180 likes | 359 Views
Securing Wireless Mesh Networks. Authors: Naouel Ben Salem and Jean-Pierre Hubaux. Presentation By : Stacey Askey Vinay Jude Pavan Pujar. What are Wireless Mesh Networks. Similar to Wi-Fi Networks
E N D
Securing Wireless Mesh Networks Authors: Naouel Ben Salem and Jean-Pierre Hubaux. Presentation By : Stacey Askey Vinay Jude Pavan Pujar
What areWireless Mesh Networks • Similar to Wi-Fi Networks • Instead of multiple wireless hotspots (WHSs), WMNs use one WHS and several transit access points (TAPs). • Clients connect to TAPs, which connect wirelessly to the WHS either directly or multihopping over other TAPs.
WMNs • TAPs take place of routers, but decisions need to be made about which capabilities need to be provided on each TAP and which only the WHS needs to provide. • User/TAP authentication • Message Integrity • Encryption • WMNs provide “fast, easy and inexpensive network deployment”.
Advantages/Disadvantages of WMNs Advantages- • The TAPs themselves are cheaper than WHSs. • Since TAPs communicate by wireless signals, they do not require cabling to be run to add new TAPs. • Allows for rapid deployment of temporary networks. Disadvantages- • TAPs are often placed in physically unprotected locations • Lack of security guarantees. • Communications are wireless and therefore susceptible to all the vulnerabilities of wireless transmissions.
Three Security Challenges Posed by WMNs • Securing the Routing Mechanism • WMNs rely on multi-hop transmissions over a predominantly wireless network; the routing protocol is very important and a tempting target. • Detection of Corrupt TAPs • The TAPs are likely to be stored in unprotected locations, so they may be easily accessed by malicious entities and can be corrupted or stolen. • Providing Fairness • The protocol needs to be designed to distribute bandwidth between the TAPs in a manner fair to the users to prevent bandwidth starvation of devices far from the WHS.
Fairness • There are several ways in which bandwidth can be distributed among TAPs • What may be the best solution is to distribute bandwidth proportional to the number of clients using a TAP.
Corrupt TAPs • Wireless Mesh Networks use low cost devices. • Cannot be protected against Removal, Tampering or Replication. • Damage caused by Physical Tampering or Remote Access. • WHS has important cryptographic data and the assumption is that it is protected.
The Four Attacks • Four main types of attacks are possible. • The first attack is removal and replacement of the device. • This attack is detected by WHS or neighbor TAP because of change in topologyof the network.
Access Internal State • The second type of attack is to access the internal state of the device . • This type of attack is a passive attack and is difficult to detect. • In this attack the attacker need not disconnect the device from WMN. • Even the disconnection cannot be detected. • The effect of the attack can be reduced by changing the TAP data at regular intervals.
Modify Internal State • The third type of attack is where the attacker modifies the internal state of the TAP. • In this type of attack, the attacker can modify the routing algorithm. • This type attack also changes the topology. • It can also be detected by WHS.
Clone TAP • The fourth type of attack is of cloning the TAP. • In this type of attack the attacker is able to create a replica of the TAP and place this in a strategic location in WMN. • It also allows the attacker to inject some false data or to disconnect some parts of network. • It can damage the routing mechanisms but can be detected.
Jamming and Counter-Measure • The first diagram shows the attack by the adversary. • The second diagram shows the protection measure for this attack after detection.
Attacks on Multihop Routing in WMN • Rational Attack vs Malicious Attack. • A Rational Attack involves misbehaving in terms of Price and QoS. • For instance, the routes between WHS and TAPs are artificially increased. • A malicious attack involves partitioning the network or isolating the TAPs. • Network Traffic is routed through a compromised TAP.
Securing Multihop Routing • Using Secure Routing Protocols to prevent attacks against routing messages. • If the state of one or more TAPs is modified , the attack can be detected and the network is reconfigured. • DoS attacks can be prevented by identifying the source of disturbance and disabling it.
Generalized WMNs • Vehicular Networks is special case of WMNs where TAPs are represented by cars and roadside WHSs. • Involves applications such as reporting events(accidents),cooperative driving, payment services and location based services. • Multi-Operator WMNs include several operators and various devices: mobile phones, laptops, base stations and APs.
Conclusion • WMNs extend the coverage of WHSs in an inexpensive manner. • The three fundamental security issues that have to be addressed in WMNs are: • Detection of corrupt TAPs. • Defining and using a secure routing protocol. • Defining and implementing a proper fairness metric.
Reference • Mesh Networks Security Ben Salem, N.; Hubaux, J-P, "Securing wireless mesh networks ,“ Wireless Communications, IEEE, vol.13, no.2, pp.50,55, April 2006.