Security and Privacy Issues in Wireless Mesh Networks: A Survey

This book chapter identifies various security threats in wireless mesh network (WMN). Keeping in mind the critical requirement of security and user privacy in WMNs, this chapter provides a comprehensive overview of various possible attacks on different layers of the communication protocol stack for WMNs and their corresponding defense mechanisms. First, it identifies the security vulnerabilities in the physical, link, network, transport, application layers. Furthermore, various possible attacks on the key management protocols, user authentication and access control protocols, and user privacy preservation protocols are presented. After enumerating various possible attacks, the chapter provides a detailed discussion on various existing security mechanisms and protocols to defend against and wherever possible prevent the possible attacks. Comparative analyses are also presented on the security schemes with regards to the cryptographic schemes used, key management strategies deployed, use of any trusted third party, computation and communication overhead involved etc. The chapter then presents a brief discussion on various trust management approaches for WMNs since trust and reputation-based schemes are increasingly becoming popular for enforcing security in wireless networks. A number of open problems in security and privacy issues for WMNs are subsequently discussed before the chapter is finally concluded.Comment: 62 pages, 12 figures, 6 tables. This chapter is an extension of the author's previous submission in arXiv submission: arXiv:1102.1226. There are some text overlaps with the previous submissio

Intelligent and bandwidth-efficient medium access control protocols for IEEE 802.11p-based Vehicular Ad hoc Networks

Vehicle-to-Vehicle (V2V) technology aims to enable safer and more sophisticated transportation via the spontaneous formation of Vehicular Ad hoc Networks (VANETs). This type of wireless networks allows the exchange of kinematic and other data among vehicles, for the primary purpose of safer and more efficient driving, as well as efficient traffic management and other third-party services. Their infrastructure-less, unbounded nature allows the formation of dense networks that present a channel sharing issue, which is harder to tackle than in conventional WLANs. This thesis focuses on optimising channel access strategies, which is important for the efficient usage of the available wireless bandwidth and the successful deployment of VANETs. To start with, the default channel access control method for V2V is evaluated hardware via modifying the appropriate wireless interface Linux driver to enable finer on-the-fly control of IEEE 802.11p access control layer parameters. More complex channel sharing scenarios are evaluated via simulations and findings on the behaviour of the access control mechanism are presented. A complete channel sharing efficiency assessment is conducted, including throughput, fairness and latency measurements. A new IEEE 802.11p-compatible Q-Learning-based access control approach that improves upon the studied protocol is presented. The stations feature algorithms that “learn” how to act optimally in VANETs in order to maximise their achieved packet delivery and minimise bandwidth wastage. The feasibility of Q-Learning to be used as the base of selflearning protocols for IEEE 802.11p-based V2V communication access control in dense environments is investigated in terms of parameter tuning, necessary time of exploration, achieving latency requirements, scaling, multi-hop and accommodation of simultaneous applications. Additionally, the novel Collection Contention Estimation (CCE) mechanism for Q-Learning-based access control is presented. By embedding it on the Q-Learning agents, faster convergence, higher throughput, better service separation and short-term fairness are achieved in simulated network deployments. The acquired new insights on the network performance of the proposed algorithms can provide precise guidelines for efficient designs of practical, reliable, fair and ultra-low latency V2V communication systems for dense topologies. These results can potentially have an impact across a range of related areas, including various types of wireless networks and resource allocation for these, network protocol and transceiver design as well as QLearning applicability and considerations for correct use

Analysis and enhancement of wireless LANs in noisy channels

Without a doubt, Wireless Local Area Networks (WLANs) technology has been encountering an explosive growth lately. IEEE 802.11 is the standard associated with this promising technology, which enures shared access to the wireless medium through the distributed coordination function (DCF). Recently, the IEEE 802.11e task group has made extensions to WLANs medium access control (MAC) in order to support quality of service (QoS) traffic. An inherited problem for WLANs, is the volatility of the propagation medium, which is a challenging issue that affects the system performance significantly. Consequently, enhancing the operation of the DCF in noisy environments is of great interest, and has attracted the attention of many researchers. Our first major contribution in the presented thesis, is an analytical and simulation analysis for the binary exponential backoff (BEB) scheme of the DCF, in the presence of channel noise. We show that following the BEB procedure when a host encounters erroneous transmission is needed only if the channel was highly loaded. However, incrementing the contention window (CW) upon each packet failure, whether caused by instantaneous transmission (i.e. collision) or channel noise, will result in the waste of air time if the channel was lightly loaded. Accordingly, we present a hybrid access method that adapts the CW according to the channel load along with the frame error rate (FER). Other means to overcome the channel noise is the adjustment of the transmission rate. Many rate adaptation (RA) algorithms were introduced in the past few years, including the Automatic Rate Fallback (ARF) which is currently implemented in the wireless cards. Yet, many drawbacks are associated with these RA algorithms; specifically, in regard to the techniques and events that should trigger the rate change. Moreover, the IEEE 802.11e QoS flows requirements were not considered with the latter schemes. Accordingly, our next major contribution in this work is the presentation of a novel rate adaptation scheme. The simplicity of the introduced rate adaptation scheme is that it relies on the MAC layer parameters rather than those of the PHY layer when adjusting the rate. Furthermore, our algorithm supports the IEEE 802.11e MAC extensions where QoS traffic requirements were integrated in the procedure of adjusting the bit rate. Hence, strict real-time flow parameters such as delay and maximum drop rate are respected. Finally, we enhance the dynamic assignment of transmission opportunities (TXOPs) in order to offer fair air-time for nodes facing high packet loss rat

Experimenting with commodity 802.11 hardware: overview and future directions

The huge adoption of 802.11 technologies has triggered a vast amount of experimentally-driven research works. These works range from performance analysis to protocol enhancements, including the proposal of novel applications and services. Due to the affordability of the technology, this experimental research is typically based on commercial off-the-shelf (COTS) devices, and, given the rate at which 802.11 releases new standards (which are adopted into new, affordable devices), the field is likely to continue to produce results. In this paper, we review and categorise the most prevalent works carried out with 802.11 COTS devices over the past 15 years, to present a timely snapshot of the areas that have attracted the most attention so far, through a taxonomy that distinguishes between performance studies, enhancements, services, and methodology. In this way, we provide a quick overview of the results achieved by the research community that enables prospective authors to identify potential areas of new research, some of which are discussed after the presentation of the survey.This work has been partly supported by the European Community through the CROWD project (FP7-ICT-318115) and by the Madrid Regional Government through the TIGRE5-CM program (S2013/ICE-2919).Publicad

Distributed Protocols for Signal-Scale Cooperation

Signal-scale cooperation is a class of techniques designed to harness the same gains offered by multi-antenna communication in scenarios where devices are too small to contain an array of antennas. While the potential improvements in reliability at the physical layer are well known, three key challenges must be addressed to harness these gains at the medium access layer: (a) the distributed synchronization and coordination of devices to enable cooperative behavior, (b) the conservation of energy for devices cooperating to help others, and (c) the management of increased inter-device interference caused by multiple spatially separate transmissions in a cooperative network. In this thesis, we offer three contributions that respectively answer the above three challenges. First, we present two novel cooperative medium access control protocols: Distributed On-demand Cooperation (DOC) and Power-controlled Distributed On-demand Cooperation (PDOC). These protocols utilize negative acknowledgments to synchronize and trigger cooperative relay transmissions in a completely distributed manner. Furthermore, they avoid cooperative transmissions that would likely be unhelpful to the source of the traffic. Second, we present an energy conservation algorithm known as Distributed Energy-Conserving Cooperation (DECC). DECC allows devices to alter their cooperative behavior based on measured changes to their own energy efficiency. With DECC, devices become self-aware of the impact of signal-scale cooperation -- they explicitly monitor their own performance and scale the degree to which they cooperate with others accordingly. Third and finally, we present a series of protocols to combat the challenge of inter-device interference. Whereas energy efficiency can be addressed by a self-aware device monitoring its own performance, inter-device interference requires devices with network awareness that understand the impact of their behavior on the devices around them. We investigate and quantify the impact of incomplete network awareness by proposing a modeling approximation to derive relaying policy behaviors. We then map these policies to protocols for wireless channels

An efficient multichannel wireless sensor networks MAC protocol based on IEEE 802.11 distributed co-ordinated function.

This research aimed to create new knowledge and pioneer a path in the area relating to future trends in the WSN, by resolving some of the issues at the MAC layer in Wireless Sensor Networks. This work introduced a Multi-channel Distributed Coordinated Function (MC-DCF) which takes advantage of multi-channel assignment. The backoff algorithm of the IEEE 802.11 distributed coordination function (DCF) was modified to invoke channel switching, based on threshold criteria in order to improve the overall throughput for wireless sensor networks. This work commenced by surveying different protocols: contention-based MAC protocols, transport layer protocols, cross-layered design and multichannel multi-radio assignments. A number of existing protocols were analysed, each attempting to resolve one or more problems faced by the current layers. The 802.15.4 performed very poorly at high data rate and at long range. Therefore 802.15.4 is not suitable for sensor multimedia or surveillance system with streaming data for future multichannel multi-radio systems. A survey on 802.11 DCF - which was designed mainly for wireless networks –supports and confirm that it has a power saving mechanism which is used to synchronise nodes. However it uses a random back-off mechanism that cannot provide deterministic upper bounds on channel access delay and as such cannot support real-time traffic. The weaknesses identified by surveying this protocol form the backbone of this thesis The overall aim for this thesis was to introduce multichannel with single radio as a new paradigm for IEEE 802.11 Distributed Coordinated Function (DCF) in wireless sensor networks (WSNs) that is used in a wide range of applications, from military application, environmental monitoring, medical care, smart buildings and other industry and to extend WSNs with multimedia capability which sense for instance sounds or motion, video sensor which capture video events of interest. Traditionally WSNs do not need high data rate and throughput, since events are normally captured periodically. With the paradigm shift in technology, multimedia streaming has become more demanding than data sensing applications as such the need for high data rate protocol for WSN which is an emerging technology in this area. The IEEE 802.11 can support data rates up to 54Mbps and 802.11 DCF was designed specifically for use in wireless networks. This thesis focused on designing an algorithm that applied multichannel to IEEE 802.11 DCF back-off algorithm to reduce the waiting time of a node and increase throughput when attempting to access the medium. Data collection in WSN tends to suffer from heavy congestion especially nodes nearer to the sink node. Therefore, this thesis proposes a contention based MAC protocol to address this problem from the inspiration of the 802.11 DCF backoff algorithm resulting from a comparison of IEEE 802.11 and IEEE 802.15.4 for Future Green Multichannel Multi-radio Wireless Sensor Networks

Contributions to Wireless multi-hop networks : Quality of Services and Security concerns

Ce document résume mes travaux de recherche conduits au cours de ces 6 dernières années. Le principal sujet de recherche de mes contributions est la conception et l’évaluation des solutions pour les réseaux sans fil multi-sauts en particulier les réseaux mobiles adhoc (MANETs), les réseaux véhiculaires ad hoc (VANETs), et les réseaux de capteurs sans fil (WSNs). La question clé de mes travaux de recherche est la suivante : « comment assurer un transport des données e cace en termes de qualité de services (QoS), de ressources énergétiques, et de sécurité dans les réseaux sans fil multi-sauts? » Pour répondre à cette question, j’ai travaillé en particulier sur les couches MAC et réseau et utilisé une approche inter-couches.Les réseaux sans fil multi-sauts présentent plusieurs problèmes liés à la gestion des ressources et au transport des données capable de supporter un grand nombre de nœuds, et d’assurer un haut niveau de qualité de service et de sécurité.Dans les réseaux MANETs, l’absence d’infrastructure ne permet pas d’utiliser l’approche centralisée pour gérer le partage des ressources, comme l’accès au canal.Contrairement au WLAN (réseau sans fil avec infrastructure), dans les réseaux Ad hoc les nœuds voisins deviennent concurrents et il est di cile d’assurer l’équité et l’optimisation du débit. La norme IEEE802.11 ne prend pas en compte l’équité entre les nœuds dans le contexte des MANETs. Bien que cette norme propose di érents niveaux de transmission, elle ne précise pas comment allouer ces débits de manière e cace. En outre, les MANETs sont basés sur le concept de la coopération entre les nœuds pour former et gérer un réseau. Le manque de coopération entre les nœuds signifie l’absence de tout le réseau. C’est pourquoi, il est primordial de trouver des solutions pour les nœuds non-coopératifs ou égoïstes. Enfin, la communication sans fil multi-sauts peut participer à l’augmentation de la couverture radio. Les nœuds de bordure doivent coopérer pour transmettre les paquets des nœuds voisins qui se trouvent en dehors de la zone de couverture de la station de base.Dans les réseaux VANETs, la dissémination des données pour les applications de sureté est un vrai défi. Pour assurer une distribution rapide et globale des informations, la méthode de transmission utilisée est la di usion. Cette méthode présente plusieurs inconvénients : perte massive des données due aux collisions, absence de confirmation de réception des paquets, non maîtrise du délai de transmission, et redondance de l’information. De plus, les applications de sureté transmettent des informations critiques, dont la fiabilité et l’authenticité doivent être assurées.Dans les réseaux WSNs, la limitation des ressources (bande passante, mémoire, énergie, et capacité de calcul), ainsi que le lien sans fil et la mobilité rendent la conception d’un protocole de communication e cace di cile. Certaines applications nécessitent un taux important de ressources (débit, énergie, etc) ainsi que des services de sécurité, comme la confidentialité et l’intégrité des données et l’authentification mutuelle. Ces paramètres sont opposés et leur conciliation est un véritable défi. De plus, pour transmettre de l’information, certaines applications ont besoin de connaître la position des nœuds dans le réseau. Les techniques de localisation sou rent d’un manque de précision en particulier dans un environnement fermé (indoor), et ne permettent pas de localiser les nœuds dans un intervalle de temps limité. Enfin, la localisation des nœuds est nécessaire pour assurer le suivi d’objet communicant ou non. Le suivi d’objet est un processus gourmand en énergie, et requiert de la précision.Pour répondre à ces défis, nous avons proposé et évalué des solutions, présentées de la manière suivante : l’ensemble des contributions dédiées aux réseaux MANETs est présenté dans le deuxième chapitre. Le troisième chapitre décrit les solutions apportées dans le cadre des réseaux VANETs. Enfin, les contributions liées aux réseaux WSNs sont présentées dans le quatrième chapitre