Detection of selfish manipulation of carrier sensing in 802.11 networks

Recently, tuning the clear channel assessment (CCA) threshold in conjunction with power control has been considered for improving the performance of WLANs. However, we show that, CCA tuning can be exploited by selfish nodes to obtain an unfair share of the available bandwidth. Specifically, a selfish entity can manipulate the CCA threshold to ignore ongoing transmissions; this increases the probability of accessing the medium and provides the entity a higher, unfair share of the bandwidth. We experiment on our 802.11 testbed to characterize the effects of CCA tuning on both isolated links and in 802.11 WLAN configurations. We focus on AP-client(s) configurations, proposing a novel approach to detect this misbehavior. A misbehaving client is unlikely to recognize low power receptions as legitimate packets; by intelligently sending low power probe messages, an AP can efficiently detect a misbehaving node. Our key contributions are: 1) We are the first to quantify the impact of selfish CCA tuning via extensive experimentation on various 802.11 configurations. 2) We propose a lightweight scheme for detecting selfish nodes that inappropriately increase their CCAs. 3) We extensively evaluate our system on our testbed; its accuracy is 95 percent while the false positive rate is less than 5 percent. © 2012 IEEE

Real-Time Misbehavior Detection in IEEE 802.11e Based WLANs

The Enhanced Distributed Channel Access (EDCA) specification in the IEEE 802.11e standard supports heterogeneous backoff parameters and arbitration inter-frame space (AIFS), which makes a selfish node easy to manipulate these parameters and misbehave. In this case, the network-wide fairness cannot be achieved any longer. Many existing misbehavior detectors, primarily designed for legacy IEEE 802.11 networks, become inapplicable in such a heterogeneous network configuration. In this paper, we propose a novel real-time hybrid-share (HS) misbehavior detector for IEEE 802.11e based wireless local area networks (WLANs). The detector keeps updating its state based on every successful transmission and makes detection decisions by comparing its state with a threshold. We develop mathematical analysis of the detector performance in terms of both false positive rate and average detection rate. Numerical results show that the proposed detector can effectively detect both contention window based and AIFS based misbehavior with only a short detection window.Comment: Accepted to IEEE Globecom 201

Thwarting Selfish Behavior in 802.11 WLANs

The 802.11e standard enables user configuration of several MAC parameters, making WLANs vulnerable to users that selfishly configure these parameters to gain throughput. In this paper we propose a novel distributed algorithm to thwart such selfish behavior. The key idea of the algorithm is for honest stations to react, upon detecting a selfish station, by using a more aggressive configuration that penalizes this station. We show that the proposed algorithm guarantees global stability while providing good response times. By conducting a game theoretic analysis of the algorithm based on repeated games, we also show its effectiveness against selfish stations. Simulation results confirm that the proposed algorithm optimizes throughput performance while discouraging selfish behavior. We also present an experimental prototype of the proposed algorithm demonstrating that it can be implemented on commodity hardware.Comment: 14 pages, 7 figures, journa

Common security issues and challenges in wireless sensor networks and IEEE 802.11 wireless mesh networks

Both Wireless Mesh Network (WMN) and Wireless Sensor Network (WSN) are multi-hop wireless networks. WMN is an emerging community based integrated broadband wireless network which ensures high bandwidth ubiquitous internet provision to users, while, WSN is application specific and ensures large scale real-time data processing in complex environment. Both these wireless networks have some common vulnerable features which may increase the chances of different sorts of security attacks. Wireless sensor nodes have computation, memory and power limitations, which do not allow for implementation of complex security mechanism. In this paper, we discuss the common limitations and vulnerable features of WMN and WSN, along with the associated security threats and possible countermeasures. We also propose security mechanisms keeping in view the architecture and limitations of both. This article will serve as a baseline guide for the new researchers who are concern with the security aspects of WMN and WSN

Security and Privacy Issues in Wireless Mesh Networks: A Survey

This book chapter identifies various security threats in wireless mesh network (WMN). Keeping in mind the critical requirement of security and user privacy in WMNs, this chapter provides a comprehensive overview of various possible attacks on different layers of the communication protocol stack for WMNs and their corresponding defense mechanisms. First, it identifies the security vulnerabilities in the physical, link, network, transport, application layers. Furthermore, various possible attacks on the key management protocols, user authentication and access control protocols, and user privacy preservation protocols are presented. After enumerating various possible attacks, the chapter provides a detailed discussion on various existing security mechanisms and protocols to defend against and wherever possible prevent the possible attacks. Comparative analyses are also presented on the security schemes with regards to the cryptographic schemes used, key management strategies deployed, use of any trusted third party, computation and communication overhead involved etc. The chapter then presents a brief discussion on various trust management approaches for WMNs since trust and reputation-based schemes are increasingly becoming popular for enforcing security in wireless networks. A number of open problems in security and privacy issues for WMNs are subsequently discussed before the chapter is finally concluded.Comment: 62 pages, 12 figures, 6 tables. This chapter is an extension of the author's previous submission in arXiv submission: arXiv:1102.1226. There are some text overlaps with the previous submissio

Detecting MAC Misbehavior of IEEE 802.11 Devices within Ultra Dense Wi-Fi Networks

The widespread deployment of IEEE 802.11 has made it an attractive target for potential attackers. The latest IEEE 802.11 standard has introduced encryption and authentication protocols that primarily address the issues of confidentiality and access control. However, improving network availability in the presence of misbehaving stations has not been addressed in the standard. Existing research addresses the problem of detecting misbehavior in scenarios without overlapping cells. However, in real scenarios cells overlap, resulting in a challenging environment for detecting misbehavior. The contribution of this paper is the presentation and evaluation of a new method for detecting misbehavior in this environment. This method is based on an objective function that uses a broad range of symptoms. Simulationresultsindicatethatthisnewapproachisverysensitive to misbehaving stations in ultra dense networks

Protecting 802.11-Based Wireless Networks From SCTS and JACK Attacks

The convenience of IEEE 802.11-based wireless access networks has led to widespread deployment. However, these applications are predicated on the assumption of availability and confidentiality. Error-prone wireless networks afford an attacker considerable flexibility to exploit the vulnerabilities of 802.11-based mechanism. Two of most famous misbehaviors are selfish and malicious attacks. In this thesis we investigate two attacks: Spurious CTS attack (SCTS) and Jamming ACK attack (JACK). In the SCTS, malicious nodes may send periodic Spurious CTS packets to force other nodes to update their NAV values and prevent them from using the channel. In the JACK, an attacker ruins legitimate ACK packets for the intention of disrupting the traffic flow and draining the battery energy of victim nodes quickly. Correspondingly, we propose solutions: termed Carrier Sensing based Discarding (CSD), and Extended Network Allocation Vector (ENAV) scheme. We further demonstrate the performance of our proposed schemes through analysis and NS2 simulations

Detecting MAC Misbehavior of IEEE 802.11 Devices within Ultra Dense Wi-Fi Networks

The widespread deployment of IEEE 802.11 has made it an attractive target for potential attackers. The latest IEEE 802.11 standard has introduced encryption and authentication protocols that primarily address the issues of confidentiality and access control. However, improving network availability in the presence of misbehaving stations has not been addressed in the standard. Existing research addresses the problem of detecting misbehavior in scenarios without overlapping cells. However, in real scenarios cells overlap, resulting in a challenging environment for detecting misbehavior. The contribution of this paper is the presentation and evaluation of a new method for detecting misbehavior in this environment. This method is based on an objective function that uses a broad range of symptoms. Simulationresultsindicatethatthisnewapproachisverysensitive to misbehaving stations in ultra dense networks