Resilient Misbehaviour Detection MAC Protocol (MD-MAC) for Distributed Wireless Networks

Chaminda Alocious, Hannan Xiao, B. Christianson, 'Resilient Misbehaviour Detection MAC Protocol (MD-MAC) for Distributed Wireless Networks' paper presented at the 2016 IEEE Wireless Communications and Networking Conference (IEEE WCNC). Doha, Qatar. 3-6 April 2016Wireless network security requirements are becoming more important and critical. The modern network security architectures require more attention to provide security in each network layer. This will require understanding of protocol vulnerabilities in existing protocol architectures. However, providing security requirements are not just limited to confidentiality and integrity, also availability and fairness are important security elements. IEEE 802.11 MAC protocol is one of the most common standard in modern day networks and has been designed without a consideration for providing security protection at MAC layer. IEEE 802.11 assumes all the nodes in the network are cooperative. However, nodes may purposefully misbehave in order to obtain extra bandwidth, conserve resources and disrupt network performance. This research proposes a Misbehaviour Detection MAC protocol (MD-MAC) to address the problematic scenarios of MAC layer misbehaviours, which takes a novel approach to detect misbehaviours in Mobile Adhoc Networks (MANETs). The MD-MAC modifies the CSMA/CA protocol message exchange and uses verifiable backoff value generation mechanism with an incorporated trust model which is suitable for distributed networks. The MD-MAC protocol has been implemented and evaluated in ns2, simulation results suggest that the protocol is able to detect misbehaving wireless nodes in a distributed network environment

A Resilient MAC Protocol for Wireless Networks

Paper presented at the IMA Conference on Game Theory and its Applications, Oxford, 8/12/2014Peer reviewe

Security and Privacy Issues in Wireless Mesh Networks: A Survey

This book chapter identifies various security threats in wireless mesh network (WMN). Keeping in mind the critical requirement of security and user privacy in WMNs, this chapter provides a comprehensive overview of various possible attacks on different layers of the communication protocol stack for WMNs and their corresponding defense mechanisms. First, it identifies the security vulnerabilities in the physical, link, network, transport, application layers. Furthermore, various possible attacks on the key management protocols, user authentication and access control protocols, and user privacy preservation protocols are presented. After enumerating various possible attacks, the chapter provides a detailed discussion on various existing security mechanisms and protocols to defend against and wherever possible prevent the possible attacks. Comparative analyses are also presented on the security schemes with regards to the cryptographic schemes used, key management strategies deployed, use of any trusted third party, computation and communication overhead involved etc. The chapter then presents a brief discussion on various trust management approaches for WMNs since trust and reputation-based schemes are increasingly becoming popular for enforcing security in wireless networks. A number of open problems in security and privacy issues for WMNs are subsequently discussed before the chapter is finally concluded.Comment: 62 pages, 12 figures, 6 tables. This chapter is an extension of the author's previous submission in arXiv submission: arXiv:1102.1226. There are some text overlaps with the previous submissio

A policy-based security framework for ad-hoc networks

Imperial Users onl

Comparison of authentication schemes for wireless sensor networks as applied to secure data aggregation

Il processo di aggregazione è fondamentale nell'economia energetica di una rete di sensori wireless (WSN). Tale processo, però, pone delle nuove sfide sul piano della sicurezza, dettate dagli stringenti vincoli di complessità tipici di una WSN. In questa tesi, in particolare, si indaga l'applicabilità degli algoritmi di autenticazione al contesto dell'aggregazion

Mobile Ad-Hoc Networks

Being infrastructure-less and without central administration control, wireless ad-hoc networking is playing a more and more important role in extending the coverage of traditional wireless infrastructure (cellular networks, wireless LAN, etc). This book includes state-of-the-art techniques and solutions for wireless ad-hoc networks. It focuses on the following topics in ad-hoc networks: quality-of-service and video communication, routing protocol and cross-layer design. A few interesting problems about security and delay-tolerant networks are also discussed. This book is targeted to provide network engineers and researchers with design guidelines for large scale wireless ad hoc networks

Formal modelling and analysis of denial of services attacks in wireless sensor networks

Wireless Sensor Networks (WSNs) have attracted considerable research attention in recent years because of the perceived potential benefits offered by self-organising, multi-hop networks consisting of low-cost and small wireless devices for monitoring or control applications in di±cult environments. WSN may be deployed in hostile or inaccessible environments and are often unattended. These conditions present many challenges in ensuring that WSNs work effectively and survive long enough to fulfil their functionalities. Securing a WSN against any malicious attack is a particular challenge. Due to the limited resources of nodes, traditional routing protocols are not appropriate in WSNs and innovative methods are used to route data from source nodes to sink nodes (base stations). To evaluate the routing protocols against DoS attacks, an innovative design method of combining formal modelling and computer simulations has been proposed. This research has shown that by using formal modelling hidden bugs (e.g. vulnerability to attacks) in routing protocols can be detected automatically. In addition, through a rigorous testing, a new routing protocol, RAEED (Robust formally Analysed protocol for wirEless sEnsor networks Deployment), was developed which is able to operate effectively in the presence of hello flood, rushing, wormhole, black hole, gray hole, sink hole, INA and jamming attacks. It has been proved formally and using computer simulation that the RAEED can pacify these DoS attacks. A second contribution of this thesis relates to the development of a framework to check the vulnerability of different routing protocols against Denial of Service(DoS) attacks. This has allowed us to evaluate formally some existing and known routing protocols against various DoS attacks iand these include TinyOS Beaconing, Authentic TinyOS using uTesla, Rumour Routing, LEACH, Direct Diffusion, INSENS, ARRIVE and ARAN protocols. This has resulted in the development of an innovative and simple defence technique with no additional hardware cost for deployment against wormhole and INA attacks. In the thesis, the detection of weaknesses in INSENS, Arrive and ARAN protocols was also addressed formally. Finally, an e±cient design methodology using a combination of formal modelling and simulation is propose to evaluate the performances of routing protocols against DoS attacks

The design and performance evaluation of a proactive multipath routing protocol for mobile ad hoc networks

Due to unpredictable network topology changes, routing in Mobile Ad Hoc Networks (MANET) is an important and challenging research area. The routing protocol should detect and maintain a good route(s) between source and destination nodes in these dynamic networks. Many routing protocols have been proposed for mobile ad hoc networks, and none can be considered as the best under all conditions. This thesis presents the design and implementation of a new proactive multipath MANET routing protocol. The protocol, named Multipath Destination Sequenced Distance Vector (MDSDV), is based on the well known single path Destination Sequenced Distance Vector (DSDV). We show that the protocol finds node-disjoint paths, i.e., paths which do not have any nodes in common, except for the source and the destination. The thesis presents a systematic evaluation of MDSDV in comparison with three well known protocols: one proactive (DSDV), and two reactive (AODV) and (DSR). MDSDV behaves very well in terms of its packet delivery fraction and data dropped in both static and dynamic networks. It delivers nearly 100% of data in dense networks (networks with more than 20 nodes). The speed of the nodes and the number of sources have a low impact on its performance