Contribution to securing wireless mesh networks

A wireless mesh network (WMN) comprises of mesh access points (MAPs)/mesh routers and mesh clients (MCs), where MAPs are normally static and they form the backbone of WMNs. MCs are wireless devices and dynamic in nature, communicating among themselves over possibly multi-hop paths, with or without the help of MAPs. Security has been a primary concern in order to provide protected communication in WMNs due to the open peer-to-peer network topology, shared wireless medium, stringent resource constraints and highly dynamic environment. These challenges clearly make a case for building multi-layer security solution that achieves both wide-range protection and desirable network performance. In this thesis, we attempt to provide necessary security features to WMNs routing operations in an efficient manner. To achieve this goal, first we will review the literature about the WMNs in detail, like WMN’s architecture, applications, routing protocols, security requirements. Then, we will propose two different secure routing protocols for WMNs which provide security in terms of routing, data and users as well. The first protocol is a cross-layer secure protocol for routing, data exchange and Address Resolution Protocol (ARP) problems (in case of LAN based upon WMNs). Our protocol is a ticket-based ad hoc on demand distance vector (TAODV) protocol, a secure routing protocol that is based on the design of the Ad Hoc on demand distance vector (AODV) protocol. Due to the availability of a backbone, we incorporate the Authentication Server (AS) for the issuance of tickets which are further used for secure routing, transfer of public keys and MAC addresses in one single step. By incorporating the public keys, source and destination can easily generate their shared secret key based upon Fixed Diffie-Hellman key exchange protocol for data encryption and decryption. Our protocol is secure against both active as well as passive attacks. The second proposed protocol is to “achieve user anonymity in WMNs”. This protocol is also ticket-based protocol. The ticket is issued by Network Operator (NO) which provides user anonymity, user authentication and data confidentiality/privacy throughout the WMN. Our protocol is inspired by the blind Nyberg-Rueppel digital signature scheme. In this protocol NO issues tickets to valid users only and these users can then use these tickets to access Internet or to access services provided by Internet Gateway (IGW). IGW can only verify these tickets whether tickets are valid or not but can not check “Identity of ticket holder”. This way, user anonymity has been achieved along with user authentication and data privacy throughout WMN

Securing Wireless Mesh Networks

Using wireless mesh networks to offer Internet connectivity is becoming a popular choice for wireless Internet service providers as it allows fast, easy, and inexpensive network deployment. However, security in WMNs is still in its infancy as very little attention has been devoted thus far to this topic by the research community. In this article we describe the specifics of WMNs and identify three fundamental network operations that need to be secured

SWMPT: Securing Wireless Mesh Networks Protocol Based on Ticket Authentication

Wireless mesh network (WMN) consists of two parts: mesh access points which are relatively static and energy-rich devices, and mesh clients which are relatively dynamic and power constrained. In this paper, we present a new model for WMN end-to-end security which divides authentication process into two phases: Mesh Access Point which is based on asymmetric cryptography and Mesh Client which is based on a server-side certificate such as EAP-TTLS

Passive security threats and consequences in IEEE 802.11 wireless mesh networks

The Wireless Mesh Network (WMN) is ubiquitous emerging broadband wireless network. However, the open wireless medium, multi-hop multi-radio architecture and ad-hoc connectivity amongst end-users are such characteristics which increases the vulnerabilities of WMN towards many passive and active attacks. A secure network ensures the confidentiality, integrity and availability of wireless network. Integrity and availability is compromised by active attacks, while the confidentiality of end-users traffic is compromised by passive attacks. Passive attacks are silent in nature and do not harm the network traffic or normal network operations, therefore very difficult to detect. However, passive attacks lay down a foundation for later launching an active attack. In this article, we discuss the vulnerable features and possible passive threats in WMN along with current security mechanisms as well as future research directions. This article will serve as a baseline guide for the passive security threats and related issues in WMNs

Non-linear echo cancellation - a Bayesian approach

Echo cancellation literature is reviewed, then a Bayesian model is introduced and it is shown how how it can be used to model and fit nonlinear channels. An algorithm for cancellation of echo over a nonlinear channel is developed and tested. It is shown that this nonlinear algorithm converges for both linear and nonlinear channels and is superior to linear echo cancellation for canceling an echo through a nonlinear echo-path channel

Cloned Access Point Detection and Point Detection and Prevention Mechanism in IEEE 802.11 Wireless Mesh Networks

IEEE 802.11 Wireless Mesh Network (WMN) is an emerging low cost, decentralized community-based broadband technology, which is based on self-healing and multi-hop deployment of Access Points (APs), so that to increase the coverage area with maximum freedom to end-users to join or leave the network from anywhere anytime having low deployment and maintenance cost. Such kind of decentralized structure and multihop architecture increases its security vulnerabilities especially against the APs. One of such possible security attack is the placement of cloned AP to create serious performance degradation in IEEE 802.11 WMN. In this paper, we discuss the different security vulnerabilities of AP in IEEE 802.11 WMN along with possible research directions. We also propose a mutual cooperation mechanism between the multi-hop APs and serving gateway so that to detect and prevent the possibility of cloned AP. In this way the large scale exploitation of IEEE 802.11 WMN can be eliminated

Securing End-to-End Wireless Mesh Networks Ticket-Based Authentication

Hybrid wireless mesh network (WMN) consists of two types of nodes: Mesh Routers which are relatively static and energy-rich devices, and Mesh Clients which are relatively dynamic and power constrained devices. In this paper we present a new model for WMN end-to-end security which divide authentication process into two phases: Mesh Access Point phase which based on asymmetric cryptography and Mesh Client phase which based on a server-side certificate such as EAP-TTLS and PEAP

Securing End-to-End Wireless Mesh Networks Ticket-Based Authentication.

Hybrid wireless mesh network (WMN) consists of twotypes of nodes: Mesh Routers which are relatively static andenergy-rich devices, and Mesh Clients which are relativelydynamic and power constrained devices. In this paper we presenta new model for WMN end-to-end security which divideauthentication process into two phases: Mesh Access Point phasewhich based on asymmetric cryptography and Mesh Client phasewhich based on a server-side certificate such as EAP-TTLSand PEAP

A Secure Key Management Model for Wireless Mesh Networks

As Wireless Mesh Networks (WMNs) are newly emerging wireless technologies, they are designed to have huge potential for strengthening Internet deployment and access. However, they are far from muture for large-scale deployment in some applications due to the lack of the satisfactory guarantees on security. The main challenges exposed to the security of WMNs come from the facts of the shared nature of the wireless architecture and the lack of globally trusted central authorities. A well-performed security framework for WMNs will contribute to network survivability and strongly support the network growth. A low-computational and scalable key management model for WMNs is proposed in this paper which aims to guarantee well-performed key management services and protection from potential attacks