Results 1 - 10
of
12
A sophisticated privacy-enhanced yet accountable security framework for wireless mesh networks,” in
, 2008
"... Abstract—Recently, multi-hop wireless mesh networks (WMNs) have attracted increasing attention and deployment as a low-cost approach to provide broadband Internet access at metropolitan scale. Security and privacy issues are of most concern in pushing the success of WMNs for their wide deployment an ..."
Abstract
-
Cited by 9 (2 self)
- Add to MetaCart
(Show Context)
Abstract—Recently, multi-hop wireless mesh networks (WMNs) have attracted increasing attention and deployment as a low-cost approach to provide broadband Internet access at metropolitan scale. Security and privacy issues are of most concern in pushing the success of WMNs for their wide deployment and for supporting service-oriented applications. Despite the necessity, limited security research has been conducted towards privacy preservation in WMNs. This motivates us to develop PEACE, a soPhisticated privacy-Enhanced yet Accountable seCurity framEwork, tailored for WMNs. At the one hand, PEACE enforces strict user access control to cope with both free riders and malicious users. On the other hand, PEACE offers sophisticated user privacy protection against both adversaries and various other network entities. PEACE is presented as a suite of authentication and key agreement protocols built upon our proposed short group signature variation. Our analysis shows that PEACE is resilient to a number of security and privacy related attacks. I.
privacy objectives for sensing applications in wireless community networks
- in Proc. IEEE 19th Int. Conf. Computer Communications and Networks (ICCCN
"... Abstract—Wireless Community Networks (WCN) are formed by the integration of user-operated wireless sensor networks that are internetworked by wireless mesh networks available within urban communities. WCNs enable novel applications for the members of the community. These include different sensing ap ..."
Abstract
-
Cited by 7 (1 self)
- Add to MetaCart
(Show Context)
Abstract—Wireless Community Networks (WCN) are formed by the integration of user-operated wireless sensor networks that are internetworked by wireless mesh networks available within urban communities. WCNs enable novel applications for the members of the community. These include different sensing applications, where individuals contribute sensor data for further use within their community at large or with well-defined restrictions to certain users. Sensing application scenarios for WCNs differ from traditional sensor network applications with respect to their security and privacy requirements. In this paper, we define three representative scenarios—personal sensing, designated sensing, and community sensing. These scenarios are then studied with respect to their privacy and security implications. In particular, we identify main research questions and highlight the challenges of using various security and privacy approaches from networking and cryptography to make sensing applications in WCNs security and privacy aware. Keywords-wireless community networks, wireless mesh networks, wireless sensor networks, sensing applications, security, privacy, anonymity, access control I.
Network Coding Based Privacy Preservation against . . .
- IEEE TRANSACTIONS ON WIRELESS COMMUNICATIONS, ACCEPTED FOR PUBLICATION
, 2011
"... Privacy threat is one of the critical issues in multihop wireless networks, where attacks such as traffic analysis and flow tracing can be easily launched by a malicious adversary due to the open wireless medium. Network coding has the potential to thwart these attacks since the coding/mixing operat ..."
Abstract
-
Cited by 6 (0 self)
- Add to MetaCart
Privacy threat is one of the critical issues in multihop wireless networks, where attacks such as traffic analysis and flow tracing can be easily launched by a malicious adversary due to the open wireless medium. Network coding has the potential to thwart these attacks since the coding/mixing operation is encouraged at intermediate nodes. However, the simple deployment of network coding cannot achieve the goal once enough packets are collected by the adversaries. On the other hand, the coding/mixing nature precludes the feasibility of employing the existing privacy-preserving techniques, such as Onion Routing. In this paper, we propose a novel network coding based privacy-preserving scheme against traffic analysis in multihop wireless networks. With homomorphic encryption on Global Encoding Vectors (GEVs), the proposed scheme offers two significant privacy-preserving features, packet flow untraceability and message content confidentiality, for efficiently thwarting the traffic analysis attacks. Moreover, the proposed scheme keeps the random coding feature, and each sink can recover the source packets by inverting the GEVs with a very high probability. Theoretical analysis and simulative evaluation demonstrate the validity and efficiency of the proposed scheme.
Mitigating selective forwarding attacks with a channel-aware approach in wmns, Wireless Communications
- In “Global Telecommunications Conference”IEEE 2009. GLOBECOM 2009. IEEE
, 2010
"... Abstract—In this paper, we consider a special case of denial of service (DoS) attack in wireless mesh networks (WMNs) known as selective forwarding attack (a.k.a gray hole attacks). With such an attack, a misbehaving mesh router just forwards a subset of the packets it receives but drops the others. ..."
Abstract
-
Cited by 5 (1 self)
- Add to MetaCart
(Show Context)
Abstract—In this paper, we consider a special case of denial of service (DoS) attack in wireless mesh networks (WMNs) known as selective forwarding attack (a.k.a gray hole attacks). With such an attack, a misbehaving mesh router just forwards a subset of the packets it receives but drops the others. While most of the existing studies on selective forwarding attacks focus on attack detection under the assumption of an error-free wireless channel, we consider a more practical and challenging scenario that packet dropping may be due to an attack, or normal loss events such as medium access collision or bad channel quality. Specifically, we develop a channel aware detection (CAD) algorithm that can effectively identify the selective forwarding misbehavior from the normal channel losses. The CAD algorithm is based on two strategies, channel estimation and traffic monitoring. If the monitored loss rate at certain hops exceeds the estimated normal loss rate, those nodes involved will be identified as attackers. Moreover, we carry out analytical studies to determine the optimal detection thresholds that minimize the summation of false alarm and missed detection probabilities. We also compare our CAD approach with some existing solutions, through extensive computer simulations, to demonstrate the efficiency of discriminating selective forwarding attacks from normal channel losses. Index Terms—Wireless mesh network, selective forwarding attack, gray hole attack, channel aware detection, optimal detection threshold. I.
AMI threats, intrusion detection requirements and deployment recommendations
- In Third International Conference on Smart Grid Communications (SmartGridComm), IEEE Proc
, 2012
"... Abstract—Advanced Metering Infrastructures (AMI) facilitate bidirectional communication between smart meters and utilities, allowing information about consumption, outages, and electricity rates to be shared reliably and efficiently. However, the numerous smart meters being connected through mesh ne ..."
Abstract
-
Cited by 5 (2 self)
- Add to MetaCart
(Show Context)
Abstract—Advanced Metering Infrastructures (AMI) facilitate bidirectional communication between smart meters and utilities, allowing information about consumption, outages, and electricity rates to be shared reliably and efficiently. However, the numerous smart meters being connected through mesh networks open new opportunities for attackers to interfere with communications and compromise utilities ’ assets or steal customers ’ private information. The goal of this paper is to survey the various threats facing AMIs and the common attack techniques used to realize them in order to identify and understand the requirements for a comprehensive intrusion detection solution. The threat analysis leads to an extensive “attack tree ” that captures the attackers’ key objectives (e.g., energy theft) and the individual attack steps (e.g., eavesdropping on the network) that would be involved in achieving them. With reference to the attack tree, we show the type of information that would be required to effectively detect attacks. We also suggest that the widest coverage in monitoring the attacks can be provided by a hybrid sensing infrastructure that uses both a centralized intrusion detection system and embedded meter sensors. I.
1 ANOC: Anonymous Network-Coding-Based Communication with Efficient Cooperation
"... Abstract—Practical wireless network coding (e.g., COPE) is a promising technique that can enhance the throughput of wireless networks. However, such a technique also bears a serious security drawback: it breaks the current privacy-preserving protocols (e.g., Onion Routing), since their operations co ..."
Abstract
-
Cited by 2 (0 self)
- Add to MetaCart
(Show Context)
Abstract—Practical wireless network coding (e.g., COPE) is a promising technique that can enhance the throughput of wireless networks. However, such a technique also bears a serious security drawback: it breaks the current privacy-preserving protocols (e.g., Onion Routing), since their operations conflict each other. As user privacy in wireless networks is highly valued nowadays, a new privacy-preserving scheme that can function with wireless network coding becomes indispensable. To address such a challenge, we apply the idea of cooperative networking and design a novel anonymity scheme named ANOC, which can function in network-coding-based wireless mesh networks. ANOC is built upon the classic Onion Routing protocol, and resolves its conflict with network coding by introducing efficient cooperation among relay nodes. Using ANOC, we can perform network coding to achieve a higher throughput, while still preserving user privacy in wireless mesh networks. We formally show how ANOC achieves the property of relationship anonymity, and conduct extensive experiments via nsclick to demonstrates its feasibility and efficiency when integrated with network coding. Index Terms—Network coding, anonymity, cooperative networking, Onion Routing. I.
SAT: A Security Architecture Achieving Anonymity and Traceability in Wireless Mesh Networks
"... Abstract—Anonymity has received increasing attention in the literature due to the users ’ awareness of their privacy nowadays. Anonymity provides protection for users to enjoy network services without being traced. While anonymity-related issues have been extensively studied in payment-based systems ..."
Abstract
-
Cited by 2 (0 self)
- Add to MetaCart
(Show Context)
Abstract—Anonymity has received increasing attention in the literature due to the users ’ awareness of their privacy nowadays. Anonymity provides protection for users to enjoy network services without being traced. While anonymity-related issues have been extensively studied in payment-based systems such as e-cash and peer-to-peer (P2P) systems, little effort has been devoted to wireless mesh networks (WMNs). On the other hand, the network authority requires conditional anonymity such that misbehaving entities in the network remain traceable. In this paper, we propose a security architecture to ensure unconditional anonymity for honest users and traceability of misbehaving users for network authorities in WMNs. The proposed architecture strives to resolve the conflicts between the anonymity and traceability objectives, in addition to guaranteeing fundamental security requirements including authentication, confidentiality, data integrity, and nonrepudiation. Thorough analysis on security and efficiency is incorporated, demonstrating the feasibility and effectiveness of the proposed architecture. Index Terms—Anonymity, traceability, pseudonym, misbehavior, revocation, wireless mesh network (WMN). Ç 1
Anonymity in Wireless Broadcast Networks
"... Systems that provide network traffic anonymity typically focus on wide-area network topologies, and exploit the infeasibility of eavesdropping on all links to prevent attackers from determining communication peers. This approach is inappropriate for high-security wireless localarea networks, since i ..."
Abstract
-
Cited by 1 (0 self)
- Add to MetaCart
(Show Context)
Systems that provide network traffic anonymity typically focus on wide-area network topologies, and exploit the infeasibility of eavesdropping on all links to prevent attackers from determining communication peers. This approach is inappropriate for high-security wireless localarea networks, since it does not obscure the traffic volume, allowing attackers to identify critical nodes (e.g., a military HQ) and, given the ability of an attacker to obtain a global view of all communications, the relative ease of identifying the source and destination of traffic flows. These weaknesses derive from the fact that, whereas in wide-area networks the sender, the receiver and the adversary are on different physical links, in wireless networks they may share a single broadcast link. Moreover, the adversary can easily find the physical location of the transmitter and thereby identify the entity sending the traffic, not just its network identity. We introduce Wireless Anonymous Routing (war), an approach to achieve anonymity in a broadcast network. We describe a formal threat model for war and compare it to the traditional anonymity approaches. We show that these are inadequate when applied to the broadcast model, and describe new protocols that preserve security with better performance, adequately addressing the requirements of security-critical environments. We provide analytical and some preliminary experimental evidence that our protocols achieve anonymity at a reasonable cost.
Misbehavior detection in wireless mesh networks
- In Proc. of ICACT
, 2008
"... Abstract In this paper we propose a detection technique to identify misbehaving client in wireless mesh networks. The technique is devised based on the communication history for two communicating clients through a common set of routers. Individual trust relationship is calculated for both the clien ..."
Abstract
-
Cited by 1 (0 self)
- Add to MetaCart
(Show Context)
Abstract In this paper we propose a detection technique to identify misbehaving client in wireless mesh networks. The technique is devised based on the communication history for two communicating clients through a common set of routers. Individual trust relationship is calculated for both the clients with their common routers. Then a correlation value for each client is found and compared with a predefined threshold to determine whether a client is spurious or not. We evaluate the performance of the proposed detection technique through simulation and results show that the detection efficiency is better with small number of misbehaving clients.
IEEE TRANSACTIONS ON WIRELESS COMMUNICATIONS, ACCEPTED FOR PUBLICATION 1 Mitigating Selective Forwarding Attacks with a Channel-Aware Approach in WMNs
"... Abstract-In this paper, we consider a special case of denial of service (DoS) attack in wireless mesh networks (WMNs) known as selective forwarding attack (a.k.a gray hole attacks). With such an attack, a misbehaving mesh router just forwards a subset of the packets it receives but drops the others ..."
Abstract
- Add to MetaCart
(Show Context)
Abstract-In this paper, we consider a special case of denial of service (DoS) attack in wireless mesh networks (WMNs) known as selective forwarding attack (a.k.a gray hole attacks). With such an attack, a misbehaving mesh router just forwards a subset of the packets it receives but drops the others. While most of the existing studies on selective forwarding attacks focus on attack detection under the assumption of an error-free wireless channel, we consider a more practical and challenging scenario that packet dropping may be due to an attack, or normal loss events such as medium access collision or bad channel quality. Specifically, we develop a channel aware detection (CAD) algorithm that can effectively identify the selective forwarding misbehavior from the normal channel losses. The CAD algorithm is based on two strategies, channel estimation and traffic monitoring. If the monitored loss rate at certain hops exceeds the estimated normal loss rate, those nodes involved will be identified as attackers. Moreover, we carry out analytical studies to determine the optimal detection thresholds that minimize the summation of false alarm and missed detection probabilities. We also compare our CAD approach with some existing solutions, through extensive computer simulations, to demonstrate the efficiency of discriminating selective forwarding attacks from normal channel losses. Index Terms-Wireless mesh network, selective forwarding attack, gray hole attack, channel aware detection, optimal detection threshold.
