Abstract
In this paper, we address the security challenges for wireless mesh enterprise networks (WMENs). The topology and communication characteristics of WMEN include the following: (a) deployment of the network devices are not planar, rather, devices are deployed over three-dimensional space (e.g., office buildings, shopping malls, grocery stores, etc.); (b) messages, generated/received by a mesh client, traverse through mesh routers in a multihop fashion; and (c) mesh clients, being mostly mobile in nature, may result in misbehaving or be spurious during communications. We propose a security scheme for WMEN in order to ensure that only authorized users are granted network access. Particularly, our scheme includes: (a) a deterministic key distribution technique that perfectly suits the network topology, (b) an efficient session key establishment protocol to achieve the client–router and router–router communications security, and (c) a distributed detection mechanism to identify malicious clients in the network. Analytical and simulation results are presented to verify our proposed solutions.
Similar content being viewed by others
References
Akyildiz IF, Wang X, Wang W (2005) Wireless mesh networks: a survey. Comput Networks 47(4):445–487
Yang L, Zerfos P, Sadot E (2005) Architecture taxonomy for control and provisioning of wireless access points (capwap). IETF RFC 4118
Alam SMN, Haas ZJ (2006) Coverage and connectivity in three-dimensional networks. In: MOBICOM, Los Angeles, 23–29 September 2006, pp 346–357
Ben Salem N, Hubaux JP (2006) Securing wireless mesh networks. IEEE Wirel Commun 13(2):50–55
LAN/MAN Standards Committee, ANSI/IEEE Std 802.11 (1999) Wireless LAN medium access control (MAC) and physical layer (PHY) specifications. IEEE Computer Society, Los Alamitos
Radosavac S, Baras JS, Koutsopoulos I (2005) A framework for mac protocol misbehavior detection in wireless networks. In: WiSe ’05: proceedings of the 4th ACM workshop on wireless security. ACM, New York, pp 33–42
Cagalj M, Ganeriwal S, Aad I, Hubaux JP (2005) On selfish behavior in CSMA/CA networks. In: INFOCOM, Miami, 13–17 March 2005, pp 2513–2524
Hamid M, Islam M, Hong CS (2008) Developing security solutions for wireless mesh enterprise networks. In: IEEE wireless communications and networking conference, 2008 (WCNC ’08), Las Vegas, 31 March–3 April 2008, pp 2549–2554
Zhang Y, Fang Y (2006) Arsa: an attack-resilient security architecture for multihop wireless mesh networks. IEEE J Sel Areas Commun 24(10):1916–1928
Wu X, Li N (2006) Achieving privacy in mesh networks. In: SASN ’06: proceedings of the fourth ACM workshop on security of ad hoc and sensor networks. ACM, New York, pp 13–22
Wu T, Xue Y, Cui Y (2006) Preserving traffic privacy in wireless mesh networks. In: WOWMOM ’06: proceedings of the 2006 international symposium on world of wireless, mobile and multimedia networks. IEEE Computer Society, Washington, DC, pp 459–461
Tague P, Poovendran R (2007) Modeling adaptive node capture attacks in multi-hop wireless networks. Ad Hoc Netw 5(6):801–814
Santhanam L, Nandiraju D, Nandiraju N, Agrawal D (2007) Active cache based defense against dos attacks in wireless mesh network. In: Wireless pervasive computing, 2007. ISWPC ’07. 2nd international symposium, San Juan, 5–7 February 2007
Li H, Xu M, Li Y (2007) Selfish mac layer misbehavior detection model for the ieee 802.11-based wireless mesh networks. In: Proceedings of advanced parallel programming technologies (APPT ’07), vol. 4847. Springer, Berlin Heidelberg New York, pp 382–391
Dong J, Ackermann KE, Bavar B, Nita-Rotaru C (2008) Mitigating attacks against virtual coordinate based routing in wireless sensor networks. In: WiSec ’08: proceedings of the first ACM conference on wireless network security. ACM, New York, pp 89–99
Lowry R (2006) Concepts and applications of inferential statistics. Vassar College, Poughkeepsie
Ravelomanana V (2004) Extremal properties of three-dimensional sensor networks with applications. IEEE Trans Mob Comput 3(3):246–257
Bahramgiri M, Hajiaghayi M, Mirrokni VS (2006) Fault-tolerant and 3-dimensional distributed topology control algorithms in wireless multi-hop networks. Wirel Netw 12(2):179–188
Gupta P, Kumar PR (2001) Internet in the sky: the capacity of three dimensional wireless networks. Commun Inf Syst 1:33–49
Cao Q, Abdelzaher T (2006) Scalable logical coordinates framework for routing in wireless sensor networks. ACM Trans Sen Netw 2(4):557–593
Akyildiz IF, Pompili D, Melodia T (2005) Underwater acoustic sensor networks: research challenges. Ad Hoc Netw J (Elsevier) 3(3):257–279
Carle J, Myoupo JF, Semé D (2001) A basis for 3-D cellular networks. In: ICOIN ’01: proceedings of the 15th international conference on information networking. IEEE Computer Society, Washington, DC, p 631
Decayeux C, Seme D (2004) A new model for 3-D cellular mobile networks. In: ISPDC ’04: proceedings of the third international symposium on parallel and distributed computing/third international workshop on algorithms, models and tools for parallel computing on heterogeneous networks. IEEE Computer Society, Washington, DC, pp 22–28
IEEE 802.11s Task Group (2007) Draft amendment to standard for information technology telecommunications and information exchange between systems - LAN/MAN specific requirements - Part 11: wireless medium access control (MAC) and physical layer (PHY) specifications: Amendment: ESS Mesh Networking, IEEE P802.11s/D1.06
Gong L, Wheeler DJ (1990) A matrix key-distribution scheme. J Cryptol 2(1):51–59
IEEE Standard 802.1X-2004 (2004) Standard for local and metropolitan area networks: port-based network access control. IEEE, Piscataway
P̧ostel J (1981) Internet control message protocol (ICMP). RFC 792
Çamtepe SA, Yener B (2007) Combinatorial design of key distribution mechanisms for wireless sensor networks. IEEE/ACM Trans Netw 15(2):346–358
The network simulator - ns-2 (2003). http://www.isi.edu/nsnam/ns/index.html
Acknowledgements
This research was supported by the MKE under the ITRC support program supervised by the IITA (IITA-2008-(C1090-0801-0016)).
Dr. Choong Seon Hong is the corresponding author.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Hamid, M.A., Abdullah-Al-Wadud, M., Hong, C.S. et al. A robust security scheme for wireless mesh enterprise networks. Ann. Telecommun. 64, 401–413 (2009). https://doi.org/10.1007/s12243-008-0084-8
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s12243-008-0084-8