Secure Routing in Wireless Mesh Networks

Wireless mesh networks (WMNs) have emerged as a promising concept to meet the challenges in next-generation networks such as providing flexible, adaptive, and reconfigurable architecture while offering cost-effective solutions to the service providers. Unlike traditional Wi-Fi networks, with each access point (AP) connected to the wired network, in WMNs only a subset of the APs are required to be connected to the wired network. The APs that are connected to the wired network are called the Internet gateways (IGWs), while the APs that do not have wired connections are called the mesh routers (MRs). The MRs are connected to the IGWs using multi-hop communication. The IGWs provide access to conventional clients and interconnect ad hoc, sensor, cellular, and other networks to the Internet. However, most of the existing routing protocols for WMNs are extensions of protocols originally designed for mobile ad hoc networks (MANETs) and thus they perform sub-optimally. Moreover, most routing protocols for WMNs are designed without security issues in mind, where the nodes are all assumed to be honest. In practical deployment scenarios, this assumption does not hold. This chapter provides a comprehensive overview of security issues in WMNs and then particularly focuses on secure routing in these networks. First, it identifies security vulnerabilities in the medium access control (MAC) and the network layers. Various possibilities of compromising data confidentiality, data integrity, replay attacks and offline cryptanalysis are also discussed. Then various types of attacks in the MAC and the network layers are discussed. After enumerating the various types of attacks on the MAC and the network layer, the chapter briefly discusses on some of the preventive mechanisms for these attacks.Comment: 44 pages, 17 figures, 5 table

Adaptive Square-Shaped Trajectory-Based Service Location Protocol in Wireless Sensor Networks

In this paper we propose an adaptive square-shaped trajectory (ASST)-based service location method to ensure load scalability in wireless sensor networks. This first establishes a square-shaped trajectory over the nodes that surround a target point computed by the hash function and any user can access it, using the hash. Both the width and the size of the trajectory are dynamically adjustable, depending on the number of queries made to the service information on the trajectory. The number of sensor nodes on the trajectory varies in proportion to the changing trajectory shape, allowing high loads to be distributed around the hot spot area

Scaling all-pairs overlay routing

This paper presents and experimentally evaluates a new algorithm for efficient one-hop link-state routing in full-mesh networks. Prior techniques for this setting scale poorly, as each node incurs quadratic (n[superscript 2]) communication overhead to broadcast its link state to all other nodes. In contrast, in our algorithm each node exchanges routing state with only a small subset of overlay nodes determined by using a quorum system. Using a two round protocol, each node can find an optimal one-hop path to any other node using only n[superscript 1.5] per-node communication. Our algorithm can also be used to find the optimal shortest path of arbitrary length using only n[superscript 1.5] logn per-node communication. The algorithm is designed to be resilient to both node and link failures. We apply this algorithm to a Resilient Overlay Network (RON) system, and evaluate the results using a large-scale, globally distributed set of Internet hosts. The reduced communication overhead from using our improved full-mesh algorithm allows the creation of all-pairs routing overlays that scale to hundreds of nodes, without reducing the system's ability to rapidly find optimal routes.National Science Foundation (U.S.).National Science Foundation (U.S.). Graduate Research Fellowship Progra

Distributed Computing Framework Based on Software Containers for Heterogeneous Embedded Devices

The Internet of Things (IoT) is represented by millions of everyday objects enhanced with sensing and actuation capabilities that are connected to the Internet. Traditional approaches for IoT applications involve sending data to cloud servers for processing and storage, and then relaying commands back to devices. However, this approach is no longer feasible due to the rapid growth of IoT in the network: the vast amount of devices causes congestion; latency and security requirements demand that data is processed close to the devices that produce and consume it; and the processing and storage resources of devices remain underutilized. Fog Computing has emerged as a new paradigm where multiple end-devices form a shared pool of resources where distributed applications are deployed, taking advantage of local capabilities. These devices are highly heterogeneous, with varying hardware and software platforms. They are also resource-constrained, with limited availability of processing and storage resources. Realizing the Fog requires a software framework that simplifies the deployment of distributed applications, while at the same time overcoming these constraints. In Cloud-based deployments, software containers provide a lightweight solution to simplify the deployment of distributed applications. However, Cloud hardware is mostly homogeneous and abundant in resources. This work establishes the feasibility of using Docker Swarm -- an existing container-based software framework -- for the deployment of distributed applications on IoT devices. This is realized with the use of custom tools to enable minimal-size applications compatible with heterogeneous devices; automatic configuration and formation of device Fog; remote management and provisioning of devices. The proposed framework has significant advantages over the state of the art, namely, it supports Fog-based distributed applications, it overcomes device heterogeneity and it simplifies device initialization

Byzantine fault-tolerant agreement protocols for wireless Ad hoc networks

Tese de doutoramento, Informática (Ciências da Computação), Universidade de Lisboa, Faculdade de Ciências, 2010.The thesis investigates the problem of fault- and intrusion-tolerant consensus in resource-constrained wireless ad hoc networks. This is a fundamental problem in distributed computing because it abstracts the need to coordinate activities among various nodes. It has been shown to be a building block for several other important distributed computing problems like state-machine replication and atomic broadcast. The thesis begins by making a thorough performance assessment of existing intrusion-tolerant consensus protocols, which shows that the performance bottlenecks of current solutions are in part related to their system modeling assumptions. Based on these results, the communication failure model is identified as a model that simultaneously captures the reality of wireless ad hoc networks and allows the design of efficient protocols. Unfortunately, the model is subject to an impossibility result stating that there is no deterministic algorithm that allows n nodes to reach agreement if more than n2 omission transmission failures can occur in a communication step. This result is valid even under strict timing assumptions (i.e., a synchronous system). The thesis applies randomization techniques in increasingly weaker variants of this model, until an efficient intrusion-tolerant consensus protocol is achieved. The first variant simplifies the problem by restricting the number of nodes that may be at the source of a transmission failure at each communication step. An algorithm is designed that tolerates f dynamic nodes at the source of faulty transmissions in a system with a total of n 3f + 1 nodes. The second variant imposes no restrictions on the pattern of transmission failures. The proposed algorithm effectively circumvents the Santoro- Widmayer impossibility result for the first time. It allows k out of n nodes to decide despite dn 2 e(nk)+k2 omission failures per communication step. This algorithm also has the interesting property of guaranteeing safety during arbitrary periods of unrestricted message loss. The final variant shares the same properties of the previous one, but relaxes the model in the sense that the system is asynchronous and that a static subset of nodes may be malicious. The obtained algorithm, called Turquois, admits f < n 3 malicious nodes, and ensures progress in communication steps where dnf 2 e(n k f) + k 2. The algorithm is subject to a comparative performance evaluation against other intrusiontolerant protocols. The results show that, as the system scales, Turquois outperforms the other protocols by more than an order of magnitude.Esta tese investiga o problema do consenso tolerante a faltas acidentais e maliciosas em redes ad hoc sem fios. Trata-se de um problema fundamental que captura a essência da coordenação em actividades envolvendo vários nós de um sistema, sendo um bloco construtor de outros importantes problemas dos sistemas distribuídos como a replicação de máquina de estados ou a difusão atómica. A tese começa por efectuar uma avaliação de desempenho a protocolos tolerantes a intrusões já existentes na literatura. Os resultados mostram que as limitações de desempenho das soluções existentes estão em parte relacionadas com o seu modelo de sistema. Baseado nestes resultados, é identificado o modelo de falhas de comunicação como um modelo que simultaneamente permite capturar o ambiente das redes ad hoc sem fios e projectar protocolos eficientes. Todavia, o modelo é restrito por um resultado de impossibilidade que afirma não existir algoritmo algum que permita a n nós chegaram a acordo num sistema que admita mais do que n2 transmissões omissas num dado passo de comunicação. Este resultado é válido mesmo sob fortes hipóteses temporais (i.e., em sistemas síncronos) A tese aplica técnicas de aleatoriedade em variantes progressivamente mais fracas do modelo até ser alcançado um protocolo eficiente e tolerante a intrusões. A primeira variante do modelo, de forma a simplificar o problema, restringe o número de nós que estão na origem de transmissões faltosas. É apresentado um algoritmo que tolera f nós dinâmicos na origem de transmissões faltosas em sistemas com um total de n 3f + 1 nós. A segunda variante do modelo não impõe quaisquer restrições no padrão de transmissões faltosas. É apresentado um algoritmo que contorna efectivamente o resultado de impossibilidade Santoro-Widmayer pela primeira vez e que permite a k de n nós efectuarem progresso nos passos de comunicação em que o número de transmissões omissas seja dn 2 e(n k) + k 2. O algoritmo possui ainda a interessante propriedade de tolerar períodos arbitrários em que o número de transmissões omissas seja superior a . A última variante do modelo partilha das mesmas características da variante anterior, mas com pressupostos mais fracos sobre o sistema. Em particular, assume-se que o sistema é assíncrono e que um subconjunto estático dos nós pode ser malicioso. O algoritmo apresentado, denominado Turquois, admite f < n 3 nós maliciosos e assegura progresso nos passos de comunicação em que dnf 2 e(n k f) + k 2. O algoritmo é sujeito a uma análise de desempenho comparativa com outros protocolos na literatura. Os resultados demonstram que, à medida que o número de nós no sistema aumenta, o desempenho do protocolo Turquois ultrapassa os restantes em mais do que uma ordem de magnitude.FC

LVMM: The Localized Vehicular Multicast Middleware - a Framework for Ad Hoc Inter-Vehicles Multicast Communications

This thesis defines a novel semantic for multicast in vehicular ad hoc networks (VANETs) and it defines a middleware, the Localized Vehicular Multicast Middleware (LVMM) that enables minimum cost, source-based multicast communications in VANETs. The middleware provides support to find vehicles suitable to sustain multicast communications, to maintain multicast groups, and to execute a multicast routing protocol, the Vehicular Multicast Routing Protocol (VMRP), that delivers messages of multicast applications to all the recipients utilizing a loop-free, minimum cost path from each source to all the recipients. LVMM does not require a vehicle to know all other members: only knowledge of directly reachable nodes is required to perform the source-based routing

Adaptive and autonomous protocol for spectrum identification and coordination in ad hoc cognitive radio network

The decentralised structure of wireless Ad hoc networks makes them most appropriate for quick and easy deployment in military and emergency situations. Consequently, in this thesis, special interest is given to this form of network. Cognitive Radio (CR) is defined as a radio, capable of identifying its spectral environment and able to optimally adjust its transmission parameters to achieve interference free communication channel. In a CR system, Dynamic Spectrum Access (DSA) is made feasible. CR has been proposed as a candidate solution to the challenge of spectrum scarcity. CR works to solve this challenge by providing DSA to unlicensed (secondary) users. The introduction of this new and efficient spectrum management technique, the DSA, has however, opened up some challenges in this wireless Ad hoc Network of interest; the Cognitive Radio Ad Hoc Network (CRAHN). These challenges, which form the specific focus of this thesis are as follows: First, the poor performance of the existing spectrum sensing techniques in low Signal to Noise Ratio (SNR) conditions. Secondly the lack of a central coordination entity for spectrum allocation and information exchange in the CRAHN. Lastly, the existing Medium Access Control (MAC) Protocol such as the 802.11 was designed for both homogeneous spectrum usage and static spectrum allocation technique. Consequently, this thesis addresses these challenges by first developing an algorithm comprising of the Wavelet-based Scale Space Filtering (WSSF) algorithm and the Otsu's multi-threshold algorithm to form an Adaptive and Autonomous WaveletBased Scale Space Filter (AWSSF) for Primary User (PU) sensing in CR. These combined algorithms produced an enhanced algorithm that improves detection in low SNR conditions when compared to the performance of EDs and other spectrum sensing techniques in the literature. Therefore, the AWSSF met the performance requirement of the IEEE 802.22 standard as compared to other approaches and thus considered viable for application in CR. Next, a new approach for the selection of control channel in CRAHN environment using the Ant Colony System (ACS) was proposed. The algorithm reduces the complex objective of selecting control channel from an overtly large spectrum space,to a path finding problem in a graph. We use pheromone trails, proportional to channel reward, which are computed based on received signal strength and channel availability, to guide the construction of selection scheme. Simulation results revealed ACS as a feasible solution for optimal dynamic control channel selection. Finally, a new channel hopping algorithm for the selection of a control channel in CRAHN was presented. This adopted the use of the bio-mimicry concept to develop a swarm intelligence based mechanism. This mechanism guides nodes to select a common control channel within a bounded time for the purpose of establishing communication. Closed form expressions for the upper bound of the time to rendezvous (TTR) and Expected TTR (ETTR) on a common control channel were derived for various network scenarios. The algorithm further provides improved performance in comparison to the Jump-Stay and Enhanced Jump-Stay Rendezvous Algorithms. We also provided simulation results to validate our claim of improved TTR. Based on the results obtained, it was concluded that the proposed system contributes positively to the ongoing research in CRAHN