Farid Naït-Abdesselam

Detecting and avoiding wormhole attacks in wireless ad hoc networks

A particularly severe attack on routing protocols in ad hoc networks is the so-called worm- hole attack in which two or more colluding attackers record packets at one location, and tunnel them to another location for replay at that remote location. When this attack targets specifically routing control packets, the nodes that are close to the attackers are shielded from any alternative routes with more than one or two hops to the remote location. All routes are thus directed to the wormhole established by the attackers. In the optimized link state routing protocol, if a wormhole attack is launched during the propagation of link state packets, the wrong link information percolates throughout the network, leading to routing disruption. In this article we devise an efficient method to detect and avoid wormhole attacks in the OLSR protocOLSR protocolol. This method first attempts to pinpoint links that may potentially be part of a wormhole tunnel. Then a proper wormhole detection mechanism is applied to suspicious links by means of an exchange of encrypted probing packets between the two supposed neighbors (endpoints of the wormhole). The proposed solution exhibits several advantages, among which are its nonreliance on any time synchronization or location information, and its high detection rate under various scenarios.

Mitigating Packet Dropping Problem in Mobile Ad Hoc Networks: Proposals and Challenges

In mobile ad hoc networks (MANETs), nodes usually cooperate and forward each others packets in order to enable out of range communication. However, in hostile environments, some nodes may deny to do so, either for saving their own resources or for intentionally disrupting regular communications. This type of misbehavior is generally referred to as packet dropping attack or black hole attack, which is considered as one of the most destructive attacks that leads to the network collapse. The special network characteristics, such as limited battery power and mobility, make the prevention techniques based on cryptographic primitives ineffective to cope with such attack. Rather, a more proactive alternative is required to ensure the safety of the forwarding function by staving off malicious nodes from being involved in routing paths. Once such scheme fails, some economic-based approaches can be adopted to alleviate the attack consequences by motivating the nodes cooperation. As a backup, detection and reaction schemes remain as the final defense line to identify the misbehaving nodes and punish them. In this paper, we make a comprehensive survey investigation on the state-of-the-art countermeasures to deal with the packet dropping attack. Furthermore, we examine the challenges that remain to be tackled by researchers for constructing an in-depth defense against such a sophisticated attack.

Rate-lifetime tradeoff for reliable communication in wireless sensor networks

The network lifetime and application performance are two fundamental, yet conflicting, design objectives in wireless sensor networks. There is an intrinsic tradeoff between network lifetime maximization and application performance maximization, the latter being often correlated to the rate at which the application can send its data reliably in sensor networks. In this paper we study this tradeoff by investigating the interactions between the network lifetime maximization problem and the rate allocation problem with a reliable data delivery requirement. Severe bias on the allocated rates of some sensor nodes may exist if only the total throughput of the sensor network is maximized, hence we enforce fairness on source rates of sensor nodes by invoking the network utility maximization (NUM) framework. To guarantee reliable communication, we adopt the hop-by-hop retransmission scheme. We formulate the network lifetime maximization and fair rate allocation both as constrained maximization problems. We characterize the tradeoff between them, give the optimality condition, and derive a partially distributed algorithm to solve the problem. Furthermore, we propose an approximation of the tradeoff problem using NUM framework, and derive a fully distributed algorithm to solve the problem.

An Acknowledgment-Based Scheme to Defend Against Cooperative Black Hole Attacks in Optimized Link State Routing Protocol

In this paper, we address the problem of cooperative black hole attack, one of the major security issues in mobile ad hoc networks. The aim of this attack is to force nodes in the network to choose hostile nodes as relays to disseminate the partial topological information, thereby exploiting the functionality of the routing protocol to retain control packets. In optimized link state routing (OLSR) protocol, if a cooperative black hole attack is launched during the propagation of topology control (TC) packets, the topology information will not be disseminated to the whole network which may lead to routing disruption. In this paper, we investigate the effects of the cooperative black hole attack against OLSR, in which two colluding MPR nodes cooperate in order to disrupt the topology discovery. Then we propose an acknowledgment based technique that overcomes the shortcomings of the OLSR protocol, and makes it less vulnerable to such attacks by identifying and then isolating malicious nodes in the network. The simulation results of the proposed scheme show high detection rate under various scenarios.

R-MAC: Reservation Medium Access Control Protocol for Wireless Sensor Networks

As sensor nodes are subject to strict power limitations and often deployed in harsh environments, there is significant potential for a node to be hidden from another node. The impact of hidden nodes on performance of the IEEE 802.15.4 low-rate wireless personal area network protocol is evaluated. At lower Tx power, as a result of hidden nodes, there are more collisions in the network increasing the cost of packet delivery. The simulation results indicate that there exists an optimum transmission power that minimizes the impact of hidden nodes, and it depends on factors such as network load, desired throughput and beacon order. Results indicate that additional throughput gain and lower cost per packet delivered can be achieved by increasing the beacon order at higher Tx power.Energy consumption is a critical issue in wireless sensor networks as the battery of a sensor node, in most cases, cannot be recharged or replaced after deployment. In order to detect an event, a sensor node spends most of the time in monitoring its environment, during which a significant amount of energy can be saved by placing the radio in the low power sleep mode when no reception and/or transmission of data is involved. In this paper, we discuss the design of a new MAC protocol for wireless sensor networks, which mainly avoids overhearing, collisions, and frequent commutation between sleep and active modes. These issues are generally considered to be the most important reasons behind energy waste in heavy loaded conditions of wireless sensor networks. The proposed protocol, called Reservation-MAC (R-MAC), uses two separate periods during the communication process. In the first period, nodes compete for time slots reservation for their future transmissions, and in the second period, each node transmits its data or receive data from a corresponding sender. Once a node is aware of its transmission and/or reception time slot, it stays active only for these time slots and goes back to the sleep mode during the remaining time of the transmission period. In our experiments, the performance of the R-MAC protocol is studied in saturated conditions and compared with the well known S-MAC and T- MAC protocols. Depending on the traffic load, the proposed MAC protocol significantly improves the energy consumption compared to S-MAC and T-MAC.

DPS-MAC: an asynchronous MAC protocol for wireless sensor networks

Asynchronous power efficient communication protocols are crucial to the success of wireless sensor networks (WSNs) as a distributed computing paradigm. This paper presents an improved asynchronous duty-cycled MAC protocol for WSN. It adopts a novel dual preamble sampling (DPS) approach by combining low power listening (LPL) with short strobed preambles to significantly reduce idle listening in existing protocols. In our ns-2 based experiments, the performance of the proposed solution is compared with B-MAC and X-MAC, two most recent and popular asynchronous MAC protocols forWSNs. Depending on the traffic load and preamble length, the proposed DPS-MAC improves energy consumption significantly compared to X-MAC without degrading other network performances such as delivery ratio and latency. For example for the traffic rate of 0.1 packets/s and preamble length of 0.1s, the average improvement in energy consumption compared to X-MAC is about 154%.

O-MAC: An Organized Energy-Aware MAC Protocol for Wireless Sensor Networks

The efficient use of energy in wireless sensor networks is critical issue as the battery of a sensor node, in most cases, cannot be recharged or replaced after deployment. In order to detect an event, a sensor node spends most of the time in monitoring its environment, during which a significant amount of energy can be saved by placing the radio in the low power sleep mode when no reception and/or transmission of data is involved. In this paper, we discuss the design of a new MAC protocol for wireless sensor networks whose goal is to extend the lifetime of the network by avoiding major energy waste causes, such as collisions, overhearing and idle listening, without compromising other network performance measures such as network throughput. The performance of the protocol is studied by simulation and is compared to that of the well known S-MAC protocol which is designed to save energy and to the IEEE 802.11 protocol which is designed to maximize throughput.

Toward energy-efficient and trustworthy eHealth monitoring system

The rapid technological convergence between Internet of Things (IoT), Wireless Body Area Networks (WBANs) and cloud computing has made e-healthcare emerge as a promising application domain, which has significant potential to improve the quality of medical care. In particular, patient-centric health monitoring plays a vital role in e-healthcare service, involving a set of important operations ranging from medical data collection and aggregation, data transmission and segregation, to data analytics. This survey paper firstly presents an architectural framework to describe the entire monitoring life cycle and highlight the essential service components. More detailed discussions are then devoted to {\em data collection} at patient side, which we argue that it serves as fundamental basis in achieving robust, efficient, and secure health monitoring. Subsequently, a profound discussion of the security threats targeting eHealth monitoring systems is presented, and the major limitations of the existing solutions are analyzed and extensively discussed. Finally, a set of design challenges is identified in order to achieve high quality and secure patient-centric monitoring schemes, along with some potential solutions.

Detecting and Avoiding Wormhole Attacks in Optimized Link State Routing Protocol

A particularly severe attack on routing protocols in ad hoc networks is the so-called wormhole attack in which two or more colluding attacking nodes record packets at one location, and tunnel them to another location for a replay at that remote location. When this attack targets specifically routing control packets, the nodes that are close to the attackers are in effect shielded from finding any alternative routes to the remote location with more than one or two hops, and thus all the routes are directed to the wormhole established by the attackers. In optimized link state routing protocol (OLSR), if a wormhole attack is launched during the propagation of link state packets, the wrong link information propagates throughout the network, leading to routing disruption. In this paper, we devise an efficient method to detect and avoid wormhole attacks in the OLSR protocol. This method tries first to infer links that may potentially lead to wormhole tunnels. The proper wormhole detection was then be applied to suspicious links by means of an exchange of encrypted probing packets between the two supposed neighbors (endpoints of the wormhole). Our solution has several advantages since it does not require any time synchronization or location information and shows high detection rate under various scenarios.

Overlapping Clusters Algorithm in Ad Hoc Networks

Clustering allows efficient data routing and multi-hop communication among the nodes. In this paper, we propose Overlapping Clusters Algorithm (OCA) for mobile ad hoc networks. The goal of OCA is to achieve network reliability and load balancing. The algorithm consists of two discrete phases. The start-up phase takes battery and bandwidth capacity, transmission range, density, mobility, and buffer occupancy as input parameters to performs initial clustering for the entire network. The maintenance phase monitors the status of the network and keeps the network topology updated through local and global re-clustering. We compare the performance of OCA with Lowest ID, Highest Degree, WCA, and LCC algorithms in YAES simulator. The simulation results show that OCA outperforms all the compared algorithms in terms of network reliability and load distribution. The average numbers of global re-clusterings and reaffiliations were much lower in OCA than the other algorithms. However, OCA generates a larger number of clusters, which is expected considering that the nodes are allowed to be members of multiple clusters at the same time.