A secure authentication and billing architecture for wireless mesh networks

Wireless mesh networks (WMNs) are gaining growing interest as a promising technology for ubiquitous high-speed network access. While much effort has been made to address issues at physical, data link, and network layers, little attention has been paid to the security aspect central to the realistic deployment of WMNs. We propose UPASS, the first known secure authentication and billing architecture for large-scale WMNs. UPASS features a novel user-broker-operator trust model built upon the conventional certificate-based cryptography and the emerging ID-based cryptography. Based on the trust model, each user is furnished with a universal pass whereby to realize seamless roaming across WMN domains and get ubiquitous network access. In UPASS, the incontestable billing of mobile users is fulfilled through a lightweight realtime micropayment protocol built on the combination of digital signature and one-way hash-chain techniques. Compared to conventional solutions relying on a home-foreign-domain concept, UPASS eliminates the need for establishing bilateral roaming agreements and having realtime interactions between potentially numerous WMN operators. Our UPASS is shown to be secure and lightweight, and thus can be a practical and effective solution for future large-scale WMNs. Yanchao Zhang received the B.E. degree in Computer Communications from Nanjing University of Posts and Telecommunications, Nanjing, China, in July 1999, and the M.E. degree in Computer Applications from Beijing University of Posts and Telecommunications, Beijing, China, in April 2002. Since September 2002, he has been working towards the Ph.D. degree in the Department of Electrical and Computer Engineering at the University of Florida, Gainesville, Florida, USA. His research interests are network and distributed system security, wireless networking, and mobile computing, with emphasis on mobile ad hoc networks, wireless sensor networks, wireless mesh networks, and heterogeneous wired/wireless networks. Yuguang Fang received the BS and MS degrees in Mathematics from Qufu Normal University, Qufu, Shandong, China, in 1984 and 1987, respectively, a Ph.D degree in Systems and Control Engineering from Department of Systems, Control and Industrial Engineering at Case Western Reserve University, Cleveland, Ohio, in January 1994, and a Ph.D degree in Electrical Engineering from Department of Electrical and Computer Engineering at Boston University, Massachusetts, in May 1997. From 1987 to 1988, he held research and teaching position in both Department of Mathematics and the Institute of Automation at Qufu Normal University. From September 1989 to December 1993, he was a teaching/research assistant in Department of Systems, Control and Industrial Engineering at Case Western Reserve University, where he held a research associate position from January 1994 to May 1994. He held a post-doctoral position in Department of Electrical and Computer Engineering at Boston University from June 1994 to August 1995. From September 1995 to May 1997, he was a research assistant in Department of Electrical and Computer Engineering at Boston University. From June 1997 to July 1998, he was a Visiting Assistant Professor in Department of Electrical Engineering at the University of Texas at Dallas. From July 1998 to May 2000, he was an Assistant Professor in the Department of Electrical and Computer Engineering at New Jersey Institute of Technology, Newark, New Jersey. In May 2000, he joined the Department of Electrical and Computer Engineering at University of Florida, Gainesville, Florida, where he got early promotion to Associate Professor with tenure in August 2003, and to Full Professor in August 2005. His research interests span many areas including wireless networks, mobile computing, mobile communications, wireless security, automatic control, and neural networks. He has published over one hundred and fifty (150) papers in refereed professional journals and conferences. He received the National Science Foundation Faculty Early Career Award in 2001 and the Office of Naval Research Young Investigator Award in 2002. He also received the 2001 CAST Academic Award. He is listed in Marquis Who’s Who in Science and Engineering, Who’s Who in America and Who’s Who in World. Dr. Fang has actively engaged in many professional activities. He is a senior member of the IEEE and a member of the ACM. He is an Editor for IEEE Transactions on Communications, an Editor for IEEE Transactions on Wireless Communications, an Editor for IEEE Transactions on Mobile Computing, an Editor for ACM Wireless Networks, and an Editor for IEEE Wireless Communications. He was an Editor for IEEE Journal on Selected Areas in Communications: Wireless Communications Series, an Area Editor for ACM Mobile Computing and Communications Review, an Editor for Wiley International Journal on Wireless Communications and Mobile Computing, and Feature Editor for Scanning the Literature in IEEE Personal Communications. He has also actively involved with many professional conferences such as ACM MobiCom’02 (Committee Co-Chair for Student Travel Award), MobiCom’01, IEEE INFOCOM’06, INFOCOM’05 (Vice-Chair for Technical Program Committee), INFOCOM’04, INFOCOM’03, INFOCOM’00, INFOCOM’98, IEEE WCNC’04, WCNC’02, WCNC’00 (Technical Program Vice-Chair), WCNC’99, IEEE Globecom’04 (Symposium Co-Chair), Globecom’02, and International Conference on Computer Communications and Networking (IC3N) (Technical Program Vice-Chair).     

Heuristic approach for broadcast scheduling,problem in wireless mesh networks

Disasters can be natural and human-initiated events that interrupt the usual functioning of people on a large scale. Region where disasters have occurred causes hazards to the public of that area and to the rescue teams. Disaster causes the damage to the communication network infrastructure also. Once the communication infrastructure is damaged, it is very difficult to the rescue teams to actively involve in relief operation. To handle these hazards, different wireless technologies can be initiated in the area of disaster. This paper discusses the innovative wireless technology for disaster management. Specifically, issues related to the broadcast scheduling problem in wireless mesh network is deployed efficiently during disaster relief are discussed. A domain specific memetic algorithm is proposed for solving the optimum time division multiple access broadcast scheduling problem in wireless mesh networks. The aim is to increase the total number of transmissions in optimized time slot with high channel utilization in a less computation time. Simulation results showed that our memetic algorithm approach to this problem achieves 100% convergence to solutions within reduced computation time while compared to recent efficient algorithms. The results were compared with several heuristic and non-heuristic algorithms for broadcast scheduling problem.     

High-throughput multicast routing metrics in wireless mesh networks

The stationary nature of nodes in a mesh network has shifted the main design goal of routing protocols from maintaining connectivity between source and destination nodes to finding high-throughput paths between them. Numerous link-quality-based routing metrics have been proposed for choosing high-throughput routing paths in recent years. In this paper, we study routing metrics for high-throughput tree or mesh construction in multicast protocols. We show that there is a fundamental difference between unicast and multicast routing in how data packets are transmitted at the link layer, and accordingly how the routing metrics for unicast routing should be adapted for high-throughput multicast routing. We propose a low-overhead adaptive online algorithm to incorporate link-quality metrics to a representative multicast routing protocol. We then study the performance improvement achieved by using different link-quality-based routing metrics via extensive simulation and experiments on a mesh-network testbed, using ODMRP as a representative multicast protocol.Our extensive simulation studies show that: (1) ODMRP equipped with any of the link-quality-based routing metrics can achieve higher throughput than the original ODMRP. In particular, under a tree topology, on average, ODMRP enhanced with link-quality routing metrics achieve up to 34% higher throughput than the original ODMRP under low multicast sending rate; (2) the improvement reduces to 21% under high multicast sending rate due to higher interference experienced by the data packets from the probe packets; (3) heavily penalizing lossy links is an effective way in the link-quality metric design to avoid low-throughput paths; and (4) the path redundancy from a mesh data dissemination topology in mesh-based multicast protocols provides another degree of robustness to link characteristics and reduces the additional throughput gain achieved by using link-quality-based routing metrics. Finally, our experiments on an eight-node testbed show that on average, ODMRP using SPP and PP achieves 14% and 17% higher throughput over ODMRP, respectively, validating the simulation results.     

Secure group communication in wireless mesh networks

Wireless mesh networks (WMNs) have emerged as a promising technology that offers low-cost community wireless services. The community-oriented nature of WMNs facilitates group applications, such as webcast, distance learning, online gaming, video conferencing, and multimedia broadcasting. Security is critical for the deployment of these services. Previous work focused primarily on MAC and routing protocol security, while application-level security has received relatively little attention. In this paper we focus on providing data confidentiality for group communication in WMNs. Compared to other network environments, WMNs present new challenges and opportunities in designing such protocols. We propose a new protocol framework, Secure Group Overlay Multicast (SeGrOM), that employs decentralized group membership, promotes localized communication, and leverages the wireless broadcast nature to achieve efficient and secure group communication. We analyze the performance and discuss the security properties of our protocols. We demonstrate through simulations that our protocols provide good performance and incur a significantly smaller overhead than a baseline centralized protocol optimized for WMNs.     

Dynamic agent-based hierarchical multicast for wireless mesh networks

We propose and analyze a multicast algorithm named Dynamic Agent-based Hierarchical Multicast (DAHM) for wireless mesh networks that supports user mobility and dynamic group membership. The objective of DAHM is to minimize the overall network cost incurred. DAHM dynamically selects multicast routers serving as multicast agents for integrated mobility and multicast service management, effectively combining backbone multicast routing and local unicast routing into an integrated algorithm. As the name suggests, DAHM employs a two-level hierarchical multicast structure. At the upper level is a backbone multicast tree consisting of mesh routers with multicast agents being the leaves. At the lower level, each multicast agent services those multicast group members within its service region. A multicast group member changes its multicast agent when it moves out of the service region of the current multicast agent. The optimal service region size of a multicast agent is a critical system parameter. We propose a model-based approach to dynamically determine the optimal service region size that achieves network cost minimization. Through a comparative performance study, we show that DAHM significantly outperforms two existing baseline multicast algorithms based on multicast tree structures with dynamic updates upon member movement and group membership changes.     

Minimum latency joint scheduling and routing in wireless sensor networks

Wireless sensor networks are expected to be used in a wide range of applications from environment monitoring to event detection. The key challenge is to provide energy efficient communication; however, latency remains an important concern for many applications that require fast response. In this paper, we address the important problem of minimizing average communication latency for the active flows while providing energy-efficiency in wireless sensor networks. As the flows in some wireless sensor network can be long-lived and predictable, it is possible to design schedules for sensor nodes so that nodes can wake up only when it is necessary and asleep during other times. Clearly, the routing layer decision is closely coupled to the wakeup/sleep schedule of the sensor nodes. We formulate a joint scheduling and routing problem with the objective of finding the schedules and routes for current active flows with minimum average latency. By constructing a novel delay graph, the problem can be solved optimally by employing the M node-disjoint paths algorithm under FDMA channel model. We further present extensions of the algorithm to handle dynamic traffic changes and topology changes in wireless sensor networks.     

An efficient channel assignment algorithm for multicast wireless mesh networks

Multicast can enhance the performance of wireless mesh networks (WMNs) effectively, which has attracted great attentions in recent years. However, multicast communication in WMNs requires efficient channel assignment strategy to reduce the total network interference and maximize the network throughput. In this paper, the concept of local multicast is proposed to measure interference and solve hidden channel problem in multicast communication. Basing on the concept, we propose a channel assignment algorithm considering the interference of local multicast and forwarding weight of each node (LMFW). The algorithm fully considers partially overlapped channels and orthogonal channels to improve the network performance. Simulations show that the proposed algorithm can reduce interference and improve network capacity of WMNs.     

分布式队列服务算法在无线网状网包调度中的应用

根据无线网状网的包调度特点,结合已有的差分队列服务算法和分布式贝尔曼-福特算 法,将有线网络中的差分队列服务算法改进为分布式队列服务算法（DQS）,使之实用于无 线网状网中多任务条件下实现系统的吞吐量最大化。仿真实验证明了DQS算法能有效地避免 传统多径传输中的按“类”或 “流”来进行调度的缺陷,有效地减少了数据包的端到端 延时和缓冲区需求,尤其是DQS算法的实际平均吞吐量性能有了很大的提高。     

Mitigating the gateway bottleneck via transparent cooperative caching in wireless mesh networks

Wireless mesh networks (WMNs) have been proposed to provide cheap, easily deployable and robust Internet access. The dominant Internet-access traffic from clients causes a congestion bottleneck around the gateway, which can significantly limit the throughput of the WMN clients in accessing the Internet. In this paper, we present MeshCache, a transparent caching system for WMNs that exploits the locality in client Internet-access traffic to mitigate the bottleneck effect at the gateway, thereby improving client-perceived performance. MeshCache leverages the fact that a WMN typically spans a small geographic area and hence mesh routers are easily over-provisioned with CPU, memory, and disk storage, and extends the individual wireless mesh routers in a WMN with built-in content caching functionality. It then performs cooperative caching among the wireless mesh routers.We explore two architecture designs for MeshCache: (1) caching at every client access mesh router upon file download, and (2) caching at each mesh router along the route the Internet-access traffic travels, which requires breaking a single end-to-end transport connection into multiple single-hop transport connections along the route. We also leverage the abundant research results from cooperative web caching in the Internet in designing cache selection protocols for efficiently locating caches containing data objects for these two architectures. We further compare these two MeshCache designs with caching at the gateway router only.Through extensive simulations and evaluations using a prototype implementation on a testbed, we find that MeshCache can significantly improve the performance of client nodes in WMNs. In particular, our experiments with a Squid-based MeshCache implementation deployed on the MAP mesh network testbed with 15 routers show that compared to caching at the gateway only, the MeshCache architecture with hop-by-hop caching reduces the load at the gateway by 38%, improves the average client throughput by 170%, and increases the number of transfers that achieve a throughput greater than 1 Mbps by a factor of 3.     

Stability and sensitivity for congestion control in wireless mesh networks with time varying link capacities

A critical challenge for wireless mesh networks is the design of efficient transport protocols that provide high bandwidth utilization and desired fairness in the multi-hop, wireless environment. While extensive efforts have been devoted to providing optimization based, distributed congestion control schemes for efficient bandwidth utilization and fair allocation in both wireline and wireless networks, a common assumption therein is fixed link capacities. This unfortunately will limit the application scope in wireless mesh networks where channels are ever changing. In this paper, we explicitly model link capacities to be time varying and investigate congestion control problems in multi-hop wireless networks. In particular we propose a primal–dual congestion control algorithm which is proved to be trajectory stable in the absence of feedback delay. Different from system stability around a single equilibrium point, trajectory stability guarantees the system is stable around a time varying reference trajectory. Moreover, we obtain sufficient conditions for the scheme to be locally stable in the presence of delay. Our key technique is to model time variations of capacities as perturbations to a constant link. Furthermore, to study the robustness of the algorithm against capacity variations, we investigate the sensitivity of the control scheme and through simulations to study the tradeoff between stability and sensitivity.     

Nodes organization for channel assignment with topology preservation in multi-radio wireless mesh networks

The wireless mesh network is a new emerging broadband technology providing the last-mile Internet access for mobile users by exploiting the advantage of multiple radios and multiple channels. The throughput improvement of the network relies heavily on the utilizing the orthogonal channels. However, an improper channel assignment scheme may lead to network partition or links failure. In this paper we consider the assignment strategy with topology preservation by organizing the mesh nodes with available channels, and aim at minimizing the co-channel interference in the network. The channel assignment with the topology preservation is proved to be NP-hard and to find the optimized solution in polynomial time is impossible. We have formulated a channel assignment algorithm named as DPSO-CA which is based on the discrete particle swarm optimization and can be used to find the approximate optimized solution. We have shown that our algorithm can be easily extended to the case with uneven traffic load in the network. The impact of radio utilization during the channel assignment process is discussed too. Extensive simulation results have demonstrated that our algorithm has good performance in both dense and sparse networks compared with related works.     

无线mesh网络安全研究

无线mesh网络（wireless mesh networks,WMN）是下一代网络中的新型技术,和传统网络不同,它不依赖任何固定的设施,主机可以相互依赖保持网络连接,WISP可以利用它提供快速、简单、低廉的网络部署,然而存在一个主要的问题是容易遭受攻击。介绍了无线mesh网络的体系机构以及特点,分析并研究其存在的安全性威胁以及现有的关键安全解决机制。     

Routing and transmission scheduling for minimizing broadcast delay in multirate wireless mesh networks using directional antennas

Using directional antennas to reduce interference and improve throughput in multihop wireless networks has attracted much attention from the research community in recent years. In this paper, we consider the issue of minimum delay broadcast in multirate wireless mesh networks using directional antennas. We are given a set of mesh routers equipped with directional antennas, one of which is the gateway node and the source of the broadcast. Our objective is to minimize the total transmission delay for all the other nodes to receive a broadcast packet from the source, by determining the set of relay nodes and computing the number and orientations of beams formed by each relay node. We propose a heuristic solution with two steps. Firstly, we construct a broadcast routing tree by defining a new routing metric to select the relay nodes and compute the optimal antenna beams for each relay node. Then, we use a greedy method to make scheduling of concurrent transmissions without causing beam interference. Extensive simulations have demonstrated that our proposed method can reduce the broadcast delay significantly compared with the methods using omnidirectional antennas and single‐rate transmission. In addition, the results also show that our method performs better than the method with fixed antenna beams. Copyright © 2012 John Wiley & Sons, Ltd.     

Responsive on-line gateway load-balancing for wireless mesh networks

We propose an adaptive online load-balancing protocol for multi-gateway Wireless Mesh Networks (WMNs) which, based on the current network conditions, balances load between gateways. Traffic is balanced at the TCP flow level and, as a result, the aggregate throughput, average flow throughput and fairness of flows improves. The proposed scheme (referred to as Gateway Load-Balancing, GWLB) is highly responsive, thanks to fast gateway selection and the fact that current traffic conditions are maintained up-to-date at all times without any overhead. It also effectively takes into account intra-flow and inter-flow interference when switching flows between gateway domains. We have found the performance achievable by routes used after gateway selection to be very close to the performance of optimal routes found by solving a MINLP formulation under the protocol model of interference. Through simulations, we analyze performance and compare with a number of proposed strategies, showing that GWLB outperforms them. In particular, we have observed average flow throughput gains of 128% over the nearest gateway strategy.     

TIDS: threshold and identity-based security scheme for wireless ad hoc networks

As various applications of wireless ad hoc network have been proposed, security has received increasing attentions as one of the critical research challenges. In this paper, we consider the security issues at network layer, wherein routing and packet forwarding are the main operations. We propose a novel efficient security scheme in order to provide various security characteristics, such as authentication, confidentiality, integrity and non-repudiation for wireless ad hoc networks. In our scheme, we deploy the recently developed concepts of identity-based signcryption and threshold secret sharing. We describe our proposed security solution in context of dynamic source routing (DSR) protocol. Without any assumption of pre-fixed trust relationship between nodes, the ad hoc network works in a self-organizing way to provide key generation and key management services using threshold secret sharing algorithm, which effectively solves the problem of single point of failure in the traditional public-key infrastructure (PKI) supported system. The identity-based signcryption mechanism is applied here not only to provide end-to-end authenticity and confidentiality in a single step, but also to save network bandwidth and computational power of wireless nodes. Moreover, one-way hash chain is used to protect hop-by-hop transmission.     

Analysis of TCP performance on multi-hop wireless networks: A cross layer approach

In Multi-Hop Wireless Networks (MHWNs), wireless nodes cooperate to forward traffic between end points that are not in direct communication range. Specifically, traffic is forwarded from a source towards its destination through intermediate nodes that form a wireless multi-hop chain. Researchers have studied the performance of TCP over chains discovering properties such as how the number of hops reduces chain throughput as neighboring links contend for the shared medium. Moreover, the presence of hidden terminals has also been shown to negatively affect performance of example chains. In this paper, we leverage recent characterization of how competing wireless links interact to develop an in-depth analysis of TCP performance over wireless chains. In particular, there are a number of possible modes of interference between competing links with distinct implications on performance and fairness; to our knowledge, this is the first work that studies the impact of these different modes on TCP chain performance. We classify chains according to interference modes considering both the forward (data) and reverse (acknowledgment) traffic. Chain geometry limits the types of chains that arise most frequently in practice. We evaluate TCP performance over the most frequently occurring chain types and observe significant performance differences between chains that have the same hop count. Different four-hop chains, for example, show a throughput difference of up to 25% and a retransmission overhead difference of over 90%. We discuss the implications of these differences on network performance: specifically, route instability and bandwidth usage generated. We extend this analysis to two single-hop TCP flows and quantify the effect of interference interactions between two flows. This study is a first step towards completely understanding the performance of multiple TCP flows over multiple hops in a MHWN.     

A fast and reliable routing technique for wireless mesh networks

In wireless mesh networks (WMNs), real time communications (e.g., Voice over IP (VoIP) and interactive video communications) may often be interrupted as packets are frequently lost or delayed excessively. This usually happens due to the unreliability of wireless links or buffer overflows along the routing paths. The mesh connectivity within the WMN enables the capability to enhance reliability and reduce delay for such applications by using multiple paths for routing their packets. The vital components in multi‐path routing for achieving this are the pre‐determined formation of paths and the technique that the paths are deployed for packet traversal. Therefore, we propose a novel multi‐path routing protocol by introducing a new multi‐path organization and a traffic assignment technique. The designed technique dubbed as FLASH (Fast and reLiAble meSH routing protocol) discovers one primary path between a pair of source and destination based on a new proposed metric, and thereafter selects mini‐paths, which connect pairs of intermediate nodes along the primary path. The primary path and mini‐paths are concurrently deployed, as multiple copies of packets are routed through. This technique compensates for possible outage at intermediate wireless nodes or their corresponding wireless links along the primary path. Routing along mini‐paths is performed in such a way that redundant copies do not cause an excessive congestion on the network. The effectiveness of the proposed scheme is evaluated analytically and through extensive simulations under various load conditions. The results demonstrate the superiority of the proposed multi‐path organization in terms of reliability and satisfactory achievements of the protocol in enhancing delay and throughput compared to the existing routing protocols, especially for long distances and in congested conditions. Copyright © 2010 John Wiley & Sons, Ltd.     

VoIP traffic in wireless mesh networks: a MOS‐based routing scheme

Support of Voice over Internet Protocol (VoIP) services in wireless mesh networks requires implementation of efficient policies to support low‐delay data delivery. Multipath routing is typically supported in wireless mesh networks at the network level to provide high fault tolerance and load balancing because links in the proximity of the wireless mesh gateways can be very stressed and overloaded, thus causing scarce performance. As a consequence of using multipath solutions, lower delay and higher throughput can be supported also when a given path is broken because of mobility or bad channel conditions, and alternative routes are available. This can be a relevant improvement especially when assuming that real‐time traffic, such as VoIP, travels into the network. In this paper, we address the problem of Quality of Service (QoS) support in wireless mesh networks and propose a multipath routing strategy that exploits the Mean Opinion Score (MOS) metric to select the most suitable paths for supporting VoIP applications and performing adaptive load balancing among the available paths to equalize network traffic. Performance results assess the effectiveness of the proposed approach when compared with other existing methodologies. Copyright © 2015 John Wiley & Sons, Ltd.     

Protocols and architectures for channel assignment in wireless mesh networks

The use of multiple channels can substantially improve the performance of wireless mesh networks. Considering that the IEEE PHY specification permits the simultaneous operation of three non-overlapping channels in the 2.4 GHz band and 12 non-overlapping channels in the 5 GHz band, a major challenge in wireless mesh networks is how to efficiently assign these available channels in order to optimize the network performance. We survey and classify the current techniques proposed to solve this problem in both single-radio and multi-radio wireless mesh networks. This paper also discusses the issues in the design of multi-channel protocols and architectures.     

Cross‐layer optimization for CDMA/TDD wireless mesh networks

This paper proposes a new cross‐layer optimization algorithm for wireless mesh networks (WMNs). CDMA/TDD (code division multiple access/time division duplex) is utilized and a couple of TDD timeslot scheduling schemes are proposed for the mesh network backbone. Cross‐layer optimization involves simultaneous consideration of the signal to interference‐plus‐noise ratio (SINR) at the physical layer, traffic load estimation and allocation at medium access control (MAC) layer, and routing decision at the network layer. Adaptive antennas are utilized by the wireless mesh routers to take advantage of directional beamforming. The optimization formulation is subject to routing constraints and can be solved by general nonlinear optimization techniques. Comparisons are made with respect to the classic shortest‐path routing algorithm in the network layer. The results reveal that the average end‐to‐end successful packet rate (SPR) can be significantly improved by the cross‐layer approach. The corresponding optimized routing decisions are able to reduce the traffic congestion. Copyright © 2010 John Wiley & Sons, Ltd.