Mohamad Sbeiti

Performance analysis of mesh routing protocols for UAV swarming applications

Unmanned Aerial Vehicles (UAVs) are an emerging technology offering new opportunities for innovative applications and efficient overall process management in the areas of public security, cellular networks and surveying. A key factor for the optimizations yielded by this technology is an advanced mesh network design for fast and reliable information sharing between UAVs. In this paper, we analyze the performance of four available mesh routing protocol implementations (open80211s, BATMAN, BATMAN Advanced and OLSR) in the context of swarming applications for UAVs. The protocols are analyzed by means of goodput in one static and one mobile scenario using the same embedded hardware platform installed at UAVs in current research projects. Our results show that layer-2 protocols suit better for mobile applications in comparison to layer-3. On the other hand, they often cause routing flippings, which are unwanted route changes, in static scenarios imposing a small performance decrease. Hence, given the aforementioned routing protocols, we recommend to currently use open80211s or batman-advanced to establish a reliable multi-hop mesh network for swarming applications.

PASER: Secure and Efficient Routing Approach for Airborne Mesh Networks

Low-altitude unmanned aerial vehicles (UAVs) combined with WLAN mesh networks (WMNs) have facilitated the emergence of airborne network-assisted applications. In disaster relief, they are key solutions for (1) on-demand ubiquitous network access and (2) efficient exploration of sized areas. Nevertheless, these solutions still face major security challenges as WMNs are prone to routing attacks. Consequently, the network can be sabotaged, and the attacker might manipulate payload data or even hijack the UAVs. Contemporary security standards, such as the IEEE 802.11i and the security mechanisms of the IEEE 802.11s mesh standard, are vulnerable to routing attacks as we experimentally showed in previous works. Therefore, a secure routing protocol is indispensable for making feasible the deployment of UAV-WMN. As far as we know, none of the existing research approaches have gained acceptance in practice due to their high overhead or strong assumptions. Here, we present the position-aware, secure, and efficient mesh routing approach (PASER). Our proposal prevents more attacks than the IEEE 802.11sΓi security mechanisms and the well-known, secure routing protocol ARAN, without making restrictive assumptions. In realistic UAV-WMN scenarios, PASER achieves similar performance results as the well-established, nonsecure routing protocol HWMP combined with the IEEE 802.11s security mechanisms.

Performance evaluation of PASER — An efficient secure route discovery approach for wireless mesh networks

In emergency and rescue operations, wireless mesh networks are attracting increased attention as a high-performance and low-cost solution for ubiquitous network access. In this paper, we evaluate the novel secure mesh route discovery protocol PASER, which has been designed to address the mesh network security in such critical environments. The protocol aims to set up reliable ad-hoc routes between network nodes and to combat unauthorized nodes of manipulating the route look-up process. Especially, its lightweight symmetric authentication scheme is noteworthy. The protocol is investigated together with the well-established routing protocols AODV, DYMO, BATMAN and OLSR under various scenario conditions and different attacks. In contrast to its counterparts, the results show that PASER is able to secure the network without noticeable computational overhead. On top of that, the paper reveals that PASER outperforms its counterparts in many cases in terms of packet delivery ratio and maximum end-to-end delay.

One stone two birds: On the security and routing in Wireless Mesh Networks

Wireless Mesh Networks (WMNs) have been a major research focus in the recent years leading to a profusion of protocol proposals. While most existing implementations address routing aspects, none of the proposals addressing security aspects have gained acceptance in practice, due to their high overhead or strong assumptions. To cope with security issues in current WMN deployments, well-known non-secure routing protocols such as HWMP, BATMAN or OLSR could be combined with the security frameworks of the IEEE802.11s or the IEEE802.11i standards. In this paper, we analyze the impact of both security frameworks on the performance of WMNs in simulation and in a real testbed. Besides, we experimentally show that both frameworks do not mitigate the blackhole and wormhole attacks. In addition, we demonstrate that an efficient secure routing protocol combined with a dynamic key management scheme are inevitable to establish reliable WMNs.

A Novel Role- and Certificate-Based Single Sign-On System for Emergency Rescue Operations

In large scale disaster management operations with hundreds and thousands of victims, fast access to distributed heterogeneous information of different organizations is required for efficient and reliable dispensation of rescue operations. The development of such emergency systems poses a big challenge, if requirements such as performance, security and reliability have to be fulfilled simultaneously. In this paper, we propose a novel Role integrated Certificate-based Single Sign-On (RC-SSO) solution for fast mobile access between first responders at the incident scene and their distributed organizations. Beside the illustration of operational details of the RC-SSO solution, we validate our concept by implementing an experimental prototype as proof-of-concept for a limited number of users. Furthermore, we design a simulation model to determine the performance boundary of our solution under high user density. In contrast to other related emergency system solutions, our approach does not employ a so-called Identity Provider (IDP) for authentication and authorization process and thus reduces additional communication cost as well. A comparison of our proposed solution to an IDP based classical single sign-on counterparts i.e. Security Assertion Markup Language (SAML) shows that our RC-SSO outperforms these by up to 80%. In addition RC-SSO ensures high data security level with negligible overhead compared to the standard security protocol SSL/TLS.

VLX: A novel virtual localization extension for geographical leash-based secure routing in indoor Wireless Mesh scenarios

Emergency and rescue organizations are giving Wireless Mesh Networks (WMNs) increased attention as the key technology to realize network connectivity anywhere, anytime with simplicity and low cost. The WMNs capability for self-organization significantly reduces the complexity of network deployment and maintenance, and thus requires minimal upfront investment. On the other hand, this characteristic makes WMNs prone to a new type of attacks, namely wormhole. While geographical leash-based secure routing such as PASER provides protection against wormhole in outdoor scenarios, in indoor scenarios, this method is ineffective since the geographical position of nodes is not always known (no GPS). For this end, we propose in this paper an efficient security extension (VLX) to secure WMNs routing against wormhole in indoor scenarios using a novel virtual localization technology. We extend the secure routing protocol PASER with our novel approach and evaluate it in different scenarios. The results show that VLX has negligible to no side effect in outdoor scenarios. It provides nearly the same level of security indoors as geographical leashes outdoors. It grants legitimate indoor nodes access to the network despite the lack of their geographical information. It has a light overhead and it is not sensitive to low outdoor to indoor node ratios.

ROUTE-O-MATIC: A comprehensive framework for reactive mesh routing protocols

This paper outlines the implementation design and performance evaluation of ROUTE-O-MATIC, a comprehensive framework for reactive mesh routing on Linux. This framework provides a set of necessary but not natively supported services and interfaces for the development of mesh routing protocols on Linux. In wireless mesh networks, especially in mobile scenarios, reactive ad-hoc routing protocols are used to discover routes on demand between mesh nodes. Those protocols depend on special features for which the current network subsystem of Linux is not designed. These include among others an interface to notify about a required route discovery to a certain host, and a buffer to temporarily store all data while the route discovery is performed. The ROUTE-O-MATIC framework adds these features to the Linux kernel. Additionally, the framework offers a Link Layer Feedback support, which reports every transmission failure in order to accelerate the detection of broken links. The frameworks performance is investigated on an x86 and ARM based embedded hardware. The results show that the time overhead of ROUTE-O-MATIC is significantly low.

The Agony of Choice: Behaviour Analysis of Routing Protocols in Chain Mesh Networks

In recent years, routing in wireless mesh networks has been a focal point of research leading to a profusion of protocol proposals. Choosing the appropriate protocol and finding the optimal parameterization for a given network pose a major challenge in practice. This paper investigates the performance of well-established non-secure routing protocols (such as OLSR, BATMAN and HWMP) and the secure protocol PASER in chain mesh networks. A thorough analysis of the behaviour of the protocols is carried out and parameterization optimizations are derived. The results justifies that reactive or hybrid routing protocols perform better than proactive routing protocols in chain mesh networks having static source-destination pairs and moderate number of forwarding hops. HWMP is the best candidate in such networks in case security is not a concern. Otherwise, due to security flaws of the IEEE802.11 security frameworks as we experimentally show, PASER is a more suitable candidate.