this, we use the data structure called Spatial Bloom Filter (SBF). In addition, the proposed protocol uses random identifiers instead of IP addresses, so that an attacker cannot collect network structure information and location of nodes from IP addresses. Using a homomorphic encryption scheme, the protocol prevent attackers from retrieving valuable network information, if they can infiltrate to one or more network nodes. Also, since almost all nodes in the internet of things are mobile, the structure of networks and subnets is constantly changing. The proposed protocol has the ability to manage to route in networks with a dynamic structure

The Impact of the Adversary's Eavesdropping Stations on the Location Privacy Level in Internet of Vehicles

The Internet of Vehicles (IoV) has got the interest of different research bodies as a promising technology. IoV is mainly developed to reduce the number of crashes by enabling vehicles to sense the environment and spread their locations to the neighborhood via safety-beacons to enhance the system functioning. Nevertheless, a bunch of security and privacy threats is looming; by exploiting the spatio-data included in these beacons. A lot of privacy schemes were developed to cope with the problem like CAPS, CPN, RSP, and SLOW. The schemes provide a certain level of location privacy yet the strength of the adversary, e.g., the number of eavesdropping stations has not been fully considered. In this paper, we aim at investigating the effect of the adversary’s eavesdropping stations number and position on the overall system functioning via privacy and QoS metrics. We also show the performances of these schemes in a manhattan-grid model which gives a comparison between the used schemes. The results show that both the number and the emplacement of the eavesdropping stations have a real negative impact on the achieved location privacy of the IoV users

Estimating Movement from Mobile Telephony Data

Mobile enabled devices are ubiquitous in modern society. The information gathered by their normal service operations has become one of the primary data sources used in the understanding of human mobility, social connection and information transfer. This thesis investigates techniques that can extract useful information from anonymised call detail records (CDR). CDR consist of mobile subscriber data related to people in connection with the network operators, the nature of their communication activity (voice, SMS, data, etc.), duration of the activity and starting time of the activity and servicing cell identification numbers of both the sender and the receiver when available. The main contributions of the research are a methodology for distance measurements which enables the identification of mobile subscriber travel paths and a methodology for population density estimation based on significant mobile subscriber regions of interest. In addition, insights are given into how a mobile network operator may use geographically located subscriber data to create new revenue streams and improved network performance. A range of novel algorithms and techniques underpin the development of these methodologies. These include, among others, techniques for CDR feature extraction, data visualisation and CDR data cleansing. The primary data source used in this body of work was the CDR of Meteor, a mobile network operator in the Republic of Ireland. The Meteor network under investigation has just over 1 million customers, which represents approximately a quarter of the country’s 4.6 million inhabitants, and operates using both 2G and 3G cellular telephony technologies. Results show that the steady state vector analysis of modified Markov chain mobility models can return population density estimates comparable to population estimates obtained through a census. Evaluated using a test dataset, results of travel path identification showed that developed distance measurements achieved greater accuracy when classifying the routes CDR journey trajectories took compared to traditional trajectory distance measurements. Results from subscriber segmentation indicate that subscribers who have perceived similar relationships to geographical features can be grouped based on weighted steady state mobility vectors. Overall, this thesis proposes novel algorithms and techniques for the estimation of movement from mobile telephony data addressing practical issues related to sampling, privacy and spatial uncertainty

Robust, Resilient Networked Communication in Challenged Environments

In challenged environments, digital communication infrastructure may be difficult or even impossible to access. This is especially true in rural and developing regions, as well as in any region during a time of political or environmental crisis. We advance the state of the art in wireless networking and security to design networks and applications that rapidly assess changing networking conditions to restore communication and provide local situational awareness. This dissertation examines new systems for responding to current and emerging needs for wireless networks. This work looks across the wireless ecosystem of widely deployed standards. We develop new tools to improve network assessment and to provide robust and reliable network communication. By incorporating new technological breakthroughs, such as the wide commercial success of Unmanned Aircraft Systems (UAS), we introduce novel methods and systems for existing wireless standards for these challenged networks. We assess how existing technologies and standards function in difficult environments: lacking end-end Internet connectivity, experiencing overload or other resource constraints, and operating in three dimensional space. Through this lens, we demonstrate how to optimize networks to serve marginalized communities outside of first world urban cities and make our networks resilient to natural and political crisis that threaten communication

Towards a Framework for Preserving Privacy in VANET

Vehicular Ad-hoc Network (VANET) is envisioned as an integral part of the Intelligent Transportation Systems as it promises various services and benefits such as road safety, traffic efficiency, navigation and infotainment services. However, the security and privacy risks associated with the wireless communication are often overlooked. Messages exchanged in VANET wireless communication carry inferable Personally Identifiable Information(PII). This introduces several privacy threats that could limit the adoption of VANET. The quantification of these privacy threats is an active research area in VANET security and privacy domains. The Pseudonymisation technique is currently the most preferred solution for critical privacy threats in VANET to provide conditional anonymous authentication. In the existing literature, several Pseudonym Changing Schemes(PCS) have been proposed as effective de-identification approaches to prevent the inference of PII. However, for various reasons, none of the proposed schemes received public acceptance. Moreover, one of the open research challenges is to compare different PCSs under varying circumstances with a set of standardized experimenting parameters and consistent metrics. In this research, we propose a framework to assess the effectiveness of PCSs in VANET with a systematic approach. This comprehensive equitable framework consists of a variety of building blocks which are segmented into correlated sub-domains named Mobility Models, Adversary Models, and Privacy Metrics. Our research introduces a standard methodology to evaluate and compare VANET PCSs using a generic simulation setup to obtain optimal, realistic and most importantly, consistent results. This road map for the simulation setup aims to help the research \& development community to develop, assess and compare the PCS with standard set of parameters for proper analysis and reporting of new PCSs. The assessment of PCS should not only be equitable but also realistic and feasible. Therefore, the sub-domains of the framework need coherent as well as practically applicable characteristics. The Mobility Model is the layout of the traffic on the road which has varying features such as traffic density and traffic scenarios based on the geographical maps. A diverse range of Adversary Models is important for pragmatic evaluation of the PCSs which not only considers the presence of global passive adversary but also observes the effect of intelligent and strategic \u27local attacker\u27 placements. The biggest challenge in privacy measurement is the fact that it is a context-based evaluation. In the literature, the PCSs are evaluated using either user-oriented or adversary-oriented metrics. Under all circumstances, the PCSs should be assessed from both user and adversary perspectives. Using this framework, we determined that a local passive adversary can be strong based on the attacking capabilities. Therefore, we propose two intelligent adversary placements which help in privacy assessment with realistic adversary modelling. When the existing PCSs are assessed with our systematic approach, consistent models and metrics, we identified the privacy vulnerabilities and the limitations of existing PCSs. There was a need for comprehensive PCS which consider the context of the vehicles and the changing traffic patterns in the neighbourhood. Consequently, we developed a Context-Aware \& Traffic Based PCS that focuses on increasing the overall rate of confusion for the adversary and to reduce deterministic information regarding the pseudonym change. It is achieved by increasing the number of dynamic attributes in the proposed PCS for inference of the changing pattern of the pseudonyms. The PCS increases the anonymity of the vehicle by having the synchronized pseudonym changes. The details given under the sub-domains of the framework solidifies our findings to strengthen the privacy assessment of our proposed PCS