While the rapid proliferation of mobile devices along with the tremendous growth of various applications using wireless multi-hop networks have significantly facilitate our human life, securing and ensuring high quality services of these networks are still a primary concern. In particular, anomalous protocol operation in wireless multi-hop networks has recently received considerable attention in the research community. These relevant security issues are fundamentally different from those of wireline networks due to the special characteristics of wireless multi-hop networks, such as the limited energy resources and the lack of centralized control. These issues are extremely hard to cope with due to the absence of trust relationships between the nodes.
To enhance security in wireless multi-hop networks, this dissertation addresses both MAC and routing layers misbehaviors issues, with main focuses on thwarting black hole attack in proactive routing protocols like OLSR, and greedy behavior in IEEE 802.11 MAC protocol. Our contributions are briefly summarized as follows.
As for black hole attack, we analyze two types of attack scenarios: one is launched at routing layer, and the other is cross layer. We then provide comprehensive analysis on the consequences of this attack and propose effective countermeasures. As for MAC layer misbehavior, we particularly study the adaptive greedy behavior in the context of Wireless Mesh Networks (WMNs) and propose FLSAC (Fuzzy Logic based scheme to Struggle against Adaptive Cheaters) to cope with it. A new characterization of the greedy behavior in Mobile Ad Hoc Networks (MANETs) is also introduced. Finally, we design a new backoff scheme to quickly detect the greedy nodes that do not comply with IEEE 802.11 MAC protocol, together with a reaction scheme that encourages the greedy nodes to become honest rather than punishing them.
Contents
1 Introduction
1.1 Background and motivations
1.2 Dissertation organization
1.3 Summary of our contributions
2 Security Threats in Wireless Multi-hop Networks
2.1 Network security requirements
2.2 Wireless Multi-hop Networks: an overview
2.2.1 Mobile Ad Hoc Networks (MANETs)
2.2.2 Wireless Mesh Networks (WMNs)
2.2.3 Vehicular Ad Hoc Networks (VANETs)
2.3 Attacks targeting Wireless Multi-hop Networks
2.3.1 Attacks at network layer
2.3.1.1 Black hole attack
2.3.1.2 Wormhole attack
2.3.1.3 Sybil attack
2.3.2 Attacks at MAC layer
2.3.2.1 IEEE 802.11 MAC protocol overview
2.3.2.2 MAC layer misbehavior in DCF mode
2.4 Conclusion
3 Studying Black Hole Attack in MANETs
3.1 Introduction
3.2 Root causes of packet dropping in MANETs
3.3 Black hole attack in MANETs
3.3.1 Routing protocol-specific attack
3.3.1.1 Black hole attack in AODV
3.3.1.2 Black hole attack in OLSR
3.3.2 Inter-layer attack
3.4 Secure MANETs against Black hole attack
3.4.1 Overview of the cryptographic primitives
3.4.2 Taxonomy of the proposed solutions in the literature
3.4.2.1 First defense line schemes
3.4.2.2 Second defense line schemes
3.4.2.3 Third defense line schemes
3.4.2.4 Other schemes
3.4.3 Discussion
3.5 Challenges
3.6 Conclusion
4 Coping with Black Hole Attack In MANETs
4.1 Introduction
4.2 OLSR and its vulnerabilities
4.3 Mono layer black hole attack
4.3.1 The single black hole problem
4.3.2 Colluding Black hole attack model
4.3.3 Our proposed solution
4.3.3.1 Discussion
4.3.3.2 Timeout for acknowledgement reception
4.3.3.3 The 3hop ACK scheme operations
4.3.3.4 Security analysis of 3hop ACK scheme
4.3.4 Simulation model and results
4.3.4.1 Colluding Black hole attack simulation
4.3.4.2 Performance evaluation
4.3.4.3 Overhead evaluation
4.4 Cross layer black hole attack
4.4.1 Attack description
4.4.2 The proposed solution
4.4.3 Simulation
4.4.4 Conclusion
5 Greedy Behavior in Wireless Mesh Networks
5.1 Introduction
5.2 The adaptive cheating technique at MAC layer
5.3 Motivations
5.4 Related work
5.4.1 Backoff algorithm modification based schemes
5.4.2 Monitoring based schemes
5.4.3 Game theory based schemes
5.5 Fuzzy Logic based scheme to Struggle against Adaptive Cheaters (FLSAC)
5.5.1 Scheme description
5.5.1.1 Main idea
5.5.1.2 Fuzzy controller description
5.5.1.3 Punishment scheme and additional issues
5.5.2 Simulation results
5.5.2.1 Simulation environment
5.5.2.2 Discussion of simulation results
5.6 Enhanced FLSAC using Bayesian model
5.6.1 key idea
5.6.2 Model description
5.6.3 Simulation settings and results
5.6.4 Conclusion
6 Greedy Behavior in MANETs
6.1 New strategy of the greedy behavior in MANETs
6.1.1 Introduction
6.1.2 Greedy nodes’ classification
6.1.3 Greedy behavior impact on network performance: WLAN versus MANETs
6.1.4 Our greedy strategy description
6.1.4.1 Main Assumptions
6.1.4.2 Conflict graph construction
6.1.4.3 Bandwidth fair-share estimation
6.1.4.4 Misbehaving Threshold Computation
6.1.4.5 How to launch our greedy strategy?
6.1.5 Energy constraints
6.1.6 Experimental study
6.1.6.1 Propagation of greedy behavior impact
6.1.6.2 Advantages of the proposed greedy behavior strategy
6.1.6.3 Impact of the mobility and network density on the efficiency of our greedy strategy
6.2 Thwarting backoff rules violation in MANETs
6.2.1 Introduction
6.2.2 The proposed scheme
6.2.2.1 Our Backoff computation scheme
6.2.2.2 Detection of protocol rules violation
6.2.2.3 Cheater identity dissemination (Reaction)
6.2.2.4 Detection of collusive nodes
6.2.3 Experimental study
6.3 Conclusion
7 Conclusion and Future Work
Objectives and Topics
This thesis aims to enhance the security of wireless multi-hop networks by addressing malicious behaviors at the MAC and routing layers. The core research focus is on mitigating packet dropping attacks, such as the black hole attack in proactive routing protocols like OLSR, and defending against greedy behavior in IEEE 802.11-based networks (both WMNs and MANETs) using novel detection and reaction schemes.
- Security challenges in wireless multi-hop networks (MANETs, WMNs, VANETs).
- Detection and mitigation of black hole attacks in routing protocols.
- Study of adaptive greedy behavior at the MAC layer.
- Development of fuzzy logic and Bayesian-based detection schemes.
- Backoff algorithm modification and strategy-based defense mechanisms.
Excerpt from the Book
3.3 Black hole attack in MANETs
The black hole attack in MANETs can be classified into several categories in terms of the strategy adopted by the malicious node to launch the attack. In particular the malicious node can intentionally drop all the forwarded packets going through it (black hole), or it can selectively drop the packets originated from or destined to certain nodes that it dislikes. Furthermore, a special case of black hole attack dubbed gray hole attack is introduced in [15]. In this attack, the malicious node retains a portion of packets (one packet out of N received packets or one packet in a certain time window), while the rest is normally relayed.
In order to launch a black hole attack, the first step for a malicious node is to find a way that allows it to get involved in the routing/forwarding path of data/control packets. To do so, it exploits the vulnerabilities of the underlying routing protocols which are generally designed with strong assumption of trustworthiness of all the nodes participating in the network. Thus, any node can easily misbehave and provoke a severe harm to the network by targeting both data and control packets.
Dropping data packets leads to suspend the ongoing communication between the source and the destination node. More seriously, an attacker capturing the incoming control packets can prevent the associated nodes from establishing routes between them. To facilitate understanding, we illustrate them using two representative routing protocols in MANETs, OLSR (Optimized Link State Routing)[16] and AODV (Ad hoc On Demand Distance Vector)[17], which are table-driven and on-demand respectively.
Summary of Chapters
1 Introduction: Provides the context of wireless multi-hop networks, highlights the security risks, and outlines the organization and research contributions of the dissertation.
2 Security Threats in Wireless Multi-hop Networks: Analyzes the security requirements and specific vulnerabilities of MANETs, WMNs, and VANETs, including common routing and MAC layer attacks.
3 Studying Black Hole Attack in MANETs: Investigates the mechanics and causes of packet dropping attacks, surveys existing countermeasures, and identifies open challenges in defense design.
4 Coping with Black Hole Attack In MANETs: Proposes specific solutions against single and colluding black hole attacks in OLSR, utilizing authenticated acknowledgments and cross-layer mechanisms.
5 Greedy Behavior in Wireless Mesh Networks: Focuses on adaptive greedy behavior, introducing the FLSAC detection scheme and integrating it with a Bayesian model for improved accuracy.
6 Greedy Behavior in MANETs: Develops a new strategy for greedy nodes in MANETs and proposes an anti-misbehavior backoff scheme that prevents rule violations through a robust hash-based mechanism.
7 Conclusion and Future Work: Summarizes the thesis findings and suggests future directions, such as investigating jamming attacks and conducting real-world testbed evaluations.
Keywords
Wireless Multi-hop Networks, MANETs, WMNs, Black hole attack, MAC layer misbehavior, Greedy behavior, Routing protocols security, OLSR, IEEE 802.11, Fuzzy Logic, Bayesian Model, Packet dropping, Network Security
Frequently Asked Questions
What is the fundamental security problem in wireless multi-hop networks discussed in this work?
The work focuses on the lack of trust between nodes in environments without centralized authority, making networks vulnerable to routing and MAC layer misbehaviors like packet dropping and selfish or greedy resource usage.
What are the primary network architectures considered?
The research primarily covers Mobile Ad Hoc Networks (MANETs), Wireless Mesh Networks (WMNs), and Vehicular Ad Hoc Networks (VANETs).
What is the main objective of the proposed security mechanisms?
The primary goal is to prevent, detect, or mitigate malicious activities like black hole attacks and greedy behavior, ensuring fair resource distribution and reliable network performance.
Which specific scientific methods are employed for detection?
The author employs diverse techniques, including cryptographic primitives, fuzzy logic (FLSAC), Bayesian probabilistic models, and game-theoretic approaches for analyzing misbehavior patterns.
What is covered in the main body regarding routing and MAC layer threats?
The main body investigates how attackers can exploit routing protocol vulnerabilities (e.g., in OLSR) and manipulate MAC protocol parameters (e.g., backoff, DIFS) to gain unfair bandwidth advantages.
Which keywords best characterize this research?
Wireless multi-hop networks, MANETs, Black hole attack, Greedy behavior, OLSR, MAC layer misbehavior, and Network Security.
How does the "3hop ACK" scheme contribute to network security?
It acts as an authenticated confirmation mechanism in OLSR to ensure that TC (Topology Control) messages are correctly forwarded, allowing the network to identify and exclude malicious nodes acting as MPRs.
Why is the "adaptive cheater" scenario significant for Wireless Mesh Networks?
Adaptive cheaters are sophisticated because they frequently switch between different cheating strategies, making them difficult to detect with traditional, static, or single-technique monitoring systems.
- Citar trabajo
- Docteur Soufiene Djahel (Autor), 2011, Secure Routing and Medium Access Protocols in Wireless Multi-hop Networks, Múnich, GRIN Verlag, https://www.grin.com/document/181080
