Security and Privacy Issues in Wireless Mesh Networks: A Survey

This book chapter identifies various security threats in wireless mesh network (WMN). Keeping in mind the critical requirement of security and user privacy in WMNs, this chapter provides a comprehensive overview of various possible attacks on different layers of the communication protocol stack for WMNs and their corresponding defense mechanisms. First, it identifies the security vulnerabilities in the physical, link, network, transport, application layers. Furthermore, various possible attacks on the key management protocols, user authentication and access control protocols, and user privacy preservation protocols are presented. After enumerating various possible attacks, the chapter provides a detailed discussion on various existing security mechanisms and protocols to defend against and wherever possible prevent the possible attacks. Comparative analyses are also presented on the security schemes with regards to the cryptographic schemes used, key management strategies deployed, use of any trusted third party, computation and communication overhead involved etc. The chapter then presents a brief discussion on various trust management approaches for WMNs since trust and reputation-based schemes are increasingly becoming popular for enforcing security in wireless networks. A number of open problems in security and privacy issues for WMNs are subsequently discussed before the chapter is finally concluded.Comment: 62 pages, 12 figures, 6 tables. This chapter is an extension of the author's previous submission in arXiv submission: arXiv:1102.1226. There are some text overlaps with the previous submissio

FastM: Design and Evaluation of a Fast Mobility Mechanism for Wireless Mesh Networks

Although there is a large volume of work in the literature in terms of mobility approaches for Wireless Mesh Networks, usually these approaches introduce high latency in the handover process and do not support realtime services and applications. Moreover, mobility is decoupled from routing, which leads to inefficiency to both mobility and routing approaches with respect to mobility. In this paper we present a new extension to proactive routing protocols using a fast mobility extension, FastM, with the purpose of increasing handover performance in Wireless Mesh Networks. With this new extension, a new concept is created to integrate information between neighbor wireless mesh routers, managing locations of clients associated to wireless mesh routers in a certain neighborhood, and avoiding packet loss during handover. The proposed mobility approach is able to optimize the handover process without imposing any modifications to the current IEE 802.11 MAC protocol and use unmodified clients. Results show the improved efficiency of the proposed scheme: metrics such as disconnection time, throughput, packet loss and control overhead are largely improved when compared to previous approaches. Moreover, these conclusions apply to mobility scenarios, although mobility decreases the performance of the handover approach, as expected

QoS constrained cellular ad hoc augmented networks

In this dissertation, based on different design criteria, three novel quality of service (QoS) constrained cellular ad hoc augmented network (CAHAN) architectures are proposed for next generation wireless networks. The CAHAN architectures have a hybrid architecture, in which each MT of CDMA cellular networks has ad hoc communication capability. The CAHAN architectures are an evolutionary approach to conventional cellular networks. The proposed architectures have good system scalability and high system reliability. The first proposed architecture is the QoS constrained minimum-power cellular ad hoc augmented network architecture (QCMP CAHAN). The QCMP CAHAN can find the optimal minimum-power routes under the QoS constraints (bandwidth, packet-delay, or packet-error-rate constraint). The total energy consumed by the MTs is lower in the case of QCMP CAHAN than in the case of pure cellular networks. As the ad hoc communication range of each MT increases, the total transmitted power in QCMP CAHAN decreases. However, due to the increased number of hops involved in information delivery between the source and the destination, the end-to-end delay increases. The maximum end-to-end delay will be limited to a specified tolerable value for different services. An MT in QCMP CAHAN will not relay any messages when its ad hoc communication range is zero, and if this is the case for all MTs, then QCMP CAHAN reduces to the traditional cellular network. A QoS constrained network lifetime extension cellular ad hoc augmented network architecture (QCLE CAHAN) is proposed to achieve the maximum network lifetime under the QoS constraints. The network lifetime is higher in the case of QCLE CAHAN than in the case of pure cellular networks or QCMP CAHAN. In QCLE CAHAN, a novel QoS-constrained network lifetime extension routing algorithm will dynamically select suitable ad-hoc-switch-to-cellular points (ASCPs) according to the MT remaining battery energy such that the selection will balance all the MT battery energy and maximizes the network lifetime. As the number of ASCPs in an ad hoc subnet decreases, the network lifetime will be extended. Maximum network lifetime can be increased until the end-to-end QoS in QCLE CAHAN reaches its maximum tolerable value. Geocasting is the mechanism to multicast messages to the MTs whose locations lie within a given geographic area (target area). Geolocation-aware CAHAN (GA CAHAN) architecture is proposed to improve total transmitted power expended for geocast services in cellular networks. By using GA CAHAN for geocasting, saving in total transmitted energy can be achieved as compared to the case of pure cellular networks. When the size of geocast target area is large, GA CAHAN can save larger transmitted energy

Flexible Application-Layer Multicast in Heterogeneous Networks

This work develops a set of peer-to-peer-based protocols and extensions in order to provide Internet-wide group communication. The focus is put to the question how different access technologies can be integrated in order to face the growing traffic load problem. Thereby, protocols are developed that allow autonomous adaptation to the current network situation on the one hand and the integration of WiFi domains where applicable on the other hand

Quality of service aware data dissemination in vehicular Ad Hoc networks

Des systèmes de transport intelligents (STI) seront éventuellement fournis dans un proche avenir pour la sécurité et le confort des personnes lors de leurs déplacements sur les routes. Les réseaux ad-hoc véhiculaires (VANETs) représentent l'élément clé des STI. Les VANETs sont formés par des véhicules qui communiquent entre eux et avec l'infrastructure. En effet, les véhicules pourront échanger des messages qui comprennent, par exemple, des informations sur la circulation routière, les situations d'urgence et les divertissements. En particulier, les messages d'urgence sont diffusés par des véhicules en cas d'urgence (p.ex. un accident de voiture); afin de permettre aux conducteurs de réagir à temps (p.ex., ralentir), les messages d'urgence doivent être diffusés de manière fiable dans un délai très court. Dans les VANETs, il existe plusieurs facteurs, tels que le canal à pertes, les terminaux cachés, les interférences et la bande passante limitée, qui compliquent énormément la satisfaction des exigences de fiabilité et de délai des messages d'urgence. Dans cette thèse, en guise de première contribution, nous proposons un schéma de diffusion efficace à plusieurs sauts, appelé Dynamic Partitioning Scheme (DPS), pour diffuser les messages d'urgence. DPS calcule les tailles de partitions dynamiques et le calendrier de transmission pour chaque partition; à l'intérieur de la zone arrière de l'expéditeur, les partitions sont calculées de sorte qu'en moyenne chaque partition contient au moins un seul véhicule; l'objectif est de s'assurer que seul un véhicule dans la partition la plus éloignée (de l'expéditeur) est utilisé pour diffuser le message, jusqu'au saut suivant; ceci donne lieu à un délai d'un saut plus court. DPS assure une diffusion rapide des messages d'urgence. En outre, un nouveau mécanisme d'établissement de liaison, qui utilise des tonalités occupées, est proposé pour résoudre le problème du problème de terminal caché. Dans les VANETs, la Multidiffusion, c'est-à-dire la transmission d'un message d'une source à un nombre limité de véhicules connus en tant que destinations, est très importante. Par rapport à la diffusion unique, avec Multidiffusion, la source peut simultanément prendre en charge plusieurs destinations, via une arborescence de multidiffusion, ce qui permet d'économiser de la bande passante et de réduire la congestion du réseau. Cependant, puisque les VANETs ont une topologie dynamique, le maintien de la connectivité de l'arbre de multidiffusion est un problème majeur. Comme deuxième contribution, nous proposons deux approches pour modéliser l'utilisation totale de bande passante d'une arborescence de multidiffusion: (i) la première approche considère le nombre de segments de route impliqués dans l'arbre de multidiffusion et (ii) la seconde approche considère le nombre d'intersections relais dans l'arbre de multidiffusion. Une heuristique est proposée pour chaque approche. Pour assurer la qualité de service de l'arbre de multidiffusion, des procédures efficaces sont proposées pour le suivi des destinations et la surveillance de la qualité de service des segments de route. Comme troisième contribution, nous étudions le problème de la congestion causée par le routage du trafic de données dans les VANETs. Nous proposons (1) une approche de routage basée sur l’infonuagique qui, contrairement aux approches existantes, prend en compte les chemins de routage existants qui relaient déjà les données dans les VANETs. Les nouvelles demandes de routage sont traitées de sorte qu'aucun segment de route ne soit surchargé par plusieurs chemins de routage croisés. Au lieu d'acheminer les données en utilisant des chemins de routage sur un nombre limité de segments de route, notre approche équilibre la charge des données en utilisant des chemins de routage sur l'ensemble des tronçons routiers urbains, dans le but d'empêcher, dans la mesure du possible, les congestions locales dans les VANETs; et (2) une approche basée sur le réseau défini par logiciel (SDN) pour surveiller la connectivité VANET en temps réel et les délais de transmission sur chaque segment de route. Les données de surveillance sont utilisées en entrée de l'approche de routage.Intelligent Transportation Systems (ITS) will be eventually provided in the near future for both safety and comfort of people during their travel on the roads. Vehicular ad-hoc Networks (VANETs), represent the key component of ITS. VANETs consist of vehicles that communicate with each other and with the infrastructure. Indeed, vehicles will be able to exchange messages that include, for example, information about road traffic, emergency situations, and entertainment. Particularly, emergency messages are broadcasted by vehicles in case of an emergency (e.g., car accident); in order to allow drivers to react in time (e.g., slow down), emergency messages must be reliably disseminated with very short delay. In VANETs, there are several factors, such as lossy channel, hidden terminals, interferences and scarce bandwidth, which make satisfying reliability and delay requirements of emergency messages very challenging. In this thesis, as the first contribution, we propose a reliable time-efficient and multi-hop broadcasting scheme, called Dynamic Partitioning Scheme (DPS), to disseminate emergency messages. DPS computes dynamic partition sizes and the transmission schedule for each partition; inside the back area of the sender, the partitions are computed such that in average each partition contains at least a single vehicle; the objective is to ensure that only a vehicle in the farthest partition (from the sender) is used to disseminate the message, to next hop, resulting in shorter one hop delay. DPS ensures fast dissemination of emergency messages. Moreover, a new handshaking mechanism, that uses busy tones, is proposed to solve the problem of hidden terminal problem. In VANETs, Multicasting, i.e. delivering a message from a source to a limited known number of vehicles as destinations, is very important. Compared to Unicasting, with Multicasting, the source can simultaneously support multiple destinations, via a multicast tree, saving bandwidth and reducing overall communication congestion. However, since VANETs have a dynamic topology, maintaining the connectivity of the multicast tree is a major issue. As the second contribution, we propose two approaches to model total bandwidth usage of a multicast tree: (i) the first approach considers the number of road segments involved in the multicast tree and (ii) the second approach considers the number of relaying intersections involved in the multicast tree. A heuristic is proposed for each approach. To ensure QoS of the multicasting tree, efficient procedures are proposed for tracking destinations and monitoring QoS of road segments. As the third contribution, we study the problem of network congestion in routing data traffic in VANETs. We propose (1) a Cloud-based routing approach that, in opposition to existing approaches, takes into account existing routing paths which are already relaying data in VANETs. New routing requests are processed such that no road segment gets overloaded by multiple crossing routing paths. Instead of routing over a limited set of road segments, our approach balances the load of communication paths over the whole urban road segments, with the objective to prevent, whenever possible, local congestions in VANETs; and (2) a Software Defined Networking (SDN) based approach to monitor real-time VANETs connectivity and transmission delays on each road segment. The monitoring data is used as input to the routing approach

Mobile Ad hoc Networking: Imperatives and Challenges

Mobile ad hoc networks (MANETs) represent complex distributed systems that comprise wireless mobile nodes that can freely and dynamically self-organize into arbitrary and temporary, "ad-hoc" network topologies, allowing people and devices to seamlessly internetwork in areas with no pre-existing communication infrastructure, e.g., disaster recovery environments. Ad hoc networking concept is not a new one, having been around in various forms for over 20 years. Traditionally, tactical networks have been the only communication networking application that followed the ad hoc paradigm. Recently, the introduction of new technologies such as the Bluetooth, IEEE 802.11 and Hyperlan are helping enable eventual commercial MANET deployments outside the military domain. These recent evolutions have been generating a renewed and growing interest in the research and development of MANET. This paper attempts to provide a comprehensive overview of this dynamic field. It first explains the important role that mobile ad hoc networks play in the evolution of future wireless technologies. Then, it reviews the latest research activities in these areas, including a summary of MANET\u27s characteristics, capabilities, applications, and design constraints. The paper concludes by presenting a set of challenges and problems requiring further research in the future

Mobile Ad-Hoc Networks

Ad-hoc networks are a key in the evolution of wireless networks. Ad-hoc networks are typically composed of equal nodes, which communicate over wireless links without any central control. Ad-hoc wireless networks inherit the traditional problems of wireless and mobile communications, such as bandwidth optimisation, power control and transmission quality enhancement. In addition, the multi-hop nature and the lack of fixed infrastructure brings new research problems such as configuration advertising, discovery and maintenance, as well as ad-hoc addressing and self-routing. Many different approaches and protocols have been proposed and there are even multiple standardization efforts within the Internet Engineering Task Force, as well as academic and industrial projects. This chapter focuses on the state of the art in mobile ad-hoc networks. It highlights some of the emerging technologies, protocols, and approaches (at different layers) for realizing network services for users on the move in areas with possibly no pre-existing communications infrastructure

Scalable wide area ad-hoc networking

The scalability problem of routing algorithms in Mobile Ad-hoc networks (MANET) has conventionally been addressed by introducing hierarchical architectures, clusters, and neighborhood zones. In all of these approaches, some nodes are assigned different routing related roles than others. Examples include cluster heads, virtual backbones and border nodes. The selection of these nodes on a fixed or dynamic basis adds complexity to the routing algorithm, in addition to placing significant demands on mobility and power consumption of these nodes. Furthermore, the scalability achieved with hierarchical architectures or partitions is limited. This thesis demonstrates that location awareness can greatly aid in MANET routing and proposes an enhancement to location management algorithm used by the Terminodes System. This thesis makes use of geographic packet forwarding, geocasting and virtual home area concepts. It draws from the analogy between ad hoc networks and social networks. The Scalable Wide Area ad hoc network (SWAN), nodes update their location information with a geocast group whose area is given by a well-known function. A source node queries the geocast group of the destination and obtains up to date location information. Then, packets are geographically routed to the destination. The SWAN algorithm also optimizes the control overhead and obtains location information with minimal delay. This thesis also presents the results of our comparative performance study

Architectural and mobility management designs in internet-based infrastructure wireless mesh networks

Wireless mesh networks (WMNs) have recently emerged to be a cost-effective solution to support large-scale wireless Internet access. They have numerous ap- plications, such as broadband Internet access, building automation, and intelligent transportation systems. One research challenge for Internet-based WMNs is to design efficient mobility management techniques for mobile users to achieve seamless roam- ing. Mobility management includes handoff management and location management. The objective of this research is to design new handoff and location management techniques for Internet-based infrastructure WMNs. Handoff management enables a wireless network to maintain active connections as mobile users move into new service areas. Previous solutions on handoff manage- ment in infrastructure WMNs mainly focus on intra-gateway mobility. New handoff issues involved in inter-gateway mobility in WMNs have not been properly addressed. Hence, a new architectural design is proposed to facilitate inter-gateway handoff man- agement in infrastructure WMNs. The proposed architecture is designed to specifi- cally address the special handoff design challenges in Internet-based WMNs. It can facilitate parallel executions of handoffs from multiple layers, in conjunction with a data caching mechanism which guarantees minimum packet loss during handoffs. Based on the proposed architecture, a Quality of Service (QoS) handoff mechanism is also proposed to achieve QoS requirements for both handoff and existing traffic before and after handoffs in the inter-gateway WMN environment. Location management in wireless networks serves the purpose of tracking mobile users and locating them prior to establishing new communications. Existing location management solutions proposed for single-hop wireless networks cannot be directly applied to Internet-based WMNs. Hence, a dynamic location management framework in Internet-based WMNs is proposed that can guarantee the location management performance and also minimize the protocol overhead. In addition, a novel resilient location area design in Internet-based WMNs is also proposed. The formation of the location areas can adapt to the changes of both paging load and service load so that the tradeoff between paging overhead and mobile device power consumption can be balanced, and at the same time, the required QoS performance of existing traffic is maintained. Therefore, together with the proposed handoff management design, efficient mobility management can be realized in Internet-based infrastructure WMNs