Jalel Ben-Othman

Detection of Jamming Attacks in Wireless Ad Hoc Networks Using Error Distribution

Mobile ad hoc networks are a new wireless networking paradigm for mobile hosts. Unlike traditional mobile wireless networks, ad hoc networks do not rely on any fixed infrastructure. Instead, hosts rely on each other to keep the network connected. The military tactical and other security-sensitive operations are still the main applications of ad hoc networks. One main challenge in design of these networks is their vulnerability to Denial-of-Service (DoS) attacks. In this paper, we consider a particular class of DoS attacks called Jamming. The objective of a jammer is to interfere with legitimate wireless communications. A jammer can achieve this goal by either preventing a real traffic source from sending out a packet, or by preventing the reception of legitimate packets. We propose in this study a new method of detection of such attack by the measurement of error distribution.

Data security in ad hoc networks using multipath routing

In this paper, we introduce a solution for securing data in ad hoc networks. We exploit the existence of multiple paths between nodes in an ad hoc network to increase the robustness of transmitted data confidentiality. In ad hoc networks, security depends on several parameters and reaching a good security degree is a hard task. Recently, there are several proposed solutions treating authentication, availability, secure routing and intrusion detection etc, in ad hoc networks. An overview of some current solutions, implementation details and experimental results are discussed in this paper.

Admission control mechanism and performance analysis based on stochastic automata networks formalism

IEEE 802.16 has been designed to support QoS (Quality of Service) in Wireless broadband Metropolitan Networks (WMAN), and specifically in the access networks. To achieve this, the IEEE 802.16.e amendment introduces the service differentiation by five service classes (UGS, ertPS, rtPS, nrtPS and BE). To maintain the QoS of active connections and to avoid any congestion in the network, an Admission Control (AC) is defined. AC aims to accept or reject a new connection according to the negotiated parameters and the availability of resources in the network. This mechanism is not standardized and let to the operators. We tackle this point, by proposing in this study a new Admission Control (AC) that improves the QoS of BE traffic by avoiding a strict bandwidth assignment of other traffics (rtPS and nrtPS) as is defined in major previous studies. The proposed mechanism is based on token bucket for rtPS, nrtPS and BE traffics in order to reduce lightly the number of accepted connections and to improve considerably the number of accepted BE connections. To evaluate the performance of the proposed scheme, we use PEPS (Performance Evaluation of Parallel Systems) which is a powerful tool based on models which can be described with Stochastic Automata Networks (SAN). PEPS can solve complex models with a large state space and with many synchronized events. Therefore, we show that this tool is suitable for wireless network, and specifically for the proposed scheme, toward numerical results we show as we expected that our proposed AC outperform the classical one by reducing lightly the performance of other service classes.

Q-HWMP: Improving End-to-End QoS for 802.11s Based Mesh Networks

Wireless mesh network (WMNs) are an emerging technology, presented mainly as a way to build a multi-hop network based on an infrastructure. IEEE has developed a draft 802.11s describing the enhancement of the IEEE 802.11 for mesh networks. This new standard aims to create a new wireless configuration that manages the topology, the quality of radio link and the routing. For routing, two path selection protocols HWMP (Hybrid Wireless Mesh Protocol) and RA-OLSR (Radio-Aware Optimized Link State Routing) are considered. The both routing protocols are inadequate for multimedia applications, such as video conferencing, which is often requiring guaranteed Quality of Service (QoS). QoS routing requires not only finding a best route from a source to a destination according to some criteria (like AirTime metric, hop numbers, etc.) , which is the case of HWMP, but a route that satisfies the end-to-end QoS requirement, often given in terms of bandwidth or delay. This paper tackles this last point by improving the HWMP protocol that handles QoS for real time applications. The goal of the proposed enhancement is to increase the bandwidth utilization and to avoid any network congestions. The method is based on the evaluation of QoS parameters as end-to-end delay or remaining bandwidth and to determine if they can fit with the real time application. Simulation results show that the proposed solution outperform classical HWMP.

A Real Time Adaptive Scheduling Scheme for Multi-Service Flows in WiMAX Networks

In this paper we propose an efficient multi-service scheduling scheme called real-time adaptive scheduler (RTAS) for WiMAX service classes. It is based on deficit round robin with an adaptive quantum according to the QoS requirement of each considered service. Our scheduler assures fairness between the different class of services on either uplink or downlink TDD frame. Simulation results show the achieved fairness and the adaptation with real-time characteristics of data traffic.

On Securing HWMP Using IBC

In this paper, we propose a security mechanisms for the Hybrid-Wireless-Mesh Protocol (HWMP). Our mechanisms is based on the Identity Based Crytography. The motivation behind using IBC is that it eliminates the need to verify the authenticity of public keys. We have implemented the IBC technique to secure control message in HWMP, namely RREQ and RREP. In these Control messages, we interested only by the mutable fields (i.e. fields that an changing during control packet exchange). Throuhg simulation, we have evaluted the performance of our security mechanism in terms of control overhead, and does not induce too much overhead compared to the original HWMP (i.e. without security).

Defending method against jamming attack in wireless ad hoc networks

Mobile ad hoc networks (MANETs) are dynamic mobile networks that can be formed in the absence of any pre-existing communication infrastructure. MANETs are vulnerable to jamming attack due to their salient characteristics. The objective of a jammer is to interfere with legitimate wireless communications, and to degrade the overall QoS of the network. In this paper, we propose a new method to react at jamming attacks. The military has long dealt with jamming by using frequency-hopping spread spectrum communication. Unlike frequency hopping that takes place at the PHY layer, our purpose takes place at the MAC layer.

Traffic Policing Based on Token Bucket Mechanism for WiMAX Networks

In large scale networks like the IEEE 802.16 (WiMAX), monitoring the amount of traffic within the network is an important task. By controlling the amount of network traffic, congestion can be largely decreased. Therefore, the fulfilment of Quality of Service (QoS) requirement for each traffic classis guaranteed. In this study we propose a traffic policer based on token bucket concept for WiMAX. Token bucket parameters (token rate and bucket size) are adjusted according to the traffic characteristics of each traffic class individually. Simulation results show that our traffic policing technique greatly enhances network performance. It decreases the average delay for real time traffic like rtPS, and by consequence reduces data drop probability due to missed deadlines. It also decreases data loss probability for non real time service class like nrtPS.

A New Architecture of Wireless Mesh Networks Based IEEE 802.11s Directional Antennas

This paper tackle the problem of coverage in IEEE 802.11 in mesh mode. Instead of omnidirectional coverage, we propose to use directional coverage that can increase the distance between the nodes. The use of directional antenna have two main advantages. The first is to increase the performance of QoS of considered services. The second is that using directional antenna allows to improve the spatial reuse of the wireless channel, which allows nodes to communicate simultaneously without interference, and potentially establish links between nodes far away from each other, and the number of routing hops can be fewer than that of omnidirectional antennas. We also propose an new amendment to reduce the routing overhead related to the use of multiple interfaces. We have evaluated the performance of the proposed architecture and we show with numerical results that the use of directional coverage outperform the omnidirectional coverage.

A multi-service MAC protocol in a multi-channel CSMA/CA for IEEE 802.11 networks

The IEEE 802.11 wireless standard uses the carrier sense multiple access with collision avoidance (CSMA/CA) as its MAC protocol (during the distributed coordination function period). This protocol is an adaptation of the CSMA/CD of the wired networks. CSMA/CA mechanism cannot guarantee quality of service (QoS) required by the application because of its random access method. In this study, we propose a new MAC protocol that considers different types of traffic (e.g., voice and data) and for each traffic type different priority levels are assigned. To improve the QoS of IEEE 802.11 MAC protocols over a multi-channel CSMA/CA, we have developed a new admission policy for both voice and data traffics. This protocol can be performed in direct sequence spread spectrum (DSSS) or frequency hopping spread spectrum (FHSS). For voice traffic we reserve a channel, while for data traffic the access is random using a CSMA/CA mechanism, and in this case a selective reject and push-out mechanism is added to meet the quality of service required by data traffic. To study the performance of the proposed protocol and to show the benefits of our design, a mathematical model is built based on Markov chains. The system could be represented by a Markov chain which is difficult to solve as the state-space is too large. This is due to the resource management and user mobility. Thus, we propose to build an aggregated Markov chain with a smaller state-space that allows performance measures to be computed easily. We have used stochastic comparisons of Markov chains to prove that the proposed access protocol (with selective reject and push-out mechanisms) gives less loss rates of high priority connections (data and voices) than the traditional one (without admission policy and selective reject and push-out mechanisms). We give numerical results to confirm mathematical proofs.