Security and Privacy Issues in Wireless Mesh Networks: A Survey

This book chapter identifies various security threats in wireless mesh network (WMN). Keeping in mind the critical requirement of security and user privacy in WMNs, this chapter provides a comprehensive overview of various possible attacks on different layers of the communication protocol stack for WMNs and their corresponding defense mechanisms. First, it identifies the security vulnerabilities in the physical, link, network, transport, application layers. Furthermore, various possible attacks on the key management protocols, user authentication and access control protocols, and user privacy preservation protocols are presented. After enumerating various possible attacks, the chapter provides a detailed discussion on various existing security mechanisms and protocols to defend against and wherever possible prevent the possible attacks. Comparative analyses are also presented on the security schemes with regards to the cryptographic schemes used, key management strategies deployed, use of any trusted third party, computation and communication overhead involved etc. The chapter then presents a brief discussion on various trust management approaches for WMNs since trust and reputation-based schemes are increasingly becoming popular for enforcing security in wireless networks. A number of open problems in security and privacy issues for WMNs are subsequently discussed before the chapter is finally concluded.Comment: 62 pages, 12 figures, 6 tables. This chapter is an extension of the author's previous submission in arXiv submission: arXiv:1102.1226. There are some text overlaps with the previous submissio

A two‐step authentication framework for Mobile ad hoc networks

The lack of fixed infrastructure in ad hoc networks causes nodes to rely more heavily on peer nodes for communication. Nevertheless, establishing trust in such a distributed environment is very difficult, since it is not straightforward for a node to determine if its peer nodes can be trusted. An additional concern in such an environment is with whether a peer node is merely relaying a message or if it is the originator of the message. In this paper, we propose an authentication approach for protecting nodes in mobile ad hoc networks. The security requirements for protecting data link and network layers are identified and the design criteria for creating secure ad hoc networks using several authentication protocols are analyzed. Protocols based on zero knowledge and challenge response techniques are presented and their performance is evaluated through analysis and simulation

Secure distributed detection in bandwidth-constrained wireless sensor networks

Utilizing wireless sensor network (WSN) is a novel idea in a variety of applications. However, the limited resources allocated to the sensor nodes make the design of WSNs a challenging problem. We consider the problem of hypothesis testing in a bandwidth-constrained, low-power wireless sensor network operating over insecure links. Sensors quantize their observations and transmit their decisions to an intended (ally) fusion center (AFC) which combines the received messages to detect the state of an unknown hypothesis. In many applications the sensor messages are vulnerable to unauthorized eavesdropping. The scarce bandwidth and processing power for the sensors rule out the utilization of advanced encryption techniques. To protect their transmissions from an unauthorized (third party) fusion center (TPFC), the sensors use a simple encryption whereby they randomly flip their quantization outcomes, similarly to what happens in a discrete memoryless channel. It is assumed that AFC is aware of the encryption probabilities (keys) but TPFC is not. For the AFC the decision rule is formulated as a constrained optimization problem where one constraint is a lower bound on the error probability of TPFC. The optimal decision rules for the two fusion centers are then derived. It is shown that by appropriate design of the encryption probabilities and the AFC decision rule, it is possible to degrade the error probability of the TPFC significantly and still achieve very low probability of error for the AFC. Numerical results are presented to show that it is possible to ensure that TPFC does not gain any information from the observation of sensors transmissions

Secure distributed detection in wireless sensor networks via encryption of sensor decisions

We consider the problem of binary hypothesis testing using a distributed wireless sensor network. Identical binary quantizers are used on the sensor\u27s observations and the outputs are encrypted using a probabilistic cipher. The third party (enemy) fusion centers are unaware of the presence of the probabilistic encipher. We find the optimal (minimum-probability-of-error) fusion rule for the ally (friendly) fusion center subject to a lower bound on the the probability of error for the third-party fusion centers. To obtain the minimum probability of error, we first prove the quasi-convexity of error probability with respect to the sensor\u27s threshold for a given cipher and show the existence of a unique positive minimum for error probability of the ally fusion center. The threshold corresponding to the minimum error-probability is evaluated numerically and the appropriate cipher that deteriorates the performance of the third-party fusion center below the required limits is obtained. Our results show that, by adjusting the sensor threshold and the encryption parameters, it is possible to achieve acceptable performance for the ally fusion center while causing significant degradation to the performance of the third party fusion center