Secure Routing in Wireless Mesh Networks

Wireless mesh networks (WMNs) have emerged as a promising concept to meet the challenges in next-generation networks such as providing flexible, adaptive, and reconfigurable architecture while offering cost-effective solutions to the service providers. Unlike traditional Wi-Fi networks, with each access point (AP) connected to the wired network, in WMNs only a subset of the APs are required to be connected to the wired network. The APs that are connected to the wired network are called the Internet gateways (IGWs), while the APs that do not have wired connections are called the mesh routers (MRs). The MRs are connected to the IGWs using multi-hop communication. The IGWs provide access to conventional clients and interconnect ad hoc, sensor, cellular, and other networks to the Internet. However, most of the existing routing protocols for WMNs are extensions of protocols originally designed for mobile ad hoc networks (MANETs) and thus they perform sub-optimally. Moreover, most routing protocols for WMNs are designed without security issues in mind, where the nodes are all assumed to be honest. In practical deployment scenarios, this assumption does not hold. This chapter provides a comprehensive overview of security issues in WMNs and then particularly focuses on secure routing in these networks. First, it identifies security vulnerabilities in the medium access control (MAC) and the network layers. Various possibilities of compromising data confidentiality, data integrity, replay attacks and offline cryptanalysis are also discussed. Then various types of attacks in the MAC and the network layers are discussed. After enumerating the various types of attacks on the MAC and the network layer, the chapter briefly discusses on some of the preventive mechanisms for these attacks.Comment: 44 pages, 17 figures, 5 table

Security and Privacy Issues in Wireless Mesh Networks: A Survey

This book chapter identifies various security threats in wireless mesh network (WMN). Keeping in mind the critical requirement of security and user privacy in WMNs, this chapter provides a comprehensive overview of various possible attacks on different layers of the communication protocol stack for WMNs and their corresponding defense mechanisms. First, it identifies the security vulnerabilities in the physical, link, network, transport, application layers. Furthermore, various possible attacks on the key management protocols, user authentication and access control protocols, and user privacy preservation protocols are presented. After enumerating various possible attacks, the chapter provides a detailed discussion on various existing security mechanisms and protocols to defend against and wherever possible prevent the possible attacks. Comparative analyses are also presented on the security schemes with regards to the cryptographic schemes used, key management strategies deployed, use of any trusted third party, computation and communication overhead involved etc. The chapter then presents a brief discussion on various trust management approaches for WMNs since trust and reputation-based schemes are increasingly becoming popular for enforcing security in wireless networks. A number of open problems in security and privacy issues for WMNs are subsequently discussed before the chapter is finally concluded.Comment: 62 pages, 12 figures, 6 tables. This chapter is an extension of the author's previous submission in arXiv submission: arXiv:1102.1226. There are some text overlaps with the previous submissio

Poseidon: Mitigating Interest Flooding DDoS Attacks in Named Data Networking

Content-Centric Networking (CCN) is an emerging networking paradigm being considered as a possible replacement for the current IP-based host-centric Internet infrastructure. In CCN, named content becomes a first-class entity. CCN focuses on content distribution, which dominates current Internet traffic and is arguably not well served by IP. Named-Data Networking (NDN) is an example of CCN. NDN is also an active research project under the NSF Future Internet Architectures (FIA) program. FIA emphasizes security and privacy from the outset and by design. To be a viable Internet architecture, NDN must be resilient against current and emerging threats. This paper focuses on distributed denial-of-service (DDoS) attacks; in particular we address interest flooding, an attack that exploits key architectural features of NDN. We show that an adversary with limited resources can implement such attack, having a significant impact on network performance. We then introduce Poseidon: a framework for detecting and mitigating interest flooding attacks. Finally, we report on results of extensive simulations assessing proposed countermeasure.Comment: The IEEE Conference on Local Computer Networks (LCN 2013

IDLP: an efficient intrusion detection and location-aware prevention mechanism for network coding-enabled mobile small cells

Mobile small cell technology is considered as a 5G enabling technology for delivering ubiquitous 5G services in a cost-effective and energy efficient manner. Moreover, Network Coding (NC) technology can be foreseen as a promising solution for the wireless network of mobile small cells to increase its throughput and improve its performance. However, NC-enabled mobile small cells are vulnerable to pollution attacks due to the inherent vulnerabilities of NC. Although there are several works on pollution attack detection, the attackers may continue to pollute packets in the next transmission of coded packets of the same generation from the source node to the destination nodes. Therefore, in this paper, we present an intrusion detection and location-aware prevention (IDLP) mechanism which does not only detect the polluted packets and drop them but also identify the attacker's exact location so as to block them and prevent packet pollution in the next transmissions. In the proposed IDLP mechanism, the detection and locating schemes are based on a null space-based homomorphic MAC scheme. However, the proposed IDLP mechanism is efficient because, in its initial phase (i.e., Phase 1), it is not needed to be applied to all mobile devices in order to protect the NC-enabled mobile small cells from the depletion of their resources. The proposed efficient IDLP mechanism has been implemented in Kodo, and its performance has been evaluated and compared with our previous IDPS scheme proposed in [1], in terms of computational complexity, communicational overhead, and successfully decoding probability as well

Subvertising - Conceptualization, Motivation, and Outcomes

There is an exponential increase in events involving subvertising both online and in the real world. Though popular media are increasingly discussing the topic, there are gaps in the academic literature on subvertising, as it is very limited. The purpose of this study was therefore to close these gaps by investigating the conceptualization of subvertising, the motivation for engaging in subvertising, and the outcomes of it, both for subvertisers themselves and for those that are targeted. The study was carried out using a qualitative inductive approach, in which grounded theory was used to obtain and interpret data. The data was gathered from secondary data, as news articles and YouTube videos were collected from popular media. A thematic narrative analysis was used to get an understanding of “what” rather than “how”, and to focus on the themes around which articles are told (Reissman, 2008). The data collected was coded according to Gioia’s methodology. This helped the authors generate categories and subcategories that were used to answer the research questions. The findings of the study revealed that the conceptualization of subvertising can be explained by the definition, target, type, defense, and evolution. The motivation for engaging in subvertising can be explained by the environment, inclusion and diversity, capitalism, and social. Lastly, the public, government, and corporate helped explain the outcomes of subvertising. The intergenerational justice theory was used to support these findings, as it can be linked to the underlying reasons for subvertising. The study presents five theoretical implications where the authors discuss how they are contributing to the literature on the topic, and consider five practical implications they are providing to subvertisers and other activists, corporations, governments, and the public in general. This study is of great novelty because it is filling the gaps in the existing literature on subvertising because of its comprehensiveness that looks at the conceptualization, the motives, and outcomes. It provides a clear definition that separates subvertising from other similar concepts by specifying its boundary conditions, which have previously been vague

Subvertising - Conceptualization, Motivation, and Outcomes

There is an exponential increase in events involving subvertising both online and in the real world. Though popular media are increasingly discussing the topic, there are gaps in the academic literature on subvertising, as it is very limited. The purpose of this study was therefore to close these gaps by investigating the conceptualization of subvertising, the motivation for engaging in subvertising, and the outcomes of it, both for subvertisers themselves and for those that are targeted. The study was carried out using a qualitative inductive approach, in which grounded theory was used to obtain and interpret data. The data was gathered from secondary data, as news articles and YouTube videos were collected from popular media. A thematic narrative analysis was used to get an understanding of “what” rather than “how”, and to focus on the themes around which articles are told (Riessman, 2008). The data collected was coded according to Gioia’s methodology. This helped the authors generate categories and subcategories that were used to answer the research questions. The findings of the study revealed that the conceptualization of subvertising can be explained by the definition, target, type, defense, and evolution. The motivation for engaging in subvertising can be explained by the environment, inclusion and diversity, capitalism, and social. Lastly, the public, government, and corporate helped explain the outcomes of subvertising. The intergenerational justice theory was used to support these findings, as it can be linked to the underlying reasons for subvertising. The study presents five theoretical implications where the authors discuss how they are contributing to the literature on the topic, and consider five practical implications they are providing to subvertisers and other activists, corporations, governments, and the public in general. This study is of great novelty because it is filling the gaps in the existing literature on subvertising because of its comprehensiveness that looks at the conceptualization, the motives, and outcomes. It provides a clear definition that separates subvertising from other similar concepts by specifying its boundary conditions, which have previously been vague