Security and Privacy Issues in Wireless Mesh Networks: A Survey

This book chapter identifies various security threats in wireless mesh network (WMN). Keeping in mind the critical requirement of security and user privacy in WMNs, this chapter provides a comprehensive overview of various possible attacks on different layers of the communication protocol stack for WMNs and their corresponding defense mechanisms. First, it identifies the security vulnerabilities in the physical, link, network, transport, application layers. Furthermore, various possible attacks on the key management protocols, user authentication and access control protocols, and user privacy preservation protocols are presented. After enumerating various possible attacks, the chapter provides a detailed discussion on various existing security mechanisms and protocols to defend against and wherever possible prevent the possible attacks. Comparative analyses are also presented on the security schemes with regards to the cryptographic schemes used, key management strategies deployed, use of any trusted third party, computation and communication overhead involved etc. The chapter then presents a brief discussion on various trust management approaches for WMNs since trust and reputation-based schemes are increasingly becoming popular for enforcing security in wireless networks. A number of open problems in security and privacy issues for WMNs are subsequently discussed before the chapter is finally concluded.Comment: 62 pages, 12 figures, 6 tables. This chapter is an extension of the author's previous submission in arXiv submission: arXiv:1102.1226. There are some text overlaps with the previous submissio

Secure Routing in Wireless Mesh Networks

Wireless mesh networks (WMNs) have emerged as a promising concept to meet the challenges in next-generation networks such as providing flexible, adaptive, and reconfigurable architecture while offering cost-effective solutions to the service providers. Unlike traditional Wi-Fi networks, with each access point (AP) connected to the wired network, in WMNs only a subset of the APs are required to be connected to the wired network. The APs that are connected to the wired network are called the Internet gateways (IGWs), while the APs that do not have wired connections are called the mesh routers (MRs). The MRs are connected to the IGWs using multi-hop communication. The IGWs provide access to conventional clients and interconnect ad hoc, sensor, cellular, and other networks to the Internet. However, most of the existing routing protocols for WMNs are extensions of protocols originally designed for mobile ad hoc networks (MANETs) and thus they perform sub-optimally. Moreover, most routing protocols for WMNs are designed without security issues in mind, where the nodes are all assumed to be honest. In practical deployment scenarios, this assumption does not hold. This chapter provides a comprehensive overview of security issues in WMNs and then particularly focuses on secure routing in these networks. First, it identifies security vulnerabilities in the medium access control (MAC) and the network layers. Various possibilities of compromising data confidentiality, data integrity, replay attacks and offline cryptanalysis are also discussed. Then various types of attacks in the MAC and the network layers are discussed. After enumerating the various types of attacks on the MAC and the network layer, the chapter briefly discusses on some of the preventive mechanisms for these attacks.Comment: 44 pages, 17 figures, 5 table

Channel assignment and routing in cooperative and competitive wireless mesh networks

This thesis was submitted for the degree of Docter of Philosophy and awarded by Brunel University.In this thesis, the channel assignment and routing problems have been investigated for both cooperative and competitive Wireless Mesh networks (WMNs). A dynamic and distributed channel assignment scheme has been proposed which generates the network topologies ensuring less interference and better connectivity. The proposed channel assignment scheme is capable of detecting the node failures and mobility in an efficient manner. The channel monitoring module precisely records the quality of bi-directional links in terms of link delays. In addition, a Quality of Service based Multi-Radio Ad-hoc On Demand Distance Vector (QMR-AODV) routing protocol has been devised. QMR-AODV is multi-radio compatible and provides delay guarantees on end-to-end paths. The inherited problem of AODV’s network wide flooding has been solved by selectively forwarding the routing queries on specified interfaces. The QoS based delay routing metric, combined with the selective route request forwarding, reduces the routing overhead from 24% up to 36% and produces 40.4% to 55.89% less network delays for traffic profiles of 10 to 60 flows, respectively. A distributed channel assignment scheme has been proposed for competitive WMNs, where the problem has been investigated by applying the concepts from non-cooperative bargaining Game Theory in two stages. In the first stage of the game, individual nodes of the non-cooperative setup is considered as the unit of analysis, where sufficient and necessary conditions for the existence of Nash Equilibrium (NE) and Negotiation-Proof Nash Equilibrium (N-PNE) have been derived. A distributed algorithm has been presented with perfect information available to the nodes of the network. In the presence of perfect information, each node has the knowledge of interference experience by the channels in its collision domain. The game converges to N-PNE in finite time and the average fairness achieved by all the nodes is greater than 0.79 (79%) as measured through Jain Fairness Index. Since N-PNE and NE are not always a system optimal solutions when considered from the end-nodes prospective, the model is further extended to incorporate non-cooperative end-users bargaining between two end user’s Mesh Access Points (MAPs), where an increase of 10% to 27% in end-to-end throughput is achieved. Furthermore, a non-cooperative game theoretical model is proposed for end-users flow routing in a multi-radio multi-channel WMNs. The end user nodes are selfish and compete for the channel resources across the WMNs backbone, aiming to maximize their own benefit without taking care for the overall system optimization. The end-to-end throughputs achieved by the flows of an end node and interference experienced across the WMNs backbone are considered as the performance parameters in the utility function. Theoretical foundation has been drawn based on the concepts from the Game Theory and necessary conditions for the existence of NE have been extensively derived. A distributed algorithm running on each end node with imperfect information has been implemented to assess the usefulness of the proposed mechanism. The analytical results have proven that a pure strategy Nash Equilibrium exists with the proposed necessary conditions in a game of imperfect information. Based on a distributed algorithm, the game converges to a stable state in finite time. The proposed game theoretical model provides a more reasonable solution with a standard deviation of 2.19Mbps as compared to 3.74Mbps of the random flow routing. Finally, the Price of Anarchy (PoA) of the system is close to one which shows the efficiency of the proposed scheme.The Higher Education Commission of Pakistan and the University of Engineering and Technology, Peshawar

CRM: a new dynamic cross-layer reputation computation model in wireless networks

This is the author accepted manuscript. The final version is available from University Press (OUP) via the DOI in this record.Multi-hop wireless networks (MWNs) have been widely accepted as an indispensable component of next-generation communication systems due to their broad applications and easy deployment without relying on any infrastructure. Although showing huge benefits, MWNs face many security problems, especially the internal multi-layer security threats being one of the most challenging issues. Since most security mechanisms require the cooperation of nodes, characterizing and learning actions of neighboring nodes and the evolution of these actions over time is vital to construct an efficient and robust solution for security-sensitive applications such as social networking, mobile banking, and teleconferencing. In this paper, we propose a new dynamic cross-layer reputation computation model named CRM to dynamically characterize and quantify actions of nodes. CRM couples uncertainty based conventional layered reputation computation model with cross-layer design and multi-level security technology to identify malicious nodes and preserve security against internal multi-layer threats. Simulation results and performance analyses demonstrate that CRM can provide rapid and accurate malicious node identification and management, and implement the security preservation against the internal multi-layer and bad mouthing attacks more effectively and efficiently than existing models.The authors would like to thank anonymous reviewers and editors for their constructive comments. This work is supported by: 1. Changjiang Scholars and Innovative Research Team in University (IRT1078), 2. the Key Program of NSFC-Guangdong Union Foundation (U1135002), 3. National Natural Science Foundation of China (61202390), 4. Fujian Natural Science Foundation：2013J01222, 5. the open research fund of Key Lab of Broadband Wireless Communication and Sensor Network Technology (Nanjing University of Posts and Telecommunications, Ministry of Education)

Channel assignment and routing in cooperative and competitive wireless mesh networks

In this thesis, the channel assignment and routing problems have been investigated for both cooperative and competitive Wireless Mesh networks (WMNs). A dynamic and distributed channel assignment scheme has been proposed which generates the network topologies ensuring less interference and better connectivity. The proposed channel assignment scheme is capable of detecting the node failures and mobility in an efficient manner. The channel monitoring module precisely records the quality of bi-directional links in terms of link delays. In addition, a Quality of Service based Multi-Radio Ad-hoc On Demand Distance Vector (QMR-AODV) routing protocol has been devised. QMR-AODV is multi-radio compatible and provides delay guarantees on end-to-end paths. The inherited problem of AODV’s network wide flooding has been solved by selectively forwarding the routing queries on specified interfaces. The QoS based delay routing metric, combined with the selective route request forwarding, reduces the routing overhead from 24% up to 36% and produces 40.4% to 55.89% less network delays for traffic profiles of 10 to 60 flows, respectively. A distributed channel assignment scheme has been proposed for competitive WMNs, where the problem has been investigated by applying the concepts from non-cooperative bargaining Game Theory in two stages. In the first stage of the game, individual nodes of the non-cooperative setup is considered as the unit of analysis, where sufficient and necessary conditions for the existence of Nash Equilibrium (NE) and Negotiation-Proof Nash Equilibrium (N-PNE) have been derived. A distributed algorithm has been presented with perfect information available to the nodes of the network. In the presence of perfect information, each node has the knowledge of interference experience by the channels in its collision domain. The game converges to N-PNE in finite time and the average fairness achieved by all the nodes is greater than 0.79 (79%) as measured through Jain Fairness Index. Since N-PNE and NE are not always a system optimal solutions when considered from the end-nodes prospective, the model is further extended to incorporate non-cooperative end-users bargaining between two end user’s Mesh Access Points (MAPs), where an increase of 10% to 27% in end-to-end throughput is achieved. Furthermore, a non-cooperative game theoretical model is proposed for end-users flow routing in a multi-radio multi-channel WMNs. The end user nodes are selfish and compete for the channel resources across the WMNs backbone, aiming to maximize their own benefit without taking care for the overall system optimization. The end-to-end throughputs achieved by the flows of an end node and interference experienced across the WMNs backbone are considered as the performance parameters in the utility function. Theoretical foundation has been drawn based on the concepts from the Game Theory and necessary conditions for the existence of NE have been extensively derived. A distributed algorithm running on each end node with imperfect information has been implemented to assess the usefulness of the proposed mechanism. The analytical results have proven that a pure strategy Nash Equilibrium exists with the proposed necessary conditions in a game of imperfect information. Based on a distributed algorithm, the game converges to a stable state in finite time. The proposed game theoretical model provides a more reasonable solution with a standard deviation of 2.19Mbps as compared to 3.74Mbps of the random flow routing. Finally, the Price of Anarchy (PoA) of the system is close to one which shows the efficiency of the proposed scheme.EThOS - Electronic Theses Online ServiceHigher Education Commission of PakistanUniversity of Engineering and Technology, PeshawarGBUnited Kingdo

Improving Inter-service bandwidth fairness in Wireless Mesh Networks

Includes bibliographical references.We are currently experiencing many technological advances and as a result, a lot of applications and services are developed for use in homes, offices and out in the field. In order to attract users and customers, most applications and / or services are loaded with graphics, pictures and movie clips. This unfortunately means most of these next generation services put a lot of strain on networking resources, namely bandwidth. Efficient management of bandwidth in next generation wireless network is therefore important for ensuring fairness in bandwidth allocation amongst multiple services with diverse quality of service needs. A number of algorithms have been proposed for fairness in bandwidth allocation in wireless networks, and some researchers have used game theory to model the different aspects of fairness. However, most of the existing algorithms only ensure fairness for individual requests and disregard fairness among the classes of services while some other algorithms ensure fairness for the classes of services and disregard fairness among individual requests

Traffic engineering multi-layer optimization for wireless mesh network transmission a campus network routing protocol transmission performance inhancement

This thesis was submitted for the degree of Doctor of Philosophy and awarded by Brunel UniversityThe wireless mesh network is a potential network for the future due to its excellent inherent characteristic for dynamic self-healing, self-configuration and self-organization. It also has the advantage of easy interoperability networking and the ability to form multi-linked ad-hoc networks. It has a decentralized topology, is cheap and highly scalable. Furthermore, its ease in deployment and easy maintenance are other inherent networking qualities. These aforementioned qualities of the wireless mesh network bring advantages to transmission capability of heterogeneous networks. However, transmissions in wireless mesh network create comparative performance based challenges such as congestion, load-balancing, scalability over increasing networks and coverage capacity. Consequently, these challenges and problems in the routing and switching of packets in the wireless mesh network routing protocols led to a proposal on the resolution of these failures with a combination algorithm and a management based security for the network and its transmitted packets. There are equally contentious services like reliability of the network and quality of service for real-time multimedia traffic flows with other challenges such as path computation and selection in the wireless mesh network. This thesis is therefore a cumulative proposal to the resolution of the outlined challenges and open research areas posed by using wireless mesh network routing protocol. It advances the resolution of these challenges in the mesh environment using a hybrid optimization – traffic engineering, to increase the effectiveness and the reliability of the network. It also proffers a cumulative resolution of the diverse contributions on wireless mesh network routing protocol and transmission. Adaptation and optimization are carried out on the wireless mesh network designed network using traffic engineering mechanism and technique. The research examines the patterns of mesh packet transmission and evaluates the challenges and failures in the mesh network packet transmission. It develops a solution based algorithm for resolutions and proposes the traffic engineering based solution.. These resultant performances and analysis are usually tested and compared over wireless mesh IEEE802.11n or other older proposed documented solution. This thesis used a carefully designed campus mesh network to show a comparative evaluation of an optimal performance of the mesh nodes and routers over a normal IEE802.11n based wireless domain network to show differentiation by optimization using the created algorithms. Furthermore, the indexes of performance being the metric are used to measure the utility and the reliability, including capacity and throughput at the destination during traffic engineered transmission. In addition, the security of these transmitted data and packets are optimized under a traffic engineered technique. Finally, this thesis offers an understanding to the security contribution using traffic engineering resolution to create a management algorithm for processing and computation of the wireless mesh networks security needs. The results of this thesis confirmed, completed and extended the existing predictions with real measurement