Security and Privacy Issues in Wireless Mesh Networks: A Survey

This book chapter identifies various security threats in wireless mesh network (WMN). Keeping in mind the critical requirement of security and user privacy in WMNs, this chapter provides a comprehensive overview of various possible attacks on different layers of the communication protocol stack for WMNs and their corresponding defense mechanisms. First, it identifies the security vulnerabilities in the physical, link, network, transport, application layers. Furthermore, various possible attacks on the key management protocols, user authentication and access control protocols, and user privacy preservation protocols are presented. After enumerating various possible attacks, the chapter provides a detailed discussion on various existing security mechanisms and protocols to defend against and wherever possible prevent the possible attacks. Comparative analyses are also presented on the security schemes with regards to the cryptographic schemes used, key management strategies deployed, use of any trusted third party, computation and communication overhead involved etc. The chapter then presents a brief discussion on various trust management approaches for WMNs since trust and reputation-based schemes are increasingly becoming popular for enforcing security in wireless networks. A number of open problems in security and privacy issues for WMNs are subsequently discussed before the chapter is finally concluded.Comment: 62 pages, 12 figures, 6 tables. This chapter is an extension of the author's previous submission in arXiv submission: arXiv:1102.1226. There are some text overlaps with the previous submissio

Traffic engineering multi-layer optimization for wireless mesh network transmission a campus network routing protocol transmission performance inhancement

This thesis was submitted for the degree of Doctor of Philosophy and awarded by Brunel UniversityThe wireless mesh network is a potential network for the future due to its excellent inherent characteristic for dynamic self-healing, self-configuration and self-organization. It also has the advantage of easy interoperability networking and the ability to form multi-linked ad-hoc networks. It has a decentralized topology, is cheap and highly scalable. Furthermore, its ease in deployment and easy maintenance are other inherent networking qualities. These aforementioned qualities of the wireless mesh network bring advantages to transmission capability of heterogeneous networks. However, transmissions in wireless mesh network create comparative performance based challenges such as congestion, load-balancing, scalability over increasing networks and coverage capacity. Consequently, these challenges and problems in the routing and switching of packets in the wireless mesh network routing protocols led to a proposal on the resolution of these failures with a combination algorithm and a management based security for the network and its transmitted packets. There are equally contentious services like reliability of the network and quality of service for real-time multimedia traffic flows with other challenges such as path computation and selection in the wireless mesh network. This thesis is therefore a cumulative proposal to the resolution of the outlined challenges and open research areas posed by using wireless mesh network routing protocol. It advances the resolution of these challenges in the mesh environment using a hybrid optimization – traffic engineering, to increase the effectiveness and the reliability of the network. It also proffers a cumulative resolution of the diverse contributions on wireless mesh network routing protocol and transmission. Adaptation and optimization are carried out on the wireless mesh network designed network using traffic engineering mechanism and technique. The research examines the patterns of mesh packet transmission and evaluates the challenges and failures in the mesh network packet transmission. It develops a solution based algorithm for resolutions and proposes the traffic engineering based solution.. These resultant performances and analysis are usually tested and compared over wireless mesh IEEE802.11n or other older proposed documented solution. This thesis used a carefully designed campus mesh network to show a comparative evaluation of an optimal performance of the mesh nodes and routers over a normal IEE802.11n based wireless domain network to show differentiation by optimization using the created algorithms. Furthermore, the indexes of performance being the metric are used to measure the utility and the reliability, including capacity and throughput at the destination during traffic engineered transmission. In addition, the security of these transmitted data and packets are optimized under a traffic engineered technique. Finally, this thesis offers an understanding to the security contribution using traffic engineering resolution to create a management algorithm for processing and computation of the wireless mesh networks security needs. The results of this thesis confirmed, completed and extended the existing predictions with real measurement

Secure Multicast Routing Protocol in Manets Using Efficient ECGDH Algorithm

An Ad-hoc Network covers a set of autonomous mobile nodes that communicates through wireless communication in an infrastructure-less environment. Mostly MANETs are used in group communication mechanisms like military applications, emergency search, rescue operations, vehicular ad-hoc communications and mining operations etc. In such type of networks, group communication is takes place by multicasting technique. Communication and collaboration is necessary among the nodes in the groups in multicast protocols. PUMA has the best multicast routing protocol compared to tree and mesh based multicast protocols although it suffers from security issues. PUMA mainly suffers from Man In The middle attack. MITM attack generates traffic flow, drop the packets and miscommunicate the neighbor nodes with false hop count. So defending from MITM attack we designed a new mechanism called Elliptic Curve Group Diffie-Hellman (ECGDH). This paper compares results of PUMA [1] routing protocol with legitimate, under attack and after providing security against attack. Finally we observed ECGDH [2] gives efficient results even attack has happened

Secure Routing in Wireless Mesh Networks

Wireless mesh networks (WMNs) have emerged as a promising concept to meet the challenges in next-generation networks such as providing flexible, adaptive, and reconfigurable architecture while offering cost-effective solutions to the service providers. Unlike traditional Wi-Fi networks, with each access point (AP) connected to the wired network, in WMNs only a subset of the APs are required to be connected to the wired network. The APs that are connected to the wired network are called the Internet gateways (IGWs), while the APs that do not have wired connections are called the mesh routers (MRs). The MRs are connected to the IGWs using multi-hop communication. The IGWs provide access to conventional clients and interconnect ad hoc, sensor, cellular, and other networks to the Internet. However, most of the existing routing protocols for WMNs are extensions of protocols originally designed for mobile ad hoc networks (MANETs) and thus they perform sub-optimally. Moreover, most routing protocols for WMNs are designed without security issues in mind, where the nodes are all assumed to be honest. In practical deployment scenarios, this assumption does not hold. This chapter provides a comprehensive overview of security issues in WMNs and then particularly focuses on secure routing in these networks. First, it identifies security vulnerabilities in the medium access control (MAC) and the network layers. Various possibilities of compromising data confidentiality, data integrity, replay attacks and offline cryptanalysis are also discussed. Then various types of attacks in the MAC and the network layers are discussed. After enumerating the various types of attacks on the MAC and the network layer, the chapter briefly discusses on some of the preventive mechanisms for these attacks.Comment: 44 pages, 17 figures, 5 table

Performance Analysis between OLSR and FSR Protocols under Black Hole Attack Using FPGA

Security is an important part of wireless ad hoc network or mobile ad hoc network. A mobile ad hoc network (MANET) is an infrastructure less category of wireless network. Routing protocols in Mobile ad hoc network is divided into three categories, Reactive (also known as on demand) routing protocol, Proactive (also known as table driven) routing protocol and Hybrid protocol. Security is an important part in MANET because when we send data source node to destination node in mobile ad hoc network, we want protection in path between source to destination and complete transfer data packet between source node to destination node. In this research paper we use two proactive routing protocol known as OLSR (Optimized Link state Routing) Protocol and FSR (Fisheye State Routing) Protocol. OLSR is a flat routing and Unipath protocol based on multipoint relay not multipath. FSR is a hierarchical routing and multipath protocol based on multiple paths. In this research work we check the performance of these two protocols under five different performance matrices known as Packet delivery ratio (PDR), Packet loss (PL), Average end to end delay (AEED), Normalized Routing load (NRL) and Throughput on black hole attack. Black hole attack is an active attack, in this attack attacker node absorbs the data packet and give the fake reply. In this research paper we analysis the performance two protocol one is unipath known as OLSR and second is Multipath known as FSR under Black hole Attack. The performance of FSR is better than OLSR, because OLSR is unipath and maximum data packet is absorbs in OLSR single path. FSR is better because FSR is Multipath and minimum data packet is absorbs in FSR multi path

Resilient networking in wireless sensor networks

This report deals with security in wireless sensor networks (WSNs), especially in network layer. Multiple secure routing protocols have been proposed in the literature. However, they often use the cryptography to secure routing functionalities. The cryptography alone is not enough to defend against multiple attacks due to the node compromise. Therefore, we need more algorithmic solutions. In this report, we focus on the behavior of routing protocols to determine which properties make them more resilient to attacks. Our aim is to find some answers to the following questions. Are there any existing protocols, not designed initially for security, but which already contain some inherently resilient properties against attacks under which some portion of the network nodes is compromised? If yes, which specific behaviors are making these protocols more resilient? We propose in this report an overview of security strategies for WSNs in general, including existing attacks and defensive measures. In this report we focus at the network layer in particular, and an analysis of the behavior of four particular routing protocols is provided to determine their inherent resiliency to insider attacks. The protocols considered are: Dynamic Source Routing (DSR), Gradient-Based Routing (GBR), Greedy Forwarding (GF) and Random Walk Routing (RWR)

A Survey on Secure Cooperative Bait Detection Approach for Detecting Malicious Nodes in MANETs

In Mobile Ad-hoc Networks (MANETs), the main problem is the security as well as formation of communication amongst nodes is that nodes must work together with each other. Avoiding or sensing malicious nodes initiation grayhole or collaborative blackhole attacks is the main challenge. Cooperative bait detection approach mixes the advantages of both proactive and reactive defense architectures. Here it uses the technique of transposition for implementing security and the CBDA technique outfits a reverse tracing method to help in attaining the specified aim. The demonstration in the occurrence of malicious-node attacks, the CBDA outperforms the DSR, and Best-Effort Fault-Tolerant Routing (BFTR) protocols in relations to packet delivery ratio and routing overhead. In the transposition method we use the key which is the askey value of the character which is encrypted at sender side and decrypted at receiver. DOI: 10.17762/ijritcc2321-8169.15033