An Impregnable Lightweight Device Discovery (ILDD) Model for the Pervasive Computing Environment of Enterprise Applications

The worldwide use of handheld devices (personal digital assistants, cell phones, etc.) with wireless connectivity will reach 2.6 billion units this year and 4 billion by 2010. More specifically, these handheld devices have become an integral part of industrial applications. These devices form pervasive ad hoc wireless networks that aide in industry applications. However, pervasive computing is susceptible and vulnerable to malicious active and passive snoopers. This is due to the unavoidable interdevice dependency, as well as a common shared medium, very transitory connectivity, and the absence of a fixed trust infrastructure. In order to ensure security and privacy in the pervasive environment, we need a mechanism to maintain a list of valid devices that will help to prevent malicious devices from participating in any task. In this paper, we will show the feasibility of using a modified human- computer authentication protocol in order to prevent the malicious attacks of ad hoc networks in industrial applications. We will also present two separate models for both large and small networks, as well as several possible attack scenarios for each network.     

Research Issues in Ad-Hoc Distributed Personal Networking

This paper discusses the research issues that need to be addressed in order to create a personal distributed environment where people interact with various companion, embedded, or invisible computers not only in their close vicinity but potentially anywhere. These systems are called personal networks (PNs). They constitute a category of distributed systems with very specific characteristics. They are configured in an ad hoc fashion, as the opportunity and the demand arise, to support personal applications. PNs consist of communicating clusters of personal digital devices, devices shared with other people and even infrastructure-based systems. At the heart of a PN is a core Personal Area Network (PAN), which is physically associated with the owner of the PN. Unlike the present PANs that have a geographically limited coverage, the Personal Operating Space, PNs have an unrestricted geographical span, and incorporate devices into the personal environment regardless of their geographic location. In order to do this they need the services of infrastructure-based networks and ad-hoc networks to extend their reach. A PN extends and complements the concept of pervasive computing. We show that PNs introduce new design challenges due to the heterogeneity of the involved technologies, the need for self-organization, the dynamics of the system composition, the application-driven nature, the co-operation with infrastructure-based networks, and the security hazards. We discuss the impact of these problems on network design, assess present and proposed solutions, and identify the research issues. This revised version was published online in August 2006 with corrections to the Cover Date.     

An efficient heterogeneous key management approach for secure multicast communications in ad hoc networks

In a mobile wireless ad hoc network, mobile nodes cooperate to form a network without using any infrastructure such as access points or base stations. Instead, the mobile nodes forward packets for each other, allowing communication among nodes outside wireless transmission range. As the use of wireless networks increases, security in this domain becomes a very real concern. One fundamental aspect of providing confidentiality and authentication is key distribution. While public-key encryption has provided these properties historically, ad hoc networks are resource constrained and benefit from symmetric key encryption. In this paper, we propose a new key management mechanism to support secure group multicast communications in ad hoc networks. The scheme proposes a dynamic construction of hierarchical clusters based on a novel density function adapted to frequent topology changes. The presented mechanism ensures a fast and efficient key management with respect to the sequential 1 to n multicast service.     

Secure interconnection protocol for integrated Internet and ad hoc networks

Integration of ad hoc networks with the Internet provides global Internet connectivity for ad hoc hosts through the coordination of mobile IP and ad hoc protocols. In a pure ad hoc network, it is difficult to establish trust relationship between two ad hoc hosts due to lack of infrastructure or centralized administration. In this paper, an infrastructure‐supported and distributed authentication protocol is proposed to enhance trust relationships amongst ad hoc hosts. In addition, an effective secure routing protocol (SRP) is discussed to protect the multi‐hop route for Internet and ad hoc communication. In the integrated ad hoc networks with Internet accessibility, the ad hoc routing security deployed with the help of infrastructure has a fundamental impact on ad hoc hosts in term of Internet access, integrity, and authentication. Both analysis and simulation results demonstrate the effectiveness of the proposed security protocol. Copyright © 2007 John Wiley & Sons, Ltd.     

Extending Global IP Connectivity for Ad Hoc Networks

Ad hoc networks have thus far been regarded as stand-alone networks without assumed connectivity to wired IP networks and the Internet. With wireless broadband communications and portable devices with appropriate CPU, memory and battery performance, ad hoc connectivity will become more feasible and demand for global connectivity through ad hoc networking is likely to rapidly grow. In this paper we propose an algorithm and describe a developed prototype for connectivity between an ad hoc network running the ad hoc on-demand distance-vector protocol and a wired IP network where mobile IP is used for mobility management. Implementation issues and performance metrics are also discussed.     

SOS: Self‐organized secure framework for VANET

While authentication is a necessary requirement to provide security in vehicular ad hoc networks, user's personal information such as identity and location must be kept private. The reliance on road side units or centralized trusted authority nodes to provide security services is critical because both are vulnerable, thus cannot be accessed by all users, which mean security absence. In this paper, we introduce a self‐organized secure framework, deployed in vehicular ad hoc networks. The proposed framework solution is designed not only to provide an effective, integrated security and privacy‐preserving mechanism but also to retain the availability of all security services even if there are no road side units at all and/or the trusted authority node is compromised. A decentralized tier‐based security framework that depends on both trusted authority and some fully trusted nodes cooperated to distribute security services is presented. Our approach combines the useful features of both Shamir secret sharing with a trust‐based technique to ensure continuity of achieving all security services. Mathematical analysis of security issues that the proposed framework achieves as well as the availability of offering security services is provided. Proposed framework examination was done to show the performance in terms of storage, computation complexity, and communication overhead as well as its resilience against various types of attacks. Comparisons with different types of security schemes showed that the protocol developed gave better results in most comparison parameters while being unique ensuring continuity of security services delivery.     

Efficient routing for wireless mesh networks using a backup path

Wireless mesh networks (WMNs) have a proven record in providing viable solutions for some of the fundamental issues in wireless networks such as capacity and range limitations. WMN infrastructure includes clusters of mobile ad‐hoc networks connected through a fixed backbone of mesh routers. The mesh network can be constrained severely because of various reasons, which could result in performance degradation such as a drop in throughput or long delays. Solutions to this problem often focus on multipath or multichannel extensions to the existing ad‐hoc routing protocols. In this paper, we propose a novel solution by introducing an alternative path to the mesh backbone that traverses the mobile ad‐hoc networks part of the WMN. The new routing solution allows the mobile nodes (MNs) to establish direct communication among peers without going through the backbone. The proposed alternative ad‐hoc path is used only when the mesh backbone is severely constrained. We also propose, for the first time in WMNs, using MNs with two interfaces, one used in the mesh backbone communication and the other engaged in the ad‐hoc network. A scheme is presented for making the MN aware of link quality measures by providing throughput values to the ad‐hoc on‐demand distance vector protocol. We use piggybacking on route reply messages in ad‐hoc on‐demand distance vector to avoid incurring additional costs. We implemented our solution in an OPNET simulator and evaluated its performance under a variety of conditions. Simulation results show that the alternative ad‐hoc path provides higher throughput and lower delays. Delay analysis show that the throughput improvement does not impose additional costs. Copyright © 2012 John Wiley & Sons, Ltd.     

Battery-aware Routing in Personal Networks

A personal network (PN) is a network of devices belonging to a person. It can consist of a number of ad hoc sub-networks which are linked together through the Internet. We study battery-aware routing for multi-hop connectivity in sub-networks of PNs, and propose a new algorithm. The proposed algorithm takes the advantage of having mains-connected devices in a PN to direct the traffic to such devices and avoid relaying over nodes with low battery energy. A consequence of this strategy is directing the traffic load to static nodes of the network as well, since mains-connected nodes are static while battery-powered nodes could be mobile. This results in less route failures due to less mobility of nodes along a chosen path. We comprehensively compare the performance of our proposed algorithm with the performance of some well-known algorithms from the literature. We consider the effect of node density, routing overhead, heterogeneity of nodes in terms of their power supplies, gateway-oriented communication, mobility of nodes, and transmission power control, on the performance of battery-aware routing algorithms in PNs. Taking into account various parameters and different scenarios, we show that directing the traffic to mains-powered nodes can profoundly increase operational lifetime of the network. Our algorithm, as well as the results of our work, can also be applied to other types of ad hoc networks with heterogeneous power supplies.     

Detecting unauthorized and compromised nodes in mobile ad hoc networks

Security of mobile ad hoc networks (MANET) has become a more sophisticated problem than security in other networks, due to the open nature and the lack of infrastructure of such networks. In this paper, the security challenges in intrusion detection and authentication are identified and the different types of attacks are discussed. We propose a two-phase detection procedure of nodes that are not authorized for specific services and nodes that have been compromised during their operation in MANET. The detection framework is enabled with the main operations of ad hoc networking, which are found at the link and network layers. The proposed framework is based on zero knowledge techniques, which are presented through proofs.     

Security in wireless sensor networks

With sensor networks on the verge of deployment, security issues pertaining to the sensor networks are in the limelight. Though the security in sensor networks share many characteristics with wireless ad hoc networks, the two fields are rapidly diverging due to the fundamental differences between the make‐up and goals of the two types of networks. Perhaps the greatest dividing difference is the energy and computational abilities. Sensor nodes are typically smaller, less powerful, and more prone to failure than nodes in an ad hoc network. These differences indicate that protocols that are valid in the context of ad‐hoc networks may not be directly applicable for sensor networks. In this paper, we survey the state of art in securing wireless sensor networks. We review several protocols that provide security in sensor networks, with an emphasis on authentication, key management and distribution, secure routing, and methods for intrusion detection. Copyright © 2006 John Wiley & Sons, Ltd.     

Non-repudiable authentication and billing architecture for wireless mesh networks

Wireless mesh networks (WMNs) are a kind of wireless ad hoc networks that are multi-hop where packets are forwarded from source to destination by intermediate notes as well as routers that form a kind of network infrastructure backbone. We investigate the security of the recently proposed first known secure authentication and billing architecture for WMNs which eliminates the need for bilateral roaming agreements and that for traditional home-foreign domains. We show that this architecture does not securely provide incontestable billing contrary to designer claims and furthermore it does not achieve entity authentication. We then present an enhanced scheme that achieves entity authentication and nonrepudiable billing.     

Modeling Mobility in Cooperative Ad Hoc Networks

This paper addresses issues concerned with design and managing of mobile ad hoc networks. We focus on self-organizing, cooperative and coherent networks that enable a continuous communication with a central decision unit and adopt to changes in an unknown environment to achieve a given goal. In general, it is very difficult to model a motion of nodes of a real-life ad hoc network. However, mobility modeling is a critical element that has great influence on the performance characteristics of a cooperative system. In this paper we investigate a novel approach to cooperative and fully connected networks design. We present an algorithm for efficient calculating of motion trajectories of wireless devices. Our computing scheme adopts two techniques, the concept of an artificial potential field and the concept of a particle-based mobility. The utility and efficiency of the proposed approach has been justified through simulation experiments. The results of presented case studies show a wide range of applications of our method starting from simple to more complex ad hoc networks.     

A light-weight authentication scheme for wireless sensor networks

Sensor networks are ad hoc mobile networks that include sensor nodes with limited computational and communication capabilities. They have become an economically viable monitoring solution for a wide variety of applications. Obviously, security threats need to be addressed and, taking into account its limited resources, the use of symmetric cryptography is strongly recommended. In this paper, a light-weight authentication model for wireless sensor networks composed of a key management and an authentication protocol is presented. It is based on the use of simple symmetric cryptographic primitives with very low computational requirements, which obtains better results than other proposals in the literature. Compared to SPINS and BROSK protocols, the proposal can reduce energy consumption by up to 98% and 67%, respectively. It also scales well with the size of the network, due to it only requiring one interchanged message, independently of the total number of nodes in the network.     

Privacy‐preserving authentication schemes for vehicular ad hoc networks: a survey

Vehicular ad hoc networks (VANETs) are expected in improving road safety and traffic conditions, in which security is essential. In VANETs, the authentication of the vehicular access control is a crucial security service for both inter‐vehicle and vehicle–roadside unit communications. Meanwhile, vehicles also have to be prevented from the misuse of the private information and the attacks on their privacy. There is a number of research work focusing on providing the anonymous authentication with preserved privacy in VANETs. In this paper, we specifically provide a survey on the privacy‐preserving authentication (PPA) schemes proposed for VANETs. We investigate and categorize the existing PPA schemes by their key cryptographies for authentication and the mechanisms for privacy preservation. We also provide a comparative study/summary of the advantages and disadvantages of the existing PPA schemes. Lastly, the open issues and future objectives are identified for PPA in VANETs. Copyright © 2014 John Wiley & Sons, Ltd.     

Trust based authentication technique for cluster based vehicular ad hoc networks (VANET)

Since Vehicular ad hoc networks (VANETs) are vulnerable to various kinds of attacks, there is a need to fulfill the security requirements like message privacy, integrity, and authentication. The authentication technique is said to be efficient if it detects compromised nodes accurately with less complexity, reduced authentication delay, and keying overhead. In this paper, a trust-based authentication scheme for cluster-based VANETs is proposed. The vehicles are clustered, and the trust degree of each node is estimated. The trust degree is a combination of direct trust degree and indirect trust degree. Based on this estimated trust degree, cluster heads are selected. Then, each vehicle is monitored by a set of verifiers, and the messages are digitally signed by the sender and encrypted using a public/ private key as distributed by a trusted authority and decrypted by the destination. This verifies the identity of sender as well as receiver thus providing authentication to the scheme. By simulation results, we prove that the proposed technique provides high security with less overhead and delay.     

Virtual Private Ad Hoc Networking

The fact that a lot of applications require secure communication to take place only between a dynamic subset of distributed devices sharing a common context, is, from a network point of view, very challenging and demanding. Existing technologies such as VPN, P2P overlays or VLANs can only partially respond to these requirements. This observation is the key factor that has driven the proposal of the virtual private ad hoc network concept. Virtual private ad hoc networks (VPAN) are secure and self-organizing overlay networks on top of existing IP infrastructure that use ad hoc networking techniques to enable network connectivity. The underlying IP infrastructure can be the Internet, cellular networks, ad hoc networks, mesh networks … or combinations thereof. A virtual private ad hoc overlay network creates a transparent, shielded and trusted environment for the applications and services running on the participants' devices. The overlay uses internal addressing and ad hoc routing, thereby forming a virtual network on top of the physical infrastructure. In addition, the overlay must be self-organizing and self-maintaining upon member mobility or membership changes. This paper gives an overview of the potential applications, a high-level network architecture and the network challenges emerging from the novel concept of virtual private ad hoc networking. Jeroen Hoebeke was born in Ghent, Belgium in 1979. In 2002 he received the Masters degree in engineering (Computer Science) from the University of Ghent. In August 2002, he joined the Broadband Communications Networks Group. His PhD research includes the development of adaptive routing protocol techniques for mobile ad hoc networks. His main research interests are in ad hoc wireless communications and, more generally, in broadband wireless communications. Within the European MAGNET project, he is actively involved in the development of a network architecture and demonstrator for Personal Networks, with a prime focus on routing and connectivity. Gerry Holderbeke was born in Zottegem, Belgium in 1982. He graduated in Informatics at the University of Ghent in 2004. In August 2004 he joined the Broadband Communications Networks Group where he is currently working as a project developer. His research currently includes the development of an emulator for mobile ad hoc networks. His main research interests are in ad hoc networks and broadband wireless communications and involve routing, addressing and more generally, communication within mobile ad hoc networks and infrastructured networks. Within the European MAGNET project, he is actively involved in the development of a network architecture for Personal Networks, with a prime focus on the implementation of the routing architecture. Ingrid Moerman was born in Gent, Belgium in 1965. She received the degree in Electro-technical Engineering and the Ph.D degree from the Ghent University, Gent, Belgium in 1987 and 1992, respectively. Since 1987, she has been with the Interuniversity Micro-Electronics Centre (IMEC) at the Department of Information Technology (INTEC) of the Ghent University, where she conducted research in the field of optoelectronics. In 1997, she became a permanent member of the Research Staff at IMEC. Since 2000 she is part-time professor at the Ghent University. Since 2001 she has switched her research domain to broadband communication networks. She is currently involved in the research and education on broadband mobile & wireless communication networks and on multimedia over IP. The main research topics related to mobile & wireless communication networks are: wireless access to vehicles (high bandwidth & driving speed), adaptive QoS routing in wireless ad hoc networks, body area networks, protocol boosting on wireless links, design of fixed access/metro part, traffic engineering and QoS support in the wireless access network. Ingrid Moerman is author or co-author of more than 300 publications in the field of optoelectronics and communication networks. Bart Dhoedt received a degree in Engineering from the Ghent University in 1990. In September 1990, he joined the Department of Information Technology of the Faculty of Applied Sciences, University of Ghent. His research, addressing the use of micro-optics to realize parallel free space optical interconnects, resulted in a PhD degree in 1995. After a 2 year post-doc in opto-electronics, he became professor at the Faculty of Applied Sciences, Department of Information Technology. Since then, he is responsible for several courses on algorithms, programming and software development. His research interests are software engineering and mobile & wireless communications. Bart Dhoedt is author or co-author of approximately 70 papers published in international journals or in the proceedings of international conferences. His current research addresses software technologies for communication networks, peer-to-peer networks, mobile networks and active networks. Piet Demeester received the Masters degree in Electro-technical engineering and the Ph.D degree from the Ghent University, Gent, Belgium in 1984 and 1988, respectively. In 1992 he started a new research activity on broadband communication networks resulting in the IBCN-group (INTEC Broadband communications network research group). Since 1993 he became professor at the Ghent University where he is responsible for the research and education on communication networks. The research activities cover various communication networks (IP, ATM, SDH, WDM, access, active, mobile), including network planning, network and service management, telecom software, internetworking, network protocols for QoS support, etc. Piet Demeester is author of more than 300 publications in the area of network design, optimization and management. He is member of the editorial board of several international journals and has been member of several technical program committees (ECOC, OFC, DRCN, ICCCN, IZS, &).     

Traffic load metrics for multihomed mobile IP and global connectivity

Support for host mobility an essential and necessary feature for roaming users who connect to wireless networks via access points. Access points may have different capabilities, be connected to different networks and be installed by different providers. A mobile host will discover multiple access points in this environment. In such an environment, a mobile host should be able to use the best available connection to communicate with a correspondent host and perhaps use multiple connections for different hosts. In areas with wireless local area network access, pockets with limited or no coverage could exist. Such restricted connectivity could be compensated by neighbor hosts who form an ad hoc network and relay packets until they reach an access point. This paper describes and discusses a proposed solution towards enabling and supporting connectivity in wireless networks. In the proposed solution the network layer software will evaluate and decide which wireless network connections to use. A Running Variance Metric (RVM) and a Relative Network Load(RNL) are used to measure the traffic load of access points in wireless access networks. RVM and RNL can be efficiently used for both infrastructure networks and ad hoc networks. Multihomed Mobile IP (M-MIP) is an extension of Mobile IP that enables mobile hosts to use multiple care-of addresses simultaneously. The extension enhances network connectivity by enabling the mobile host, the home agent and correspondent hosts to evaluate and select the best connection. A proposed gateway architecture using M-MIP that integrates wired IP networks with ad hoc networks is described. The M-MIP and gateway architecture using the RVM and RNL metrics have been validated with simulation studies and results are presented.     

Reducing multicast traffic load for cellular networks using ad hoc networks

There has been recent extensive research on integrating cellular networks and ad hoc networks to overcome the limitations of cellular networks. Although several schemes have been proposed to use such hybrid networks to improve the performance of individual multicast groups, they do not address quality of service (QoS) issues when multiple groups are present. This paper, on the other hand, considers an interesting scenario of hybrid networks when an ad hoc network cannot accommodate all the groups and a base station has to select a subset of groups to optimize its bandwidth savings and maximize the utilization of the ad hoc network while providing QoS support for multicast users. In this paper, a network model for multicast admission control that takes wireless interference into account is developed, the group selection problem is formulated as a multidimensional knapsack problem, and an integer linear programming (ILP) formulation and a polynomial-time dynamic algorithm are proposed. A distributed implementation of the dynamic algorithm in real systems is also examined. Simulation studies demonstrate that the dynamic algorithm is able to achieve very competitive performance under various conditions, in comparison with the optimal solution computed by the ILP approach.     

Supporting multicasting in mobile ad‐hoc wireless networks: issues,challenges, and current protocols

The basic philosophy of personal communication services is to provide user‐to‐user, location independent communication services. The emerging group communication wireless applications, such as multipoint data dissemination and multiparty conferencing tools have made the design and development of efficient multicast techniques in mobile ad‐hoc networking environments a necessity and not just a desire. Multicast protocols in mobile ad‐hoc networks have been an area of active research for the past couple of years. This paper summarizes the activities and recent advances in this work‐in‐progress area by identifying the main issues and challenges that multicast protocols are facing in mobile ad‐hoc networking environments, and by surveying several existing multicasting protocols. This article presents a classification of the current multicast protocols, discusses the functionality of the individual existing protocols, and provides a qualitative comparison of their characteristics according to several distinct features and performance parameters. Furthermore, since many of the additional issues and constraints associated with the mobile ad‐hoc networks are due, to a large extent, to the attribute of user mobility, we also present an overview of research and development efforts in the area of group mobility modeling in mobile ad‐hoc networks. Copyright © 2001 John Wiley & Sons, Ltd.     

A Trusted Waterfall Framework Based Peer to Peer Protocol for Reliable and Energy Efficient Data Transmission in MANETs

Advances in lattice-based cryptography are enabling the use of public key algorithms (PKAs) in power-constrained ad hoc and sensor network devices. Unfortunately, while many wireless networks are dominated by group communications, PKAs are inherently unicast—i.e., public/private key pairs are generated by data destinations. To fully realize public key cryptography in these networks, lightweight PKAs should be augmented with energy efficient mechanisms for group key agreement. Recently, many key management schemes for the WSNs have been proposed, but the computation and communication costs of these protocols are too high to suitable for WSNs. This paper proposes a key establish protocol for the WSNs based on combined key. The protocol adopts seed key mapping technology to achieve two-party and multi-party key establish in the WSNs, it can generate a large number of combination keys with little resources. So it effectively solve the contradiction between the sensor nodes need large storage space to store shared key with their neighbors and their limited storage space. It can also achieve mutual authentication between nodes when they establish shared key. Analysis shows that the proposed protocol has the advantages in storage efficiency, computation consumption and Communication consumption and suitable for wireless networks.