Secure Routing in Wireless Mesh Networks

Wireless mesh networks (WMNs) have emerged as a promising concept to meet the challenges in next-generation networks such as providing flexible, adaptive, and reconfigurable architecture while offering cost-effective solutions to the service providers. Unlike traditional Wi-Fi networks, with each access point (AP) connected to the wired network, in WMNs only a subset of the APs are required to be connected to the wired network. The APs that are connected to the wired network are called the Internet gateways (IGWs), while the APs that do not have wired connections are called the mesh routers (MRs). The MRs are connected to the IGWs using multi-hop communication. The IGWs provide access to conventional clients and interconnect ad hoc, sensor, cellular, and other networks to the Internet. However, most of the existing routing protocols for WMNs are extensions of protocols originally designed for mobile ad hoc networks (MANETs) and thus they perform sub-optimally. Moreover, most routing protocols for WMNs are designed without security issues in mind, where the nodes are all assumed to be honest. In practical deployment scenarios, this assumption does not hold. This chapter provides a comprehensive overview of security issues in WMNs and then particularly focuses on secure routing in these networks. First, it identifies security vulnerabilities in the medium access control (MAC) and the network layers. Various possibilities of compromising data confidentiality, data integrity, replay attacks and offline cryptanalysis are also discussed. Then various types of attacks in the MAC and the network layers are discussed. After enumerating the various types of attacks on the MAC and the network layer, the chapter briefly discusses on some of the preventive mechanisms for these attacks.Comment: 44 pages, 17 figures, 5 table

Multipath optimized link state routing for mobile ad hoc networks

International audienceMultipath routing protocols for Mobile Ad hoc NETwork (MANET) address the problem of scalability, security (confidentiality and integrity), lifetime of networks, instability of wireless transmissions, and their adaptation to applications. Our protocol, called MP-OLSR (MultiPath OLSR), is a multipath routing protocol based on OLSR. The Multipath Dijkstra Algorithm is proposed to obtain multiple paths. The algorithm gains great flexibility and extensibility by employing different link metrics and cost functions. In addition, route recovery and loop detection are implemented in MP-OLSR in order to improve quality of service regarding OLSR. The backward compatibility with OLSR based on IP source routing is also studied. Simulation based on Qualnet simulator is performed in different scenarios. A testbed is also set up to validate the protocol in real world. The results reveal that MP-OLSR is suitable for mobile, large and dense networks with large traffic, and could satisfy critical multimedia applications with high on time constraints

Security and Privacy Issues in Wireless Mesh Networks: A Survey

This book chapter identifies various security threats in wireless mesh network (WMN). Keeping in mind the critical requirement of security and user privacy in WMNs, this chapter provides a comprehensive overview of various possible attacks on different layers of the communication protocol stack for WMNs and their corresponding defense mechanisms. First, it identifies the security vulnerabilities in the physical, link, network, transport, application layers. Furthermore, various possible attacks on the key management protocols, user authentication and access control protocols, and user privacy preservation protocols are presented. After enumerating various possible attacks, the chapter provides a detailed discussion on various existing security mechanisms and protocols to defend against and wherever possible prevent the possible attacks. Comparative analyses are also presented on the security schemes with regards to the cryptographic schemes used, key management strategies deployed, use of any trusted third party, computation and communication overhead involved etc. The chapter then presents a brief discussion on various trust management approaches for WMNs since trust and reputation-based schemes are increasingly becoming popular for enforcing security in wireless networks. A number of open problems in security and privacy issues for WMNs are subsequently discussed before the chapter is finally concluded.Comment: 62 pages, 12 figures, 6 tables. This chapter is an extension of the author's previous submission in arXiv submission: arXiv:1102.1226. There are some text overlaps with the previous submissio

Accurate non-intrusive residual bandwidth estimation in WMNs

The multi-access scheme of 802.11 wireless networks imposes difficulties in achieving predictable service quality in multi-hop networks. In such networks, the residual capacity of wireless links should be estimated for resource allocation services such as flow admission control. In this paper, we propose an accurate and non-intrusive method to estimate the residual bandwidth of an 802.11 link. Inputs from neighboring network activity measurements and from a basic collision detection mechanism are fed to the analytical model so that the proposed algorithm calculates the maximum allowable traffic level for this link. We evaluate the efficiency of the method via OPNET simulations, and show that the percent estimation error is significantly lower than two other prominent estimation methods, bounded only between 2.5-7.5%. We also demonstrate that flow admission control is successfully achieved in a realistic WMN scenario. Flow control through our proposed algorithm keeps the unsatisfied traffic demand bounded and at a negligibly low level, which is less than an order of magnitude of the other two methods

Link failure detection, network recovery, and network reliability in multi-hop wireless networks

In this thesis, we study Wireless Mesh Network (WMN) and Mobile Ad hoc NETwork (MANET), which are two kinds of wireless multi-hop communication networks. WMNs and MANETs are promising technologies that have the ability to provide effective solutions to many applications in the technological, social, military, disaster recovery, and economic fields. Some of these applications are the extension of the cellular network's coverage, broadband internet access, and community and neighborhood networks. The big challenge in these kinds of networks is the frequent link failures, which make them less reliable compared to other kinds of networks. Implementing a fast mechanism to detect link failures, effective and reliable routing protocols and metrics, and a powerful reconfiguration scheme to recover from the link failures greatly enhance the WMNs and MANETs performance, and increase their reliability and availability. Our research has three directions. In the first direction, we study link failure detection approaches and link failure recovery techniques. In this direction, we mathematically analyze Hello based link failure detection approach implemented in routing protocols that use two routes, one as a primary route, and the other one as a backup route that is immediately used upon link failures. The objectives behind the above analysis are to mathematically calculate the packet delivery ratio, and to find how much gain we could achieve by using two routes instead of one. Our results show that the packet delivery is increased by 1.5 times by using two routes instead of one. It also shows that applying two routes is essential to cover high link failure rate values, and the need using two routes instead of one is more urgent in WMNs and MANETs with higher link failure rate values, i.e. less reliable networks. In addition to that, we propose a novel framework that dynamically assigns the values of Hello based link failure detection scheme parameters based on the communication types and the QoS requirements. Besides that, we propose a novel protocol to enhance the Hello based link failure detection scheme performance. In the second direction, we study the reliable routing protocols and metrics. This thesis proposes a novel adaptive routing protocol to increase the network connectivity and reliability, while minimizing the hop count, reducing the network nodes' spatial distribution and memory, and simplifying the routing process. The network reliability and connectivity are investigated in the last direction. Based in our study, the only ways to provide reliable and stable communications, virtually decrease the packet loss to zero, and to support multimedia communications in MANETs and WMNs are by using multi-route instead of one, and letting the routing protocols select the most stable routes among the available routes. The network node density specifies the probability that a route exists between any randomly chosen source and destination pair. Thus, to ensure the existence of two routes between any source and destination pairs, the node density must be above a certain threshold. In this thesis, we propose a mathematical model to find the above threshold. Our results show that the probability to have two routes exponentially increases with the number of nodes until it reaches the saturation region where the increase of the number of nodes has negligible improvements in terms of network availability. In addition to that, we study the effects of nodes mobility on the network connectivity. Our work is evaluated by MATLAB

Simulation and Performance Analysis of MP-OLSR for Mobile Ad hoc Networks

Mobile ad hoc networks (MANETs) consist of a collection of wireless mobile nodes which dynamically exchange data without reliance on a fixed base station or a wired backbone network, which makes routing a crucial issue for the design of a ad hoc networks. In this paper we discussed a hybrid multipath routing protocol named MP-OLSR. It is based on the link state algorithm and employs periodic exchange of messages to maintain topology information of the networks. In the mean time, it updates the routing table in an on-demand scheme and forwards the packets in multiple paths which have been determined at the source. If a link failure is detected, the algorithm recovers the route automatically. Concerning the instability of the wireless networks, the redundancy coding is used to improve the delivery ratio. The simulation in NS2 shows that the new protocol can effectively improve the performance of the networks