Iowa State University Capstones, Theses and Graduate Theses and Dissertations Dissertations 2009 A Systematic Security Approach in Wireless Mesh Networks Xia Wang Iowa State University Follow this and additional works at: https://lib.dr.iastate.edu/etd Part of the Computer Sciences Commons Recommended Citation Wang, Xia, "A Systematic Security Approach in Wireless Mesh Networks" (2009). Graduate Theses and Dissertations. 10729. https://lib.dr.iastate.edu/etd/10729 This Dissertation is brought to you for free and open access by the Iowa State University Capstones, Theses and Dissertations at Iowa State University Digital Repository. It has been accepted for inclusion in Graduate Theses and Dissertations by an authorized administrator of Iowa State University Digital Repository. For more information, please contact [email protected]. A systematic security approach in wireless mesh networks by Xia Wang A dissertation submitted to the graduate faculty in partial fulfillment of the requirements for the degree of DOCTOR OF PHILOSOPHY Major: Computer Science Program of Study Committee: Johnny S. Wong, Major Professor Ying Cai Wensheng Zhang Yong Guan Thomas E. Daniels Iowa State University Ames, Iowa 2009 Copyright °c Xia Wang, 2009. All rights reserved. ii DEDICATION To my parents and my husband - Without whose love and support I would not have been able to complete this work iii TABLE OF CONTENTS LIST OF TABLES . viii LIST OF FIGURES . ix ACKNOWLEDGEMENTS . xi ABSTRACT . xii CHAPTER 1. OVERVIEW . 1 1.1 Introduction . 1 1.2 Wireless Mesh Network . 3 1.2.1 Network Architecture . 3 1.2.2 Characteristics . 4 1.2.3 Applications . 5 1.2.4 Testbeds and Implementations . 6 1.3 Taxonomy of Wireless Attacks in Wireless Mesh Networks . 8 1.4 Challenges and Issues in Wireless Mesh Networks . 11 1.5 Contribution of the Thesis . 12 1.6 Organization of the Thesis . 13 CHAPTER 2. REVIEW OF LITERATURE . 14 2.1 Group Key Management in Wireless Mesh Networks . 14 2.1.1 Introduction . 14 2.1.2 Classification of Group Key Management . 16 2.1.3 Centralized Group Key Management . 16 iv 2.1.4 Decentralized Group Key Management . 18 2.1.5 Distributed Group Key Management . 19 2.2 Intrusion Detection in Wireless Mesh Networks . 20 2.2.1 Introduction . 20 2.2.2 Single-layer Based Intrusion Detection Methods . 22 2.2.3 Cross-layer Based Intrusion Detection Schemes . 23 2.3 Intrusion Response in Multi-hop Wireless Networks . 24 2.3.1 Introduction . 24 2.3.2 Existing Solutions for Intrusion Response . 24 2.4 Summary . 26 CHAPTER 3. A HETEROGENEITY-AWARE FRAMEWORK OF GROUP KEY MANAGEMENT IN WIRELESS MESH NETWORKS . 27 3.1 Introduction . 27 3.2 System Model . 30 3.2.1 Trust Model . 30 3.2.2 Attack Model . 30 3.3 A Heterogeneity-Aware Group Key Management Framework . 32 3.3.1 A Multicast Session in WMN . 33 3.3.2 Initialization of Subgroup Leaders . 34 3.3.3 Join/Leave of a Group Member . 36 3.3.4 Revocation of a Subgroup Leader . 36 3.4 A Heterogeneity-Aware Group Key (HAGK) Management Scheme . 37 3.4.1 Group Initialization . 37 3.4.2 Threshold-based Key Agreement Protocol . 41 3.4.3 Hierarchical Key Tree . 42 3.4.4 Mobility Management . 42 v 3.4.5 Reactive Initialization . 45 3.5 Discussion . 45 3.5.1 Security Analysis . 45 3.5.2 Communication Overhead . 46 3.5.3 Other Issues . 47 3.6 Performance Evaluation . 48 3.6.1 Analysis of Storage Overhead . 48 3.6.2 Simulation . 48 3.7 Summary . 53 CHAPTER 4. CROSS-LAYER DESIGN OF INTRUSION DETECTION IN WIRE- LESS MESH NETWORKS . 58 4.1 Motivation . 58 4.2 Quality Based Routing Metrics . 61 4.3 Cross Layer Detection Model . 63 4.4 Anomaly Detection . 64 4.4.1 Threats in Wireless Mesh Networks . 64 4.4.2 Feature Selection . 65 4.4.3 Classifier . 66 4.5 Experimental Study . 67 4.5.1 Wireless Mesh Network Testbed . 67 4.5.2 Implementation of System Prototype . 68 4.5.3 Performance Evaluation . 69 4.5.4 Attack Scenarios in WMNs . 70 4.5.5 Experimental Results . 71 4.6 Summary . 86 CHAPTER 5. A GENERIC MODEL FOR INTRUSION RESPONSE . 87 vi 5.1 Introduction . 87 5.2 Response Selection Overview . 89 5.3 Generic Response Model . 90 5.3.1 System Elements . 91 5.3.2 Dependency Graph . 92 5.3.3 Cost Propagation Function . 95 5.3.4 Cost Evaluation . 96 5.4 Damage Assessment . 98 5.5 Response Cost Evaluation . 100 5.5.1 Operation Cost . 100 5.5.2 Response System Impact . 100 5.5.3 Response Success . 101 5.6 Response Selection . 101 5.7 Scenarios . 102 5.7.1 Wireless Mesh Network System . 103 5.7.2 Web Service System . 103 5.8 Experimental Results . 104 5.8.1 Dependency Graph . 104 5.8.2 Implementation of Intrusion Response System . 106 5.8.3 Implementation of Responses . 108 5.8.4 Performance Evaluation . 109 5.9 Discussion . 112 5.9.1 Alternative Cost Evaluation . 112 5.9.2 Graph Extension . 113 5.10 Summary . 113 CHAPTER 6. CONCLUSION AND FUTURE WORK . 114 vii 6.1 Conclusion . 114 6.2 Future Work . 115 BIBLIOGRAPHY . 117 viii LIST OF TABLES Table 3.1 List of simulation parameters of cross-layer based IDS . 50 Table 4.1 Threats in wireless mesh networks . 62 Table 4.2 Feature selection for cross-layer based intrusion detection . 62 Table 4.3 Performance of cross-layer based IDS (n=4) . 71 Table 4.4 Performance of network layer based IDS (n=4) . 71 Table 4.5 Performance of cross-layer based IDS (n=10) . 72 Table 4.6 Performance of network layer based IDS (n=10) . 72 Table 5.1 Attacks and intrusion responses . 104 Table 5.2 Performance of response selection system . 111 ix LIST OF FIGURES Figure 1.1 Network architecture of a wireless mesh network . 4 Figure 3.1 WMN multicast session . 35 Figure 3.2 Mobility management of group key management in WMNs . 44 Figure 3.3 Comparison of storage overhead . 49 Figure 3.4 Average rekeying delay . 51 Figure 3.5 Rekeying delay over interval . 54 Figure 3.6 Communication cost . ..