chapter ii literature review 2.1 hwmp -...
Post on 27-May-2018
214 Views
Preview:
TRANSCRIPT
16
CHAPTER II
LITERATURE REVIEW
2.1 HWMP
Hybrid routing protocol uses distance vector routing algorithm to discover best
route to reach the destination and it will distribute the routing information when there is
any changes occur in the topology of the network. Hybrid routing protocols uses only less
power and memory when compared with link state routing algorithm. Hybrid wireless
mesh protocol (HWMP) is a basic wireless mesh network protocol. It is based on the
AODV and tree based routing. The drawback of HWMP is it does not consider the
security related problems.
ARAN
Authenticated routing for ad hoc networks (ARAN) is an on demand routing
protocol that provides authentication of route discovery, route setup, and route path
maintenance using cryptographic certificates. It can detect and protect against malicious
attackers without requiring any predeployed network infrastructure. However, it assumes
a small amount of prior security coordination among the nodes. A trusted certificate
server is used whose public key is assumed to be known to all nodes. On joining the
network, each node receives a certificate issued by the trusted server. The certificate
received by a node contains the IP address of the node, the public key of the node, the
17
timestamp of creation of the certificate and the time at which the certificate would expire.
A node uses its certificate for authenticating itself during the routing process. At the time
of route discovery, a node broadcasts a signed route discovery packet (RDP).
The RDP includes the IP address of the destination node, the certificate of the
source node, a nonce, and a timestamp. The RDP is signed by the private key of the
source node. Each node in the route discovery path validates the signature of the previous
node, removes the certificate and the signature of the previous node, and records the IP
address of the previous node. The node then signs the original contents of the packet,
appends its own certificate and forwards the message after signing it with its private key.
When the RDP reaches the intended destination node, the node creates a route reply
packet (REP) and unicasts it back along the reverse path. The REP includes an identifier
of the packet type, the IP address of the source, its certificate, the nonce, and the
associated timestamp that was initially sent by the source node. On receiving the REP,
the source node verifies the signature of the destination node, and the nonce. An error
message (ERR) is generated if the timestamp or nonce does not match the requirements
or if the certificate fails in the authenticity validation process. ARAN is a secure protocol
that can prevent a number of attacks such as unauthorized participation of nodes, spoofed
route signaling, spurious routing messages, alteration of routing packets, manipulation of
the TTL values in the packets, and replay attacks. However, it is vulnerable to DoS
attacks which are launched by flooding the network with bogus control packets. Since
signature verification for each packet is required, the attacker can force a node to discard
some of the control packets if the node cannot verify the signatures at the rate which is
18
equal to or greater than the rate at which the attacker is injecting the bogus control
packets.
ARIANDE
Ariande is a secure on-demand routing protocols which uses the TESLA broadcast
authentication routing protocol to provide security. TESLA provide authentication while
broadcasting a message, it adds the Message Authentication Code (MAC). All the
receivers should know MAC verification key for verification. The major disadvantage of
this protocol is the route request message is not authenticated before it reaches the
destination. So, the adversary can initiate route request flooding attack.
2.2 Secure efficient ad hoc distance vector (SEAD) routing protocol
The secure efficient ad hoc distance vector (SEAD) is a secure and proactive ad
hoc routing protocol based on the destination-sequenced distance vector (DSDV) routing
protocol. The protocol deploys a one-way hash function for computing the hash chain
elements which are used to authenticate the sequence numbers and the metrics of the
update messages of the routing tables. The protocol ensures a mutual authentication
between a source and a destination pair. The source of each routing table update message
is also authenticated so as to prevent creation of any possible routing loop by an attacker
which may try to launch an impersonation attack. Although the hash chains are useful for
authenticating the metric and the sequence number, they are not sufficient for defending
against a malicious node which can advertise the same distance and sequence number
that the node has received. To defend against such malicious nodes, hash tree chains are
19
used in conjunction with packet leashes, in which the address of the authenticator is tied
with the address of the sender node. This prevents an attacker from replaying to an
authenticator that it hears in its neighborhood. The protocol uses TESLA TIK for shared
key distribution among each pair of nodes in the network. SEAD can defend against
routing loop attack if the loop does not contain more than one attacker. The protocol is
simple and easy to implement by making a slight modifications to the DSDV protocol.
The use of one-way hash chain for authentication reduces the computational complexity.
The main drawback of the protocol, however, is the requirement of a trusted entity for
distribution and maintenance of the verification element of each node. The trusted entity
can also be a single-point-of failure in the protocol operation.
2.3 Security-aware ad hoc routing (SAR) protocol
The security-aware ad hoc routing (SAR) protocol uses security as one of the key
metrics in the route discovery and maintenance operations, and provides a framework for
enforcing and measuring the attributes of the security metric. Unlike traditional routing
protocols which utilize distance (measured by the hop-counts), location, power and other
metrics for routing path determination, SAR uses security attributes (such as trust values
and trust relationships among nodes) in order to define a routing metric. SAR extends on-
demand ad hoc routing protocols such as AODV or DSR in order to incorporate the
security metric into the route discovery messages. The protocol ensures that an
intermediate node that receives an RREQ packet can process or forward it only if the
20
node can provide the required security or has the required authorization and trust level. If
the node cannot provide the required security, the RREQ packet is dropped. If an end-to-
end path with the required security attributes can be found, a suitably modified RREP
message is sent from an intermediate node or the destination node. The security metric of
SAR can be specified by a hierarchy of trust among the nodes. In order to define the trust
levels, a key distribution or secret sharing mechanism is utilized in which the nodes
belonging to a particular trust level share a key among them. Since the nodes of different
security levels do not share any key, they cannot decrypt or process routing packets. SAR
allows an application to choose its required level of security. However, the protocol
needs different keys for different levels of security. Hence, with the increase in the
number of security levels to be maintained, the number of keys to be managed also
increases leading to an increase in storage and computational overheads.
2.4 Secure ad hoc on-demand distance vector (SAODV) routing protocol
The secure ad hoc on-demand distance vector (SAODV) routing protocol is a
secure extension of the AODV protocol. The main objective of SAODV is to ensure
integrity, authentication, and non-repudiation of the messages used in the AODV
protocol. SAODV uses two mechanisms to secure routing messages: (i) digital signatures
to authenticate the non-mutable fields of the messages, and (ii) hash chains to secure the
hop count field which is the only mutable\ information in the packets. Since the protocol
uses asymmetric cryptography for digital signatures, a key management mechanism is
needed for enabling a node to acquire and verify the public key of other nodes in the
21
network. SAODV uses the following additional fields in a routing packet header: (i) the
hash function field identifies the one-way hash function used for securing the hop-count
information, (ii) max hop count is a counter that specifies the maximum number of nodes
a packet is allowed to go through, (iii) top hash field is the result of the application of the
hash function on the max hop count times to a randomly generated number, and (iv) hash
field is the random number used for routing. Each time a node sends an RREQ or an
RREP message, it generates a random number and sets the value of the max hop count
field same as the time to live (TTL) field in the IP header. The node then sets the hash
field with the random number and also sets the identifier field of the hash function.
Finally, the node computes the top hash by hashing the random number max hop count
times. The protocol enables the receiver node to verify the hop count of each message by
applying the hash function (maximum hop count – hop count) times to the value in the
hash field. If the computed hash value and the value in the top hash field match, the hop
count is successfully verified. Each time an RREQ message is rebroadcasted or an RREP
is forwarded, the node has to apply the hash function to the hash field. Digital signatures
are used to sign every field except the hop count and the hash field. Although the use of
hash function and digital signature makes the scheme secure, the intermediate nodes
cannot reply to an RREQ message if they have a fresh route to the destination node in
their caches. In order to overcome this problem, the authors propose two solutions. The
first solution does not allow the intermediate nodes to respond to a RREQ message and
make then simply forward the RREQ message, since they cannot sign the message on
behalf of the destination node. The second solution involves addition of a signature that
22
can be used by intermediate nodes to reply to an RREQ by the node that originally
created the RREQ. The route error (RERRs) messages are secured using digital
signatures. A node that generates or forwards an RERR message, signs the whole
message (except the destination sequence number) using its shared key with its neighbor
node. Since the destination node does not authenticate the destination sequence number, a
node should not update the destination sequence numbers of the entries in its routing
table based on the RERR messages. The performance characteristics of SAODV are
similar to those of the AODV protocol. However, the communication overhead in
SAODV increases very rapidly with increase in mobility of the nodes due to the use of
expensive asymmetric cryptographic operations.
2.5 Secure routing protocol (SRP)
The secure routing protocol (SRP) is a secure extension that can be applied to
many of the existing routing protocols especially to the DSR protocol. The protocol
requires the existence of a security association (SA) between a source-destination pair.
This security association is utilized to establish a shared secret key between the two
nodes. The protocol appends a header to each routing packet. The source node sends an
RREQ with a query sequence (QSEQ) number which is used by the destination node to
check whether the RREQ is outdated or valid, a random query identifier (QID) that
identifies the specific request, and the output of a keyed hash function. The input to the
function is the IP header, the header of the base protocol, and the shared secret key
between the pair of nodes. The RREQ message generated by the source node is protected
by a message authentication code (MAC) computed using the shared key between the
23
source-destination pair. The RRQEs are broadcast to all the neighbors of the source node.
Each neighbor that receives the RREQ for the first time appends its identifier to the
RREQ and further broadcasts it in the network. All nodes maintain a priority ranking of
its neighbors based on the rate at which the queries are generated from them. Higher
priorities are assigned to nodes which generate queries at lower rates. The destination
node checks the validity of the query and verifies its integrity and authenticity by
computing and matching the keyed hash value. If the query is found to be valid and if it
passes the integrity and authentication verification tests, the destination node generates a
number of replies (RREPs) using different routes. This protects against attacks from
malicious nodes that may attempt to modify the RREPs. An RREP includes the entire
path from the source to the destination, the query sequence (QSEQ) number, and the
query identification (QID) number. The integrity and authenticity of an RREP message is
done using message authentication code in the same manner as in case of an RREQ
message. Route maintenance is done using route error messages. The route error
messages are source-routed along the path which is reported to be broken by an
intermediate node. When the notified node receives a route error packet, it compares the
route followed by the packet with the prefix of the corresponding route as reported in the
route error packet. However, this approach has a security loophole since a fabricated
route error attack can be easily launched by a malicious node. SRP is a light-weight
protocol that can be easily implemented on a base routing protocol. However, as
mentioned earlier, it cannot prevent unauthorized modifications of routes by malicious
nodes.
24
2.6 ARIADNE: a secure on-demand routing protocol for ad hoc networks
Ariadne is a secure on-demand routing protocol that is an extension of the
dynamic source routing (DSR) protocol. In contrast to the SEAD protocol which is based
on hop-by-hop authentication and message integrity, Ariadne assumes an end-to-end
security approach. The protocol assumes the existence of a shared secret key between a
pair of nodes and uses a message authentication code (MAC) for authenticating messages
using this secret key. In fact, Ariadne proposes three schemes for authentication of
messages: (i) authentication between two nodes using their shared secret key, (ii) shared
secrets between communicating nodes combined with broadcast authentication using
TESLA and (iii) digital signatures. In TESLA, a sender node generates a one-way key
chain and defines a schedule based on which the keys are disclosed in the reverse order of
their generation. This makes time synchronization a critical requirement for Ariadne. In
the route discovery phase, the source node sends an RREQ message that includes the IP
address of the source node, an ID that identifies the current route discovery process, a
TESLA time interval for indicating the expected arrival time of the request to the
destination, a hash chain that includes the address of the source node, the destination
node address, the ID of the destination, and two empty lists – a node list and a MAC list.
A neighbor, node on receiving the RREQ message, first checks the validity of the TESLA
time interval so that the time interval is not too far in the future and its corresponding
keys are not disclosed yet. A request with an invalid time interval is dropped by the
neighbor nodes. If the time interval is valid, then the neighbor node inserts its address in
25
the node list, replaces the hash chain with a new one that contains the address of the
neighbor nodes along with the addresses of the nodes in the previous hash chain, and
appends a message authentication code (MAC) of the entire packet to the MAC list. The
MAC is computed using the TESLA key that corresponds to the time interval of the
RREQ message. The neighbor node then broadcasts the RREQ message further in the
network. The destination node buffers the RREQ and checks for its validity. An RREQ is
considered to be valid if the keys with respect to the specified time interval have not yet
been disclosed, and if the included hash chain can be verified. If the RREQ message is
found to be valid, the destination node generates and broadcasts an RREP message. An
RREP message contains all the fields of an RREQ message. In addition, it also contains a
target MAC field and an empty key list. The target MAC field is filled in using the
computed MAC of the preceding fields of the RREP message and the key that the
destination shares with the initiator node. The RREP message is forwarded back to the
initiator along the reverse path included in the node list as specified by the DSR protocol.
An intermediate node, on receiving the RREP message, waits until the specified time
interval allows it to disclose its key. On expiry of the specified time interval, the
intermediate node discloses the key and appends the RREP to the key list and forwards
the message to the next node. Upon receiving an RREP message, the initiator node
verifies the validity of each key in the key list, checks the authenticity of the target MAC,
and each MAC in the MAC list. The route maintenance in Ariadne is done in a similar
manner as in DSR protocol. A node forwarding a packet to the next hop along the source
route returns an RERR message to the packet’s original sender if it is unable to deliver
26
the Packet to the next hop after a limited number of retransmission attempts. The most
critical requirement for the operation of the Ariadne protocol is the existence of a clock
synchronization mechanism. The base Ariadne protocol is vulnerable to wormhole attack
have proposed a security solution to defend against the wormhole attack using a
mechanism called packet leashes.
2.7 Safeguarding Mutable Fields in AODV Route Discovery Process
Assuring cryptographic integrity of mutable fields in any on-demand ad hoc
routing protocol is more challenging than that of non mutable fields. We propose an
efficient authentication strategy for this purpose, which leverages a recently proposed
broadcast encryption (BE) scheme. We investigate some shortcomings of SAODV, a
popular secure extension of the ad hoc on-demand distance vector (AODV) protocol and
suggest some modifications to the protocol to overcome the shortcomings. The
modifications include proactive maintenance of a secure reliable delivery neighborhood
(RDN) by each node and the use of the BE based authentication strategy for mutable
fields.
This proposed a routing protocol that requires that all communications between
one-hop neighbors be encrypted by using a group secret. A node A provides a secret KA
to all its neighbors. While such an approach can keep external attackers a bay, the
protocol is susceptible to attacks by malicious internal nodes which can increase or
decrease the hop count employ one-hop and two-hop group secrets to facilitate two-hop
27
authentication. In their approach nodes proactively determine the two-hop topology and
securely de liver a two-hop group secret to every two-hop neighbor. Two-hop
neighborhood information is obtained by each node by exchanging their neighbor lists
periodically. The use of one hop secrets can prevent external attackers from participating
in the network (as packets not encrypted or authenticated with the group secret will be
dropped). One-hop secrets can also be used to protect the RREQ relayed by a node from
nodes not in its RDN, by encrypting the RREQ with the group secret.
For the proposed protocol we shall refer to as SAODV 2 (where 2 indicates the
use of two-hop authentication) we assume 1) an offline KDC who distributed secrets /
public values to every node to facilitate establishment of pair wise secrets between nodes;
2) an offline KDC who has distributed authentication and verification secrets of a MSBE
scheme (like A-RPS) to every node; and 3) a public / private key pair and a certificate
signed by an off-line certificate authority (CA) for every node (along with an authentic
copy of the public key of the CA). In SAODV-2 every node proactively maintains a
secure RDN by providing a group secret to every node in the RDN. We shall represent
the RDN secret of node A by KA, which is randomly chosen by A and delivered to all
nodes in its RDN by encrypting KA with pair wise secrets. This RDN secret can also be
used to cut off some nodes from their RDN if they are suspected of misbehavior.
2.8 Secure Data Transition over Multicast Routing In Wireless Mesh network
Multicast routing for wireless mesh networks has focused on metrics that
estimate link quality to maximize throughput. Nodes must collaborate in order to
28
compute the path metric and forward data. The assumption that all nodes are honest and
behave correctly during metric computation, propagation, and aggregation, as well
as during data forwarding, leads to unexpected consequences in adversarial
networks where compromised nodes act maliciously. In high-throughput multicast
protocol in wireless mesh networks we identify novel attacks in wireless mesh
networks. The attacks exploit the local estimation and global estimation of metric to
allow attackers to attract a large amount of traffic. We show that these attacks are very
effective against multicast protocols based on high-throughput metrics. We can say
that aggressive path increases attack effectiveness in the absence of defense
mechanism. Our approach to defend against the identified attacks combines
measurement-based detection and accusation-based reaction techniques. The solution
also accommodates transient network variations and is resilient against attempts to
exploit the defense mechanism itself. A detailed security analysis of our defense
scheme establishes bounds on the impact of attacks. We demonstrate both the
attacks and our defense using ODMRP, a representative multicast protocol for wireless
mesh networks, and SPP, an adaptation of the well-known ETX unicast metric to the
multicast setting.
In this work, we study the security implications of using high-throughput metrics.
We focus on multicast in a wireless mesh network environment because it is a
representative environment in which high-throughput metrics will be beneficial.
Although the attacks we identify can also be conducted in unicast, the multicast setting
29
makes them more effective and, at the same time, more difficult to defend against. We
focus on mesh-based multicast protocols as they have the potential to be more resilient to
attacks. We use ODMRP as a representative protocol for wireless mesh networks and
SPP, a metric based on the well-known ETX unicast metric, as a high-throughput
multicast metric. We selected SPP since it was shown to outperform all the other
multicast metrics for ODMRP. Our approach to defend against the identified attacks
combines measurement-based detection and accusation-based reaction techniques.
The solution also accommodates transient network variations and is resilient against
attempts to exploit the defense mechanism itself we limit the number of
accusations that can be generated by a node. A detailed security analysis of our defense
scheme establishes bounds on the impact of attacks.
2.9 Secure Routing for Wireless Mesh Networks
This paper describes a Security Enhanced AODV routing protocol for wireless
mesh networks (SEAODV). SEAODV employs Blom’s key pre-distribution scheme to
compute the pair wise transient key (PTK) through the flooding of enhanced HELLO
message and subsequently uses the established PTK to distribute the group transient key
(GTK). PTK and GTK are used for authenticating unicast and broadcast routing
messages respectively. In wireless mesh networks, a unique PTK is shared by each pair
of nodes, while GTK is shared secretly between the node and all its one-hop neighbors. A
message authentication code (MAC) is attached as the extension to the original AODV
routing message to guarantee the message’s authenticity and integrity in a hop-by-hop
30
fashion. Security analysis and performance evaluation show that SEAODV is more
effective in preventing identified routing attacks and outperforms ARAN and SAODV in
terms of computation cost and route acquisition latency. In this paper, we present
SEAODV, a security enhanced version of AODV. We utilize PTK and GTK keys to
protect the unicast and broadcast routing messages respectively to ensure that the route
discovery process between any two nodes in WMN is secure. We apply BLOM’s key
pre-distribution scheme in conjunction with the enhanced HELLO message to establish
the PTK and use the established PTK to distribute GTK to the node’s one-hop neighbors
throughout the entire network. We also identify various attacking scenarios specifically
happened in AODV and present security analysis to prove that our proposed SEAODV is
able to effectively defends against most of those identified attacks. Our Scheme is
lightweight and computationally efficient due to the symmetric cryptographic operations
(e.g., MAC). In addition, SEAODV supports a hop-by-hop authentication as well.
2.10 Wireless mesh networks: a survey
Wireless mesh networks (WMNs) consist of mesh routers and mesh clients, where
mesh routers have minimal mobility and form the backbone of WMNs. They provide
network access for both mesh and conventional clients. The integration of WMNs with
other networks such as the Internet, cellular, IEEE 802.11, IEEE 802.15, IEEE 802.16,
sensor networks, etc., can be accomplished through the gateway and bridging functions in
the mesh routers. Mesh clients can be either stationary or mobile, and can form a client
mesh network among themselves and with mesh routers. WMNs are anticipated to
31
resolve the limitations and to significantly improve the performance of ad hoc networks,
wireless local area networks (WLANs), wireless personal area networks (WPANs), and
wireless metropolitan area networks (WMANs). They are undergoing rapid progress and
inspiring numerous deployments. WMNs will deliver wireless services for a large variety
of applications in personal, local, campus, and metropolitan areas. Despite recent
advances in wireless mesh networking, many research challenges remain in all protocol
layers. This paper presents a detailed study on recent advances and open research issues
in WMNs. System architectures and applications of WMNs are described, followed by
discussing the critical factors influencing protocol design. Theoretical network capacity
and the state-of-the-art protocols for WMNs are explored with an objective to point out a
number of open research issues. Finally, test-beds, industrial practice, and current
standard activities related to WMNs are highlighted.
Multi-hop wireless network. An objective to develop WMNs is to extend the
coverage range of current wireless networks without sacrificing the channel capacity.
Another objective is to provide non-line-of-sight (NLOS) connectivity among the users
without direct line-of-sight (LOS) links. To meet these requirements, the mesh-style
multi-hopping is indispensable, which achieves higher throughput without sacrificing
effective radio range via shorter link distances, less interference between the nodes, and
more efficient frequency re-use. Support for ad hoc networking, and capability of self-
forming, self-healing, and self-organization. WMNs enhance network performance,
because of flexible network architecture, easy deployment and configuration, fault
32
tolerance, and mesh connectivity, i.e., multipoint-to-multipoint communications. Due to
these features, WMNs have low upfront investment requirement, and the network can
grow gradually as needed. Mobility dependence on the type of mesh nodes. Mesh routers
usually have minimal mobility, while mesh clients can be stationary or mobile nodes.
Multiple types of network access. In WMNs, both backhaul access to the Internet and
peer-to-peer (P2P) communications are supported. In addition, the integration of WMNs
with other wireless networks and providing services to end-users of these networks can
be accomplished through WMNs. Dependence of power-consumption constraints on the
type of mesh nodes. Mesh routers usually do not have strict constraints on power
consumption. However, mesh clients may require power efficient protocols. As an
example, a mesh-capable sensor requires its communication protocols to be power
efficient. Thus, the MAC or routing protocols optimized for mesh routers may not be
appropriate for mesh clients such as sensors, because power efficiency is the primary
concern for wireless sensor networks. Compatibility and interoperability with existing
wireless networks. For example, WMNs built based on IEEE 802.11 technologies must
be compatible with IEEE 802.11 standards in the sense of supporting both mesh-capable
and conventional Wi-Fi clients. Such WMNs also need to be inter-operable with other
wireless networks such as WiMAX, Zig-Bee, and cellular networks.
Throughput Maximization in Wireless Mesh Networks and its Applications
Wireless mesh networks (WMNs) consist of mesh routers and mesh clients, where
mesh routers have minimal mobility and form the backbone of WMNs. They provide
33
network access for both mesh and conventional clients. This paper considers the
interaction between channel assignment and distributed scheduling in multi-channel,
multi radio Wireless Mesh Networks (WMNs). Recently, a number of distributed
scheduling algorithms for wireless networks have emerged. Due to their distributed
operation, these algorithms can achieve only a fraction of the maximum possible
throughput. As an alternative to increasing the throughput fraction by designing new
algorithms, we present a novel approach that takes advantage of the inherent multi-radio
capability of WMNs. We show that this capability can enable partitioning of the network
into subnet works in which simple distributed scheduling algorithms can achieve 100%
throughput. The partitioning is based on the notion of Local Pooling. Using this notion,
we characterize topologies in which 100% throughput can be achieved distributedly with
algorithms, which characterized in Dijkstra and KBR (Key based routing) and also in this
paper, we will discuss the applications of WMNs. Emerson process management comes
under the industrial automation applications of WMNs using Wireless Hart and
Emerson’s smart wireless extreme applications. It is a secure and TDMA-based wireless
mesh networking technology operating in the 2.4 GHz ISM radio band. Wireless HART
is a newly developed industrial standard network by the Hart Communication Foundation
(HCF), which is being currently replacing the existing HART network in the industries.
The HART communication protocol is an open standard, master-slave token passing
network protocol, where devices are connected over 4-20 mA analog loop. Process
monitoring improving the overall efficiency of our plant, we can reduce costs and
improve throughput.
34
The main advantage of this study is to reduce the time and space complexity through
network partitioning. The mesh routers are usually equipped with multiple wireless
interfaces operating in orthogonal channels. Mesh routers are rarely mobile and usually
do not have power constraints. The issues of channel allocation, scheduling, and
routing in WMNs, assuming that the traffic statistics are given. Obtaining a
centralized solution wireless network does not seem to be feasible, due to the
communication overhead associated with continuously collecting the queue backlog
information, and due to the limited processing capability of the nodes. On the
other hand, distributed algorithms usually provide only approximate solutions,
resulting in significantly reduced throughput. Setting up a routing path in a very large
wireless network may take a long time, and the end-to-end delay can become large.
Furthermore, even when the path is established, the node states on the path may
change. Thus, the scalability of a routing protocol is critical in WMNs.
The control network bridging and field data backhaul, to video process
monitoring and plant surveillance, Emerson’s Smart Wireless technology puts valuable
information within reach-easily and cost-effectively to give us better insights into
what’s happening in our operation. By improving the overall efficiency of our plant,
you can reduce costs and improve throughput. Yet process variability can rob us of
our desired efficiency. Emerson’s Smart Wireless helps you easily and cost-effectively
deploys the predictive intelligence needed to reduce variability and improve overall
efficiency. Most plants can increase throughput by running closer to what the
35
process and equipment are capable of, taking advantage of capacity previously
hidden by less-than-optimum performance. The digital intelligence integrated into
every level of Plant Web architecture enables you to improve throughput. Improving
throughput positions any organization for greater return and competitiveness,
regardless of market condition. When capacity constrained, you can produce more with
existing assets. When market-limited, you can achieve your target output with fewer
operating units.
Secure High-Throughput Multicast Routing in Wireless Mesh Networks
Recent work in multicast routing for wireless mesh networks has focused on
metrics that estimate link quality to maximize throughput. Nodes must collaborate in
order to compute the path metric and forward data. The assumption that all nodes are
honest and behave correctly during metric computation, propagation, and aggregation, as
well as during data forwarding, leads to unexpected consequences in adversarial networks
where compromised nodes act maliciously. In this work we identify novel attacks against
high-throughput multicast protocols in wireless mesh networks. The attacks exploit the
local estimation and global aggregation of the metric to allow attackers to attract a large
amount of traffic. We show that these attacks are very effective against multicast
protocols based on high-throughput metrics. We conclude that aggressive path selection
is a double-edged sword: While it maximizes throughput, it also increases attack
effectiveness in the absence of defense mechanisms. Our approach to defend against the
identified attacks combines measurement-based detection and accusation-based reaction
36
techniques. The solution also accommodates transient network variations and is resilient
against attempts to exploit the defense mechanism itself. A detailed security analysis of
our defense scheme establishes bounds on the impact of attacks. We demonstrate both the
attacks and our defense using ODMRP, a representative multicast protocol for wireless
mesh networks, and SPP, an adaptation of the well- known ETX unicast metric to the
multicast setting.
In this work, we study the security implications of using high-throughput metrics.
We focus on multicast in a wireless mesh network environment because it is a
representative environment in which high-throughput metrics will be beneficial. Although
the attacks we identify can also be conducted in unicast, the multicast setting makes them
more effective and, at the same time, more difficult to defend against. We focus on mesh-
based multicast protocols as they have the potential to be more resilient to attacks. We
use ODMRP as a representative protocol for wireless mesh networks and SPP, a metric
based on the well-known ETX unicast metric, as a high-throughput multicast metric. We
selected SPP since it was shown to outperform all the other multicast metrics for
ODMRP. To the best of our knowledge, this is the first paper to examine vulnerabilities
of high-throughput metrics in general, and in multicast protocols for wireless mesh
networks in particular. Significant work focused on the security of unicast wireless
routing protocols. Several secure routing protocols resilient to outside attacks were
proposed in the last few years such as Ariadne, SEAD, ARAN, and the work. Wireless
specific attacks such as flood rushing and worm-hole were identified and studied. RAP
37
prevents the rushing attack by waiting for several flood requests and then randomly
selecting one to forward, rather than always forwarding only the first one. Techniques to
defend against wormhole attacks include Packet Leashes which restricts the maximum
transmission distance by using time or location information, True link which uses MAC
level acknowledgments to infer if a link exists or not between two nodes, and the work in,
which relies on directional antennas. The problem of insider threats in unicast was
studied in Watchdog detects adversarial nodes by having each node monitors if its
neighbors forward packets to other destinations. SDT and Ariadne use multi-path routing
to prevent a malicious node from selectively drop-ping data. ODSBR provides resilience
to colluding Byzantine attacks by detecting malicious links based on an
acknowledgment-based feedback technique.
2.11 Routing protocols in wireless mesh networks: challenges and design
considerations
Wireless Mesh Networks (WMNs) are an emerging technology that could
revolutionize the way wireless network access is provided. The interconnection of access
points using wireless links exhibits great potential in addressing the Blast mile
connectivity issue. To realize this vision, it is imperative to provide efficient resource
management. Resource management encompasses a number of different issues, including
routing. Although a profusion of routing mechanisms has been proposed for other
wireless networks, and the unique characteristics of WMNs (e.g., wireless backbone)
suggest that WMNs demand a specific solution. To have a clear and precise focus on
38
future research in WMN routing, the characteristics of WMNs that have a strong impact
on routing must be identified. Then a set of criteria is defined against which the existing
routing protocols from ad hoc, sensor, and WMNs can be evaluated and performance
metrics identified. This will serve as the basis for deriving the key design features for
routing in wireless mesh networks. Thus, this paper will help to guide and refocus future
works in this area.
Delivering on QoS guarantees requires a strong resource management frame-work,
starting with an effective routing protocol. The multi-hop wireless nature of WMN
demands a different approach to routing from conventional wireless access networks. It
has much more in common with the ad hoc and sensor network fields. However, the
overall properties of the individual nodes and the overall network are very different in
many ways. Therefore, it is unclear exactly how applicable these approaches are to a
WMN. This paper addresses the issue of routing in a WMN, by considering the specific
characteristics of a WMN. It explores existing solutions, and evaluates their suitability to
the wireless mesh environment. Based on this evaluation, the need for developing new
routing mechanisms, specifically tailored for the unique characteristics of WMNs is
assessed. A number of issues and considerations are identified and presented, in order to
guide future work and the development of a WMN routing protocol. Wireless mesh
networks are a unique combination of wireless technologies, exhibiting characteristics of
each component (ad hoc, cellular and sensor networks). While describing these
characteristics, the commonalities and differences between wireless mesh networks and
39
the aforementioned wireless technologies will be emphasized & Transmission medium.
All communications in wireless environments have the following constraints: limited
available bandwidth, dynamic changes in link capacity (due to interference, noise, etc.),
and asymmetrical links (interference, multipath, etc.). Real world implementations have
revealed the limitations of simulations due to the complexity of such environments, and
have stressed the need for the deployment of test beds in order to assess the validity of
the proposed solutions. The impact of the network conditions becomes more critical in
multi-hop wireless networks such as ad hoc and mesh networks, as difficulties in
bounding transmission delay and packet loss makes supporting QoS-sensitive
applications very challenging. & Network deployment. In cellular networks and
infrastructure-based WLANs, base stations (access points) are deployed in specific
locations. In Mobile Ad hoc Networks (MANETs), the network topology is dynamically
changing as users can be highly mobile although still actively participating in the network
operations through packet forwarding mechanisms. Wireless mesh networks, being a
hybrid technology, blend a fixed wireless backbone with an edge network consisting of
mobile users.
Wireless technology. Whereas base stations in cellular and ad hoc networks are
primarily deployed with Omni-directional antenna technologies, the fixed backbone of
WMNs seems to favor the use of directional antennas for increased throughput. However,
the impact of environmental conditions on the network performance needs to be taken
into consideration, otherwise the communication can significantly deteriorate due to
40
external phenomena such as wind or rain (causing link failure from disorientation of the
antenna). Network infrastructure to support user mobility. As in ad hoc and cellular
networks, users may be mobile. Therefore handoff and location management are
important concerns in wireless mesh networks as well. To address these issues,
distributed and centralized approaches can be considered. Distributed databases can be
deployed in the access points and network gateways to maintain users’ profile and
manage users’ mobility. A centralized approach can also be used, with one entity
responsible for maintaining location information. Techniques can be borrowed from
cellular technologies and applied to wireless mesh networks, but the communication
costs, whereas of little importance in cellular networks (mainly involve fixed part of the
network), have adverse effect in bandwidth-constrained wireless mesh networks.
Maximize the System Throughput in Wireless Mesh Network Using Enhanced
Gateway Selection Method
Studying the challenging problem of optimizing gateway placement for
throughput in Wireless Mesh Networks. Wireless Mesh Networks can be easily deployed
without wire lines. A wireless mesh network consists of wireless mesh routers and a base
station directly connected to external networks. At the centre of the wireless mesh
network the base station is located and it chooses a certain number of wireless mesh
routers as gateways. Finding the candidate gateways that maximize the system
throughput without solving a complex optimization problem which includes a large
number of parameters and involves heavy computation load easily and quickly. The
41
gateway performance is evaluated by numerical analysis, and also demonstrated through
computer simulations. It can also be determined the appropriate candidate gateway with
high accuracy when there is a certain variance in the amount of traffic generated by users
at each wireless mesh router and also find the minimum number of gateways to maximize
the throughput of WMN.
Increasing throughput in backbone communication by adding new gateways is
effectively reducing the average number of hops each packet needs to access gateways
and by existing gateways it reduces the traffic load. The benefits can be diminishing due
to inappropriate gateway placement; the new gateways will also result in more
interference to existing gateways. Therefore the gateway placement algorithm is not only
relieving traffic load in the network but also introduced minimal interference. A novel
method is proposed to choose the gateway for deploying a WMN for disaster recovery; it
is used to achieve the maximum system throughput. The base station can select a number
of wireless mesh routers as gateways, and establish a connection with each of them.
Particularly, due to the base station supports one channel, Assume that mesh routers
connect to each other by the single channel. Moreover, note that we consider only one
gate-way in a certain area. Here, we design a network topology to analyze the system
throughput. We randomly deploy the wireless mesh router nodes within a certain area,
and they contact with adjacent nodes when the distance between two of them is less than
the transmission range. The Minimum Spanning Tree (MST) algorithm to delete the
redundant paths and maintain the unique routing path for our network topology.
42
The security issues of the original 802.11 standard addresses 802.1X. The issues
still exist with regard to weaknesses in the WEP encryption and data integrity methods.
The solution to these problems is the standard, a new standard that specifies
improvements to wireless LAN networking security. The wireless vendors agreed on an
interoperable interim standard known as Wi-Fi Protected Access™ (novel gateway
system™). The goals of novel gateway system were the following: To require secure
Wireless Mesh Networking a Novel gateway system requires secure Wireless Mesh
Networking authentication, encryption, unicast and global encryption key management
by requiring 802.1X. To address the issues with WEP through a software upgrade. The
stream cipher within WEP is vulnerable to known the plaintext attacks. In addition, the
data integrity provided with WEP is relatively weak. A novel gateway system with WEP
solves most of the remaining security issues, yet only requires firmware updates in
wireless equipment and an update for wireless clients. To be forward-compatible with the
standard A subset of the security features in the standard is a novel gateway system. To
be available before 802.11i standard ratification. The wireless equipment and wireless
clients are upgrade using novel gateway system.
Securing AODV Routing Protocol in Mobile Ad-hoc Networks
In this paper, we have proposed a security schema for Ad-hoc On-Demand
Distance Vector (AODV) routing protocol. In this schema, each node in a network has a
list of its neighbor nodes including a shared secret key which is obtained by executing a
key agreement when joining a network. One key principle in our schema is that before
43
executing route discovery steps in AODV protocol, each node executes message
authentication process with the sender to guarantee the integrity and non-repudiation of
routing messages and therefore, could prevent attacks from malicious nodes. Comparing
with other recently proposed security routing protocols, our security schema needs less
computation power in routing transactions and does not need any centralized element in
mobile ad-hoc networks. In this paper, we examine and discuss recent secure routing
protocols in order to identify the flaws of current security approaches. Based on the
analysis, a security schema for AODV routing protocol has been proposed to eliminate
the security flaws in the protocol and compensate identified security weaknesses in recent
secure routing approaches. In this section, however, we briefly describe only two
schemas: ARAN and SAODV since they are closely related to our approach. In the
authors categorized three kinds of threats which are modification, impersonation and
fabrication in AODV and DSR. On the basic of this analysis, the authors proposed a
protocol called ARAN (Authenticated Routing for Ad hoc Networks) using cryptographic
certificates to bring authentication, message-integrity and non-repudiation to the route
discovery process based on the assumption of existing of a trusted certificate server. It is
not appropriate with ad hoc networks because it forms a centralized element. Moreover,
in this protocol, because the source node cannot authenticate intermediate nodes in the
routing path, intermediate malicious nodes can use error message attacks to networks. In
the authors extend the AODV routing protocol to guarantee security based on the
approach of key management scheme in which each node must have certificated public
keys of all nodes in the network. This work uses two mechanisms to secure the AODV
44
messages: digital signature to authenticate the fixed fields of the messages and hash
chains to secure the hop count field. This protocol uses public key distribution approach
in the ad hoc network; therefore, it is difficult to deploy and computationally heavy since
it requires both asymmetric cryptography and hash chains in exchanging messages. The
protocol also did not consider the, authentication of intermediate nodes; hence it could
not prevent the attack of falsifying error messages in ad hoc networks. The principle of
our schema is that messages in AODV must be authenticated to guarantee the integrity
and non-repudiation so that the protocol can be pre- vented against several kinds of
attacks. Each node in a network has its own a pair of public key e and private key d
following RSA Public-key Crypto-system by self-generation, and each node contains a
list of neighbor nodes with records containing the information of a neighbor node
including neighbor address, neighbor public key, and a shared secret key. This
information is formed after the key agreement between two neighbor nodes to negotiate a
pair of keys and a shared secret key.
Throughput Maximization in Wireless Mesh Networks and its Applications
Wireless mesh networks (WMNs) consist of mesh routers and mesh clients, where
mesh routers have minimal mobility and form the backbone of WMNs. They provide
network access for both mesh and conventional clients. This paper considers the
interaction between channel assignment and distributed scheduling in multi-channel,
multi radio Wireless Mesh Networks (WMNs). Recently, a number of distributed
scheduling algorithms for wireless networks have emerged. Due to their distributed
45
operation, these algorithms can achieve only a fraction of the maximum possible
throughput. As an alternative to increasing the throughput fraction by designing new
algorithms, we present a novel approach that takes advantage of the inherent multi-radio
capability of WMNs. We show that this capability can enable partitioning of the network
into sub networks in which simple distributed scheduling algorithms can achieve 100%
throughput. The partitioning is based on the notion of Local Pooling. Using this notion,
we characterize topologies in which 100% throughput can be achieved distributedly with
algorithms, which characterized in Dijkstra and KBR (Key based routing) and also in this
paper, we will discuss the applications of WMNs. Emerson process management comes
under the industrial automation applications of WMNs using Wireless Hart and
Emerson’s smart wireless extreme applications. It is a secure and TDMA-based wireless
mesh networking technology operating in the 2.4 GHz ISM radio band. Wireless HART
is a newly developed industrial standard network by the Hart Communication Foundation
(HCF), which is being currently replacing the existing HART network in the industries.
The HART communication protocol is an open standard, master-slave token passing
network protocol, where devices are connected over 4-20 mA analog loop. Process
monitoring improving the overall efficiency of our plant, we can reduce costs and
improve throughput.
This paper considers the interaction between channel assignment and
distributed scheduling in multi-channel multiradio Wireless Mesh Networks
(WMNs). The topologies are used in order to develop a number of centralized
46
channel assignment algorithms that are based on a matroid intersection algorithm.
These algorithms pre-partition a network in a manner that not only expands the capacity
regions of the sub networks but also allows distributed algorithms to achieve these
capacity regions and evaluate the performance of the algorithms via simulation and
show that they significantly increase the distributedly achievable capacity region.
We note that while the identified topologies are of general interference graphs, the
partitioning algorithms are designed for networks with primary interference
constraints. KBR is a lookup method used in conjunction with distributed hash
tables (DHTs). While DHTs provide a method to find a host responsible for a certain
piece of data, KBR provides a method to find the closest host for that data,
according to some defined metric. This may not necessarily be defined as physical
distance, but rather the number of network hops. KBR improves the efficiency of
decentralized information retrieval in peer-to-peer networks. Our knowledge-based
route finding can be described as using knowledge about the road network to
isolate the search and or to guide the problem solving. Two key types of knowledge
used in the proposed approach are the knowledge of road types (e.g., minor roads,
major roads, and expressways) and the knowledge that major roads and expressways
naturally partition the whole network into many small areas or sub-networks. These
two types of knowledge and some others are used to partition and to reorganize
the whole network. An efficient search algorithm is employed to search for the best
solution in the appropriate sub-networks rather than the whole network. Within this
framework, we present three specific methods. Each of these methods has its advantages
47
and disadvantages over the others, and is suitable for a different situation. Routing
Consistency of Key-based routing (KBR) is large key space and Routing to a destination
close to a given key routings always reach the owner of the key.
Secure High-Throughput Multicast Routing in Wireless Mesh Networks
Recent work in multicast routing for wireless mesh networks has focused on
metrics that estimate link quality to maximize throughput. Nodes must collaborate in
order to compute the path metric and forward data. The assumption that all nodes are
honest and behave correctly during metric computation, propagation, and aggregation, as
well as during data forwarding, leads to unexpected consequences in adversarial networks
where compromised nodes act maliciously. In this work we identify novel attacks against
high-throughput multicast protocols in wireless mesh networks. The attacks exploit the
local estimation and global aggregation of the metric to allow attackers to attract a large
amount of traffic. We show that these attacks are very effective against multicast
protocols based on high-throughput metrics. We conclude that aggressive path selection
is a double-edged sword: While it maximizes throughput, it also increases attack
effectiveness in the absence of defense mechanisms. Our approach to defend against the
identified attacks combines measurement-based detection and accusation-based reaction
techniques. The solution also accommodates transient network variations and is resilient
against attempts to exploit the defense mechanism itself. A detailed security analysis of
our defense scheme establishes bounds on the impact of attacks. We demonstrate both the
attacks and our defense using ODMRP, a representative multicast protocol for wireless
48
mesh networks, and SPP, an adaptation of the well- known ETX unicast metric to the
multicast setting.
In this work, we study the security implications of using high-throughput metrics.
We focus on multicast in a wireless mesh network environment because it is a
representative environment in which high-throughput metrics will be beneficial. Although
the attacks we identify can also be conducted in unicast, the multicast setting makes them
more effective and, at the same time, more difficult to defend against. We focus on mesh-
based multicast protocols as they have the potential to be more resilient to attacks. We
use ODMRP as a representative protocol for wireless mesh networks and SPP, a metric
based on the well-known ETX unicast metric, as a high-throughput multicast metric. We
selected SPP since it was shown to outperform all the other multicast metrics for
ODMRP. To the best of our knowledge, this is the first paper to examine vulnerabilities
of high-throughput metrics in general, and in multicast protocols for wireless mesh
networks in particular. We identify attacks against multicast protocols that exploit the use
of high-throughput metrics. The attacks consist of local metric manipulation (LMM) and
global metric manipulation (GMM), and allow an attacker to attract significant traffic.
We show that aggressive path selection is a double-edged sword: It leads to throughput
maximization, but in the absence of protection mechanisms it also increases attack
effectiveness. For example, in our simulations, the GMM attack requires only about a
quarter of the number of attackers needed by a simple data dropping attack to create the
49
same disruption in the multicast service. Since a small number of attackers can severely
impede the protocol, an effective solution must identify and isolate all malicious nodes.
We identify a dangerous effect of the attacks, referred to as metric poisoning,
which causes many honest nodes to have incorrect metrics. Consequently, any response
mechanism cannot rely on poisoned metrics for local recovery and must either use a
fallback procedure not relying on the metric or refresh the metric before starting
recovery. We propose a defense scheme that combines measurement-based detection and
accusation-based reaction techniques. To accommodate transient network variations, we
use temporary accusations that have duration proportional to the disruption created by the
accused node. To prevent attackers from exploiting the defense mechanism itself, we
limit the number of accusations that can be generated by a node. We perform a detailed
security analysis of our defense scheme and establish bounds on the impact of attacks.
Extensive simulations with ODMRP and the SPP metric confirm our analysis and show
that our strategy is very effective in defending against the attacks, while adding a low
overhead. We consider a multi-hop wireless network where nodes participate in the data
forwarding process for other nodes. We assume a mesh-based multicast routing protocol,
which maintains a mesh connecting multicast sources and receivers. Path selection is
performed based on a metric designed to maximize throughput.
50
2.12 Secure Routing in Wireless Mesh Networks
Wireless mesh networks (WMNs) have emerged as a promising concept to meet
the challenges in next-generation networks such as providing flexible, adaptive, and
reconfigurable architecture while offering cost-effective solutions to the service
providers. Unlike traditional Wi-Fi networks, with each access point (AP) connected to
the wired network, in WMNs only a subset of the APs are required to be connected to
the wired network. The APs that are connected to the wired network are called the
Internet gateways (IGWs), while the APs that do not have wired connections are called
the mesh routers (MRs). The MRs is connected to the IGWs using multi-hop
communication. The IGWs provide access to conventional clients and interconnect ad
hoc, sensor, cellular, and other networks to the Internet.
Several vulnerabilities exist in the protocols foe WMNs. These vulnerabilities can
be exploited by the attackers to degrade the performance of the network. The nodes in a
WMN depend on the cooperation of the other nodes in the network. Consequently, the
MAC layer and the network layer protocols for these networks usually assume that the
participating nodes are honest and well-behaving with no malicious or dishonest
intentions. In practice, however, some nodes in a WMN may behave in a selfish manner
or may be compromised by malicious users. The assumed trust and the lack of
accountability due to the absence of a central administrator make the MAC and the
network layer protocols vulnerable to various types of attacks. In this section, a
51
comprehensive discussion on various types of attacks in different layers of the protocol
stack of a WMN is provided.
The physical layer is responsible for frequency selection, carrier frequency
generation, signal detection, modulation, and data encryption. As with any radio-based
medium, the possibility of jamming attacks in this layer of WMNs is always there.
Jamming is a type of attack which interferes with the radio frequencies that the nodes use
in a WMN for communication. A jamming source may be powerful enough to disrupt
communication in the entire network. Even with less powerful jamming sources, an
adversary can potentially disrupt communication in the entire network by strategically
distributing the jamming sources. An intermittent jamming source may also prove
detrimental as some communications in WMNs may be time-sensitive. More complex
forms of radio jamming attacks have been studied where the attacking devices do not
obey the MAC layer protocols.
On the Throughput Evaluation of Wireless Mesh Network Deployed in Disaster
Areas
After disasters such as earthquakes and tsunamis, the network infrastructures
might be extremely damaged or destroyed while Internet connection becomes much more
necessary. Therefore, deploying networks in disaster areas has received much attention
especially after the great earthquake in Japan on March 11, 2011. Among many kinds of
networks, Wireless Mesh Network (WMN) is considered as one of the most suitable
52
solutions because it cans easily configure a network without any wired infrastructure. In
our national project on disaster recovery network, we attempt to build a WMN
connecting remaining routers (i.e., the routers that remain functional after the disaster) by
using a Movable and Deployable Resource Unit (MDRU) as a base station, which has
processing servers, storage servers, and Internet connectivity. However, in order to have a
good network design, many experiments such as simulations need to be done beforehand.
In this paper, we provide an adequate throughput evaluation of the deployed network
with many configurations, which are close to reality. The results demonstrate that the
network can, at the same time, provide basic Internet access to a significantly large
population of users.
In this paper, we also provide a discussion about network joint design especially in
disaster areas. In particular, problems related to using multi-channel and calculating the
optimal offered load beforehand is discussed. By using the results of this paper, we can
consider many modifications in designing the MDRU to achieve higher performance in
terms of network throughput. Together with the increasing knowledge of disasters, there
have been more researches focusing on information and communication. Among the most
related organizations in Japan, Nippon Telegraph and Telephone (NTT) has made much
effort for limiting the impact of disasters. In a publication in 1990, introduced disaster
prevention measures for telecommunications network systems. Their introduced design
guidelines are based on three fundamental principles: improving network reliability,
preventing isolation, and rapidly restoring services. The three principles are still valuable
53
for current telecommunications networks. Moreover, rapidly restoring services is one of
the most important reasons that WMNs are considered to be used in disaster recovery
networks also introduced spontaneous (emergency/disaster) networking as an application
scenario. Due to the higher demand in communication during disasters, throughput is
considered to be one of the most important factors. It has received increasing attention
recently especially on analyzing its limits proposed a method to calculate the theoretical
maximum throughput of 802.11 networks for various technologies and data rates.
However, this method does not support multi-radio and multi-channel networks. The
research concentrated on analyzing the contention window sizes and qualitative
performance of the IEEE 802.11 standard. By using the theoretical maximum throughput,
we can control procedures of quality of service schemes to determine the upper bounds
on available bandwidth.
2.13 Novel methods for reliable multicast routing in wireless mesh networks
A reliable multicast routing enables a process to multicast a message to a group of
clients in a way that ensures all the host destination group members receive the
same message. Multicast routing on Wireless Mesh Networks brings great challenges in
security due to its high dynamics, link vulnerability, and complete decentralization.
Hence, due to its insufficient security requirements and vulnerability to attacks, a
novel secure multicast routing protocol S-ODMRP, takes full advantage of trusted
computing technology. The novel methods proposed overcomes the above degradation
and decreases the communication cost by broadcasting the local traffic and by providing
54
self healing mechanism to each nodes in the network so that it cures the link failure
caused by the failed routers and reconstructs the multicast key path, in which the path
selection is based on the link basis. And the trusted key is distributed for the secure
multicast routing in the Wireless Mesh Networks. In which the trust value for each
node is based on some set of rules such as the jointly behaviors, energy
behaviors, and the activity model. Hence the NS-2 simulation includes various
parameters such as Packet Delivery Ratio (PDR), Bandwidth overhead, cost per
received packet, number of attackers and achieves the higher security and throughput.
The term “Wireless Mesh Networks” describes wireless networks in which each
node can communicate directly with one or more peer nodes. And the term Mesh
originally used to suggest that all nodes were connected to all other nodes, but
most modern meshes connect only a subset of nodes to each other. Nodes are
comprised of mesh routers and mesh clients. Each node operates not only as a host but
also as a router. WMNs still lack efficient and scalable security solutions, because
their security is more easily compromised due to several factors: their distributed
network architecture, the vulnerability of channels and nodes in the shared wireless
medium, and the dynamic change of network topology. Attacks in different protocol
layers can easily cause the network to fail. Attacks may occur in the routing protocol such
as advertising wrong routing updates. The attacker may sneak into the network,
impersonate a legitimate node, and not follow the required specifications of a routing
protocol. It has the following advantages such as it Offers high speed wireless packet
55
data access across a wide coverage area. Minimizes cost of capital, installation and
commissioning. Utilizes low cost 802.11 technologies highly flexible in terms of
capacity coverage and availability. Wireless access points may be deployed indoor or
outdoor. Security is a vital problem in the design of a WMN. The client should have end-
point-to-end-point security assurance. However, being different from a wired and
traditional wireless network, a WMN could easily comprise various types of attacks.
A Novel Gateway Selection Method to Maximize the System Throughput of
Wireless Mesh Network Deployed in Disaster Areas
Since Wireless Mesh Networks (WMNs) can be easily deployed without wirelines
among wireless mesh routers, they allow us to quickly recover network access services in
disaster areas even if the existing network infrastructures have been enormously
destroyed by terrible earthquake, tsunami, and so on. However, the performance of
wireless mesh networks is largely affected by many factors, e.g., wireless mesh routers’
locations, channel assignment, transmission scheduling, etc. In particular, the method of
selecting gateways which has a connection to external networks significantly impacts on
the network performance when the topology and routing have been fixed in the wireless
mesh network. In this paper, we suppose a wireless mesh network which consists of
wireless mesh routers and a base station directly connected to external networks. The
base station is located at the center of the wireless mesh network chooses a certain
number of wireless mesh routers as gateways, and establishes a connection with each of
56
them. Our goal is to easily and quickly find the candidate gateways that maximize the
system throughput without solving a complex optimization problem which includes a
large number of parameters and involves heavy computation load. The performance of
the proposed scheme is evaluated by numerical analysis, and demonstrated through
computer simulations. The results show that our proposed scheme can determine the
appropriate candidate gateway with high accuracy when there is a certain variance in the
amount of traffic generated by users at each wireless mesh router.
Moreover, to recover communications in a disaster area, we deploy a number of
wireless mesh routers to construct the backbone network and select some of them as the
gateways to directly link the base station to connect to the Internet. However, choosing
different mesh routers as the gateway will bring different network performance.
Throughput is one of the major criteria to evaluate network performance. In a certain
area, how to choose a mesh router as the gateway to provide maximum available system
throughput has been a key issue in recent years. Therefore, in this paper, we would like to
propose a new method to select a mesh router as the gateway in the disaster area to
maintain high system throughput of the deployed network. We propose a novel method to
choose the gateway for deploying a WMN for disaster recovery, in achieving the
maximum system throughput; a realistic application has been deployed in Japan. The
base station can select a number of wireless mesh routers as gateways, and establish a
connection with each of them. Particularly, due to the base station supports one channel,
in this paper, we assume that mesh routers connect to each other by the single channel.
57
Moreover, note that we consider only one gateway in a certain area. If there are multi-
gateways, the problem can be solved by separating the nodes related to one gateway from
nodes associated to other gateways, which is beyond the research scope of this paper.
Here, we design a network topology to analyze the system throughput. We randomly
deploy the wireless mesh router nodes within a certain area, and they contact with
adjacent nodes when the distance between two of them is less than the transmission
range. Note that, in this topology, we do not consider routing attacks when set up the
routing path, interested readers can reference the literatures. We utilize the Minimum
Spanning Tree (MST) algorithm to delete the redundant paths and maintain the unique
routing path for our network topology.
Efficient Throughput for Wireless Mesh Networks by CDMA/OVSF Code
Assignment
Orthogonal Variable Spreading Factor (OVSF) CDMA code has the ability to
support higher and variable data rates with a single code using one transceiver. A number
of CDMA code assignment algorithms have been developed and studied for cellular
wireless networks, however, little is known about the ad hoc wireless networks, e.g.,
mesh networks. In this paper, we propose several distributed CDMA/OVSF code
assignment algorithms for wireless ad hoc networks modeled by unit disk graph
(UDG).We first study how to assign CDMA/OVSF code such that the total throughput
achieved is within a constant factor of the optimum. Then we give a distributed method
such that the minimum rate achieved is within a constant factor of the minimum rate of
58
any valid code assignment. A distributed method that can approximate both the minimum
rate and total throughput is also presented. Finally, we present a post processing method
to further improve these code assignments. All our methods use only O (n) total messages
(each with O (log n) bits) for an ad hoc wireless network of n devices modeled by UDG.
We conduct extensive simulations to study the performance and the message
complexities of our methods for randomly deployed wireless ad hoc networks. The
experiments show that our method performs much better practically than the pessimistic
theoretical lower bounds.
CDMA provides higher capacity, flexibility, scalability, reliability and security
than conventional FDMA and TDMA. In a CDMA system, the communication channels
are defined by the pseudo-random codeword’s, which are carefully designed to cancel
each other out as far as possible. Every bit of data is multiplied by the codeword used by
the wireless communication channel. The number of duplicates, which is equal to the
length of the codeword, is known as the spreading factor. The inverse to the length of the
codeword is known as the rate of the codeword. There is a trade-off on the length of the
codeword. On one hand, longer codeword can increase the number of channels and the
robustness of the communications. On the other hand, since the raw rate seen by the user
is inverse to the codeword length, longer codeword would result in lower data rate of the
communication channels. We propose several efficient distributed CDMA/OVSF code
assignment algorithms for wireless ad hoc networks modeled by unit disk graph. We first
study how to assign CDMA/OVSF code such that the total throughput achieved is within
59
a constant factor of the optimum. Then we give a method such that the minimum rate
achieved is within a constant factor of the minimum rate of any valid code assignment. A
method that can approximate both the minimum rate and total throughput simultaneously
is also presented. Finally, we present a post processing method to further improve the
performance of these code assignments. All our methods use only O (n) total messages
(each with O (log n) bits) for an ad hoc wireless network of n devices modeled by UDG.
We also conduct extensive simulations to study the practical performances of our
methods. Our methods not only have theoretically proven performance bounds but also
perform close to optimum practically. This paper is not intended to solve all critical
issues in CDMA based wireless ad hoc networks. In addition to the code assignment
problem, there are several other important issues that should be addressed so the
CDMA/OVSF code can be used practically for wireless ad hoc networks. The first issue
is about how the communication of code assignment methods is performed before a
CDMA/OVSF code is assigned to nodes (sort of chicken and egg problem here). For this,
we assume that there is already a separated control channel available for communication
when the wireless network is deployed. Another issue is the mobility of wireless nodes.
When wireless nodes move around and in consequence of the movement the interference
graph is changed, we should re-assign the CDMA/OVSF codes to wireless nodes. The
algorithms proposed in this paper mostly use the information local to each node to select
its CDMA/OVSF code. Consequently, when nodes are mobile, we could update the codes
fairly quickly. The moving node will check if movement causes its code to be invalid. If
so, it will run our methods to find the new code and inform its neighbors about this new
60
code. Here, instead of letting the ID be the rank in assigning code, we will use the
updating time as the rank or the moving speed of a node as the rank (slow moving node
will have chance to get higher rate code). To retain a good performance, we may need to
re-assign the codes for all nodes.
top related