Security and Privacy Issues in Wireless Mesh Networks: A Survey

This book chapter identifies various security threats in wireless mesh network (WMN). Keeping in mind the critical requirement of security and user privacy in WMNs, this chapter provides a comprehensive overview of various possible attacks on different layers of the communication protocol stack for WMNs and their corresponding defense mechanisms. First, it identifies the security vulnerabilities in the physical, link, network, transport, application layers. Furthermore, various possible attacks on the key management protocols, user authentication and access control protocols, and user privacy preservation protocols are presented. After enumerating various possible attacks, the chapter provides a detailed discussion on various existing security mechanisms and protocols to defend against and wherever possible prevent the possible attacks. Comparative analyses are also presented on the security schemes with regards to the cryptographic schemes used, key management strategies deployed, use of any trusted third party, computation and communication overhead involved etc. The chapter then presents a brief discussion on various trust management approaches for WMNs since trust and reputation-based schemes are increasingly becoming popular for enforcing security in wireless networks. A number of open problems in security and privacy issues for WMNs are subsequently discussed before the chapter is finally concluded.Comment: 62 pages, 12 figures, 6 tables. This chapter is an extension of the author's previous submission in arXiv submission: arXiv:1102.1226. There are some text overlaps with the previous submissio

Design & Evaluation of Path-based Reputation System for MANET Routing

Most of the existing reputation systems in mobile ad hoc networks (MANET) consider only node reputations when selecting routes. Reputation and trust are therefore generally ensured within a one-hop distance when routing decisions are made, which often fail to provide the most reliable, trusted route. In this report, we first summarize the background studies on the security of MANET. Then, we propose a system that is based on path reputation, which is computed from reputation and trust values of each and every node in the route. The use of path reputation greatly enhances the reliability of resulting routes. The detailed system architecture and components design of the proposed mechanism are carefully described on top of the AODV (Ad-hoc On-demand Distance Vector) routing protocol. We also evaluate the performance of the proposed system by simulating it on top of AODV. Simulation experiments show that the proposed scheme greatly improves network throughput in the midst of misbehavior nodes while requires very limited message overhead. To our knowledge, this is the first path-based reputation system proposal that may be implemented on top of a non-source based routing scheme such as AODV

PROTECT: Proximity-based Trust-advisor using Encounters for Mobile Societies

Many interactions between network users rely on trust, which is becoming particularly important given the security breaches in the Internet today. These problems are further exacerbated by the dynamics in wireless mobile networks. In this paper we address the issue of trust advisory and establishment in mobile networks, with application to ad hoc networks, including DTNs. We utilize encounters in mobile societies in novel ways, noticing that mobility provides opportunities to build proximity, location and similarity based trust. Four new trust advisor filters are introduced - including encounter frequency, duration, behavior vectors and behavior matrices - and evaluated over an extensive set of real-world traces collected from a major university. Two sets of statistical analyses are performed; the first examines the underlying encounter relationships in mobile societies, and the second evaluates DTN routing in mobile peer-to-peer networks using trust and selfishness models. We find that for the analyzed trace, trust filters are stable in terms of growth with time (3 filters have close to 90% overlap of users over a period of 9 weeks) and the results produced by different filters are noticeably different. In our analysis for trust and selfishness model, our trust filters largely undo the effect of selfishness on the unreachability in a network. Thus improving the connectivity in a network with selfish nodes. We hope that our initial promising results open the door for further research on proximity-based trust

A personal networking solution

This paper presents an overview of research being conducted on Personal Networking Solutions within the Mobile VCE Personal Distributed Environment Work Area. In particular it attempts to highlight areas of commonality with the MAGNET initiative. These areas include trust of foreign devices and service providers, dynamic real-time service negotiation to permit context-aware service delivery, an automated controller algorithm for wireless ad hoc networks, and routing protocols for ad hoc networking environments. Where possible references are provided to Mobile VCE publications to enable further reading

Trust-based security for the OLSR routing protocol

International audienceThe trust is always present implicitly in the protocols based on cooperation, in particular, between the entities involved in routing operations in Ad hoc networks. Indeed, as the wireless range of such nodes is limited, the nodes mutually cooperate with their neighbors in order to extend the remote nodes and the entire network. In our work, we are interested by trust as security solution for OLSR protocol. This approach fits particularly with characteristics of ad hoc networks. Moreover, the explicit trust management allows entities to reason with and about trust, and to take decisions regarding other entities. In this paper, we detail the techniques and the contributions in trust-based security in OLSR. We present trust-based analysis of the OLSR protocol using trust specification language, and we show how trust-based reasoning can allow each node to evaluate the behavior of the other nodes. After the detection of misbehaving nodes, we propose solutions of prevention and countermeasures to resolve the situations of inconsistency, and counter the malicious nodes. We demonstrate the effectiveness of our solution taking different simulated attacks scenarios. Our approach brings few modifications and is still compatible with the bare OLSR