secure route selection in wireless mesh networks
TRANSCRIPT
Computer Networks 56 (2012) 491–503
Contents lists available at SciVerse ScienceDirect
Computer Networks
journal homepage: www.elsevier .com/ locate/comnet
Secure route selection in wireless mesh networks
Shafiullah Khan a,⇑, Nabil Ali Alrajeh b, Kok-Keong Loo c
a Institute of Information Technology, Kohat University of Science and Technology (KUST), Pakistanb Biomedical Technology Department, College of Applied Medical Sciences, King Saud University, Saudi Arabiac School of Information Sciences, Middlesex University, The Burroughs, Hendon NW4 4BT, United Kingdom
a r t i c l e i n f o
Article history:Received 16 March 2009Accepted 7 July 2011Available online 26 July 2011
Keywords:SecurityMulti-hopBroadbandRouting attacks
1389-1286/$ - see front matter � 2011 Published bdoi:10.1016/j.comnet.2011.07.005
⇑ Corresponding author.E-mail address: [email protected] (S. Khan).
a b s t r a c t
The large scale coverage and multi-hop architecture of wireless mesh networks (WMNs)are such characteristics which are vulnerable to network layer threats. So far many securerouting techniques have been proposed but they are only capable to handle single networklayer attack. In this paper, we propose a secure route selection mechanism for WMN, whichis robust against a variety of multi-hop threats and performs well over a range of scenarioswe tested.
� 2011 Published by Elsevier B.V.
1. Introduction
The term wireless mesh network means a network inwhich all the nodes can communicate with one or moreother nodes directly. Wireless mesh network is multi hopdecentralized, self-organizing having smart antennas oper-ating at new frequency bands with software defined radios.
Wireless mesh networks uses many physical layer tech-nologies such as orthogonal frequency multiple access(OFDM), ultra wide band (UWB), cognitive radios. OFDM in-creased the bandwidth from 11 to 54 mbps. UWB canachieve much higher data rates for short distance communi-cation, while cognitive radios can perform better spectrumutilization.
Existing MAC layer protocol for wireless mesh networkis CSMA/CA which achieves low throughput. MAC layer ofwireless mesh network is different than that of WLAN.Wireless mesh network MAC must support multi hop com-munication. It must be capable of collaboration and handledistributed environment where neighbor nodes needs bet-ter collaboration. There is a need to either improve theexisting MAC protocol or design a new innovative MACprotocol for which cross layer design can be considered.
y Elsevier B.V.
IEEE 802.11 WMNs consist of three types of nodes [1] inwhich access points (APs) are stationary and form the mul-ti-hop backbone of WMN and are connected with the gate-way(s). The gateway connects the WMN with the Internetand other networks. Mesh clients (MCs) may be stationaryor mobile, and access the multi-hop backbone for networkand broadband services.
Currently, three types of WMNs exist [2]. One type ofWMN is a pure form of a mobile ad hoc network, in whichall the MCs directly communicate with each other withoutthe involvement of APs and gateway. All the clients haverouting capability. Second type is infrastructure WMN, inwhich the clients access the network or communicate witheach other through APs. Third is the hybrid WMN, which isthe combination of both.
Hybrid WMN is advantageous in emergency responseand disaster recovery situations, where the infrastructuremay not be available [3]. Research community designedmany routing protocols for WMN, however, there is a needto design better performance metrics based on scalability,robustness and adaptive in nature.
WMN is a collection of two or more wireless deviceshaving the capability to communicate with each otherwithout the aid of any centralized administrator. Eachnode in a network functions as both a client and a router.The network topology is in general dynamic, because the
492 S. Khan et al. / Computer Networks 56 (2012) 491–503
connectivity among the nodes may vary with time due tonode mobility, node departures and new node arrivals.Hence, there is a need for efficient routing protocols to al-low the nodes to communicate. In such an environment,nodes or devices should be able to detect presence of othersuch devices to allow communication and informationsharing. Besides that, it should also be able to identifytypes of services and corresponding attributes. Since thenumber of wireless nodes change on the fly and as a resultthe routing information also changes to reflect changes inlink connectivity. Hence the topology of the network ismuch more dynamic and the changes are often unpredict-able as compared to the fixed nature of existing wirednetworks.
The dynamic nature of wireless medium, fast andunpredictable topological changes, high mobility and hos-tile environment raise many challenges for designing arouting protocol. Due to the immense level of challengein designing a routing protocol for wireless mesh net-works, there are a number of recent developments, allfocussing to provide an optimum solution for routing.However, majority of these solutions did not address thesecurity concerns. Most of the existing solutions attain aspecific goal (for example minimizing delay, overheadetc.) while compromising other factors (for example secu-rity, scalability, route reliability etc.). Thus an optimum se-cure routing protocol is ever desirable. The routing isusually performed by a dedicated device called a routeror AP. It involves analyzing a forwarding table to deter-mine the best path.
In this paper, we present enhanced secure routing pro-tocol for wireless mesh network (E-SRPM) [42].
E-SRPM routing protocol keeps the information of two-hop neighbors to increase the security level. Furthermoreour mechanism is capable to look for the available data-rates of the entire root by using cross layer parameter ex-change mechanism. E-SRPM has the potential of searchingsuch a route which is not only secure but also have betterdata-rates.
The remaining of the paper is organized as follows. Sec-tion 2 discusses relevant related work. Vulnerable charac-teristics and routing attacks in WMN are presented inSection 2. Our secure routing protocol is discussed in detailin Section 3. Section 4 describes the security analysis andsimulation results. 5 concludes the paper.
2. Related work
Secure hybrid WMN routing protocol is difficult to de-sign due to the characteristics of both MANETs and multihop WLANs. Generally WMN routing protocols are classi-fied into three classes.
� Those routing protocols, which are basically designedfor ad hoc networks, but research community tried totest and implement them in mesh networks, such pro-tocols can be called as ad hoc routing in mesh networks.� Some researchers designed routing protocols exclu-
sively for WMNs, which are known as mesh routingprotocols.
Keeping in view the hostile environment and securityconcerns in WMN [6], the research community divergethe attention towards secure routing in WMN.
The existing Ad hoc routing protocols [31–37] which aretested in WMN are generally categorized into two maintypes proactive (table-driven) and reactive (on-demand).These main categories are based on different techniquesand parameters used for the routing mechanisms. The pro-tocols based on hop count mechanism, each node containsnext hop information in its routing table, to the destination.While link state routing protocols keep a routing table forcomplete topology, which is built up by finding shortestpath of link costs. In source routing technique, all data pack-ets carry their routing information as their header.
Due to the different characteristics and features, ad hocrouting protocols may not perform well in WMN environ-ment. In mobile ad hoc networks (MANETs).
� There is no support of APs and gateways, while WMNhas fixed backbone of routers of APs.� MANETs are application specific and temporary net-
works, while WMN are mostly permanent networks,however can be used for temporary basis.� In MANETs, all nodes are mobile having power and
computational constraints, while WMN is the combina-tion of fixed and mobile nodes.� In MANETs, the network traffic pattern is from node to
another node, while in WMN, the network traffic pat-tern is between nodes and APs/gateway.� MANETs do not offer any integration of different net-
works. In WMN, different sort of networks such as sen-sors, cellular, WLANs, LANs can be integrated.� Most of the MANET protocols are based on non-hostile
environment having no security mechanism.� Most of ad hoc routing protocols have two routing met-
rics i.e., hop count or link quality. Hop count could leadto poor throughput, and it does not take care of packetloss or bandwidth. Link quality can be affected by inter-ferences or signal to interference and noise ratio (SINR).
Such variations in characteristics warrant differentrouting strategies [38–40] for IEEE 802.11 WMN. Keepingin view the limitations of ad hoc routing protocols inWMN environment, some researchers have proposedexclusive routing protocols for WMN.
AODV-CGA (common gateway architecture) extendedversion of AODV [5] and is designed [41] to send traffic tothe closest one in the presence of multiple access points inWMN. These multiple access points are connected withcommon gateway architecture. The gateway is responsiblefor connecting access points to the internet, and uses AODVfor route discovery and maintenances on the basis of hopcount (shortest path). The basic concept of AODV-CGA isthe installation of different access points under a commongateway. The authors claim that AODV-CGA is transparentto the nodes and it provides mobility with simple handoverstrategy where the IP address is not required to change.
Global state routing (GSR) is based on link state routingalgorithm in which each node broadcasts link state infor-mation to the entire network. All the nodes in the network
S. Khan et al. / Computer Networks 56 (2012) 491–503 493
have the information of entire topology. Link state routingis best suited for relatively static networks; otherwisehighly mobile networks with frequent topological changesmay result in huge routing overheads.
GSR uses little bit different routing strategy as com-pared to traditional link state routing protocols. In GSR,link information are exchanged amongst neighbors only.When a node sends update information to neighbors, theGSR assign a sequence number to the update packets sothat to indentify the latest updates. GSR has some limita-tions such as large size of the update packets which canconsume large amount of bandwidth. In one of the studyin [42], the authors compared the performance of AODV-CGA and GSR. The results indicated that the extendedAODV seems to be neither scalable nor does it achieve ahigh packet delivery ratio. A good compromise is providedby GSR, which is the most scalable to the network size andstill achieves a high packet delivery ratio.
A topological guided distributed link state (TDLS) proto-col is proposed in [11]. In TDLS, two schemes are imple-mented termed as adaptive block addressing (ABA) anddistributed link state (DLS). The ABA component is respon-sible for logical addressing and network configuration,while DLS components makes decisions for packet deliveryto next hop on the basis of information received from ABAcomponent. In the evaluation, the authors claim that TDLSis resource efficient and it outperforms AODV in every re-spect; however when the number of nodes is more than400, AODV has performed slightly better in packet deliverycomparison.
There are distinct standards for quality of service (QoS)and multicast mechanisms. In [12], the authors tried tocombine both these and come up with an enhanced rout-ing protocol for hybrid wireless mesh networks. This pro-tocol has two important components.
� In the backbone of mesh routers, a proactive scheme isimplemented.� A reactive multicast scheme is implemented between
access points and mesh nodes.
This research is still in progress and the author is tryingto build a cost effective mechanism for delivering multicastdata between source and destination with a set of param-eters which are capable to meet the QoS requirements.
A hybrid on demand distance vector routing algorithmfor wireless mesh network is proposed in [30], which isagain based on AODV. It is node aware routing havingthe capability of link quality estimation and optimal linkselection. In wireless mesh networks, mesh routers havemore resources in terms of bandwidth, memory and com-putations as compared to mobile mesh nodes. In existingrouting protocols cannot differentiate between mesh rou-ters and mesh nodes. In HOVER, the author is trying to dis-criminate between these two types of network devices inmesh environment. In evaluation, the author comparedthe performance of HOVER and AODV, and the supremacyof HOVER is shown after extensive simulations and testbedimplementation.
HEAT [16] is a scalable routing protocol in wirelessmesh networks use temperature fields. Every node has a
temperature value, and the packets are routed towardsthe gateway on the basis of increasing temperature values.The temperature value is computed whenever a newneighbor arrives, existing neighbors change their positionor if the existing neighbor is missing for certain period.HEAT is basically anycast routing protocol designed to en-sure consistent packet delivery from nodes to gateway. Theauthors claim that HEAT is scalable for large and dense net-works as well as robust in high mobility. The performanceof HEAT is compared with OLSR, and it is found that in sta-tic scenario, HEAT and OLSR achieved almost same packetdelivery ration, however in high mobility, OLSR perfor-mance is much degraded as compared to HEAT.
A field based quality of service routing protocol forwireless mesh (WMQR) network is presented in [43].WMQR is basically source based QoS routing which as-sume that traffic pattern is between nodes and gateway.Orthogonal rendezvous routing protocol (ORRP) is pro-posed in [8], it assumes that each node has directionalcommunication, while WMN may have multi directionalcommunication.
A multi-channel routing protocol termed as Ringmeshis proposed for WMN in [9]. It is based on a token ring ap-proach, and the protocol is described as a state machine;unfortunately mobility is not considered in it. Destinationsequence distance vector (DSDV) routing protocol [37] isa table driven routing protocol, in which each node adver-tise its own routing table to its neighbors. It is proposed tosolve the looping problem; it cannot overcome the prob-lem of slow convergence [12]. Ad-hoc on demand distancevector spanning tree (AODVST) [40] is the extension ofAODV, and specifically developed for infrastructure basedWMN. This protocol is based on the concept of spanningtree (ST). The gateway initiates the creation of ST to actas root. In this approach, the gateway is the single pointof failure. An optimal routing for WMNs with varying traf-fic demand is presented in [13]. It is basically an integratedrouting framework for WMN consisting of traffic estima-tion and routing optimization. A resilient and opportunis-tic mesh routing (ROMER) [14] balances both the longterm route stability and short term opportunistic perfor-mance to overcome the problem of unstable links by deliv-ering redundant data copies. SrcRR [15] is another routingprotocol for WMNs, which focuses to achieve highthroughout. The main assumption of these existing pro-posed routing protocols for WMN is that all the nodesand APs are non-malicious and cooperative [4].
SAODV [44] is a secure version of classic AODV. SAODVuses hash chain to secure the hop count is the routingpackets fields, while digital signature is used to securethe rest of the routing message. In SAODV, the source nodeinitiates the route discovery process by generating a ran-dom seed number (SN) and time to live (TTL) value is asso-ciated with the maximum hop count (MH).
SAODV is resilient to impersonation attacks, modifica-tion of hop count and sequence number attacks. However,it does not provide hop-by-hop authentication. Intermedi-ate nodes on the path cannot verify the authenticity of themessages from their predecessors. Although SAODV canprevent the hop count field in AODV routing message fromdecreasing, the adversary still can increase hop count and
494 S. Khan et al. / Computer Networks 56 (2012) 491–503
hence affect the routing decision of which node is going tobe selected during route discovery process and increasethe likelihood of nodes not being chosen on the establishedroute. SAODV secures the routing messages; it does notguarantee either authentication or integrity of the subse-quent data packets after route has been established be-tween source and destination [44].
Security enhanced ad hoc on demand distance vector(SEAODV) [44] is proposed for securing WMN. It is basedon Blom’s key pre-distribution key, which is used forimplementing key exchange process. It computes secretpairwise transient key (PTK) to authenticate unicast rout-ing messages such as RREP. In SEAODV, group transientkey (GTK) is used to authenticate broadcast messages ina group of one hop neighbors such as RREQ. SEAODV usesmessage authentication code (MAC) to ensure the mes-sage’s integrity and authenticity in a hop by hop manner.The trust relationship in SEAODV is based on their sharedPTK and GTK. The route discovery process of SEAODV issame as classic AODV; however a new metric termed asMAC is introduced.
Multipath hybrid routing protocol (MHRP) [17] is amultipath routing protocol for hybrid WMN, which pro-vides security and uses technique to find alternate pathin case of route failure. MHRP consists of four components:
� Intra Region Routing Protocol (IRRP).� Router Infrastructure Routing Protocol (RIRP).� Region Gateway Routing Protocol (RGP).� Route Maintenance Protocol.
The ad hoc region of WMN is maintained by IRRP, and isbased on reactive routing protocols. IRRP mechanism istriggered when a path is lost or link is broken betweentwo nodes. The backbone routers in WMN use RIRP, whichis proactive in nature. The routers broadcast hello packetsto keep the routing table updated. The RGP component ofMHRP is used whenever a route between two ad hoc re-gions is required. When a route is requested, RGP consultIRRP and RIRP to provide complete route to the source.The author claims that MHRP has much reduced routingoverheads as compared to other secure routing protocols.Furthermore it provides better throughput and consumeless energy in energy constraint devices.
Secure intra-domain mesh routing protocol (SIMRP)[7,18] is a light weight secure routing protocol which triesto protect all the fields of routing packet against differentsecurity threats. The basic design of SIMRP is based onAODV and it uses identity based cryptography (IBC). Theauthor claims that SIMRP is resilient to many security at-tacks such as modification, fabrication and replay attacks.However, it cannot handle security threats such as black-hole, grrayhole and collaborative attacks.
Secure anonymous routing (SAR) protocols [45] are pro-posed for both single-hop mesh clients (MC) to mesh rou-ter (MR) and multi hop MC to MC scenarios. The mainoperations of WMN are under the control of operators.The operator acts as a Certificate Authority (CA) having se-cret private keys. The main limitation of this approach isthat, it only provides MC to MR communication havingone intermediate relay node.
Most of the existing routing protocols perform packetencryption and apply cryptographic techniques, which isnecessary to deliver the data without any modificationsor alterations. Such security techniques can prevent someattacks such as packet modification attacks, packet analy-sis attacks, routing loops attacks etc. However these securerouting protocols are not resilient to most of routing at-tacks such as blackhole, greyhole, table overflow, rushingand packet tunneling.
3. Secure route selection
Our proposed routing protocol is based on two key fac-tors, i.e. security and multi-hop data-rates reduction. InWMN, the data-rate reduces significantly as the numberof hops increases. In [19], it is shown that the fairness inWMN depends on the number of hops between the gate-way and APs. The users, who are attached with an accesspoint which is more than two hops away from the gate-way, receive less bandwidth, e.g., the total bandwidthwould reduce to 1/2, 1/4 and 1/8 at 1st, 2nd and 3rd hop,respectively. Multimedia applications such as VoIP, videoconferencing, video downloading and uploading needmore bandwidth for smooth transmission. The multi-hoparchitecture lays a foundation for most of the routing at-tacks such as greyhole, blackhole [20,21], route cache mod-ification, wormhole [22–25], rushing [26], routing loops[10], fake route reply, fairness reduction [19,27], node iso-lation, jellyfish [28,29], sybil [30] and Byzantine [31,32].
We base the design of our secure and data-rates awarerouting protocol on the AODV distance vector algorithm, asall the nodes, either APs or clients keep the information oftwo-hop neighbors and the cost to reach them.
The routing table contains the important informationregarding the neighbors and path selection. Typically, arouting table contains information such as destination ad-dress, next hop, routing cost and the metric used as shownin Table 1.
The route maintenance and mobility is traced by broad-casting periodic update packets. Upon receiving the up-dates, the neighbors update their routing tablesaccordingly.
Routing protocols use metrics to select the best path forpacket delivery [20].
The proposed routing protocol uses different controlpackets for route-request and route-reply during the routediscovery phase. route-request is broadcast in nature,while route-reply is unicast. The source node broadcastthe route-request packet. Some fields of route-requestare updated at every intermediate hop till it reaches thedestination. Hop count is incremented with every hop.
The route metrics selects the lowest value of data-ratealong the route. The route-request packets are updated atevery intermediate node and re-broadcasted till it reachesdestination. The path selection is done by the destinationnode after observing and analyzing the received route-re-quest on the basis of data-rate and security.
The protocol relies on two different parameters fordetermining an optimal route based on available data-rateand reputation value (RV).
Table 1Neighbors information.
One hopneighbors
Two hopneighbors
Two hopneighbors
Two hopneighbors
Access point 1 Node 1 Node 2 Node 3Access point 2 Access point 2 Node 4 None
Destination
DR 3RV 0
DR 2RV 12
Source
DR 3RV 0
DR 5RV 2
DR 2.5RV 3
DR 3RV 11
A
B
CD
E
F
G
H
Fig. 1. Route discovery process.
Table 2Simulation parameters.
Number of nodes 24, 200Total simulation time (s) 300Packet size (byte) 512MAC protocol IEEE 802.11bLink bandwidth (Mbps) 2Radio range (m) 100Mobility model Random waypointMaximum mobility (m/s) 25Maximum route request timeout (s) 30Dimension of space (m) 1200 � 300 mNumber of intermediate hops 7
Protocols SRPM/AODV/OLSR
S. Khan et al. / Computer Networks 56 (2012) 491–503 495
To determine the available bandwidth, cross layer infor-mation exchange is used between network and MAC lay-ers. Another important parameter is the computation ofRV of entire route. RV is generated by the neighbors onthe basis of previous unsuccessful communications.
The routing mechanism is explained in Fig. 1. The avail-able routes from source to destination are:
Route 1: A, B, C, DRoute 2: A, B, F, E, DRoute 3: A, F, E, DRoute 4: A, H, F, E, DRoute 5: A, H, E, DRoute 6: A, H, F, E, G, DRoute 7: A, F E, G, DRoute 8: A, H, G, D
In route 1, node B is connected with node A, F, E and C.Node’s B data rate (DR) is 5, while RV is 2 which means thatits previous 2 communications with these neighbors wereunsuccessful.
4. Scenarios and simulation results
Extensive simulations are conducted to evaluate theperformance of SRPM and compare it with classic OLSRand AODV using OPNET version 11.5. Wireless nodes basedon 802.11 standards are used in the simulations.
� CBR (Constant bit rate) traffic type.� Random waypoint mobility model.
� Packet size of 512 bytes.� Network area of 1200 � 300 m.
Table 2, presents complete information about the simu-lation environment.
SRPM is simulated in two scenarios, i.e., non maliciousscenario and malicious scenario.
4.1. Non malicious scenario
In non malicious or friendly scenario, the followingmetrics are presented to compare the performance andscalability of SRPM with both existing proactive (OLSR)and reactive (AODV) routing protocols.
� Packet delivery ratio – The number of packets that arereceived at the destination to the total number of pack-ets that are sent by the source.� Routing overhead – The amount of control messages that
every AP sends on average per second.� Route discovery efficiency – The amount of time taken to
discover the route from source to destination.� End-to-end delay – The amount of time taken to trans-
mit a packet from source to destination.� Packet loss ratio – The loss ratio of packets during
transmission.
4.1.1. Small network size of 24 nodesIn Fig. 2, packet delivery ratio for the three protocols is
compared. It is observed that SRPM and AODV packetdelivery ratio is almost 100% in the presence of 4 nodes,while OLSR packet delivery is little bit lower. However, aslong as the number of nodes is increased, packet deliveryratio of AODV is decreased. In this scenario, SRPM outper-forms both of the routing protocols. In this simulation, asthe number of nodes increases, AODV packet delivery ratiois dropped. The reason is that, AODV is on demand routingprotocol, in which route is established when needed. In-crease in nodes mean that the established route will belonger having many intermediate nodes. Furthermore, inhigh mobility, there will be frequent route break, which re-sulted in low packet delivery ratio in AODV.
Routing overheads for small networks up to 24 nodes isgiven in Fig. 3. These results show that AODV has thesmallest routing overheads in a small network as
0102030405060708090
100
0 4 8 12 16 20 24
Pack
et D
eliv
ery
(%)
Number of nodes
SRPM OLSR AODV
Fig. 2. Packet delivery ratio for a small network of 24 nodes.
02000400060008000
100001200014000160001800020000
0 4 8 12 16 20 24
Rou
ting
over
head
(bits
/sec
)
Number of nodes
SRPM OLSR AODV
Fig. 3. Routing overheads for a small network.
0
0.2
0.4
0.6
0.8
1
1.2
1.4
0 4 8 12 16 20 24
Rou
te D
isco
very
Effi
cien
cy (s
ec)
Number of intermediate nodes
SRPM OLSR AODV
Fig. 4. Route discovery efficiency in a small network.
020406080
100120140160180200
0 4 8 12 16 20 24
End
to e
nd d
elay
(m-s
ec)
Number of nodes
OLSR SRPM AODV
Fig. 5. End to end delay in the presence of 24 nodes.
70
75
80
85
90
95
100
3210
Pack
et D
eliv
ery
(%)
Number of intermediate Hops
SRPM OLSR AODV
Fig. 6. Packet delivery ratio with 3 hops.
496 S. Khan et al. / Computer Networks 56 (2012) 491–503
compared to OLSR and SRPM. The reason behind morerouting overheads in OLSR and SRPM is that, OLSR consis-tently broadcast the routing table to all neighbors whilethe two hop information in SRPM and the passive acknowl-edgment scheme results in more routing overheads ascompared to AODV. Once the route is established, AODVdoes not send a lot of control packets (only HELLO packets).
Route discovery efficiency of SRPM, AODV and OLSR fora small network is given in Fig. 4. In case of small numbersof intermediate nodes, AODV performance is better thanOLSR, however as long as the number of nodes increases,OLSR becomes more stable than AODV. On the other hand,performance of SRPM is better throughout the simulation.AODV takes more time in route discovery because it workson demand. AODV needs to compute the whole path every
time when needed. On the other hand, OLSR is proactive innature, which means it already has the entire route.
End to end delay is given in Fig. 5. In this case, SRPMoutperforms both the routing protocols by creating anend to end delay of 70 ms in the presence of 24 nodes.AODV has the highest end to end delay of 150 ms. The rea-son is that, AODV first needs to search the entire route, andthen it will start transmission. Although, OLSR is proactivein nature, it needs to update the routing table periodically.If OLSR does not have route to destination, first it needs towait to compute the entire route. Two hop information andmulticast nature of route request in SRPM greatly reducesend to end delay as compared to AODV and OLSR.
4.1.2. Large network size of 200 nodesThe packet delivery ratios of SRPM, OLSR and AODV
having three hops between source and destination are gi-ven in Fig. 6. The packet delivery ratio is almost 100% withone hop distance for all the routing protocols. However,AODV packet delivery ratio drops to 90% and then to 83%with two and three hops respectively. OLSR performs bet-ter than AODV and its delivery ratio is approximately 100%till two hops, however drops to 93% as the hops betweensource and destination are three. SRPM shows consistentperformance of almost 100% packet delivery even withthree hops distance.
To thoroughly study the behavior of SRPM regarding itsperformance over a number of hops, the packet delivery ra-tios for SRPM, OLSR and AODV is simulated over sevenhops and are shown in Fig. 7. Surprisingly SRPM consis-tently outperforms OLSR and AODV. The packet delivery
0102030405060708090
100
0 1 2 3 4 5 6 7
Pac
ket
Del
iver
y (%
)
Number of intermediate Hops
SRPM OLSR AODV
Fig. 7. Packet delivery ratio with 7 hops.
0
20000
40000
60000
80000
100000
120000
140000
160000
20 40 60 80 100 120 140 160 180 200
Rou
ting
over
head
(bits
/sec
)
Number of nodes
SRPM
OLSR
AODV
Fig. 8. Routing overheads comparison.
00.10.20.30.40.50.60.70.80.9
1
0 1 2 3
Rou
te D
isco
very
Effi
cien
cy (s
ec)
Number of intermediate nodes
SRPM OLSR AODV
Fig. 9. Route discovery efficiency with three hop distance.
00.20.40.60.8
11.21.41.61.8
22.22.42.6
0 1 2 3 4 5 6 7
Rou
te D
isco
very
Effi
cien
cy (s
ec)
Number of intermediate nodes
SRPM OLSR AODV
Fig. 10. Route discovery efficiency with seven hop distance.
S. Khan et al. / Computer Networks 56 (2012) 491–503 497
rate of SRPM is almost 100% until three hops, and slightlydrops to 95% when the numbers of hops are more thanthree. OLSR achieves 100% packet delivery ratio up totwo hops, and maintain the ratio in between 85 and 95for three to seven hops. The performance of AODV signifi-cantly drops and the packet delivery ratio is 53% at sevenhop distance.
As shown in Fig. 8, all protocols appear to have anincreasing overhead as the number of nodes increases.The reason is that, whenever number of nodes increasein a network, the number of route request increases. AODVhas the least routing overheads as compared to OLSR andSRPM. In AODV thus an increase in number of nodes meansthat the number of hello messages is increased and the
number of route request messages is also increased. InOLSR protocol the routing overhead increases suddenlyafter about 40 network nodes, because it needs the neigh-bor’s information in its routing table, which increases thenumber of route requests and maintenance messages.SRPM on one hand decreases routing overhead by multi-casting the RREQ to only E-APs; the computation of UVand the two-hop passive acknowledgement increasesoverhead on the other hand, however still it is close toAODV.
The route discovery efficiency of routing protocols overthree hops is given in Fig. 9. All the three routing protocolsperformance is consistent till one hop, however after that,as the number of hops increases, the protocols show somevariations in route discovery. With three hops distance,AODV takes 0.5 s to reach the destination while OLSR takes0.4 s. SRPM takes the least amount of time of 0.2 s withthree hops distance. The reason is that, SRPM routing ta-bles already have the information of two hops and thismechanism greatly decreases the time to discover a route.
SRPM discovers the route from source to destinationmore quickly as compared to OLSR and AODV. AODV takesmore time when the destination is many hops away bybroadcasting and rebroadcasting the RREQ and making areverse path to the destination from each intermediatenode. SRPM simply multicasts the RREQ to all the E-APs.This mechanism greatly facilitates the quick route discov-ery as shown in Fig. 10.
To compute the end-to-end delay, two scanarios aresimulated. In the first scanario, a network consists of 7 Ac-cess Points and maximum 200 fixed client nodes vary from0 to 200 in increment of 20. More end-to-end delay is ob-served in case of AODV as compared to OLSR and SRPM.AODV shows more than 2800 ms end to end delay whenthe network consists of 200 fixed nodes. There is marginaldifference in the end-to-end delay of SRPM and OLSR asshown in Fig. 11.
The second scanario consists of 7 access points and 50mobile nodes vary from 0 to 50 in increment of 5. Randomwaypoint mobility model is used without pause time. Thenodes are placed at random and moves randomly in thespace allocated. In this case, SRPM completely outperformsthe AODV as shown in Fig. 12, while minor variations areobserved as compared to OLSR i.e., SRPM is slightly betterthan OLSR.
0400800
120016002000240028003200
0 20 40 60 80 100 120 140 160 180 200
End
to e
nd d
elay
(ms)
Network Size-Fixed nodes
OLSR SRPM AODV
Fig. 11. End to end delay in case of fixed nodes.
0400800
120016002000240028003200
0 5 10 15 20 25 30 35 40 45 50
End
to e
nd d
elay
(ms)
Mobile nodes
OLSR SRPM AODV
Fig. 12. End to end delay in case of mobile nodes.
0
1000
2000
3000
4000
5000
6000
7000
0 40 80 120 160 200
Dat
a dr
op (b
its/s
ec)
Number of nodes
SRPM
OLSR
AODV
Fig. 13. Data drop ratio in mobility.
498 S. Khan et al. / Computer Networks 56 (2012) 491–503
In a network, data drop occurs as the number of nodesincrease. In Fig. 13, it can be seen that the data drop is al-most similar in all protocols when the number of nodes areless. Initially, when the numbers of nodes are less than 40,best performance is given by OLSR, as it has a very effectiveway to resolve any packet failures by having always analternative route available which involves different nodesfrom the primary route. However, as the number of nodesbecome greater, OLSR performance is worst. There is amarginal difference between AODV and SRPM regardingdata drop. The reason is that, SRPM keeps information oftwo hop neighbors and in case of link failure, it can imme-diately configure another route.
4.2. Malicious scenario
In malicious scenario, the comparison of SRPM with asecure routing protocol SAODV is presented. SAODV is a
secure version of classic AODV. SAODV uses hash chainto secure the hop count in the routing packets fields, whiledigital signature is used to secure the rest of the routingmessage. When the intermediate node receives the RREQ,it verifies the integrity and authenticity of the messageby computing hash value. When the destination node re-ceives the RREQ, it generates the RREP packet to the sourcein the same manner. SAODV is resilient to impersonationattacks, modification of hop count and sequence numberattacks. However, it does not provide hop-by-hop authen-tication and security against rushing attack. Rushing attackcan cause the failure of route discovery.
Securing a WMN is harder than securing ad hoc or sensornetworks. A WMN is a large scale network. Furthermore, theInternet connectivity adds an extra level of security risks. Inthis section, some of the advantages and security aspects ofthe SRPM protocol are discussed. Secure routing protocol forwireless mesh minimizes the possibility of congestion bymulticasting the RREQ only to the E-APs. Other existingmechanisms broadcast the RREQ to all the neighbors, andthe neighbors re broadcast unless the route discovered. Suchkind of broadcasting and re-broadcasting heavily congeststhe network. The destination E-AP having the receiving noderesponds by RREP to the first received RREQ, duplicate RREQare discarded. Other E-APs simply discard the RREQ. InSRPM, an RERR message is only generated when the destina-tion node moves from one E-AP to another to inform thesource E-AP that the link is broken.
SRPM is resilient to many attacks such as blackhole,greyhole, wormhole, node isolation etc.
In a blackhole attack, a malicious node presents itself as theshortest route to the target node so it can drop the entire trafficflow going toward it. In a greyhole attack, the compromisednode selectively forwards the packets toward the destination.In a wormhole attack, the adversary captures the packet at oneend and then forwards through a worm link to another distantmalicious node in order to create serious routing disruption.An adversary can manage to reduce the fairness by increasingthe number of hops between gateway and the E-APs. This at-tack is also known as selection of non-optimal route by themalicious node. A Jellyfish attack is similar to the greyhole at-tack; when the jellyfish node receives the packets to be for-warded, it reorders, delays or drops some of the packets. Theobjective of jellyfish attack is to increase end-to-end delayand delay jitter. In a WMN, a network node (either client nodeor an AP) can be isolated from taking part in the network oper-ations. The victim node is unable to receive packets from othersources in the network.
In [28] it is described that if all the neighbors of a node areblackhole, then that node is isolated. In a Byzantine attack, asingle compromised node, or many compromised nodes,works in collusion and can create problems such as routingloops and selection of long paths. All these attacks can bemitigated using SRPM by keeping in view its two importantfeatures, i.e., two-hop neighbor’s information and next hoppassive acknowledgement. Every client node and the APkeeps the information of two-hop neighbors in its routingtable, which means that all the nodes already know the nexthop of the neighbors. Such kinds of two-hop information inthe routing table avoid the wormhole, node isolationand Byzantine sort of attacks. The next hop passive
0
1000
2000
3000
4000
5000
0 40 80 120 160 200
TIm
e (m
s)
Number of nodes
SRPM SAODV
Fig. 14. Computation cost for SRPM and SAODV.
0100020003000400050006000700080009000
10000
0 40 80 120 160 200
TIm
e (m
s)
Number of nodes
SRPM SAODV
Fig. 15. Computation cost for SRPM and SAODV in case of at.
0102030405060708090
100
1 2 3 4 5 6
Pack
et lo
ss (%
)
Number of blackhole
SRPM SAODV
Fig. 16. Performance comparison in case of blackhole attack.
S. Khan et al. / Computer Networks 56 (2012) 491–503 499
acknowledgements verify the reliability of the intermediatenodes, and this arrangement mitigates blackhole, greyholeand jellyfish attacks. As discussed earlier, in wormhole at-tack, malicious nodes tunnel the arriving packets to distantmalicious nodes for introducing routing misbehaviors. Forexample, the route from source S to destination D is
S! A! B! C! D:
Here, if node B is wormhole, it would not pass on the pack-ets to node C, instead to another distant wormhole node lo-cated anywhere. SRPM is resilient to this kind of attack, asnode A contains two-hop information in its routing table,and it already knows that node B has to forward packetsto node C. Similarly, node B can neither select long route(in case of long route selection attack) nor it can isolatean innocent node (in case of node isolation attack), as nodeA is already aware of the next possible hop of node B.
In another scenario, if node B is blackhole, it would dropall the packets and could create a denial of service situationfor the neighbor nodes. SRPM is resilient to blackhole attack,as node A has to receive a passive acknowledgement fromnode C. If the passive acknowledgement is not received,node A will compute the UV node B. Similarly, node B canneither act as greyhole nor as jellyfish, as the next hopacknowledgement verifies the reliability of selected path.
In malicious or hostile scenario, the following metricsare presented to compare the performance and securityapparatus of SRPM with SAODV.
� Computation cost – The time taken by source node tosearch and finalize the route to destination.� Blackhole – Malicious attack in which the malicious
node drops all the packets it receives.� Wormhole – Malicious attack in which the malicious
node tunnel the packets to a distant location.
The computation cost of SAODV is much higher thanSRPM as shown in Fig. 14. The reason is that, SAODV needsto compute the cost for digital signature and the involve-ment of hash function calculation. On the other hand, inSRPM, the two hop information makes it easy to rapidlyestablish secure route from source to destination. The com-putation cost of SAODV greatly increased when there isblackhole attack, i.e., frequent route failure occurs in thenetwork environment. In such a case, SAODV needs tocompute digital signature and hash functions again andagain which result in higher computation cost as shownin Fig. 15.
To obtain packet loss ratio statistics, a blackhole attack isintroduced in this scenario instead of greyhole and jellyfishattacks. The reason is that blackhole is the most severe formof a packet dropping attack, in which the compromised de-vice drops all the packets, while greyhole and jellyfish aretwo variations of selective dropping of packets. SRPM hasan 82% delivery rate with the existence of six blackholes.The packet drop ratio is only 18% with six blackholes as com-pared to SAODV as shown in Fig. 16. SAODV packet drop ra-tio is very high in case of blackhole attack, as it drops 50%packets in the presence of only one blackhole.
To observe the performance of SRPM in the presence ofwormholes, four wormhole nodes are designed, which
capture the packets and tunneled them to a distant mali-cious node. Approximately 10% of packets are victim tosuch attack with SRPM routing mechanism, while morethan 75% in case of SAODV as shown in Fig. 17. The ob-tained statistics show the importance of SRPM and validateits efficiency in a hostile environment of WMN.
4.3. Sinkhole attack model
The three main functions [41] of secure routing proto-cols are as below:
� Routing function to discover and maintain the routefrom source to destination.� Forwarding function to relay packets from source to
destination.� Security function to handle variety of security threats.
404550556065707580859095
100
0 100 200 300 400 500 600
Pack
et d
eliv
ery
ratio
(%)
Time (seconds)
SRPM
Fig. 18. Packet delivery ratio in the presence of sinkhole near the source.
404550556065707580859095
100
0 100 200 300 400 500 600
Pack
et d
eliv
ery
ratio
(%)
Time (seconds)
SRPM
Fig. 19. Packet delivery ratio in the presence of sinkhole near thedestination.
404550556065707580859095
100
0 5 10 15 20 25 30
Pack
et d
eliv
ery
ratio
(%)
% of sinkhole nodes
SRPM
Fig. 20. Packet delivery ratio in large network (30% sinkhole nodes).
0102030405060708090
100
1 2 3 4
Pack
et tu
nnel
ing
(%)
No. of wormhole
SRPM SAODV
Fig. 17. Performance comparison in case of wormhole attack.
500 S. Khan et al. / Computer Networks 56 (2012) 491–503
Sinkhole can have many variations such as blackhole,greyhole and jellyfish. Blackhole malicious node attractsthe network traffic by presenting itself as the shortest routeto the target node. The purpose to drop the entire traffic andit is the most severe kind of sinkhole attack. Greyhole is acompromised node which is used to selectively forwardpackets toward the destination. A Jellyfish compromisednode is used for a variety of malfunctions in routing behav-ior, so it is also known as multi-purpose attacking sinkhole.When the jellyfish node receives packets, it reorders, delaysor drops some of the packets. The objective of jellyfish attackis to increase end-to-end delay. In case of any variation ofabove sinkhole attack, the neighbor nodes are unable toreceive packets from other sources in the network [28].
Sinkhole attack can create serious routing disorders inrouting and forwarding functions. We consider three kindsof different scenarios of sinkhole attack to analyze the perfor-mance of SRPM. The three scenarios are sinkhole maliciousnode near the source node, near the destination node andthirty percent sinkhole malicious nodes in a large network.
To measure the impact of sinkhole attack, we use thebelow parameters.
� Packet delivery ratio – The number of packets that arereceived at the destination to the total number of pack-ets that are sent by the source.� End-to-end delay – The amount of time taken to trans-
mit a packet from source to destination.� Route discovery efficiency – The amount of time taken to
discover the route from source to destination.
The packet delivery ratio for SRPM in the presence ofsinkhole near the source node is shown in Fig. 18. Thepacket delivery rate of SRPM is more than 85% throughoutthe simulation. In SRPM, the route selection is done at des-tination node that is why; it is less affected by a sinkholenode near the source. However, when a sinkhole node isnear the destination node, some performance degradationis shown by SRPM, and the packet delivery ratio is droppedto 75% as shown in Fig. 19. Some more performance degra-dation is shown by SRPM in case of 30% sinkhole maliciousnodes in a network of 200 nodes as shown in Fig. 20. As thenumber of sinkhole increase, packet delivery ratio de-creases. In case of 30% sinkhole malicious nodes, the packetdelivery ratio drops to 65%.
The end to end delay in the presence of sinkhole nearthe source is shown in Fig. 21. Smallest end-to-end delayis observed in case of sinkhole near the source node ascompared to end delay in case of sinkhole near the destina-tion node as shown in Fig. 22. In SRPM, the route decisionis made at destination node, so if a route reply (RREP)packet is dropped, then the mechanism will reinitiate thewhole procedure by generating route error (RERR) to in-form the source which increases the end to end delay.From the simulation results, it is found that end to end de-lay in SRPM routing is directly proportional to the numberof sinkhole, as the percentage of sinkhole malicious nodesincreases, end to end delay increases as shown in Fig. 23.
0
400
800
1200
1600
2000
2400
2800
0 5 10 15 20 25 30
End
to e
nd d
elay
(ms)
% of sinkhole nodes
SRPM
Fig. 23. End to end delay in large network (30% sinkhole nodes).
00.20.40.60.8
11.21.41.61.8
22.22.42.6
0 100 200 300 400 500 600
Rou
te D
isco
very
Effi
cien
cy (s
ec)
Time (Seconds)
SRPM
Fig. 24. Route discovery efficiency in the presence of sinkhole near thesource.
00.20.40.60.8
11.21.41.61.8
22.22.42.6
0 100 200 300 400 500 600
Rou
te D
isco
very
Effi
cien
cy (s
ec)
Time (Seconds)
SRPM
Fig. 25. Route discovery efficiency in the presence of sinkhole near thedestination.
00.20.40.60.8
11.21.41.61.8
22.22.42.6
0 5 10 15 20 25 30
Rou
te D
isco
very
Effi
cien
cy (s
ec)
% of sinkhole nodes
SRPM
Fig. 26. Route discovery efficiency in large network (30% sinkhole nodes).
0
400
800
1200
1600
2000
0 100 200 300 400 500 600
End
to e
nd d
elay
(ms)
Time (seconds)
SRPM
Fig. 21. End to end delay in the presence of sinkhole near the source.
0
400
800
1200
1600
2000
0 100 200 300 400 500 600
End
to e
nd d
elay
(ms)
Time (seconds)
SRPM
Fig. 22. End to end delay in the presence of sinkhole near the destination.
S. Khan et al. / Computer Networks 56 (2012) 491–503 501
SRPM operates by using two kind of packets, i.e., multi-cast RREQ and unicast RREP. The route discovery efficiencyof SRPM is analysed in a network of 200 nodes with sink-hole near the source and near the destination. Minor vari-ation is observed in both cases as shown in Figs. 24 and 25.However, in case of 30% sinkhole malicious nodes in a net-work, the route discovery efficiency is greatly affected dueto frequent route break and reinitiation of the route dis-covery process as shown in Fig. 26.
In SRPM, minor variations in routing overheads are ob-served in case of sinkhole node near the source and desti-nation as shown in Figs. 27 and 28. However, increasingsinkhole nodes in a network mean high degree of routingoverheads. The reason is that, in SRPM, the route is se-lected on the basis of UV and passive acknowledgements.When route breaks, then SRPM reinitiate the procedureof searching another route and the exchange of passiveacknowledgements increase the routing overheads asshown in Fig. 29.
5. Conclusions and future work
In this paper, we have presented the design and evalu-ation of proposed secure routing protocol using distancevector routing. Most of the existing routing protocols for
0300060009000
12000150001800021000240002700030000
0 100 200 300 400 500 600
Rou
ting
over
head
(bits
/sec
)
Time (Seconds)
SRPM
Fig. 28. Routing overheads in the presence of sinkhole near thedestination.
0300060009000
12000150001800021000240002700030000
0 5 10 15 20 25 30
Rou
ting
over
head
(bits
/sec
)
% of sinkhole nodes
SRPM
Fig. 29. Routing overheads in large network (30% sinkhole nodes).
0300060009000
12000150001800021000240002700030000
0 100 200 300 400 500 600
Rou
ting
over
head
(bits
/sec
)
Time (Seconds)
SRPM
Fig. 27. Routing overheads in the presence of sinkhole near the source.
502 S. Khan et al. / Computer Networks 56 (2012) 491–503
WMN have assumed a non-hostile cooperative environ-ment, while security is the utmost concern of all networksespecially wireless multi-hop networks. The proposed pro-tocol is robust against a variety of security attacks.
In future work, we plan to also consider some changesin the packet header of SRPM to introduce authenticationand encryption algorithms to handle such compromisednodes that modifies the packets or tampers with thesource–destination addresses. Secure Hash algorithm(SHA) can be used for authentication, and Revist Shamirand Adleman (RSA) algorithm can be used for encryptionwith a public key mechanism.
References
[1] S. Khan, N. Mast, K.-K. Loo, A. Silahuddin, Cloned access pointdetection and prevention mechanism in IEEE 802.11 wireless meshnetworks, International Journal of Information Assurance andSecurity (JIAS) 3 (4) (2008) 257–262.
[2] I.F. Akyildiz, X. Wang, A survey on wireless mesh networks, IEEECommunications Magazine 43 (9) (2005) 23–30.
[3] S. Mir, A.A. Pirzada, M. Portmann, HOVER: hybrid on-demanddistance vector routing for wireless mesh networks, in:Proceedings of 31st Australasian Science Conference (ACSC), 2008.
[4] A. Patwardhan, M. Iorga, Secure routing and intrusion detection in adhoc networks, in: Proceedings of the 3rd International Conference onPervasive Computing and Communications (PerCom), 2005.
[5] C. Perkins, E.M. Royer, S. Das, Ad-hoc on demand distance vector(AODV) routing, in: IETF, RFC 3561, 2003.
[6] S. Waharte, R. Boutaba, Y. Iraqi, B. Ishibashi, Routing protocols inwireless mesh networks: challenges and design considerations,Springer Multimedia Tools and Applications 31 (3) (2006) 285–303.
[7] K.N. Ramachandran, M.M. Buddhikot, G. Chandranmenon, S. Miller,E.M.B. Royer, K.C. Almeroth, On the design and implementation ofinfrastructure mesh networks, in: Proceedings of the IEEE Workshopon Wireless Mesh Networks (WiMesh), 2005.
[8] B-N. Cheng, M. Yuksel, S. Kalyanaraman, Orthogonal rendezvousrouting protocol for wireless mesh networks, in: Proceedings of the14th IEEE International Conference on Network Protocols (ICNP),2006.
[9] D. Lin, T-S. Moh, M. Moh, A delay-bounded multi-channel routingprotocol for wireless mesh networks using multiple token rings:extended summery, in: Proceedings of 31st IEEE Conference on LocalComputer Networks, 2006.
[10] T-W Chen, M. Gerla, Global state routing: a new routing scheme forad hoc wireless networks, in: Proceedings of IEEE InternationalConference on Communications (ICC), 1998.
[11] J. Zheng, M.J. Lee, A resource-efficient and scalable wireless meshrouting protocol, Elsevier Ad hoc Networks 5 (2007) 704–718.
[12] W.A. Shittu, A. Hassan, A. Hashim, F. Anwar, W. Al-Khateeb, Aproposed QoS multicast routing framework for next generationwireless mesh networks, International Journal of Computer Scienceand Network Security 8 (9) (2008) 280–284.
[13] L. Dai, Y. Xue, B. Chang, Y. Cao, Y. Cui, Optimal routing for wirelessmesh networks with dynamic traffic demand, Springer Journal ofMobile Networks and Applications 13 (1-2) (2008) 97–116.
[14] Y. Yuan, H. Yang, S.H.Y. Wong, S. Lu, W. Arbaugh, ROMER: resilientopportunistic mesh routing for wireless mesh networks, in: FirstIEEE Workshop on Wireless Mesh Networks (WiMesh), 2005.
[15] D. Aguayo, J. Bicket, R. Morris, ScrRR: a high throughput routingprotocol for 802.11 mesh networks, 2004.
[16] R. Baumann, S. Heimlicher, V. Lenders, M. May, HEAT: scalablerouting in wireless mesh networks using temperature fields, in: IEEEInternational Symposium on a World of Wireless, Mobile andMultimedia Networks (WoWMoM), 2007.
[17] M.S. Siddiqui, S.O. Amin, J.H. Kim, C.S. Hong, MHRP: a securemultipath hybrid routing protocol for wireless mesh network, in:IEEE Military Communication Conference (MILCOM), 2007.
[18] R. Kandikattu, L. Jacob, A secure intra-domain routing protocol forwireless mesh networks, LNCS, vol. 4812, Springer, 2007, pp. 37–50.
[19] B. Awerbuch, D. Holmer, C. Rotaru, H. Rubens, An on demand securerouting protocol resilient to Byzantine failure, in: ACM Proceedingson Wireless Security, 2002.
[20] Module 7, Routing and Congestion Control, Version 2 CSE IIT,Kharagpur. Available at: <http://nptel.iitm.ac.in>, 2009 (accessedFebruary 2009).
[21] T.R. Andel, A. Yasinsac, Surveying security analysis techniques inMANET routing protocols, IEEE Communications Surveys & Tutorial9 (4) (2007).
[22] Y. Wang, G. Attebury, B. Ramamurthy, A survey of security issues inwireless sensor networks, IEEE Communications Surveys andTutorials 8 (2) (2006).
[23] Y.-C. Hu, A. Perrig, D.B. Johnson, Packet leashes: a defence againstWormhole attacks in wireless networks, in: 22nd Annual JointConference of the IEEE Computer and Communications Societies(INFOCOM), 2003.
[24] F. Xing, W. Wang, Understanding dynamic denial of service attack inmobile ad hoc networks, in: IEEE Military CommunicationConference (MILCOM), 2006.
[25] S. Choi, D. Kim, D. Lee, J. Jung, WAP: wormhole attack preventionalgorithm in mobile ad hoc networks, in: IEEE International
S. Khan et al. / Computer Networks 56 (2012) 491–503 503
Conference on Sensor Networks, Ubiquitous, and TrustworthyComputing, 2008.
[26] Y. Zhang, J. Luo, H. Hu, Wireless mesh networking, Wireless MeshNetworking, Architectures, Protocols and Standards, first ed.,Auerbach Publications, Taylor and Francis Group, NY, 2006, ISBN0849373999.
[27] L. Santhanam, D. Nandiraju, N. Nandiraju, D.P. Agrawal, Active cachebased defence against DoS attacks in wireless mesh network, in: 2ndIEEE International Symposium on Wireless Pervasive Computing,2007.
[28] F. Ferreri, M. Bernaschi, L. Valcamonici, Access point vulnerabilitiesto DoS attacks in 802.11 networks, in: IEEE WirelessCommunications and Networking Conference, March 2004.
[29] H.M. Deng, W. Li, D.P. Agarwal, Routing security in wireless ad hocnetworks, IEEE Communication Magazine 40 (10) (2002) 70–75.
[30] L. Santhanam, D. Nandiraju, N. Nandiraju, D.P. Agrawal, Active cachebased defence against DoS attacks in wireless mesh network, in: 2ndIEEE International Symposium on Wireless Pervasive Computing,2007.
[31] F. Nait-Abdesselam, B. Bensaou, T. Taleb, Detecting and avoidingwormhole attacks in wireless ad hoc networks, IEEE CommunicationMagazine 46 (4) (2008) 127–133.
[32] C. Zouridaki, B.L. Mark, M. Hejmo, Byzantine robust trustestablishment for mobile ad hoc networks, Springer Journal ofTelecommunication Systems 35 (3–4) (2007) 189–206.
[33] Routing Basics, Cisco Internetworking Handbook. Available at:<http://users.teilam.gr/�skontos/tei_site/html/pdf_cisco/Routing/routing_basic.pdf>, 2009 (accessed February 2009).
[34] D. Walden, The Bellman–Ford Algorithm and Distributed Bellman–Ford. Available at: <http://www.walden-family.com/public/bf-history.pdf>, 2008 (accessed December 2008).
[35] N. Madhusudhan, Simulation of Bellman’s Algorithm. Available at:<http://www.laynetworks.com/Simulation%20of%20Bellman%20Algorithm.htm>, 2008 (accessed December 2008).
[36] G. Pandurangan, Purdue University Research 2004. Available at:<http://www.cs.purdue.edu/homes/gopal/cs580-2004/19.pdf>,2008 (accessed December 2008).
[37] Y-C Hu, D.B. Johnson, D. Perrig, SEAD: secure efficient distance vectorrouting for mobile wireless ad hoc networks, Elsevier Ad HocNetworks 1 (2003) 175–192.
[38] S. Floyd, V. Jacobson, Random early detection gateways forcongestion avoidance, IEEE Transactions on Networking 1 (4) (1993).
[39] K. Xu, M. Gerla, L. Qi, Y. Shu, Enhancing TCP fairness in ad hocwireless networks using neighborhood red, in: Proceedings of ACMMOBICOM, 2003.
[40] D. Johnson, D.A. Maltz, Dynamic Source Routing in Ad hoc WirelessNetworks, Kluwer Academic, 1996 (Chapter 5, pp. 153–181).
[41] A. Babakhouya et al., A simulation analysis of routing misbehaviourin mobile ad hoc networks?, in: NGMAST/Workshop on MobileSecurity, Europe, 2008.
[42] S. Khan, K-K. Loo, N. Mast, T. Naeem, SRPM: secure routing protocolfor IEEE 802.11 infrastructure-based wireless mesh networks,Springer Journal of Network and Systems Management 18 (2)(2010) 190–209.
[43] M. Dashti, S. Khorandi, WMQR: a field based QoS routing protocol inwireless mesh networks, in: Proceedings of IEEE CommunicationSociety (WCNC), 2010.
[44] C. Li, Z. Wang, C. Yang, Secure routing for wireless mesh networks,International Journal of Network Security 12 (3) (2011) 350–361.
[45] X. Li, L. Qian, J. Kamto, Secure anonymous routing in wireless meshnetworks, IEEE Proceedings, 2009.
Shafiullah Khan is currently a PhD candidatein the School of Engineering and Design,Brunel University, West London, UK. He is alsoaffiliated with the Institute of InformationTechnology, Kohat University of Science andTechnology (KUST), N.W.F.P, Pakistan as alecturer. His research mainly focuses onwireless broadband network architecture,security and privacy, security threats andmitigating techniques.
Dr. Alrajeh obtained his Ph.D. in biomedicalInformatics engineering from Vanderbilt Univer-sity, USA. Currently, Dr.Alrajeh is an associateprofessor of Medical Informatics at BiomedicalTechnology Department, King Saud University.Dr.Alrajeh worked as a senior advisor for theMinistry of Higher Education, his role was inimplementing development programs includingeducational affairs, strategic planning andresearch and innovation. Research interests ofDr.Alrajeh include E-health Applications, HospitalInformation Systems, Telemedicine, Intelligent
Tutoring Systems and Wireless Sensor Network.
Kok-Keong Loo a.k.a. Jonathan Loo [M’01]received his MSc (Distinction) and PhD atUniversity of Hertfordshire, UK in 1998 and2003, respectively. Thereafter, he joined theSchool of Engineering and Design, BrunelUniversity, West London, UK, as a lecturer inmultimedia communications. Currently, heserves as a course director for MSc DigitalSignal Processing and heads a team of 9 activePhD candidates in the area of multimediacommunications. His current research inter-ests include visual media processing and
transmission, digital/wireless signal processing, and wireless/broadbandnetwork architecture, protocols and securities.