Sie sind auf Seite 1von 10

Wireless Netw

DOI 10.1007/s11276-016-1240-0

Wormhole-Free Routing and DoS Attack Defense


in Wireless Mesh Networks
G. Akilarasu1 S. Mercy Shalinie2

 Springer Science+Business Media New York 2016

Abstract Owing to the growth in several applications, 1 Introduction


Wireless Mesh Networks (WMN) is emerging as a vital
technology for future wireless networks. Wormhole attack Wireless Mesh Network (WMN) comprises of radio nodes
is one of the major security threats, which can disturb that are arranged in a mesh topology for data communi-
majority of routing communications, even when placed cations. WMN is usually a group of mesh clients, mesh
strategically. Therefore, a technique that can find worm- routers, and gateways [1, 2]. WMN is a wireless multihop
hole-free routes in the network is required. In order to technology that is as parallel as the mobile ad hoc networks
achieve this, in this paper, we propose a Monitoring and is considered as a superset of the ad hoc networks [2].
Technique for Wormhole-Free Routing and DoS Attack The combination of two types of nodes, mesh routers and
Defense in WMNs. Initially, finite state model is applied mesh clients, is called as a customary WMN. Mesh routers
where the node keeps the information about its sender and have a set of fixed nodes with one or more wireless
neighborhood receiver. Then, wormhole-aware secure interface, which present a backbone infrastructure managed
routing is implemented to find wormhole free routes in the by routing protocols [312].
network. Finally, the priority mechanism is applied where Various types of attacks in WMN are discussed below
the data packets are transmitted based on their priority. [1318]:
Based on the finite state model and priority mechanism, the
Unauthorized Access is a common attack in which an
malicious or wormhole nodes in the network are removed.
unauthorized user gets access to the network services
by masking as a genuine user [19]. It may leak the
Keywords Wireless Mesh Network  Wormhole  DoS
trusted data. Hence, it is not suitable for secure system.
attack  Routing
Spoofing is the process of falsifying an authentic MAC
or IP address. IP spoofing is well-known in multi-hop
communications in WMNs in which challenger inserts
a false source address to the packets forwarded by it.
Hence, the nasty attacker can intercept a termination
request and hijack a session. In MAC address spoofing,
attacker changes the MAC address of the transmitted
& G. Akilarasu frames from a genuine node [19].
akilarasu0684@gmail.com Replay attack is a type of man-in-the-middle attack
S. Mercy Shalinie launched by external or internal nodes. An external
shalinie@tce.edu nasty node gets the information of the broadcast
communication between two nodes in the network [19].
1
Department of Information and Communication Engineering, DoS Attack Here, the nasty attacker sends a flood of
Thiagarajar College of Engineering, Madurai 625015, India
packets to an MR by making a buffer overflow in the
2
Department of Computer Science and Engineering, router. A spiteful attacker can send false termination
Thiagarajar College of Engineering, Madurai 625015, India

123
Wireless Netw

messages from the side of a genuine MC by preventing Anonymity It means that all the information needed to
the genuine user from accessing network services [19]. recognize the present user must be kept confidential and
Intentional Collision of Frames When two or more not disseminated to other communicating parties.
nodes try to send at same frequency and time, then Availability It makes certain the survivability of
collision occurred that causes the frames to be rejected network services nevertheless of DoS attacks, in which
or retransmitted. The challenger violates the communi- the whole nodes in the network are the attack objective,
cation protocol and continuously transmits the messages and thus some selfish nodes make the network services
in an attempt to make the collisions. An attacker can also engaged [3338].
use repeated collisions to cause resource exhaustion [19].
Security is a key requirement in WMNs. In Sect. 2, we
Compromised or Forged MR An attacker compromises
analyzed some of the paper related to the attack detection and
one or more MRs in a network by physical tampering or
defense techniques in WMN. Some techniques for detection
logical break-in. The opponent may announce rogue
of various attack are present, but still those papers have the
MRs to launch a variety of attacks. MRs that is fake or
following problems: (1) excessive packets are directly aban-
compromised may be used to attack the wireless link to
doned instead of processed and lower priority Packets are
implement the attacks such as passive eavesdropping,
discarded which may cause packet loss [39]; (2) the protocol
jamming, replay and false message injection, traffic
[40] incurs little overhead in terms of control overhead due to
analysis, and so forth [19].
cryptographic extension and acquisition delay; (3) simulation
Pre-Computation and Partial Matching Attack In a pre-
result found in [41] shows that this system is not so secure for
computation attack or time memory trade-off (TMTO)
large number of nodes, and it has higher running time; (4)
attacks, the attacker calculates and gathers the infor-
WARP [42] initially suffers from packet loss due to the
mation before launching the attack. When actual
probable selection of wormhole nodes; and (5) there will be
transmission starts, the attacker uses the information,
always some detection inaccuracy in this method [43].
which is calculated before to accelerate the cryptanal-
From the analysis, we find that attacks are the major issues
ysis process. TMTO attacks are against a large number
while providing security. We find that the wormhole attacks
of cryptographic solutions [19].
and DoS attacks are big issue in securing WMN, so we will try
Impersonation Attack Compromised nodes may be able
to develop a mechanism that is able to detect these attacks. In
to join the network and cause the serious problems
this paper, we propose a Monitoring Technique for Worm-
when appropriate authentication of parties is not
hole-Free Routing and DoS Attack Defense in WMNs. This
supported. This node sends the false routing informa-
technique can eliminate wormhole and DoS attacks while
tion and acts like some other trusted nodes [2027].
achieving better performance compared to the existing works.
The security requirements of Wireless Mesh Networks The paper is organized as follows. Section 2 describes
are as follows [2832]: the related works and Sect. 3 provides the detailed expla-
nation of the proposed work. Section 4 explains the sim-
Confidentiality It means that the confidential informa-
ulation results. Finally, Sect. 5 concludes the work.
tion is accessible only to those who are authoritative to
access that.
Integrity It assured that a message that is being
transferred is never corrupted. Integrity can be com- 2 Literature review
promised mainly in the following two ways: (1)
malicious altering in which a message could be Luan et al. [39] have discussed about the detection of
detached, replayed, or revised by an antagonist by a Denial of Service (DoS) attacks in WMN and proposed a
malicious attacker and (2) accidental altering which is detection scheme based on zone-based hierarchical net-
like a transmission error, goals on the network that is work model. End-to-end authentication, the utilization rate
observed as malicious altering. of cache memory, two-threshold value, and distributed
Authenticity It assured that the competitors in commu- voting are used to detect DoS attackers. Packet received
nication are authentic or not (imitators). delay, transmission rate, packet load, and byte load are the
Non-repudiation It guarantees that the sender and the performance metrics considered. This scheme successfully
receiver of a message cannot contradict. It is construc- decreases the harm that is caused by a DoS attack and
tive for recognition and segregation of a node with improves the reliability of the network. While forwarding
some nonstandard behavior. message packets, the excessive packets will be directly
Authorization Here, an entity is issued a permit by the abandoned instead of processing when a neighbors packet
confidence certificate authority. Authorization assigns reach the threshold, and at the time of DoS attack, lower
the diverse access rights to uncommon levels of users. priority packets will be discarded.

123
Wireless Netw

Bansal et al. [40] have proposed a secure Hybrid WMN wormhole free routing and DoS attack defense. We assume
(HWMN) routing protocol for WMN, which is a secure H hybrid WMN (HWM).
extension of layer-2 routing protocol for IEEE 802.11s. This In the proposed solution, first we will apply the finite
technique employs the cryptographic extensions for providing state model [43] in which the node keeps the information of
the authenticity and integrity of HWMN protocol routing its sender and neighborhood receiver along with the
messages and thwarts unauthorized manipulation of variable information of the neighbor nodes that receive the broad-
fields in the routing information elements. The performance cast messages (RREQ) sent by the node itself with
metrics like throughput are discussed here. However, it encryption keys. Each node acts as a monitor node for its
experiences little overhead in terms of control overhead due to neighbors. For a routing session, each monitor node
cryptographic extension and acquisition delay. examines a sequence of interleaved Local Message Block
Kandah et al. [41] have discussed various malicious (LMB) with authorized certificates. For every T second, the
attacks and proposed an effective secure key management monitoring node appeals to a detection algorithm that maps
scheme (SKeMS) in WMN. This scheme seeks an encryption its neighbors into two clusters and then classifies into two
key assignment such that the persuaded network is securely types, namely selfish node and cooperative node.
key associated and well sheltered against potential malicious Using the collected information of RREQ and RREP by
eavesdropping attacks. This scheme assigns the available the monitoring nodes, route requests traversing the worm-
encryption keys amid entire nodes in the network. The per- hole link are detected, and a wormhole-aware secure
formance metrics like neighbor compromise ability ratio, routing [42] is established. Wormhole-free paths are
malicious eavesdropping ability ratio, running time, and total selected by monitoring received RREQs by checking the
neighbor compromise ability are used. Simulation results state transition table of the neighboring nodes. The route
find that the MEA ratio increases with increase in number of discovery procedure will be similar to Hybrid Wireless
nodes, which means that this system is not so secure for large Mesh Protocol (HWMP). It is the default path-selection
number of nodes, and it has higher running time. (routing) protocol for IEEE 802.11-based WMN. It is a
Matam et al. [42] have proposed a wormhole-resistant combination (hybrid) of on-demand route selection mode
secure routing algorithm (WRSR) in WMN to notice the and proactive tree-based approach [42].
presence of wormhole through route discovery process and For the detection of DoS attacks, a table for priority is
quarantine it. WRSR knows route requirements negotiating a setup by the monitoring node for each of its neighbors based
wormhole and prevents such routes from being established. on the frequency of sending data [39]. When the collabo-
WRSR employs the unit disk graph for deciding the essential rated DoS attack occurs, packets with low priority will be
and adequate circumstance for identifying a wormhole-free discarded first to ensure stable transmission of legitimate
path. WRSR contain its capability to protect against all forms nodes. The corresponding DoS attacker node will be
of wormhole attacks without relying on any extra hardware. removed from the routing table by the edge routers (Fig. 1).
Performance metrics such as packet delivery ratio, latency,
packet loss, and detection rate are used. However, WARP 3.2 Finite state model [43]
initially suffers from packet loss due to the credible selection
of wormhole nodes in the initial route discovery process. In this finite state model, a message unit has been defined.
Gamer et al. [43] have proposed inference-based clustering This message unit contains all the messages analogous to a
algorithm for identifying the selfish nodes in Wireless Mesh RREQ broadcast and the unicast RREP. In this message
Network. The statistical theory of inference is primarily uti- unit, not all the transmissions are observed by a node. A
lized for providing reliable clustering of the nodes by local node can monitor only the part of message unit, the Local
observations of the nodes. In each node, a finite state model is Message Unit (LMU). LMU allows a node to observe the
built on AODV protocol based on local surveillance. The transmitted messages by its neighbor nodes and messages
performance metrics like packet dropping, detection rate, false overheard. A node maintains the details of its sender and
alarm rate and detection rate are used here. However, there will neighborhood receiver for all message transmission in a
be always some detection inaccuracy present in this approach. LMU. The neighbor nodes that receive the RREQ messages
from the node are monitored by the node itself (Fig. 2).
From the above figure, we can observe various states
3 Proposed solution (numeric present on the node represent the state of the
node) that a neighbor node goes through for each LMU.
3.1 Overview The numbers mentioned on the nodes are explained in the
Table 1. In the above figure, shaded nodes represent their
In order to solve the issues mentioned in the previous final sates. Each message causes a state transition in each
section, we propose an anomaly detection technique for of its neighbor nodes finite state machine. The neighbor

123
Wireless Netw

Fig. 1 Architecture diagram

node monitors a node, and only it can give its activities. In


order to obtain a notion of the monitored nodes behavior,
the mutual contribution of each neighbor node is required.
Monitored node is defined as a node that is being moni-
tored by the neighbors, and these neighbor nodes are
considered as a monitor node. Each node acts both as a
monitor node and as a monitored node.
For a routing session, each monitor node observes a
sequence of interleaved LMU. The sourcedestination pair
in a RREQ message identifies each and every LMU. Let
the kth LMU observed by the monitor node be (sk, dk). The
Fig. 2 Finite state machine of a node [43] tuple (sk, dk) does not exclusively recognize a LMU, since
a source can send multiple RREQs to the same destination.
As RREQs have intervals between them, it is assumed that
there is only one active LMU (sk, dk) at that instance.
Table 1 States of finite state machine [43] When a routing session initiates, a monitored node starts
with the state 1 in its finite state machine. The behavior of
State Interpretation
the monitored node is observed by the monitor node.
1: initp There is no RREQ; Initial phase Finally, a sequence of transitions from state 1 to one of the
2:unexpt RREP With no RREQ, RREP received unexpectedly possible final states: 5, 7 and 8 is recorded.
3: rcpt RREQ RREQ is received After broadcasting a RREQ, a monitor node assumes
4: brct RREQ RREQ is broadcasted that the monitored node has received the RREQ. A state
5: tout RREQ Timeout after receiving RREQ transition from 1 ? 3 for the monitored nodes finite state
6: rcpt RREP RREP is received machine is recorded by the monitor node. A state transition
7: LMB complete RREP forwarding is valid of 3 ? 4 is recorded whenever a monitor node observes a
8: tout RREP Timeout after receiving RREP monitored node to broadcast a RREQ. If not, a transition
from 1 ? 4 is recorded. This transition shows that the

123
Wireless Netw

Table 2 State change of the neighbor nodes of L [43]


Node Events State changes

A A broadcasts RREQ to all its neighbours 1?4


L then broadcast RREQ 4?4
L replies by sending RREP to A 4?6
A replies by sending RREP to S 6?7
B B broadcasts RREQ to all its neighbors 1?4
Fig. 3 An LMB observed by node L L then broadcasts RREQ 4?4
Timeout occurs 4?5
monitored node receives RREQ from other neighbor. For C L broadcasts RREQ 1?3
the concerned LMU, if no monitored nodes activity is C broadcasts RREQ 3?4
found by monitor node before the expiry of a timer, the C replies by sending RREP to L 4?7
transition to a timeout state can occur. Monitor node
records a transition to LMU complete state, after observing
that a monitored node has forwarded a RREP. Finally, the lower value of Pk implies that the clusters have distinct
monitored node develops into a candidate for inclusion on differences in their behavior. At each iteration, k clusters
a routing path. are formed, and Pk is compared with a predefined value d.
An example of LMU observed by the node L during the
1. If Pk \ d, then it will be believed that the clusters are
route discovery from the source (S) to the destination (D) is
reflecting the behavior of the nodes and their classi-
illustrated in Fig. 3. The events observed by L and the state
fications are accepted. The cluster with lowest Cr is
transitions for each of its neighbor A, B and C are shown in
assumed to contain the selfish nodes.
Table 2. As soon as the final state is attained, the finite state
2. If Pk [ Pk-1, then the neighbor behavior is not
machine ends. Then, each node stores the corresponding
properly reflected in the cluster formation, resulting
sequences of state transitions for each of its neighbors. A
in the higher value of Pk. All the nodes are classified as
statistical analysis is performed only when a node collects
cooperative, and the next iteration is executed. The
the adequate number of events for detecting the presence of
value of d is tuned to adjust the detection alacrity and
any selfish nodes in the network.
the rate of false positives.
Let x and y be the two nodes. The computation of dis-
similarity between x and y (dxy) does not involve the pair- Still, there is a possibility of misclassification. This can
wise similarity between nodes x and y (Lxy). dxy measures be reduced by a crosschecking mechanism by inserting two
the degree of inconsistency in similarity between x and y additional fields, namely, next_to_source and dupli-
with all their neighbors. During computation, the contri- cate_flag, in the header of a RREQ packet. next_to_source
bution of each neighbor plays its role; dxy presents a robust (address of next hop node to the source) and duplicate_flag.
indicator for dissimilarity between nodes and plays a cru- duplicate_flag indicate whether the packet is duplicate (the
cial part in computing the clusters. packet is already sent by some other node) or not. In the
An agglomerative hierarchical clustering technique is header of RREP packet, next_to_destination field is added
used for clustering. Agglomerative hierarchical clustering to indicate the address of the node to which the packet must
is a single-linkage approach where each cluster is repre- be forwarded in the reverse path.
sented by all of the objects in the cluster, and the similarity With these additional fields, it is possible to detect every
between two clusters is measured by the similarity of the instance of selfish behavior in a wireless network, if the
closest pair of data points belonging to different clusters. following conditions are satisfied:
The cluster merging process repeats until all the objects are
1. No packet loss lost due to interference,
eventually merged to form one cluster.
2. Links are bidirectional,
After the nodes are clustered into similar sets, the sets
3. The nodes are stationary, and
are further classified into three groups: (1) a set (G) of
4. The queuing delays are bounded.
cooperative nodes, (2) a set (B) of selfish nodes, and (3) a
set of nodes whose behavior could not be ascertained.
The set B has the selfish nodes. In order to reduce the 3.3 Wormhole-free routing protocol (WFR) [42]
rate of false positives (i.e. wrongly identifying a coopera-
tive node as selfish), an ANOVA test is applied where the The proposed Wormhole-Free Routing protocol (WFR)
probability Pkr of the random variation among the mean prevents the selection of route requests traversing the
cooperation scores (Cr) of k clusters is computed. The wormhole link. The main principal of WFR is to monitor

123
Wireless Netw

the neighbor node on receiving the RREQ and identify a this priority mechanism, the highest priority data packets
RREQ that traverses a wormhole. A received RREQ should are sent at the first turn. The priority of the data packets is
satisfy the necessary wormhole-free path criterion, which decided by the nodes priority, that is, if a node sends k
can be detected by a neighbor node of a wormhole node number of data packets in 1 s, then the nodes priority will
and can easily be set apart. be changed to 1/k by its neighbors. So, in this way, the data
Wormhole-Free Routing Algorithm packets with the highest priority are processed first in the
network [39].
Step 1: Initially, WFR checks if any route exists from
Node assigns a buffer in each neighbor nodes. The
source node S or not. If no route exists, then the
threshold value of the buffer is set to Pn. The neighbor with
source node broadcasts a new RREQ (RREQN)
higher priority is allocated to more buffers. This means that
message to all the nodes in the network.
the Pn of the neighbor is larger. When a neighbors packets
Step 2: When an intermediate node (NI) receives his
have reached the threshold, then its excessive packets will
RREQN, it checks RREQID and sequence number
be directly abandoned instead of processed and extra
received in RREQN. This RREQN may reach an
allocated buffer will be taken back.
intermediate node through different hop
Each node set a threshold P for its total size of buffer,
addresses in the network.
which is the sum of all Pn (P = P1 ? P2 ? Pn). When
Step 3: Node NI compares the two-hop address present
some nodes join to launch a collaborated DOS attack and
in RREQN with the two-hop addresses of a set of
the total used buffer exceeds the threshold P, some packets
existing routing entries in the network. If this
will be discarded, and their allocated buffer would be taken
matches, then the routing table will be updated.
back. Packets with lower priority will be discarded more.
Step 4: Furthermore, if no matching found, then node NI
If a node finds its neighbor node being a DoS attacker,
compares the three and four-hop addresses
it will notify its backbone router. Then, the backbone
present in RREQN.
router would disconnect the attacker with the network and
Step 5: If any one of the three-/four-hop addresses
would revoke its authorized key and update the key pair
present in RREQN matches, then the RREQ is
of the network. Finally, the backbone router announces
selected and state of the routing entry is set to
that this neighbor node is an ineligible user to the other
stable.
neighbor nodes and its neighbor backbone router [39]
Step 6: If none of the comparisons match, a new
(Fig. 4).
transient routing entry is created for the
In the above figure, the node X and node Y need to
corresponding RREQID.
transfer data packets to node B and node C, but the node
Step 7: While comparing the two hop addresses present
Y is an attacked node in the network, that is, the node
in the RREQN, the HWMP rejects the selfish
X ? node C and node Y ? node B. This transmission of
nodes (SN) that are found in the above Sect. 3.2.
the data packets takes through node A. This node A
before transmitting the data packets, it checks the priority
3.3.1 RREQ and RREP process table (Table 3). According to the priority of the data
packets, the node A transmits the data packets to the next
The main goal of WFR is to choose a wormhole-free path node. From the below table, we can observe that the data
for the transmission. Neighbor nodes monitor the received packets of node X have higher priority than the node Y
RREQs just to find the paths, which are free from worm- since node Y is malicious node. Due to this reason, the
holes. When an RREQ is confirmed to be wormhole free, the priority of node Ys data packets will be lesser than the
corresponding routing entry is elevated to stable state from node Xs data packets in the network. So, the data packets
transient state. Like all the intermediate nodes in the net- of the node X will be processed first at the node A. This
work, the intermediate node NI processes multiple RREQs priority table is formed based on the Finite State
to the destination node before selecting an optimal worm- Machine.
hole-free path also satisfying the route selection criteria. It
unicasts an RREP to receive a stable RREQ. Consequently,
intermediate nodes broadcast the RREP through wormhole- 4 Simulation results
free routes, which are found in the network.
4.1 Simulation model and parameters
3.4 DDoS attack detection
The Network Simulator (NS2) [44], is used to simulate the
In this approach, the priority mechanism has been adopted proposed architecture. In the simulation, 50 mobile nodes
in order to reduce the DDoS attackers in the network. In move in a 500 m 9 500 m region for 50 s of simulation

123
Wireless Netw

Fig. 5 Simulation topology

4.2 Performance metrics

The proposed Wormhole-Free Routing and DoS Attack


Defense (WRDAD) is compared with the Wormhole-Re-
sistant Secure Routing (WRSR) technique [42]. The per-
formance is evaluated mainly, according to the following
metrics.
Packet Delivery Ratio It is the ratio between the
Fig. 4 Priority mechanism
number of packets received and the number of packets
sent.
Table 3 Priority table Packet Drop It refers to the average number of packets
Node A
dropped during the transmission.
Node Priority Delay It is the amount of time taken by the nodes to
Node X 1/5 transmit the data packets.
Node Y
4.3 Results

4.3.1 Scenario-1 (direct transmission)


Table 4 Simulation parameters
No. of nodes 50 In this scenario, the data is transmitted from a mesh node
Area Size 500 9 500 directly to another mesh node, without using the mesh
Mac IEEE 802.11 gateway. The number of DoS and warm-hole attackers are
Transmission range 250 m as varied from 1 to 5.
Simulation time 50 s Figure 6 shows the delay of WRDAD and WRSR
Traffic source CBR techniques for increased number of attackers. It is trivial
Routing protocol WRDAD that when the attackers are more, the end-to-end delay
Attackers 1,2,3,4 and 5 increases because of detections and eliminations, as seen in
Rate 50 kb the figure. But, from the figure, we can see that the delay of
No. of wired nodes 2 WRDAD is 71 % less than WRSR, since it mitigates the
No. of base station 1 DoS attacks also in addition to worm-hole attacks.
Packet size 512 When the attackers are increased, naturally the packet
drop will be more thus degrading the packet delivery ratio.
Figures 7 and 8 show the packet drop and delivery ratio of
time. All nodes have the same transmission range of WRDAD and WRSR techniques, respectively, for more
250 m. The simulated traffic is Constant Bit Rate (CBR). number of attackers. We can see that the packet drop is
The simulation settings and parameters are summarized 47 % less and delivery ratio is 15 % more for WRDAD
in Table 4. when compared to WRSR. This is due to the fact that
Simulation topology is shown in the following WRDAD eliminates both selfish and DDoS attacks, in
figure (Fig. 5). addition to worm-hole attacks.

123
Wireless Netw

Attackers Vs Delay(Scen-1) Attackers Vs Delay(Scen-2)


10 25
Delay(Sec)

Delay(Sec)
8 20
6 WRDAD 15 WRDAD
4 WRSR 10 WRSR
2 5
0 0
1 2 3 4 5 1 2 3 4 5
Attackers Attackers

Fig. 6 Attackers versus delay Fig. 9 Attackers versus delay

Attackers Vs Drop(Scen-1)
4000 Attackers Vs Drop(Scen-2)
30000
3000
WRDAD
Pkts

2000 20000 WRDAD

Pkts
WRSR
1000 10000 WRSR
0 0
1 2 3 4 5 1 2 3 4 5
Attackers Attackers

Fig. 7 Attackers versus drop Fig. 10 Attackers versus drop

Attackers Vs DelvieryRatio(Scen-1) Attackers Vs DeliveryRatio(Scen-2)


1.5 0.3
DelvieryRatio
DelvieryRatio

1 WRDAD 0.2 WRDAD


0.5 WRSR 0.1 WRSR

0 0
1 2 3 4 5 1 2 3 4 5
Attackers Attackers

Fig. 8 Attackers versus delivery ratio Fig. 11 Attackers versus delivery ratio

4.4 Scenario-2 (through mesh gateway) when compared to WRSR. This is due to the fact that
WRDAD eliminates both selfish and DDoS attacks, in
In this scenario, the data is transmitted from a mesh node to addition to worm-hole attacks.
another mesh node using the mesh gateway. Here also, the
number of DoS and worm-hole attackers are as varied from
1 to 5. 5 Conclusion
Figure 9 shows the delay of WRDAD and WRSR
techniques for increased number of attackers. It is trivial In this paper, a monitoring technique for Wormhole-Free
that when the attackers are more, the end-to-end delay Routing and DoS Attack Defense for Wireless Mesh Net-
increases because of detections and eliminations, as seen in works is proposed. Initially, finite-state model is applied
the figure. From the figure, we can see that the delay is where the node keeps the information about its RREQ that
same up to 2 attackers for both the schemes and beyond 2 is sent and received in its neighborhood. Wormhole-free
attackers, WRDAD attains 22 % lesser delay than WRSR, routes are discovered through a wormhole-aware secure
since it mitigates the DoS attacks also in addition to worm- routing in the network. Lastly, the priority mechanism is
hole attacks. applied where the data packets are transmitted based on
When the attackers are increased, naturally the packet their priority. Based on the finite-state model and priority
drop will be more thus degrading the packet delivery ratio. mechanism, the malicious or wormhole nodes in the net-
Figures 10 and 11 show the packet drop and delivery ratio work are removed. Through this approach, it possible to
of WRDAD and WRSR techniques, respectively, for more achieve wormhole-free routes, and also the network can
number of attackers. We can see that the packet drop is differentiate between the cooperative nodes and selfish
65 % less and delivery ratio is 35 % more for WRDAD nodes, and remove these selfish nodes from the network.

123
Wireless Netw

By simulation results, it was shown that the proposed 18. Yen, Y.-S., et al. (2011). Flooding-limited and multi-constrained
technique reduces the packet drop due to attacks and QoS multicast routing based on the genetic algorithm for
MANETs. Mathematical and Computer Modelling, 53(1112),
increases the packet delivery ratio. Although the current 22382250.
work focuses on static mesh network, the future work will 19. Sen, J. (2013). Secure and privacy-preserving authentication
focus on mobile mesh network. protocols for wireless mesh networks. Innovation Lab, Tata
Consultancy Services Ltd. eprint arXiv: 1209.1803, Publication
Date: 09/2012. doi:10.5772/39176. www.intechopen.com.
20. Redwan, H., & Kim, K.-H. (2008). Survey of security require-
ments, attacks and network integration in wireless mesh net-
References works. 978-0-7695-3540-1/08 $25.00  2008 IEEE. doi:10.1109/
FCST.2008.
1. Jayanthi, M., & Mukunthan, M. A. (2012). A security architec- 21. Spyropoulos, T., et al. (2010). Routing for disruption tolerant
ture for implementing anonymity and traceability in wireless networks: Taxonomy and design. Wireless Networks, 16(8),
mesh network using clustering concept. International Journal of 23492370.
Soft Computing and Engineering (IJSCE). ISSN: 2231-2307, vol 22. Vasilakos, A., et al. (2012). Delay tolerant networks: Protocols
1, Issue-ETIC-2011. and applications. Boca Raton: CRC Press.
2. Li, C., Wang, Z., & Yang, C. (2011). Secure routing for wireless 23. Youssef, M., et al. (2014). Routing metrics of cognitive radio
mesh networks. International Journal of Network Security, 13(2), networks: A survey. IEEE Communications Surveys and Tutori-
109120. als, 16(1), 92109.
3. Oliviero, F., & Romano, S. P. (2008). A reputation-based metric 24. Woungang, I., et al. (2013). Routing in opportunistic networks.
for secure routing in wireless mesh networks. In IEEE GLO- Berlin: Springer.
BECOM, 978-1-4244-2324-8/08/$25.00 . IEEE. 25. Zhang, X. M., et al. (2015). Interference-based topology control
4. Lin, H., Ma, J., Hu, J., & Yang, K. (2012). PA-SHWMP: A algorithm for delay-constrained mobile Ad hoc networks. IEEE
privacy-aware secure hybrid wireless mesh protocol for IEEE Transactions on Mobile Computing, 14(4), 742754.
802.11s wireless mesh networks. EURASIP Journal on Wireless 26. Duarte, P. B. F., et al. (2012). On the partially overlapped channel
Communications and Networking. doi:10.1186/1687-1499-2012- assignment on wireless mesh network backbone: A game theo-
69. retic approach. IEEE Journal on Selected Areas in Communica-
5. Khan, K., & Akbar, M. (2008). Authentication in multi-hop tions, 30(1), 119127.
wireless mesh networks. World Academy of Science, Engineering 27. Attar, A., et al. (2012). A survey of security challenges in cog-
and Technology, 2(10). nitive radio networks: Solutions and future research directions.
6. Zeng, Y., et al. (2013). Directional routing and scheduling for Proceedings of the IEEE, 100(12), 31723186.
green vehicular delay tolerant networks. Wireless Networks, 28. Vasilakos, A. V., et al. (2015). Information centric network:
19(2), 161173. Research challenges and opportunities. Journal of Network and
7. Jing, Q., et al. (2014). Security of the internet of things: Per- Computer Applications, 52, 110.
spectives and challenges. Wireless Networks, 20(8), 24812501. 29. Yao, Y. et al. (2013) EDAL: An energy-efficient, delay-aware,
8. Wang, X., et al. (2012). A survey of green mobile networks: and lifetime-balancing data collection protocol for wireless sen-
Opportunities and challenges. MONET, 17(1), 420. sor networks. In MASS 1(pp. 82190).
9. Li, X., et al. (2015). A review of industrial wireless networks in 30. Marwaha, S. et al. (2004). Evolutionary fuzzy multi-objective routing
the context of industry 4.0. Wireless Networks. doi:10.1007/ for wireless mobile ad hoc networks. In Evolutionary Computation,
s11276-015-1133-7. 2004. CEC2004. Congress on. (Vol. 2, pp. 19641971).
10. Li, P. et al. (2012). CodePipe: An opportunistic feeding and 31. Vasilakos, A. et al. (2003). Optimizing QoS routing in hierar-
routing protocol for reliable multicast with pipelined network chical ATM networks using computational intelligence tech-
coding. In INFOCOM (pp. 100108). niques. IEEE Systems, Man, and Cybernetics, Part C: Appli-
11. Song, Y., et al. (2014). A biology-based algorithm to minimal cations and Reviews.
exposure problem of wireless sensor networks. IEEE Transac- 32. Quan, W. et al. (2014). TB2F: Tree-bitmap and bloom-filter for a
tions on Network and Service Management, 11(3), 417430. scalable and efficient name lookup in content-centric networking.
12. Liu, L., et al. (2015). Physarum optimization: A biology-inspired In IFIP Networking.
algorithm for the steiner tree problem in networks. IEEE Trans- 33. Aswal, M. S., Rawat, P., & Kumar, T. (2009). Threats and vul-
actions on Computers, 64(3), 819832. nerabilities in wireless mesh networks. International Journal of
13. Liu, Y., et al. (2010). Multi-layer clustering routing algorithm for Recent Trends in Engineering, 2(4).
wireless vehicular sensor networks. IET Communications, 4(7), 34. Yao, G., et al. (2015). Passive IP traceback: Disclosing the
810816. locations of IP spoofers from path backscatter. IEEE Transac-
14. Busch, C., et al. (2012). Approximating congestion ? dilation in tions on Information Forensics and Security, 10(3), 471484.
networks via quality of routing games. IEEE Transactions on 35. Yang, H., et al. (2014). Provably secure three-party authenticated
Computers, 61(9), 12701283. key agreement protocol using smart cards. Computer Networks,
15. Li, P., et al. (2014). Reliable multicast with pipelined network 58, 2938.
coding using opportunistic feeding and routing. IEEE Transac- 36. Liu, B., et al. (2014). Toward incentivizing anti-spoofing
tions on Parallel and Distributed Systems, 25(12), 32643273. deployment. IEEE Transactions on Information Forensics and
16. Meng, T., et al. (2015). Spatial reusability-aware routing in multi- Security, 9(3), 436450.
hop wireless networks. IEEE Transactions on Computers. doi:10. 37. Zhou, J., et al. (2015). Secure and privacy preserving protocol for
1109/TC.2015.2417543. cloud-based vehicular DTNs. IEEE Transactions on Information
17. Dvir, A., et al. (2011). Backpressure-based routing protocol for Forensics and Security, 10(6), 12991314.
DTNs. ACM SIGCOMM Computer Communication Review, 38. Liu, J., et al. (2016). Leveraging software-defined networking for
41(4), 405406. security policy enforcement. Information Sciences, 327, 288299.

123
Wireless Netw

39. Luan, L., Fu, Y., & Xiao, P. (2012). An effective denial of service Dr. S. Mercy Shalinie is
attack detection method in wireless mesh networks. Physics working as Professor and Head
Procedia, 33, 354360. of the Department of Computer
40. Bansal, D., Sofat, S., & Singh, G. (2010). Secure routing protocol Science and Engineering Thia-
for hybrid wireless mesh network (HWMN). In Computer and garajar College of Engineering,
Communication Technology (ICCCT), 2010 International Con- Madurai, India. She has pub-
ference (pp. 837843). Print ISBN: 978-1-4244-9033-2, 978-1- lished over 130 research papers
4244-9034/10/$26.002010 IEEE, 1719 Sept. 2010. in referred journals and reputed
41. Kandah, F., Singh, Y., & Zhang, W. (2012). Mitigating eaves- conferences. Her area of research
dropping attack using secure key management scheme in wireless interest includes Machine
mesh networks. Journal of Communications, 7(8), 596605. Learning and Security Systems.
42. Matam, R., & Tripathy, S. (2013). WRSR: Wormhole-resistant
secure routing for wireless mesh networks. EURASIP Journal on
Wireless Communications and Networking.
43. Sen, J. (2010). Efficient routing anomaly detection in wireless
mesh networks. In First International Conference on Integrated
Intelligent Computing, 978-0-7695-4152-5/10 $26.00  2010
IEEE.
44. Network Simulator: http://www.isi.edu/nsnam/ns.

G. Akilarasu (Ganesan Akila-


rasu) obtained his B-Tech. degree
in Information Technology from
Mahendra Engineering college
under Anna University Chennai.
Then he obtained his M.E. degree
in Computer Science and Engi-
neering at Thiagarajar College of
Engineering under Anna Univer-
sity of Tirunelveli and he is cur-
rently an full time Ph.D. Research
Scholar in Information and Com-
munication Engineering at Thia-
garajar College of Engineering
under Anna University of Chennai.

123