Efficient Packet-Drop Thwarting and User-Privacy Preserving Protocols for Multi-hop Wireless Networks
Mahmoud, Mohamed Mohamed Elsalih Abdelsalam
MetadataShow full item record
In multi-hop wireless network (MWN), the mobile nodes relay others’ packets for enabling new applications and enhancing the network deployment and performance. However, the selfish nodes drop the packets because packet relay consumes their resources without benefits, and the malicious nodes drop the packets to launch Denial-of-Service attacks. Packet drop attacks adversely degrade the network fairness and performance in terms of throughput, delay, and packet delivery ratio. Moreover, due to the nature of wireless transmission and multi-hop packet relay, the attackers can analyze the network traffic in undetectable way to learn the users’ locations in number of hops and their communication activities causing a serious threat to the users’ privacy. In this thesis, we propose efficient security protocols for thwarting packet drop attacks and preserving users’ privacy in multi-hop wireless networks. First, we design a fair and efficient cooperation incentive protocol to stimulate the selfish nodes to relay others’ packets. The source and the destination nodes pay credits (or micropayment) to the intermediate nodes for relaying their packets. In addition to cooperation stimulation, the incentive protocol enforces fairness by rewarding credits to compensate the nodes for the consumed resources in relaying others’ packets. The protocol also discourages launching Resource-Exhaustion attacks by sending bogus packets to exhaust the intermediate nodes’ resources because the nodes pay for relaying their packets. For fair charging policy, both the source and the destination nodes are charged when the two nodes benefit from the communication. Since micropayment protocols have been originally proposed for web-based applications, we propose a practical payment model specifically designed for MWNs to consider the significant differences between web-based applications and cooperation stimulation. Although the non-repudiation property of the public-key cryptography is essential for securing the incentive protocol, the public-key cryptography requires too complicated computations and has a long signature tag. For efficient implementation, we use the public-key cryptography only for the first packet in a series and use the efficient hashing operations for the next packets, so that the overhead of the packet series converges to that of the hashing operations. Since a trusted party is not involved in the communication sessions, the nodes usually submit undeniable digital receipts (proofs of packet relay) to a centralized trusted party for updating their credit accounts. Instead of submitting large-size payment receipts, the nodes submit brief reports containing the alleged charges and rewards and store undeniable security evidences. The payment of the fair reports can be cleared with almost no processing overhead. For the cheating reports, the evidences are requested to identify and evict the cheating nodes. Since the cheating actions are exceptional, the proposed protocol can significantly reduce the required bandwidth and energy for submitting the payment data and clear the payment with almost no processing overhead while achieving the same security strength as the receipt-based protocols. Second, the payment reports are processed to extract financial information to reward the cooperative nodes, and contextual information such as the broken links to build up a trust system to measure the nodes’ packet-relay success ratios in terms of trust values. A node’s trust value is degraded whenever it does not relay a packet and improved whenever it does. A node is identified as malicious and excluded from the network once its trust value reaches to a threshold. Using trust system is necessary to keep track of the nodes’ long-term behaviors because the network packets may be dropped normally, e.g., due to mobility, or temporarily, e.g., due to network congestion, but the high frequency of packet drop is an obvious misbehavior. Then, we propose a trust-based and energy-aware routing protocol to route traffics through the highly trusted nodes having sufficient residual energy in order to establish stable routes and thus minimize the probability of route breakage. A node’s trust value is a real and live measurement to the node’s failure probability and mobility level, i.e., the low-mobility nodes having large hardware resources can perform packet relay more efficiently. In this way, the proposed protocol stimulates the nodes not only to cooperate but also to improve their packet-relay success ratio and tell the truth about their residual energy to improve their trust values and thus raise their chances to participate in future routes. Finally, we propose a privacy-preserving routing and incentive protocol for hybrid ad hoc wireless network. Micropayment is used to stimulate the nodes’ cooperation without submitting payment receipts. We only use the lightweight hashing and symmetric-key-cryptography operations to preserve the users’ privacy. The nodes’ pseudonyms are efficiently computed using hashing operations. Only trusted parties can link these pseudonyms to the real identities for charging and rewarding operations. Moreover, our protocol protects the location privacy of the anonymous source and destination nodes. Extensive analysis and simulations demonstrate that our protocols can secure the payment and trust calculation, preserve the users’ privacy with acceptable overhead, and precisely identify the malicious and the cheating nodes. Moreover, the simulation and measurement results demonstrate that our routing protocols can significantly improve route stability and thus the packet delivery ratio due to stimulating the selfish nodes’ cooperation, evicting the malicious nodes, and making informed decisions regarding route selection. In addition, the processing and submitting overheads of the payment-reports are incomparable with those of the receipts in the receipt-based incentive protocols. Our protocol also requires incomparable overhead to the signature-based protocols because the lightweight hashing operations dominate the nodes’ operations.