Protecting IEEE 802.11s wireless mesh networks against insider attacks

IEEE 802.11s is an emerging standard for wireless mesh networks. Networks based on IEEE 802.11s directly benefit from existing security mechanisms in IEEE 802.11. This limits the attack surface of IEEE 802.11s significantly for adversaries that cannot authenticate with the network. Mesh networks are, however, often conceived for community network scenarios, which are inherently more open than managed infrastructure networks. This openness entails an increased risk of insider attacks, i.e., attacks by compromised stations that can authenticate with the network. Currently, IEEE 802.11s is lacking adequate protection against such insider attacks. In this paper, we hence derive an attack model for insider attacks and present two insider attack strategies to which IEEE 802.11s networks are prone, namely impairing the network performance and preventing communication between a pair of nodes. We design countermeasures that allow to defend the wireless network against both types of attacks. Our implementations only incur marginal computational and memory overheads, while the network security is measurably strengthened.

[1]  Voon Chin Phua,et al.  Wireless lan medium access control (mac) and physical layer (phy) specifications , 1999 .

[2]  Somanath Tripathy,et al.  THWMP: trust based secure routing for wireless mesh networks , 2011, ICCCS '11.

[3]  Peng Ning,et al.  How to misuse AODV: a case study of insider attacks against mobile ad-hoc routing protocols , 2003, Ad Hoc Networks.

[4]  Charles E. Perkins,et al.  Ad-hoc on-demand distance vector routing , 1999, Proceedings WMCSA'99. Second IEEE Workshop on Mobile Computing Systems and Applications.

[5]  Stefan Schlott,et al.  Securing ad hoc routing protocols , 2004, Proceedings. 30th Euromicro Conference, 2004..

[6]  Elizabeth M. Belding-Royer,et al.  Authenticated routing for ad hoc networks , 2005, IEEE Journal on Selected Areas in Communications.

[7]  D. Harkins,et al.  Simultaneous Authentication of Equals: A Secure, Password-Based Key Exchange for Mesh Networks , 2008, 2008 Second International Conference on Sensor Technologies and Applications (sensorcomm 2008).

[8]  Choong Seon Hong,et al.  A Secure Hybrid Wireless Mesh Protocol for 802.11s Mesh Network , 2008, ICCSA.

[9]  Ralf Steinmetz,et al.  The rise and fall of the AODV protocol: A testbed study on practical routing attacks , 2010, IEEE Local Computer Network Conference.

[10]  A. M. Abdullah,et al.  Wireless lan medium access control (mac) and physical layer (phy) specifications , 1997 .