A Survey on Wireless Security: Technical Challenges, Recent Advances and Future Trends

This paper examines the security vulnerabilities and threats imposed by the inherent open nature of wireless communications and to devise efficient defense mechanisms for improving the wireless network security. We first summarize the security requirements of wireless networks, including their authenticity, confidentiality, integrity and availability issues. Next, a comprehensive overview of security attacks encountered in wireless networks is presented in view of the network protocol architecture, where the potential security threats are discussed at each protocol layer. We also provide a survey of the existing security protocols and algorithms that are adopted in the existing wireless network standards, such as the Bluetooth, Wi-Fi, WiMAX, and the long-term evolution (LTE) systems. Then, we discuss the state-of-the-art in physical-layer security, which is an emerging technique of securing the open communications environment against eavesdropping attacks at the physical layer. We also introduce the family of various jamming attacks and their counter-measures, including the constant jammer, intermittent jammer, reactive jammer, adaptive jammer and intelligent jammer. Additionally, we discuss the integration of physical-layer security into existing authentication and cryptography mechanisms for further securing wireless networks. Finally, some technical challenges which remain unresolved at the time of writing are summarized and the future trends in wireless security are discussed.Comment: 36 pages. Accepted to Appear in Proceedings of the IEEE, 201

Network coding for wireless communication networks

This special issue includes a collection of 19 outstanding research papers which cover a diversity of topics on the application of network coding in wireless communication networks.published_or_final_versio

In-Network Processing For Mission-Criticalwireless Networked Sensing And Control: A Real-Time, Efficiency, And Resiliency Perspective

As wireless cyber-physical systems (WCPS) are increasingly being deployed in mission-critical applications, it becomes imperative that we consider application QoS requirements in in-network processing (INP). In this dissertation, we explore the potentials of two INP methods, packet packing and network coding, on improving network performance while satisfying application QoS requirements. We find that not only can these two techniques increase the energy efficiency, reliability, and throughput of WCPS while satisfying QoS requirements of applications in a relatively static environment, but also they can provide low cost proactive protection against transient node failures in a more dynamic wireless environment. We first study the problem of jointly optimizing packet packing and the timeliness of data delivery. We identify the conditions under which the problem is strong NP-hard, and we find that the problem complexity heavily depends on aggregation constraints instead of network and traffic properties. For cases when the problem is NP-hard, we show that there is no polynomial-time approximation scheme (PTAS); for cases when the problem can be solved in polynomial time, we design polynomial time, offline algorithms for finding the optimal packet packing schemes. We design a distributed, online protocol tPack that schedules packet transmissions to maximize the local utility of packet packing at each node. We evaluate the properties of tPack in NetEye testbed. We find that jointly optimizing data delivery timeliness and packet packing and considering real-world aggregation constraints significantly improve network performance. We then work on the problem of minimizing the transmission cost of network coding based routing in sensor networks. We propose the first mathematical framework so far as we know on how to theoretically compute the expected transmission cost of NC-based routing in terms of expected number of transmission. Based on this framework, we design a polynomial-time greedy algorithm for forwarder set selection and prove its optimality on transmission cost minimization. We designed EENCR, an energy-efficient NC-based routing protocol that implement our forwarder set selection algorithm to minimize the overall transmission cost. Through comparative study on EENCR and other state-of-the-art routing protocols, we show that EENCR significantly outperforms CTP, MORE and CodeOR in delivery reliability, delivery cost and network goodput. Furthermore, we study the 1+1 proactive protection problem using network coding. We show that even under a simplified setting, finding two node-disjoint routing braids with minimal total cost is NP-hard. We then design a heuristic algorithm to construct two node-disjoint braids with a transmission cost upper bounded by two shortest node-disjoint paths. And we design ProNCP, a proactive NC-based protection protocol using similar design philosophy as in EENCR. We evaluate the performance of ProNCP under various transient network failure scenarios. Experiment results show that ProNCP is resilient to various network failure scenarios and provides a state performance in terms of reliability, delivery cost and goodput. Our findings in this dissertation explore the challenges, benefits and solutions in designing real-time, efficient, resilient and QoS-guaranteed wireless cyber-physical systems, and our solutions shed lights for future research on related topics

Encaminhamento confiável e energeticamente eficiente para redes ad hoc

Doutoramento em InformáticaIn Mobile Ad hoc NETworks (MANETs), where cooperative behaviour is mandatory, there is a high probability for some nodes to become overloaded with packet forwarding operations in order to support neighbor data exchange. This altruistic behaviour leads to an unbalanced load in the network in terms of traffic and energy consumption. In such scenarios, mobile nodes can benefit from the use of energy efficient and traffic fitting routing protocol that better suits the limited battery capacity and throughput limitation of the network. This PhD work focuses on proposing energy efficient and load balanced routing protocols for ad hoc networks. Where most of the existing routing protocols simply consider the path length metric when choosing the best route between a source and a destination node, in our proposed mechanism, nodes are able to find several routes for each pair of source and destination nodes and select the best route according to energy and traffic parameters, effectively extending the lifespan of the network. Our results show that by applying this novel mechanism, current flat ad hoc routing protocols can achieve higher energy efficiency and load balancing. Also, due to the broadcast nature of the wireless channels in ad hoc networks, other technique such as Network Coding (NC) looks promising for energy efficiency. NC can reduce the number of transmissions, number of re-transmissions, and increase the data transfer rate that directly translates to energy efficiency. However, due to the need to access foreign nodes for coding and forwarding packets, NC needs a mitigation technique against unauthorized accesses and packet corruption. Therefore, we proposed different mechanisms for handling these security attacks by, in particular by serially concatenating codes to support reliability in ad hoc network. As a solution to this problem, we explored a new security framework that proposes an additional degree of protection against eavesdropping attackers based on using concatenated encoding. Therefore, malicious intermediate nodes will find it computationally intractable to decode the transitive packets. We also adopted another code that uses Luby Transform (LT) as a pre-coding code for NC. Primarily being designed for security applications, this code enables the sink nodes to recover corrupted packets even in the presence of byzantine attacks.Nas redes móveis ad hoc (MANETs), onde o comportamento cooperativo é obrigatório, existe uma elevada probabilidade de alguns nós ficarem sobrecarregados nas operações de encaminhamento de pacotes no apoio à troca de dados com nós vizinhos. Este comportamento altruísta leva a uma sobrecarga desequilibrada em termos de tráfego e de consumo de energia. Nestes cenários, os nós móveis poderão beneficiar do uso da eficiência energética e de protocolo de encaminhamento de tráfego que melhor se adapte à sua capacidade limitada da bateria e velocidade de processamento. Este trabalho de doutoramento centra-se em propor um uso eficiente da energia e protocolos de encaminhamento para balanceamento de carga nas redes ad hoc. Actualmente a maioria dos protocolos de encaminhamento existentes considera simplesmente a métrica da extensão do caminho, ou seja o número de nós, para a escolha da melhor rota entre fonte (S) e um nó de destino (D); no mecanismo aqui proposto os nós são capazes de encontrar várias rotas por cada par de nós de origem e destino e seleccionar o melhor caminho segundo a energia e parâmetros de tráfego, aumentando o tempo de vida útil da rede. Os nossos resultados mostram que pela aplicação deste novo mecanismo, os protocolos de encaminhamento ad hoc actuais podem alcançar uma maior eficiência energética e balanceamento de carga. Para além disso, devido à natureza de difusão dos canais sem fio em redes ad-hoc, outras técnicas, tais como a Codificação de Rede (NC), parecem ser também promissoras para a eficiência energética. NC pode reduzir o número de transmissões, e número de retransmissões e aumentar a taxa de transferência de dados traduzindo-se directamente na melhoria da eficiência energética. No entanto, devido ao acesso dos nós intermediários aos pacotes em trânsito e sua codificação, NC necessita de uma técnica que limite as acessos não autorizados e a corrupção dos pacotes. Explorou-se o mecanismo de forma a oferecer um novo método de segurança que propõe um grau adicional de protecção contra ataques e invasões. Por conseguinte, os nós intermediários mal-intencionados irão encontrar pacotes em trânsito computacionalmente intratáveis em termos de descodificação. Adoptou-se também outro código que usa Luby Transform (LT) como um código de précodificação no NC. Projectado inicialmente para aplicações de segurança, este código permite que os nós de destino recuperem pacotes corrompidos mesmo em presença de ataques bizantinos