Srikanth V. Krishnamurthy

A framework for reliable routing in mobile ad hoc networks

Mobile ad hoc networks consist of nodes that are often vulnerable to failure. As such, it is important to provide redundancy in terms of providing multiple node-disjoint paths from a source to a destination. We first propose a modified version of the popular AODV protocol that allows us to discover multiple node-disjoint paths from a source to a destination. We find that very few of such paths can be found. Furthermore, as distances between sources and destinations increase, bottlenecks inevitably occur and thus, the possibility of finding multiple paths is considerably reduced. We conclude that it is necessary to place what we call reliable nodes (in terms of both being robust to failure and being secure) in the network for efficient operations. We propose a deployment strategy that determines the positions and the trajectories of these reliable nodes such that we can achieve a framework for reliably routing information. We define a notion of a reliable path which is made up of multiple segments, each of which either entirely consists of reliable nodes, or contains a preset number of multiple paths between the end points of the segment. We show that the probability of establishing a reliable path between a random source and destination pair increases considerably even with a low percentage of reliable nodes when we control their positions and trajectories in accordance with our algorithm.

Power management for throughput enhancement in wireless ad-hoc networks

We introduce the notion of power management within the context of wireless ad-hoc networks. More specifically, we investigate the effects of using different transmit powers on the average power consumption and end-to-end network throughput in a wireless ad-hoc environment. This power management approach would help in reducing the system power consumption and hence prolonging the battery life of mobile nodes. Furthermore, it improves the end-to-end network throughput as compared to other ad-hoc networks in which all mobile nodes use the same transmit power. The improvement is due to the achievement of a tradeoff between minimizing interference ranges, reduction in the average number of hops to reach a destination, reducing the probability of having isolated clusters, and reducing the average number of transmissions (including retransmissions due to collisions). The protocols would first dynamically determine an optimal connectivity range wherein they adapt their transmit powers so as to only reach a subset of the nodes in the network. The connectivity range would then be dynamically changed in a distributed manner so as to achieve the near optimal throughput. Minimal power routing is used to further enhance performance. Simulation studies are carried out in order to investigate these design approaches. It is seen a network with such a power managed scheme would achieve a better end-to-end throughput performance (about 10% improvement with a slotted aloha MAC protocol) and lower transmit power (about an 80% Improvement) than a network without such a scheme.

Distributed power control in ad-hoc wireless networks

Mobile ad-hoc networking involves peer-to-peer communication in a network with a dynamically changing topology. Achieving energy efficient communication in such a network is more challenging than in cellular networks since there is no centralized arbiter such as a base station that can administer power management. We propose and evaluate a power control loop, similar to those commonly found in cellular CDMA networks, for ad-hoc wireless networks. We use a comprehensive simulation infrastructure consisting of group mobility, group communication and terrain blockage models. A major focus of research in ad-hoc wireless networking is to reduce energy consumption because the wireless devices are envisioned to have small batteries and be incapable of energy scavenging. We show that this power control loop reduces energy consumption per transmitted byte by 10-20%. Furthermore, we show that it increases overall throughput by 15%.

Denial of Service Attacks in Wireless Networks: The Case of Jammers

The shared nature of the medium in wireless networks makes it easy for an adversary to launch a Wireless Denial of Service (WDoS) attack. Recent studies, demonstrate that such attacks can be very easily accomplished using off-the-shelf equipment. To give a simple example, a malicious node can continually transmit a radio signal in order to block any legitimate access to the medium and/or interfere with reception. This act is called jamming and the malicious nodes are referred to as jammers. Jamming techniques vary from simple ones based on the continual transmission of interference signals, to more sophisticated attacks that aim at exploiting vulnerabilities of the particular protocol used. In this survey, we present a detailed up-to-date discussion on the jamming attacks recorded in the literature. We also describe various techniques proposed for detecting the presence of jammers. Finally, we survey numerous mechanisms which attempt to protect the network from jamming attacks. We conclude with a summary and by suggesting future directions.

On the effectiveness of secret key extraction from wireless signal strength in real environments

We evaluate the effectiveness of secret key extraction, for private communication between two wireless devices, from the received signal strength (RSS) variations on the wireless channel between the two devices. We use real world measurements of RSS in a variety of environments and settings. The results from our experiments with 802.11-based laptops show that in certain environments, due to lack of variations in the wireless channel, the extracted bits have very low entropy making these bits unsuitable for a secret key, an adversary can cause predictable key generation in these static environments, and in dynamic scenarios where the two devices are mobile, and/or where there is a significant movement in the environment, high entropy bits are obtained fairly quickly. Building on the strengths of existing secret key extraction approaches, we develop an environment adaptive secret key generation scheme that uses an adaptive lossy quantizer in conjunction with Cascade-based information reconciliation and privacy amplification. Our measurements show that our scheme, in comparison to the existing ones that we evaluate, performs the best in terms of generating high entropy bits at a high bit rate. The secret key bit streams generated by our scheme also pass the randomness tests of the NIST test suite that we conduct. We also build and evaluate the performance of secret key extraction using small, low-power, hand-held devices-Google Nexus One phones-that are equipped 802.11 wireless network cards. Last, we evaluate secret key extraction in a multiple input multiple output (MIMO)-like sensor network testbed that we create using multiple TelosB sensor nodes. We find that our MIMO-like sensor environment produces prohibitively high bit mismatch, which we address using an iterative distillation stage that we add to the key extraction process. Ultimately, we show that the secret key generation rate is increased when multiple sensors are involved in the key extraction process.

Denial of service attacks at the MAC layer in wireless ad hoc networks

We analyze attacks that deny channel access by causing pockets of congestion in mobile ad hoc networks. Such attacks would essentially prevent one or more nodes from accessing or providing specific services. In particular, we focus on the properties of the popular medium access control (MAC) protocol, the IEEE 802.11x MAC protocol, which enable such attacks. We consider various traffic patterns that an intelligent attacker might generate in order to cause denial of service. We show that conventional methods used in wire-line networks are unable to help in prevention or detection of such attacks. Our analysis and simulations show that providing MAC layer fairness alleviates the effects of such attacks.

Split TCP for mobile ad hoc networks

The fairness and throughput of TCP suffer when it is used in mobile ad hoc networks. This is because TCP wrongly attributes packet losses due to link failures (a consequence of mobility) to congestion. The resulting overall degradation of throughput especially affects connections with a large number of hops, where link failures are more likely; thus, short connections enjoy an unfair advantage. Furthermore, if the IEEE 802.11 MAC protocol is used, the problems are exacerbated due to the protocol-induced capture effect, leading to greater unfairness and a further throughput degradation. We develop a scheme, called split TCP, which separates the TCP functions of congestion control and reliable packet delivery. For any TCP connection, certain nodes along the route take up the role of being proxies for that connection. The proxies buffer packets upon receipt and administer rate control. The buffering enables dropped packets to be recovered from the most recent proxy. The rate control helps in controlling congestion on inter-proxy segments. Thus, we emulate shorter TCP connections and can thereby achieve better parallelism in the network. Simulations show that the use of proxies improves the total throughput by as much as 30% in typical scenarios and reduces unfairness significantly. In terms of an unfairness metric that we introduce, the unfairness decreases from 0.8 to 0.2 (1.0 being the maximum unfairness). We conclude that incorporating TCP proxies is beneficial in terms of improving TCP performance in ad hoc networks.

A Cross-Layer Framework for Exploiting Virtual MISO Links in Mobile Ad Hoc Networks

Space-time communications can help combat fading and, hence, can significantly increase the capacity of ad hoc networks. Cooperative diversity or virtual antenna arrays facilitate spatio-temporal communications without actually requiring the deployment of physical antenna arrays. Virtual MISO entails the simultaneous transmission of appropriately encoded information by multiple nodes to effectively emulate a transmission on an antenna array. We present a novel multilayer approach for exploiting virtual MISO links in ad hoc networks. The approach spans the physical, medium access control and routing layers, and provides 1) a significant improvement in the end-to-end performance in terms of throughput and delay and 2) robustness to mobility and interference-induced link failures. The key physical layer property that we exploit is an increased transmission range due to achieved diversity gain. Except for space-time signal processing capabilities, our design does not require any additional hardware. We perform extensive simulations to quantify the benefits of our approach using virtual MISO links. As compared to using only SISO links, we achieve an increase of up to 150 percent in terms of the end-to-end throughput and a decrease of up to 75 percent in the incurred end-to-end delay. Our results also demonstrate a reduction in the route discovery attempts due to link failures by up to 60 percent, a direct consequence of the robustness that our approach provides to link failures

Scalable unidirectional routing with zone routing protocol (ZRP) extensions for mobile ad-hoc networks

Ad-hoc networks consist of peer-to-peer communicating nodes that are highly mobile. As such, an ad-hoc network lacks infrastructure and the topology of the network changes dynamically. The task of routing data from a source to a destination in such a network is challenging. Several routing protocols have been proposed for wireless ad-hoc networks. Most of these protocols, however, pre-suppose the presence of bi-directional links between the nodes in the network. In reality the ad-hoc network may consist of heterogeneous nodes with different power capabilities and hence, different transmission ranges. When this is the case, a given node might be able to receive the transmission of another given node but might not be able to successfully transmit to the latter. Thus, unidirectional links are formed. Most of the current routing protocols are unsuitable for deployment when such unidirectional links are present. We consider a routing protocol called the zone routing protocol (ZRP) that has been proposed for wireless ad-hoc networks with bi-directional links. The zone routing protocol employs a hybrid proactive (table driven) and reactive (on-demand) methodology to provide scalable routing in the ad-hoc network. However, in the presence of unidirectional links some routes remain undiscovered if ZRP is used. We propose extensions to ZRP to support its deployment when unidirectional links are present. In particular, we propose a query enhancement mechanism that recursively builds partial routes to a destination. Simulation results show that even at a high mobility of 20 m/s, the queries resulting due to the enhancement mechanism result in the computation of valid routes more than 80% of the time. These results are valid even when a large number (40% of nodes have half the transmission range as that of the remaining nodes) of unidirectional links are present in the network.

TrueLink: A Practical Countermeasure to the Wormhole Attack in Wireless Networks

In a wormhole attack, wireless transmissions are recorded at one location and replayed at another, creating a virtual link under attacker control. Proposed counter-measures to this attack use tight clock synchronization, specialized hardware, or overhearing, making them difficult to realize in practice. TrueLink is a timing based countermeasure to the wormhole attack. Using TrueLink, a node i can verify the existence of a direct link to an apparent neighbor, j. Verification of a link i harr j operates in two phases. In the rendezvous phase, the nodes exchange nonces alphaj and betai. This is done with tight timing constraints, within which it is impossible for attackers to forward the exchange between distant nodes. In the authentication phase, i and j transmit a signed message (alphaj,betai), mutually authenticating themselves as the originator of their respective nonce. TrueLink does not rely on precise clock synchronization, GPS coordinates, overhearing, geometric inconsistencies, or statistical methods. It can be implemented using only standard IEEE 802.11 hardware with a minor backwards compatible firmware update. TrueLink is meant to be used together with a secure routing protocol. Such protocols require an authentication mechanism, which will also be used by TrueLink. TrueLink is virtually independent of the routing protocol used. Our performance evaluation shows that TrueLink provides effective protection against potentially devastating wormhole attacks.