Wireless Networks and Security

Computer programs that radio amateurs use in their digital networks give various opportunities for checking user authentication before allowing access to sensitive parts of communication systems. Those systems include not only email servers that handle amateur radio messaging and file exchange, but also include radio-relay networks of digital repeaters that operate in big cities, or in rural and remote locations. This chapter summarizes results of experiments performed in real amateur packet radio networks as well as those provided by simulations with amateur radio software in local area networks. Our intention was to test security in accessing e-mail servers and radio relay systems within the average amateur radio digital infrastructure. This study suggests various methods which aim is to bridge the gap between the improved safety, and eventual discomfort in regular end-user’s and system administrator’s activities. We focused our work to the following challenges: user authentication in amateur radio email servers; key management, i.e. obtaining, installing, and renewing secret documents (‘keys’) in between end-users and system administrators; encryption of email content and user passwords; attacks, epidemics, and appropriate countermeasures; and other protective actions that increase the security and satisfaction in average network participants. Described methods will help practitioners, students and teachers in computer science and communication technologies in implementing exciting amateur radio wireless opportunities within educational computer networks, as well as in planning new telecommunication systems.

Mobile Ad hoc Networks (MANET) are infrastructure-less networks characterized by lack of prior configuration and the hostile environments. Their unique properties make them a natural candidate for situations where unplanned network establishment is required. However this flexibility leads to a number of security challenges. Security in MANET is a very complex job and requires considerations on the issues spanning across all the layers of communication stack. This chapter reviews the security problem in MANET. It provides an updated account of the security solutions for MANET with detailed discussions on secure routing, intrusion detection system and key management problems. The chapter is concluded with a comprehensive security solution for MANET.

A mobile ad hoc network (MANET) is a wireless network with high of mobility, no fixed infrastructure and no central administration. These characteristics make MANET more vulnerable to attack. In ad hoc network, active attack i.e. DOS, and blackhole attack can easily occur. These attacks could decrease the performance of the routing protocol. In this chapter, we proposed new trust mechanism that has the ability to detect and prevent the potentials attacks into a wireless ad hoc network especially for Denial of Service (DOS) and blackhole attacks. We have proposed some modifications of AODV routing protocol with implemented a trust level calculation. Our proposed mechanism will detect the attack by calculate local and global trust parameters. When a node is suspected as an attacker, the security mechanism will isolate it from the network before communication established. To perform the trust calculation, each node should get all the activity information from his neighbor. In order to ensure the nodes can hear all the activities of his neighbors, each node will run in promiscuous mode. Simulation has been conducted using NS-2 to evaluate our proposed protocol under dos and blackhole attack. We compare the performance of our proposed protocol with existing secure routing protocol such as TCLS [14], LLSP [16], and RSRP [17]. The simulation result shows that our proposed protocols outperform other secure protocols under DOS and blackhole attack in term of packet delivery ratio, end to end delay and routing overhead. We demonstrate that the proposed protocol improves significantly the performance of secure routing protocol.

Vehicular Ad-hoc Networks (VANETs) can make roads safer, cleaner, and smarter. It can offer a wide range of services, which can be safety and non-safety related. Many safety-related VANETs applications are real-time and mission critical, which would require strict guarantee of security and reliability. Even non-safety related multimedia applications, which will play an important role in the future, will require security support. Lack of such security and privacy in VANETs is one of the key hindrances to the wide spread implementations of it. An insecure and unreliable VANET can be more dangerous than the system without VANET support. So it is essential to make sure that “life-critical safety” information is secure enough to rely on. Securing the VANETs along with appropriate protection of the privacy drivers or vehicle owners is a very challenging task. In this work we summarize the attacks, corresponding security requirements and challenges in VANETs. We also present the most popular generic security policies which are based on prevention as well detection methods. Many VANETs applications require system-wide security support rather than individual layer from the VANETs’ protocol stack. In this work we will review the existing works in the perspective of holistic approach of security. Finally, we will provide some possible future directions to achieve system-wide security as well as privacy-friendly security in VANETs.

Wireless communications will be fundamental in future Machine-to- Machine (M2M) pervasive environments where new applications are expected to employ sensing and actuating devices that are able to autonomously communicate without human intervention. M2M devices using wireless communications are expected to represent fundamental components of a future Internet where applications will allow users to transparently interact with its physical surroundings. The heterogeneity of the characteristics envisioned for M2M devices and applications calls for new approaches regarding how devices communicate wirelessly at the various protocol layers and how security should be designed for such communications. As such devices and communications are expected to support security-critical applications, the security of M2M wireless communications is particularly important.

Since most M2M wireless devices will be seriously constrained in terms of computational capability and energy, security for M2M wireless communications must consider such limitations. This implies that existing security mechanisms may not be appropriate for M2M communications. The particular characteristics and the heterogeneity of the characteristics of M2M devices is currently motivating the design of a plethora of new communication protocols at the various communication layers.

As M2M is a fundamentally recent research area, we currently verify a lack of research contributions that are clearly able to identify the main issues and approaches in targeting security on M2M environments. In this chapter we analyze security for wireless communications considering also protocols in the process of standardization, as such technologies are likely to contribute to future standard communications architecture for wireless M2M systems. We start by addressing the security issues and vulnerabilities related with the usage of wireless M2M communication technologies on applications in various application environments. Such threats to wireless communications are present not only due to the usage of wireless communication in security-threatening environments but also to the inherent constraints of M2M sensing devices. We also discuss ways for strengthening security for wireless communications at the various layers of the communications stack. We also verify that most of the current proposals for M2M wireless communications technologies lack fundamental security assurances and discuss how this major challenge may be targeted by research and standardization work.

The goal of this chapter is twofold, as on the one side we perform a survey on the main security issues of the usage of currently available M2M wireless communication technologies and also discuss the main approaches to introduce security for such communications, while on the other side we discuss future approaches to security in wireless M2M environments. Various characteristics of such environments will pose challenges and motivate new approaches for security. In fact, many aspects of M2M applications will require a paradigm shift in how security is designed for M2M applications, devices and wireless communications technologies.

Wireless Body Area Sensor Networks (WBANs) are becoming more and more popular and have shown great potential in real-time monitoring of the human body. With the promise of cost effective, unobtrusive, and unsupervised continuous monitoring, WBANs have attracted a wide range of monitoring applications such as healthcare, sport activity and rehabilitation systems. However, in using the advantage of WBANs, a number of challenging issues should be resolved. Besides open issues in WBANs such as standardization, energy efficiency and Quality of Service (QoS), security and privacy issues are one of the major concerns. Since these wearable systems control life-critical data, they must be secure. Nevertheless, addressing security in these systems faces some difficulties. WBANs inherit most of the well known security challenges from Wireless Sensor Networks (WSN). However, typical characteristics of WBANs, such as severe resource constraints and harsh environmental conditions, pose additional unique challenges for security and privacy support. In this chapter, we will survey major security and privacy issues and potential attacks in WBANs. In addition, we will explain an unsolved quality of service problem which has great potential to pose a serious security issues in WBANs, and then we discuss a potential future direction.

This chapter presents a detailed survey on various aspects on security and privacy issues in Wireless Mesh Networks. The chapter is written both for the general readers as well as for the experts in the relevant areas. Future research issues and open problems are also mentioned so that the researchers could find appropriate directions to go ahead with their research works after reading the presented materials in this work.

Establishment of trust is amongst the most critical aspects of any system’s security. For any network, trust refers to a set of relationships amongst the entities participating in the network operations. Trust establishment plays a key role in prevention of attacks in VANET. The nodes involved in defense of the network against such attacks must establish mutual trust for the network to operate smoothly. It is a major challenge as a receiving node needs to ensure authenticity and trust-ability of the received messages before reacting to them. It is assumed that each node in a VANET is equipped with a trust system to take such decisions. There are two options for trust establishment (1) Based on static infrastructure, (2) Dynamic establishment of trust in a self organized manner. Trust based on static infrastructure is more efficient and robust than dynamic infrastructure. The only concern using static infrastructure is the unavailability of fixed infrastructure in some locations. The main objective of this paper is to describe various trust establishment approaches for VANET. If all the nodes establish trust with other nodes in VANET, probability of occurrence of attacks can be drastically reduced.

The intent of this chapter is to introduce side channel attacks as a significant threat for wireless sensor networks, since in such systems the individual sensor node can be accessed physically and analysed afterwards. Even though such attacks are known for some years, they have never been specifically considered before in the area of WSNs (Wireless Sensor Networks).

Wireless sensor networks (WSNs) have generated immense interest among researches for the last few years motivated by several theoretical and practical challenges. The increase in interest is mainly attributed to new applications designed with large scale networks consisting of devices capable of performing computations on the sensed data and finally processing the data for transmitting to remote locations. Providing security to WSNs plays a major role as these networks are generally deployed in inaccessible terrain and also for their communication being in the wireless domain. These reasons impose security mechanisms to be employed on the highly vulnerable sensor networks that are robust enough to handle attacks from adversaries. WSNs consist of nodes having limited resources and therefore classical security measures applicable in traditional networks cannot be applied here. So the need of the hour is using systems that lie within the boundary of the sensor nodes resource potential as well competent enough to handle attacks. Intrusion detection is one such defense used in sensor networks having the ability to detect unknown attacks and finding means to thwart them. Researches have found intrusion detection system (IDS) to be very much compatible in sensor networks. Therefore intrusion detection holds a very prominent research area for researchers. So familiarity with this promising research field will surely benefit the researchers. Keeping this in mind we survey the major topics of intrusion detection in WSNs. The survey work presents topics such as the architectural models used in the different approaches for intrusion detection, different intrusion detection techniques and highlights intrusion detection methods applicable for the different layers in sensor networks. The earlier achievements in intrusion detection in WSNs are also summarized along with more recent works and existing problems are discussed. We also give an insight into the possible directions for future work in intrusion detection involving different aspects in sensor networks.

Wireless Reconfigurable Networks (WRN) adapt rapidly and flexibly to network variations, providing advantages to establish efficient communication for emergency operations, disaster relief efforts, and military networks. Security is a necessity where data integrity and confidentiality are exposed to attacks. Security schemes are based on cryptography, providing an expensive and partial defense, since high processing needs are inconvenient for WRN. Hence, the design of a distributed, low cost detection and defense mechanism is important.

In this chapter, we present the fundamentals of network coding in WRN, its advantages and how particular problems in wireless networks limit those. We provide an algebraic representation of a distributed, low cost Detection and Defense Mechanism (DDM) that responds to the WRN demands. We evaluate quality of routes involved in the security mechanism, as well as make a selection of the best route for the DDM. The DDM uses network coding to distribute information, and to detect and defend from sink holes and selective forwarding attacks. For performance, we include the number of successful packets, overhead and accuracy in terms of detected attacks and false detections.

Time synchronization is required in wireless sensor networks in order to improve its performance. This improvement could be noticed in terms of energy, storage, computation, shared resources or bandwidth. One of the main applications in WSNs has been to decrease the energy consumption. A wireless network can save energy with this feature, but if this synchronization is corrupted, it could cause a worse behavior. Firstly, we will analyze which are the most important time synchronization issues. Then, a secure time synchronization method will be presented for group-based wireless sensor networks to avoid malicious attacks. The synchronization technique is based on a system model for secure intra-group synchronization. This system will use simple messages, where nodes of each group will exchange several parameters like time stamps, groupID, etc. in order to make a secure system. The system proposed has high scalability, due to group-based feature, while saves energy thanks to the designed synchronization technique. In order to test our proposal we will simulate several situations to show the performance of our synchronization algorithm.

Secure communications and cryptography is as old as civilization itself. The Greek Spartans for instance would cipher their military messages and, for Chinese, just the act of writing the message constituted a secret message since almost no-one could read or write Chinese. Modern public key Cryptography until the mid 1980’s was founded on computational complexity of certain trap-door one-way functions that are easy to compute in one direction, but very difficult in the opposite direction. To a large extent computational complexity is still the lynchpin of modern cryptography, but the whole paradigm was revolutionized by introduction of Quantum Key Distribution (QKD) which is founded on fundamental laws of Physics. Indeed, to date, QKD is de-facto the most successful branch of Quantum Information Science (QIS) encompassing such areas as quantum computing which is still in its infancy.

Modern QKD is fundamentally composed of a series of three steps that shall be explained later in the chapter: 1) data transmission over the error-prone quantum channel; 2) information reconciliation to allow the parties engaged in communication to have two identical copies of a message that may not be as secure as desired; and 3) privacy amplification that ensures the parties possess copies of messages about which the information that could have possibly be gleaned by the eavesdropper is below a desirable threshold. It is this sufficiently private and often much shorter message that can be used as the secret key to allow exchange of longer messages between the legitimate parties.

Step-1 must be based on the laws of quantum physics, whereas step-2 and -3 either necessitate the use of quantum error correcting codes which are often complex or as is often done in practice, based on information exchange over a classical public channel.

Objective of this chapter is to give a tutorial presentation and evaluation of QKD protocols at the systems level based on classical error-correcting codes. The QKD systems can provide perfect security (from the viewpoint of information theory) in the distribution of a cryptographic key. QKD systems and related protocols, under particular conditions, can use the classic channel coding techniques instead of quantum error-correcting codes, both for correcting errors that occurred during the exchange of a cryptographic key between two authorized users, and to allow privacy amplification, in order to make completely vain a possible intruder attempt. The secret key is transmitted over a quantum, and thus safe channel, characterized by very low transmission rates and high error rates. This channel is safe given the properties of a quantum system, where each measurement on the system perturbs the system itself, allowing the authorized users to detect the presence of any intruder. Moreover, as shown by accurate experimental studies, the communication channel used for quantum key exchange is not able to reach high levels of reliability (the Quantum Bit Error Rate - QBER - may have a high value), both because of the inherent characteristics of the system, and of the presence of a possible attacker. In order to obtain acceptable residual error rates, it is necessary to use a parallel classical and public channel, characterized by high transmission rates and low error rates, on which to transmit only the redundancy bits of systematic channel codes with performance possibly close to the capacity limit. Furthermore, since the more redundancy is added by the channel code, the more the corresponding information can be used to decipher the private message itself, it becomes necessary to design high-rate codes obtained by puncturing a low-rate mother code, possibly achieving a redundancy such that elements of the secret message cannot be uniquely determined from the redundancy itself.

Security in the wireless access network gained increasing interest over the last years. Its implementation varies from one access network to another. The current trend in wireless access network is towards implementing mechanisms for mobility management namely handoff process and quality of service control. Consequently, security should be taken into consideration at each handoff process which may occur between different technologies (intertechnology) or within the same (intra-technology). At the same time, security provisioning impact on network performances (e.g. end-to-end delay, throughput) should be controlled. This chapter aims to give a better understanding of security measures and protocols available in two distinct wireless network families, namely the Wireless Wide Area Network (WWAN) and the Wireless Local Area Network (WLAN). WWAN family includes the wide coverage area technologies such as the Long-term Evolution (LTE), also named as Evolved Packet System (EPS). On the other hand, WLAN are characterized by having a small coverage area. It includes the WiFi (802.11) technology. Each time, the chapter highlights the mechanisms employed by access network to ensure the trade-off between secured mobility and application requirements in terms of delay and throughput.