Secure Routing and Medium Access Protocols inWireless Multi-hop Networks

While the rapid proliferation of mobile devices along with the tremendous growth of various applications using wireless multi-hop networks have significantly facilitate our human life, securing and ensuring high quality services of these networks are still a primary concern. In particular, anomalous protocol operation in wireless multi-hop networks has recently received considerable attention in the research community. These relevant security issues are fundamentally different from those of wireline networks due to the special characteristics of wireless multi-hop networks, such as the limited energy resources and the lack of centralized control. These issues are extremely hard to cope with due to the absence of trust relationships between the nodes. To enhance security in wireless multi-hop networks, this dissertation addresses both MAC and routing layers misbehaviors issues, with main focuses on thwarting black hole attack in proactive routing protocols like OLSR, and greedy behavior in IEEE 802.11 MAC protocol. Our contributions are briefly summarized as follows. As for black hole attack, we analyze two types of attack scenarios: one is launched at routing layer, and the other is cross layer. We then provide comprehensive analysis on the consequences of this attack and propose effective countermeasures. As for MAC layer misbehavior, we particularly study the adaptive greedy behavior in the context of Wireless Mesh Networks (WMNs) and propose FLSAC (Fuzzy Logic based scheme to Struggle against Adaptive Cheaters) to cope with it. A new characterization of the greedy behavior in Mobile Ad Hoc Networks (MANETs) is also introduced. Finally, we design a new backoff scheme to quickly detect the greedy nodes that do not comply with IEEE 802.11 MAC protocol, together with a reaction scheme that encourages the greedy nodes to become honest rather than punishing them

Secure Routing and Medium Access Protocols inWireless Multi-hop Networks

While the rapid proliferation of mobile devices along with the tremendous growth of various applications using wireless multi-hop networks have significantly facilitate our human life, securing and ensuring high quality services of these networks are still a primary concern. In particular, anomalous protocol operation in wireless multi-hop networks has recently received considerable attention in the research community. These relevant security issues are fundamentally different from those of wireline networks due to the special characteristics of wireless multi-hop networks, such as the limited energy resources and the lack of centralized control. These issues are extremely hard to cope with due to the absence of trust relationships between the nodes. To enhance security in wireless multi-hop networks, this dissertation addresses both MAC and routing layers misbehaviors issues, with main focuses on thwarting black hole attack in proactive routing protocols like OLSR, and greedy behavior in IEEE 802.11 MAC protocol. Our contributions are briefly summarized as follows. As for black hole attack, we analyze two types of attack scenarios: one is launched at routing layer, and the other is cross layer. We then provide comprehensive analysis on the consequences of this attack and propose effective countermeasures. As for MAC layer misbehavior, we particularly study the adaptive greedy behavior in the context of Wireless Mesh Networks (WMNs) and propose FLSAC (Fuzzy Logic based scheme to Struggle against Adaptive Cheaters) to cope with it. A new characterization of the greedy behavior in Mobile Ad Hoc Networks (MANETs) is also introduced. Finally, we design a new backoff scheme to quickly detect the greedy nodes that do not comply with IEEE 802.11 MAC protocol, together with a reaction scheme that encourages the greedy nodes to become honest rather than punishing them

Design and implementation of architectures for the deployment of secure community wireless networks

Recientes avances en las tecnologías de la comunicación, así como la proliferación de nuevos dispositivos de computación, están plasmando nuestro entorno hacia un Internet ubicuo. Internet ofrece una plataforma global para acceder con bajo coste a una vasta gama de servicios de telecomunicaciones, como el correo electrónico, comercio electrónico, tele-educación, tele-salud y tele-medicina a bajo coste. Sin embargo, incluso en los países más desarrollados, un gran número de áreas rurales todavía están pobremente equipadas con una infraestructura básica de telecomunicaciones. Hoy en día, existen algunos esfuerzos para resolver esta falta de infraestructura, pero resultan todavía insuficientes. Con este objetivo presentamos en esta tesis RuralNet, una red comunitaria inalámbrica para proveer acceso a Internet de forma personalizada a los subscriptores de un área rural. Los objetivos de este estudio han sido el desarrollo de una nueva arquitectura para ofrecer un acceso a Internet flexible y seguro para zonas rurales aisladas. RuralNet combina el paradigma de las redes mesh y el uso de los dispositivos inalámbricos embebidos más económicos para ofrecer un gran número de servicios y aplicaciones basados en Internet. La solución desarrollada por RuralNet es capaz de cubrir grandes áreas a bajo coste, y puede también ser fácilmente desplegado y extendido tanto en términos de cobertura como de servicios ofrecidos. Dado que la implementación y la evaluación de RuralNet requiere un alto coste y una gran cantidad de mano de obra, hemos considerado que la simulación y la emulación eran una alternativa válida para ahorrar costes. Con este objetivo hemos desarrollado Castadiva, un emulador flexible proyectado para la evaluación de redes MANET y mesh. Castadiva es un emulador basado en dispositivos de bajo coste, utilizado para evaluar los protocolos y las aplicaciones desarrolladas.Hortelano Otero, J. (2011). Design and implementation of architectures for the deployment of secure community wireless networks [Tesis doctoral no publicada]. Universitat Politècnica de València. https://doi.org/10.4995/Thesis/10251/10079Palanci

Formal modelling and analysis of denial of services attacks in wireless sensor networks

Wireless Sensor Networks (WSNs) have attracted considerable research attention in recent years because of the perceived potential benefits offered by self-organising, multi-hop networks consisting of low-cost and small wireless devices for monitoring or control applications in di±cult environments. WSN may be deployed in hostile or inaccessible environments and are often unattended. These conditions present many challenges in ensuring that WSNs work effectively and survive long enough to fulfil their functionalities. Securing a WSN against any malicious attack is a particular challenge. Due to the limited resources of nodes, traditional routing protocols are not appropriate in WSNs and innovative methods are used to route data from source nodes to sink nodes (base stations). To evaluate the routing protocols against DoS attacks, an innovative design method of combining formal modelling and computer simulations has been proposed. This research has shown that by using formal modelling hidden bugs (e.g. vulnerability to attacks) in routing protocols can be detected automatically. In addition, through a rigorous testing, a new routing protocol, RAEED (Robust formally Analysed protocol for wirEless sEnsor networks Deployment), was developed which is able to operate effectively in the presence of hello flood, rushing, wormhole, black hole, gray hole, sink hole, INA and jamming attacks. It has been proved formally and using computer simulation that the RAEED can pacify these DoS attacks. A second contribution of this thesis relates to the development of a framework to check the vulnerability of different routing protocols against Denial of Service(DoS) attacks. This has allowed us to evaluate formally some existing and known routing protocols against various DoS attacks iand these include TinyOS Beaconing, Authentic TinyOS using uTesla, Rumour Routing, LEACH, Direct Diffusion, INSENS, ARRIVE and ARAN protocols. This has resulted in the development of an innovative and simple defence technique with no additional hardware cost for deployment against wormhole and INA attacks. In the thesis, the detection of weaknesses in INSENS, Arrive and ARAN protocols was also addressed formally. Finally, an e±cient design methodology using a combination of formal modelling and simulation is propose to evaluate the performances of routing protocols against DoS attacks

Scattered Dropping Attack on TCP-Based Mobile Ad-Hoc Networks

Scattered Dropping Attack (SDA) is a simple yet very powerful denial of service (DoS) attack that is effective on both TCP and UDP based MANETs. The simulation results clearly show the impact of proposed attack on the network throughput, bandwidth wastage and received data quality. It has also been observed that even though the TCP congestion control is adaptable to the packet losses but in case of the dropping attack it is fully unable to detect whether the packet drop is the result of the attacker misbehaving or it is due to the congestion or other wireless environmental problem

The Z-Wave Routing Protocol and Its Security Implications

Z-Wave is a proprietary technology used to integrate sensors and actuators over RF and perform smart home and office automation services. Lacking implementation details, consumers are under-informed on the security aptitude of their installed distributed sensing and actuating systems. While the Physical (PHY) and Medium Access Control (MAC) layers of the protocol have been made public, details regarding the network layer are not available for analysis. Using a real-world Z-Wave network, the frame forwarding and topology management aspects of the Z-Wave routing protocol are reverse engineered. A security analysis is also performed on the network under study to identify source and data integrity vulnerabilities of the routing protocol. It is discovered that the topology and routes may be modified by an outsider through the exploitation of the blind trust inherent to the routing nodes of the network. A Black Hole attack is conducted on a real-world Z-Wave network to demonstrate a well-known routing attack that exploits the exposed vulnerabilities. As a result of the discoveries, several recommendations are made to enhance the security of the routing protocol

Ad Hoc Network Scenarios and Different Types of Attacks

V tejto semestrálnej práci venovanej sieťam MANET a ich bezpečnostným hrozbám sa v prvej časti preberajú a porovnávajú smerovacie protokoly AODV vs OLSR vs ZRP. Ďalej je spomínaný broadcast storm a podrobnejšie rozobrané základné typy útokov v sieťach MANET s návrhmi na potlačenie vplyvu na fungovanie siete. V nasledujúcej kapitole je ukazané a popisané prostredie NS-3 simulátora s uvedeným jednoduchým programom a spôsobmi, ako získať údaje. Posledná kapitola ukazuje vplyv black-hole útoku na sieť a návrh na jej elimináciu.In this semester thesis dedicated to MANET networks and security threats are compared the routing protocols AODV vs OLSR vs ZRP. Next chapter is dealing with a broadcast storm and discussed in more detail basic types of attacks in MANET networks with proposals to suppress the impact on the functioning of the network. In the next chapter, it is shown and described an environment of NS-3 simulator with that program and simple way how to reach the information. The last chapter shows the influence of black-hole attack on the network, and a proposal for its elimination.

SSEGR: Secure single-copy energy efficient geographical routing algorithm in wireless sensor networks

Geographical Routing Technique is a new trend in Wireless Sensor Networks in which the sensor nodes are enabled using Global Positioning Systems (GPS). This helps to easily detect the position of their neighboring nodes. The power consumption is more in the existing routing algorithms, since the nodes build the routing tables and the neighboring node IDs are determined by searching the routing table. In this paper, we have proposed Secure Single-Copy Energy Efficient Geographical Routing (SSEGR) algorithm in which the data traffic and energy consumption is minimized using single copy data transfer. In SSEGR, initially one copy is transmitted to the next node using greedy approach and another copy is preserved in the sending station. If acknowledgment is not received even after timeout then the second copy is transmitted. This dynamic single copy scheme reduces the data traffic in Wireless Sensor Networks. Security algorithms are incorporated in every sensor node to prevent any malicious node attack that disturb the normal functioning of the network. Simulation result shows that the performance of the proposed algorithm is better interms of packet delivery probability and energy consumption in comparision with existing algorithm