Security and Privacy Issues in Wireless Mesh Networks: A Survey

This book chapter identifies various security threats in wireless mesh network (WMN). Keeping in mind the critical requirement of security and user privacy in WMNs, this chapter provides a comprehensive overview of various possible attacks on different layers of the communication protocol stack for WMNs and their corresponding defense mechanisms. First, it identifies the security vulnerabilities in the physical, link, network, transport, application layers. Furthermore, various possible attacks on the key management protocols, user authentication and access control protocols, and user privacy preservation protocols are presented. After enumerating various possible attacks, the chapter provides a detailed discussion on various existing security mechanisms and protocols to defend against and wherever possible prevent the possible attacks. Comparative analyses are also presented on the security schemes with regards to the cryptographic schemes used, key management strategies deployed, use of any trusted third party, computation and communication overhead involved etc. The chapter then presents a brief discussion on various trust management approaches for WMNs since trust and reputation-based schemes are increasingly becoming popular for enforcing security in wireless networks. A number of open problems in security and privacy issues for WMNs are subsequently discussed before the chapter is finally concluded.Comment: 62 pages, 12 figures, 6 tables. This chapter is an extension of the author's previous submission in arXiv submission: arXiv:1102.1226. There are some text overlaps with the previous submissio

A Review of the Energy Efficient and Secure Multicast Routing Protocols for Mobile Ad hoc Networks

This paper presents a thorough survey of recent work addressing energy efficient multicast routing protocols and secure multicast routing protocols in Mobile Ad hoc Networks (MANETs). There are so many issues and solutions which witness the need of energy management and security in ad hoc wireless networks. The objective of a multicast routing protocol for MANETs is to support the propagation of data from a sender to all the receivers of a multicast group while trying to use the available bandwidth efficiently in the presence of frequent topology changes. Multicasting can improve the efficiency of the wireless link when sending multiple copies of messages by exploiting the inherent broadcast property of wireless transmission. Secure multicast routing plays a significant role in MANETs. However, offering energy efficient and secure multicast routing is a difficult and challenging task. In recent years, various multicast routing protocols have been proposed for MANETs. These protocols have distinguishing features and use different mechanismsComment: 15 page

SecMon: End-to-End Quality and Security Monitoring System

The Voice over Internet Protocol (VoIP) is becoming a more available and popular way of communicating for Internet users. This also applies to Peer-to-Peer (P2P) systems and merging these two have already proven to be successful (e.g. Skype). Even the existing standards of VoIP provide an assurance of security and Quality of Service (QoS), however, these features are usually optional and supported by limited number of implementations. As a result, the lack of mandatory and widely applicable QoS and security guaranties makes the contemporary VoIP systems vulnerable to attacks and network disturbances. In this paper we are facing these issues and propose the SecMon system, which simultaneously provides a lightweight security mechanism and improves quality parameters of the call. SecMon is intended specially for VoIP service over P2P networks and its main advantage is that it provides authentication, data integrity services, adaptive QoS and (D)DoS attack detection. Moreover, the SecMon approach represents a low-bandwidth consumption solution that is transparent to the users and possesses a self-organizing capability. The above-mentioned features are accomplished mainly by utilizing two information hiding techniques: digital audio watermarking and network steganography. These techniques are used to create covert channels that serve as transport channels for lightweight QoS measurement's results. Furthermore, these metrics are aggregated in a reputation system that enables best route path selection in the P2P network. The reputation system helps also to mitigate (D)DoS attacks, maximize performance and increase transmission efficiency in the network.Comment: Paper was presented at 7th international conference IBIZA 2008: On Computer Science - Research And Applications, Poland, Kazimierz Dolny 31.01-2.02 2008; 14 pages, 5 figure

Fuzzy TOPSIS-based Secure Neighbor Discovery Mechanism for Improving Reliable Data Dissemination in Wireless Sensor Networks

Wireless Sensor Networks (WSNs) being an indispensable entity of the Internet of Things (IoT) are found to be more and more widely utilized for the rapid advent of IoT environment. The reliability of data dissemination in the IoT environment completely depends on the secure neighbor discovery mechanism that are utilized for effective and efficient communication among the sensor nodes. Secure neighbor discovery mechanisms that significantly determine trustworthy sensor nodes are essential for maintaining potential connectivity and sustaining reliable data delivery in the energy-constrained self organizing WSN. In this paper, Fuzzy Technique of Order Preference Similarity to the Ideal Solution (TOPSIS)-based Secure Neighbor Discovery Mechanism (FTOPSIS-SNDM) is proposed for estimating the trust of each sensor node in the established routing path for the objective of enhancing reliable data delivery in WSNs. This proposed FTOPSIS-SNDM is proposed as an attempt to integrate the merits of Fuzzy Set Theory (FST) and TOPSIS-based Multi-criteria Decision Making (MCDM) approach, since the discovery of secure neighbors involves the exchange of imprecise data and uncertain behavior of sensor nodes. This secure neighbor is also influenced by the factors of packet forwarding potential, delay, distance from the Base Station (BS) and residual energy, which in turn depends on multiple constraints that could be possibly included into the process of secure neighbor discovery. The simulation investigations of the proposed FTOPSIS-SNDM confirmed its predominance over the benchmarked approaches in terms of throughput, energy consumption, network latency, communication overhead for varying number of genuine and malicious neighboring sensor nodes in network

Analysis of Secure Routing Scheme for MANET

Mobile ad hoc networks pose various kinds of security problems, caused by their nature of collaborative and open systems and by limited availability of resources. In our work we look at AODV in detail, study and analyses various attacks that can be possible on it. Then we look into some existing mechanism for securing AODV protocol. Our proposed work is an extension to Adaptive-SAODV of the secure AODV protocol extension, which includes tuning strategies aimed at improving its performance. In A-SAODV an intermediate node makes an adaptive reply decision for an incoming request that helps to balance its load that is over-burdened by signing and verification task of incoming messages. Namely, we propose a modification to adaptive mechanism that tunes SAODV behavior. In our paper we have proposed an extension to Adaptive-SAODV of the secure AODV protocol extension, which includes further filtering strategies aimed at further improving its network performance. We have analyzed the how our proposed algorithm can help in further improvement of performance in adaptive SAODV and also compared its performance with existing mechanisms using simulation

Identity Mapping Scheme with CBDS Approach to Secure MANET

A MANET is considered as self administrating network in which nodes are free to come and join to communicate with various nodes. A network which has a lot of advantages for its characteristics also has disadvantage of being attacked by some malicious node. Since MANET requires that each node should posses a unique, distinct identity, Sybil attack is one of the major threat to MANET. A Sybil attack is in which a node can have different physical identity to weak the distributed MANET system. In this paper, we propose a identity mapping scheme which is implemented with the collaborative bait detection scheme for securing MANET against Sybil attack, black hole attack and gray hole attack. Approach is merged with the CBDS approach for making system more secure against various attacks. Proposed scheme is simulated on NS2 and compared with the Sybil detection scheme on various performance metrics

MQMF: Multiple Quality Measure Factors for Trust Computation and Security in MANET

Identification of the mobile ad hoc network node in a secure, reliable communication is a very important factor. It will be a node in the service of reconciliation and node behaviour leads to uncertainty. It is always challenge to manage node security and resource due to the complexity of high mobility and resource constraints. Trust based security provides light-weight security computing for individual node trust to provide reliable and quality of service. In this paper we present a multiple quality measure factors (MQMF) approach for computing node trust to improvise the quality of service. It compute four quality measure factors based on node throughput and packet drop during communication to measure the node individual trustworthiness. It prevent the network from anomalous and malicious nodes to improvise the security and throughput. The evaluation measures shows an improvisation in throughput with less packet drop and computational overload in compare to existing protocols