Securing multi-operator-based QoS-aware mesh networks: Requirements and design options

Wireless Communications and Mobile Computing

Volumn 10, Issue 5, 2010, Pages 622-646

  Buttyan L ^b   Askoxylakis, I ^a   Bencsath B ^b   Dora L ^b   Siris, V ^a   Szili, D ^b   Vajda, I ^b  

^a INSTITUTE OF COMPUTER SCIENCE   (Greece)

^b BUDAPEST UNIVERSITY OF TECHNOLOGY AND ECONOMICS   (Hungary)

Author keywords

Authentication; Intrusion detection and recovery; Key management; Secure communications; Secure routing; Wireless mesh networks

Indexed keywords

BROADBAND ACCESS; CLIENT AUTHENTICATION; DESIGN OPTION; KEY MANAGEMENT; MESH NETWORK; MISBEHAVIOR DETECTION; MULTIPLE OPERATOR; NETWORK OPERATOR; PROBLEM DOMAIN; SECURE COMMUNICATIONS; SECURE ROUTING; SECURITY ARCHITECTURE; SECURITY REQUIREMENTS; SERVICE PROVIDER; USABLE SECURITY; WIRELESS COMMUNICATIONS; WIRELESS MESH NETWORKING;

AD HOC NETWORKS; AUTHENTICATION; COMPUTER SYSTEM RECOVERY; DESIGN; INTRUSION DETECTION; QUALITY OF SERVICE; WIRELESS LOCAL AREA NETWORKS (WLAN); WIRELESS MESH NETWORKS (WMN); WIRELESS TELECOMMUNICATION SYSTEMS;

MESH NETWORKING;

EID: 77951151719     PISSN: 15308669     EISSN: 15308677     Source Type: Journal    
DOI: 10.1002/wcm.728     Document Type: Article

References (68)

1. Akyildiz IF, Wang X, Wang W. Wireless mesh networks: a survey. Computer Networks 2005; 47(4): 445-487.
2. Bruno R, Conti M, Gregori E. Mesh networks: commodity multihop ad hoc networks. IEEE Communications Magazine 2005; 43(3): 123-131.
3. Zhang W, Wang Z, Das SK, Hassan M. Security issues in wireless mesh networks. In Wireless Mesh Networks: Architectures and Protocols, Hossain E, Leung KK (eds). Springer: New York, NY, 2008.
4. Ben Salem N, Hubaux JP. Securing wireless mesh networks. IEEE Wireless Communications 2006;13(2): 50-55.
5. Falk R, Huang CT, Kohlmayer F, Sui AF. Security in wireless mesh networks. In Wireless Mesh Networking: Architectures, Protocols and Standards, Zhang Y, Luo J, Hu H (eds). Auerbach Publications, Taylor & Francis Group: Boca Raton, FL, 2006.
6. ChilliSpot-open source wireless LAN access point controller.http://www. chillispot.info/
7. Forsberg D, Ohba Y, Patil B, Tschofenig H, Yegin A. Protocol for carrying authentication for network access (PANA). RFC 5191 (Proposed Standard), May 2008.http://www.ietf.org/rfc/rfc5191.txt
8. Calhoun P, Montemurro M, Stanley D. CAPWAP protocol binding for IEEE 802.11, October 2008. (work in progress).
9. Zhang Y, Fang Y. A secure authentication and billing architecture for wireless mesh networks. Wireless Networks 2007; 13(5): 663-678.doi:http://dx. doi.org/10.1007/s11276-006-8148-z
10. Chen JJ, Tseng YC, Lee HW. A seamless handoff mechanism for IEEE 802.11 WLANs supporting IEEE 802.11i security enhancements. In IEEE Asia-Pacific Wireless Communications Symposium, Hsinchu, Taiwan, 2007.
11. Chen T, Schafer G, Fan C, Adams S, Sortais M, Wolisz A. Denial of service protection for optimized and qos-aware handover based on localized cookies. In ProceedingsofEuropeanWireless 2004, Barcelona, Spain, 2004.
12. Aura T, Roe M. Reducing reauthentication delay in wireless networks. In SECURECOMM '05: Proceedings of the First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05), IEEE Computer Society, Athens, Greece, 2005; 139-148.doi: http://dx.doi.org/10.1109/ SECURECOMM.2005.58
13. Mishra A, ho Shin M, Arbaugh WA. Context caching using neighbor graphs for fast handoffs in a wireless network. INFOCOM, IEEE, 2004.
14. Narayanan V, Dondeti L. EAP extensions for EAP re-authentication protocol (ERP). RFC 5296, (Proposed Standard), August 2008.http://www.ietf.org/rfc/ rfc5296.txt
15. Lopez RM, Skarmeta AG, Bournelle J, Laurent-Maknavicus M, Combes JM. Improved EAP keying framework for a secure mobility access service. In IWCMC '06: Proceedings ofthe 2006 international conference on Wireless communications and mobile computing, ACM, New York, NY, USA, 2006; 183-188.doi:http://doi.acm. org/10.1145/1143549.1143587 (Pubitemid 46645194)
16. Mishra A, Shin MH, Petroni JNL, Clancy T, Arbaugh W. Proactive key distribution using neighbor graphs. Wireless Communications, IEEE [see also IEEE Personal Communications] 2004; 11(1): 26-36.doi:10.1109/MWC.2004.1269714
17. Kassab M, Belghith A, Bonnin JM, Sassi S. Fast pre-authentication based on proactive key distribution for 802.11 infrastructure networks. In WMuNeP '05: Proceedings ofthe 1st ACM workshop on Wireless multimedia networking and performance modeling, ACM, New York, NY, USA, 2005; 46-53.doi:http://doi.acm. org/10.1145/1089737.1089746 (Pubitemid 43206640)
18. Bohak A, Buttyan L, Doora L. An user authentication scheme for fast handover between wifi access points. In Proceedings of the Third Annual International Wireless Internet Conference, ACM, Austin, Texas, U. S. A., 2007.
19. TM. Medium access control (MAC) security enhancements, amendment 6 to IEEE standard for local and metropolitan area networks part 11: wireless medium access control (MAC) and physical layer (PHY) specifications. July 2004.
20. TM-2008. IEEE standard for information technology-telecommunications and information exchange between systems-local and metropolitan area networks- specific requirements. Part 11: wireless lan medium access control (MAC) and physical layer (PHY) specifications. Amendment 2: Fast BSS Transition, July 2008.
21. Pack S, Choi Y. Pre-authenticated fast handoff in a public wireless LAN based on IEEE 802.1x model. In PWC '02: Proceedings of the IFIP TC6/WG6.8 Working Conference on Personal Wireless Communications, Kluwer, B. V., Deventer, The Netherlands, 2002; 175-182.
22. Pack S, Choi Y. Fast handoff scheme based on mobility prediction in public wireless LAN systems. In IEE Proceedings Communications, Vol.151, IEEE, 2004; 489-495.
23. Brik V, Mishra A, Banerjee S. Eliminating handoff latencies in 802.11 WLANs using multiple radios: applications, experience, and evaluation. In IMC'05: Proceedings of the Internet Measurement Conference 2005 on Internet Measurement Conference, USENIX Association, Berkeley, CA, U. S. A., 2005; 27-27.
24. Aboudagga N, Eltoweissy M, Quisquater JJ. Fast roaming authentication in wireless LANs. In Second International Computer Engineering Conference: Engineering the Information Society, Cairo, Egypt, 2006.
25. Maccari L, Fantacci R, Pecorella T, Frosali F. A secure and performant token-based authentication for infrastructure and mesh 802.1x networks. In Proceedings of the IEEE International Conference on Communications 2006, IEEE, 2006.
26. Maccari L, Fantacci R, Pecorella T, Frosali F. Secure, fast handhoff techniques for 802.1X based wireless network. In Proceedings of the IEEE International Conference on Communications 2006, IEEE, 2006.
27. Calhoun P, Montemurro M, Stanley D. CAPWAP protocol specification, October 2008. (work in progress).
28. IEEE Std 8021X-2001. IEEE standard for local and metropolitan area networks-port-based network access control, June 2001.
29. Aboba B, Blunk L, Vollbrecht J, Carlson J, Levkowetz H. Extensible authentication protocol (EAP). RFC 3748 (Proposed Standard), June 2004.http://www.ietf.org/rfc/rfc3748.txt
30. TM. IEEE trial-use recommended practice for multi-vendor access point interoperability via an inter-access point protocol across distribution systems supporting IEEE 802.11 operation, July 2003. (withdrawal in 2006).
31. Dierks T, Allen C. The TLS protocol 1999. RFC 2246.
32. Ylonen T, C Lonvick E. The secure shell (ssh) protocol architecture 2006. RFC 4251.
33. Kent S, Seo K. Security architecture for the internet protocol 2005. RFC 4301.
34. Krawczyk BMH, Canetti R. Hmac: keyed-hashing for message authentication 1997. RFC 2104.
35. FIPS 197. Advanced encryption standard. Federal Information Processing Standards Publication 197, US Department of Commerce, Bureau of Standards, National Technical Information Service (NIST) 2001.
36. TM: ESSMeshNetworking, March 2008. (work in progress).
37. TM-2007. Revision of IEEE Std 802.11-1999: wireless lan medium access control (MAC) and physical layer (PHY) specifications, June 2007.
38. Perkins C, Belding-Royer E, Das S. Ad hoc on-demand distance vector (AODV) routing. RFC 3561 (Experimental), July 2003.http://www.ietf.org/rfc/ rfc3561.txt
39. Clausen T, Jacquet P. Optimized link state routing protocol (OLSR). RFC 3626 (Experimental), October 2003.http://www.ietf.org/rfc/rfc3626.txt
40. Royer EM, Toh C. A review of current routing protocols for ad hoc mobile wireless networks. IEEE Personal Communications 1999; 6(2): 46-55.
41. Bahr M, Wang J, Jia X. Routing in wireless mesh networks. In Wireless Mesh Networking: Architectures, Protocols and Standards, Zhang Y, Luo J, Hu H (eds). Auerbach: Boca Raton, FL, 2006.
42. Hu YC, Perrig A. A survey of secure wireless ad hoc routing. IEEE Security and Privacy Magazine 2004; 2(3): 28-39.
43. Buttyan L, Hubaux JP. Security and Cooperation in Wireless Networks. Cambridge University Press: Cambridge, UK, 2008.
44. Hu Y, Perrig A, Johnson D. Packet leashes: a defense against wormhole attacks in wireless networks. In Proceedings of the IEEE Conference on Computer Communications (INFOCOM), San Francisco, CA, U. S. A., 2003.
45. Hu YC, Perrig A, Johnson D. Rushing attacks and defense in wireless ad hoc network routing protocols. In Proceedings of the ACM Workshopon Wireless Security (WiSe), San Diego, CA, U. S. A., 2003.
46. Hu Y, Perrig A, Johnson D. Efficient security mechanisms for routing protocols. In Proceedings of'the Network and Distributed System Security Symposium (NDSS), San Diego, California, U. S. A., 2003.
47. Zapata MG, Asokan N. Securing ad hoc routing protocols. In Proceedings ofthe ACM Workshop on Wireless Security (WiSe), Atlanta, GA, U. S. A., 2002.
48. Sanzgiri K, Dahill B, Levine B, Shields C, Belding-Royer E. A secure routing protocol for ad hoc networks. In Proceedings ofthe International Conference on Network Protocols (ICNP), Paris, France, 2002.
49. Acs G, Buttyan L, Vajda I. Provable security of on-demand distance vector routing in wireless ad hoc networks. In Proceedings of the European Workshop on Security and Privacy in Ad Hoc and Sensor Networks (ESAS), Visegrad, Hungary, 2005.
50. Raffo D, Adjih C, Clausen T, Muhlethaler P. An advanced signature system for OLSR. In Proceedings of the ACM Workshop on Security ofAd hoc and Sensor Networks (SASN), 2004.
51. Boyd C, Mathuria A. Protocols for Authentication and Key Establishment. Springer: Berlin, Germany, 2003.
52. Mishra A, Nadkarni K, Patcha A. Intrusion detection in wireless ad hoc networks. IEEE Wireless Communications 2004; 11 4860.
53. Wood A, Stankovic J. Denial ofservice in sensornetworks. IEEE Computer 2002; 35: 53-57.
54. Xu W, Trappe W, Zhang Y, Wood T. The feasibility of launching and detecting jamming attacks in wireless networks. In Proceedings of ACM MobiHoc, 2005.
55. Thuente D, Acharya M. Intelligent jamming in wireless networks with applications to 802.11b and other networks. In Proceedings ofIEEE MILCOM, 2006.
56. Gupta V, Krishnamurthy S, Faloutsos M. Denial of service attacks at the MAC layer in wireless ad hoc networks. In Proceedings ofIEEE MILCOM, 2002.
57. Bayraktaroglu E, King C, Liu X, Noubir G, Rajaraman R, Thapa B. On the performance of IEEE 802.11 under jamming. In Proceedings ofIEEE INFOCOM, 2008.
58. Zhang Y, Lee W. Intrusion detection in wireless ad-hoc networks. In Proceedings of ACM MobiCom, 2000.
59. Zhang Y, Lee W, Huang YA. Intrusion detection techniques for mobile wireless networks. Wireless Networks 2003; 9(5): 545556.
60. Huang YA, Fan W, Lee W, Yu P. Cross-feature analysis for detecting ad-hoc routing anomalies. In Proceedings of23rd Intl Conference on Distributed Computing Systems, 2003.
61. Liu H, Gupta R. Temporal analysis of routing activity for anomaly detection in ad hoc networks. In IEEE International Conference on Mobile Ad-hoc and Sensor Systems (MASS), 2006.
62. Radosavac S, Moustakides G, Baras J, Koutsopoulos I. An analytic framework for modeling and detecting access layer misbehavior in wireless networks. ACM Transactions on Information and System Security 2008; 11(4): 1-28.
63. Raya M, Aad I, Hubaux JP, Fawal AE. DOMINO: detecting MAC layer greedy behavior in IEEE 802.11 hotspots. IEEE Transactions on Mobile Computing 2006; 5(12): 1691-1705.
64. Ans S Mishra GT, Sridhar R. A cross-layer approach to detect jamming attacks in wireless ad hoc networks. In Proceedings of IEEE MILCOM, 2006.
65. Xu W, Wood T, Trappe W, Zhang Y. Channel surfing and spatial retreats: defenses against wireless denial of service. In Proceedings of ACM Workshop on Wireless Security (WiSe), 2004.
66. Xu W, Ma K, Trappe W, Zhang Y. Jamming sensor networks: attack and defense strategies. IEEE Network 2006; 20: 41-47.
67. Navda V, Bohra A, Ganguly S, Rubenstein D. Using channel hopping to increase 802.11 resilience to jamming attacks. In Proceedings ofIEEE INFOCOM, 2007.
68. Liu X, Noubir G, Sundaram R, Tan S. SPREAD: foiling smart jammers using multi-layer agility. In Proceedings of IEEE INFOCOM, 2007.