PA-SHWMP: a privacy-aware secure hybrid wireless mesh protocol for IEEE 802.11s wireless mesh networks
© Lin et al; licensee Springer. 2012
Received: 2 April 2011
Accepted: 28 February 2012
Published: 28 February 2012
Wireless mesh networks (WMNs) have emerged as a key technology for next generation wireless networks and provide a low-cost and convenient solution to the last-mile problem. Security and privacy issues are of paramount importance to WMNs for their wide deployment and for supporting service-oriented applications. Moreover, to support real-time services, WMNs must also be equipped with secure, reliable, and efficient routing protocols. Therefore, a number of research studies have been devoted to privacy-preserving routing protocols in WMNs. However, these studies cannot defend against inside attacks effectively, often take it for granted that every internal node is cooperative and trustworthy, and rarely consider dividing the user privacy information into different categories according to the security requirements. To address these issues, we propose a Privacy-Aware Secure Hybrid Wireless Mesh Protocol (PA-SHWMP), which combines a new dynamic reputation mechanism based on subject logic and uncertainty with the multi-level security technology. PA-SHWMP can defend against the internal attacks caused by compromised nodes and achieve stronger security and privacy protection while maintaining reasonable balances between security and performance. We analyze the PA-SHWMP protocol in terms of security, privacy, and performance. The simulation results show that the packet delivery ratio of the proposed PA-SHWMP becomes better than that of the existing HWMP and SHWMP protocols, when the number of malicious nodes and the percentage of lossy links increase. Moreover, the convergence time of PA-SHWMP is smaller than HWMP and SHWMP with any percentage of malicious mesh routers.
Keywordsprivacy protection wireless mesh networks routing
Wireless mesh networks (WMNs) have emerged as a key technology for the next generation wireless network and provide a low-cost and convenient solution to high-speed Internet access and applications such as web surfing, e-banking, e-commerce, teleconferencing, etc. [1, 2].
Data- and context-oriented privacy concerns may both be threatened by external and internal adversaries. External adversary eavesdrops the data communication between mesh routers in a WMN. Internal adversary is a participating mesh router captured and manipulated by malicious entities to compromise private information. External adversary can be effectively defended against by the traditional cryptographic encryption and authentication techniques. As to internal adversary, since a participating mesh router is allowed to decrypt data legally, the traditional encryption and authentication techniques may no longer be effective.
To address the aforementioned privacy protection challenge and to support real-time applications and smooth delivery of broadband services, WMNs must also be equipped with secure, reliable, and efficient routing protocols. However, security in routing or forwarding functionality is not specified in 802.11s-based WMN. The study in  identifies that existing Hybrid Wireless Mesh Protocol (HWMP) is vulnerable to various types of routing attacks. The main reason is that the intermediate mesh routers need to modify routing messages before forwarding and re-broadcasting them. Furthermore, due to the intrinsically open and distributed nature, WMNs are subject to various attacks from inside [3, 6].
In this article, we propose a Privacy-Aware Secure Hybrid Wireless Mesh Protocol (PA-SHWMP), which combines a new dynamic reputation mechanism based on subject logic [7, 8] and uncertainty  with multilevel security (MLS) technology [10, 11].
PA-SHWMP is an improvement of SHWMP introduced by Islam et al. . SHWMP uses cryptographic extensions to provide authenticity and integrity to HWMP routing messages and prevents unauthorized manipulation of mutable fields in the routing information elements. However, SHWMP is vulnerable to the attacks launched by the internal legitimate mesh routers. First, it assumes that all internal mesh routers cooperate with each other without interrupting the operation of protocol. Second, SHWMP uses a hop-by-hop authentication mechanism to provide security of the routing messages. Each mesh router decrypts received packets and re-encrypts them using its own key. In this scheme, the user privacy information is partly protected from eavesdroppers but known by mesh routers because of routing in the mesh backbone. Thus, an active attacker can compromise and control mesh routers to get the user privacy information. Different from SHWMP, PA-SHWMP relies on a hybrid usage of reputation mechanism built by subject logic and user privacy information classification mechanism according to MLS. By providing scalable security services to assure the authenticity, integrity, and secrecy of routing messages, PA-SHWMP can defend against the internal attacks caused by compromised mesh routers and achieve stronger security and privacy protection while maintaining reasonable balance between security and performance.
The rest of the article is organized as follows. We discuss a related study in Section 2. Introductions to subject logic and MLS are described in Section 3. Subsequently, the implementation of PA-SHWMP is given in Section 4. After that, the security and performance analysis are given in Section 5 and 6, respectively. Finally, we draw the concluding remarks in Section 7.
2. Related study
WMNs have become an important focus area of research owing to their promise in providing high-speed wireless connectivity everywhere and realizing numerous next-generation wireless services. Recently, research in WMNs has focused on developing high performance communication protocols. However, given the wireless and multi-hop nature of communication, WMNs are subject to a wide range of security and privacy threats.
Therefore, designing a secure, efficient, and privacy-protection routing protocol for WMNs is a big challenging task. So far, there has been tremendous research on secure routing for wireless networks such as adhoc networks or wireless sensor networks. However, they cannot provide specific security features for mesh networks and are still vulnerable to various types of routing attacks such as gray hole, route re-direction, spoofing, etc .
Capkun et al.  proposed a privacy-preserving scheme for hybrid adhoc networks, which are exactly WMNs. In the proposed scheme, each mobile node uses temporary public key pairs to establish pairwise secrets with its neighbors and the pairwise secrets in turn are used to build secure route. The scheme is unlikely to provide privacy protection for two reasons. First, some user privacy information has to be disclosed to access points, which makes malicious access point be able to track a specific mobile user. Second, within a time slot the pseudonyms of source and destination keep unchanged, so an adversary can link messages by them. Wu and Li  introduced a new structure named as "Onion ring" for WMNs. The scheme uses "Onion encryption" in a ring structure to avoid an adversary to distinguish the source and the destination nodes and to identify the misbehaving mesh routers. However, how to anonymously build the ring in the first place is not mentioned and topology dynamics may make it inefficient. In , a penalty-based shortest path routing protocol is proposed to achieve well-maintained balance between network performance and traffic privacy preservation. The scheme is only designed to use multiple paths for data delivery so that an adversary who is only able to observe a fraction of the traffic cannot obtain any meaningful information . Samad and Makram  proposed a protected neighborhood-based trust mechanism in clustered WMNs. The mechanism is based on neighborhood trust to gain required security and identification privacy in a clustered WMN. However, some privacy information of users has to be disclosed to the relay mesh routers, which makes malicious mesh routers be able to get the privacy information. Ren et al.  proposed PEACE, a novel privacy-enhanced yet accountable security framework, tailored for WMNs. PEACE is presented as a suite of authentication and key agreement protocols built upon short group signature variation. However, PEACE only secures the network from external attacks and takes it for granted that every internal node is cooperative and trustworthy. Sen  presented an efficient and reliable routing protocol that also provides user anonymity in WMNs. By robust estimation wireless link quality and the available bandwidth in the wireless route and exploiting the benefits of using multi-point relays and circular routing technique, the protocol is able to sustain a high level of throughput with a low control overhead. The user privacy is protected by using a novel anonymized authentication protocol. However, the proposed routing protocol cannot defend against inside attacks, in which two malicious nodes advertise in such a way as if they have a very reliable link between them.
From the analysis above, it can be summarized that the aforementioned work cannot effectively solve the privacy-related security problem of WMNs. What's more, the intrinsically open and distributed nature of WMNs raise some new privacy security challenges caused by inside attacks, which are neglected by the previous studies.
This section briefly describes subject logic and MLS used in PA-SHWMP.
3.1. Subject logic
Most of the routing protocols in WMNs assume that mesh routers are cooperative and trustworthy. In fact, some routers in WMNs behave maliciously by eavesdropping and decrypting the wirelessly transmitted data, which will cause a great threat on user's privacy and can lead to devastating consequences. Also, they behave selfishly by dropping packets originating from other mesh routers and only forwarding its own packets, to increase their share of available bandwidth. Consequently, it is necessary to develop some mechanisms to detect and isolate selfish and malicious nodes.
Reputation scheme is one of the techniques adopted to detect and isolate selfish and malicious nodes in WMNs. In reputation-based schemes, a node's behavior is measured by its neighbors using a watchdog mechanism . However, cooperative nodes sometimes are perceived as being selfish or malicious due to unreliable transmission in wireless networks. To deal with this issue, Jøsang et al.  proposed a method based on subjective logic for discovering trust networks between specific parties and Kane and Browne  successfully transplanted and applied subjective logic to a wireless network environment.
Belief and disbelief can be calculated by the collected evidence. The uncertainty reflects the confidence in node x's knowledge on node y; an uncertainty of 1.0 represents that a node has no basis for any conclusions. The base rate represents node x's willingness to believe node y, which determines how uncertainty is viewed as belief when the opinion is used. When an opinion is used in a decision, it is projected onto the belief/disbelief axis through its expectation E(ωx:y) = bx:y+ax:yux:y. A base rate of 0.0 causes uncertainty viewed as disbelief, while a base rate of 1.0 causes uncertainty viewed as belief. A base rate of 0.5 causes uncertainty viewed positively as actual belief.
In this article, we will use a base rate of 0.5, so that unknown nodes are by default assigned a median level of trust. For example, if an opinion is (0.6, 0.2, 0.2, 0.5), its expectation can be calculated as E(ωx:y) = bx:y+ax:yux:y= 0.6+0.5*0.2 = 0.7. An entirely uncertain opinion, (0.0, 0.0, 1.0, a x ) will always have an expectation equal to the base rate, as E(ωx:y) = bx:y+ax:yux:y= 0.0+1.0*ax:y= ax:y. The base rate then becomes the default opinion for unknown nodes.
In Defense Information System Agency (DISA), MLS is defined as a security system containing information with different security levels (SLs) and permits for simultaneous access by users. MLS systems are considered as one of the most secured systems, since it has overcome the operational limitations imposed by system-level operations. MLS includes five rules as follows .
An information system can store information about different classifications.
Users may have different authorizations and need to know the permits to process information.
Users cannot access information for which they do not have authorization, or do not need to know.
A subject can read from an object only if the subject's SL is not lower than the object's SL.
A subject can write to an object only if the subject's SL is not higher than the object's SL.
It allows users at each SL to receive appropriate information.
It protects data from malicious user.
It processes data in secure and appropriate ways.
It delivers data to the correct receiver without revealing any sensitive information.
It improves system efficiency.
4. The PA-SHWMP protocol
In PA-SHWMP, the user privacy information is divided into different categories according to the security requirements, which are diverse for different information to be transmitted under various circumstances, or with assorted available resources. Thus, it is able to provide balance between security and performance. To achieve the above purpose, a new field, SL as the indicator of security requirements, is added into the routing header to handle the security classifications for packets.
Routing process is to find the path from source to destination on which all the mesh routers meet the security requirements. Besides, to protect routing packets and user privacy information against attacks launched by the internal legitimate mesh routers, the protocol offers a subjective logic-based reputation mechanism for each mesh router to decide whether to provide services for incoming packets by querying the sender's reputation through their common neighbors and computing the expectation to estimate whether it is trustworthy or not.
All the packets exchanged through the network must have an SL which indicates the security requirements of the requested route.
All mesh routers must have an SL. The mesh router with a particular SL must only be allowed to transmit packets at the same level or a lower level.
The source may be any one of the participating mesh routers but can only send a packet with SL not higher than the SL of the source. This requirement can avoid bottleneck caused by mesh routers at lower SLs over-classify their packets with higher SL.
Each level is supplied with corresponding weight security services to assure the authenticity, integrity, and confidentiality of routing packets.
PA-SHWMP consists of the following three phases:
security classification and reputation computation;
It is the combination of above mechanisms that provides expected security and efficiency during route discovery and maintenance. The details of PA-SHWMP are described next.
4.1. Subjective logic-based reputation scheme
In this article, we propose a novel reputation scheme which incorporates uncertainty-based subjective logic into the reputation computing. Also, in order to differentiate between intentional packet drop and packet drop due to poor link quality, we integrate link quality into the proposed scheme.
Quality of wireless links computation
where d i is the smoothed delivery ratio, α is the smoothed constant, 0 <α < 1, N s is the number of successful transmissions during the measurement period of the i th cycle, NT is the total number of transmissions during the measurement period of the i th cycle.
In WMNs, nodes x and y are two neighboring nodes, the final opinion of x to y includes two components. One is the direct opinion , the other is the testimonies from other nodes, e.g., the recommended opinions .
Each node has its direct opinion on others. For an entirely unknown node or a new node, the default opinion assigned by its neighbors is (0.0, 0.0, 1.0, a).
If the interaction is a positive interaction,
If the interaction is an uncertain interaction,
If u ≥ δ, then
If b, d ≥ δ/2, then
Else if b <δ/2 and d ≥ δ/2, then
If the interaction is a negative interaction,
If u ≥ δ, then
Else if b ≥ δ/2 and d <δ/2, then
Else if b, d <δ/2, then
Where E(ωx:i) represents x's belief on i. The larger E(ωx:i) will make bigger impact on the reputation computation result. For those untrustworthy nodes, their expectations are very small, so their recommending opinions will have little impacts on the reputation computation result, which prevents retaliations or badmouth from occurring after untrustworthy nodes are rejected.
where β is a weight, which determines how much the direct opinion impacts on the final opinion .
In PA-SHWMP, a trusted identity manager is pre-loaded, while every participating mesh router pre-loads an identity table. The identity table provides information about peering mesh routers in the network. Each entry of the table describes the identity of a specific mesh router by binding the following information together with the mesh router: IP address, SL, public key, and valid time period. Moreover, the mesh routers at higher SL have keys related to its own level and all the lower levels. The trusted identity manager has to reflect the current bindings of mesh routers in the WMNs, and mesh routers need to contact the identity manager when the service is available to keep the freshness and correctness of the identity table. Also, according to aforementioned assumptions, each mesh router participating in the protocol must be assigned a certain SL based on its hierarchic ranking or the role it plays in WMNs.
Appropriate mechanisms should be applied to guarantee the secure communications between mesh routers and the security manager. However, it is not our concern in this article.
4.3. Path selection
Prior to communicate with another mesh router in the network, the source constructs a message and labels it with an SL which indicates the security requirements on the requested route. The protocol checks whether the SL satisfies the condition of assumption 3. If not, the source must modify the SL and broadcast a PREQ (path request) packet to its neighbors.
y sends a Path_Request message to one of its neighbors x.
After receiving Path_Request successfully, x performs different formulae according to its type. If x is trustworthy, it performs formula (I); if x is untrustworthy, it performs formula (II).
x retrieves its direct opinion from its local reputation table and calculates the expectation .
If , x sends an Accept message to y and provides the requested service, and y records a positive interaction with x; else, x invokes the reputation query procedure.
x broadcasts a Reputation_Query to the common neighbor nodes with y for the their recommending opinions on y and waits for a time interval T.
Any node k whose uncertainty of its direct opinion is less than 1.0 sends its direct opinion to x.
After the time interval T, x weights each received recommended opinions using (4), integrates them into a recommended opinion using (5), and combines the direct opinion with the recommended opinion using (6) or (7). Finally, x obtains the final opinion .
After obtaining the final opinion , x calculates its expectation . If , x sends an Accept message to y and provides the requested service, and y records a positive interaction with x; otherwise, x sends a Refuse message to y, and y records a negative interaction with x.
If the coin flip indicates to cooperate, x sends an Accept message to y and provides the requested service, and y records a positive interaction with x.
If the coin flip indicates not to cooperate, x refuses to provide service to y, and y records a negative interaction with x.
If the expectation of a mesh router y, E(ω y ) <γ, y is perceived as untrustworthy. It is temporarily excluded from the network so that it is put into a probation state and can be forced to cooperate. Initially the probation period is T, which is the same as the period of reputation query. At the end of T, y is given another chance to calculate its expectation E(ω y ), if E(ω y ) is still less than γ, then y is put into another probation state for a longer period (2T). Therefore, the probation period of an untrustworthy mesh router is doubled on every subsequent offence until it reaches a maximum value Tmax, then it is permanently excluded from the network.
So far, the overall workflow of our proposed scheme is completed. Untrustworthy wireless mesh routers in WMNs are detected and isolated.
Finally, the intermediate trustworthy mesh routers compare the value of SL from received PREQ with their own SL's. If the SL of an intermediate mesh router does not meet the requirements of the SL in the original PREQ, it cannot participate in the route discovery and has to drop the PREQ. In other words, only mesh routers with higher SL can be used as a relay mesh router by mesh routers with lower SL, but not vise versa. Each mesh router can only retrieve parts of users' private information within the limit of its own SL. Without being exposed the entire user's identity when nonessential information is disclosed, the security of a user will not be threatened. The user remains a certain level of anonymity and keeps its private information under the umbrella. For example, if a package has a lowest security requirement RESTRITED on a route, then any mesh router in the WMNs has the qualification to participate in the route discovery. In such situation, the path with the shortest distance will be selected. If a package's security requirement is SECRET, then only the mesh routers with higher SL such as SECRET or TOP SECRET are allowed to relay it. When the PREQ reaches the destination, the destination sends a PREP back to the mesh router from which it received the PREQ. The mesh router forwards the PREP packet, also establishes a routing table entry for the destination, with the offered route security associated.
With the MLS and uncertainty-based subjective logic mechanisms PA-SHWMP is able to send packets with various sensitivities via paths that implement corresponding security guarantees. However, in order to enforce the protocol working as designed and protect the network against certain vulnerabilities, the link security authentication mechanism is also needed.
As described in , the secure path selection process includes on-demand and proactive modes. In the on-demand mode, S first creates a Merkle tree whose leaves are the hash of mutable fields of PREQ message and a MAC on the root of the Merkle tree using the GTK. Then, it broadcasts PREQ. Upon receiving the PREQ, any neighbor mesh router authenticates the mutable fields by hashing the values received in an ordered way, creates a MAC on it using the shared GTK and compares with the received MAC value of the root. If the two values match, the mesh router, where the PREQ is from, is authenticated. Finally, the mesh routers update the mutable fields and create Merkle trees from the modified fields. They also decrypt the non-mutable part and re-encrypt it with their own broadcast key and broadcast it following the same rules. After authenticating and receiving the PREQ, the destination updates the mutable fields, creates Merkle Tree, and unicasts a PREP message using the same principle with PTK in the reverse path.
In the Proactive RANN mode, the broadcast message RANN uses GTK to protect the non-mutable fields and authenticate the mutable fields. After receiving the RANN message, the MP that needs to setup a path to the root MP unicasts a PREQ to the root MP. On receiving each PREQ, the root MP replies with a PREP.
5. Security analysis
The security of the proposed routing protocol is based on the subjective logic and MLS technology. The subjective logic-based reputation mechanism makes use of querying the sender's reputation through their common neighbors and computing the expectation to decide whether to provide services for incoming packets while keeping the user privacy. On the other hand, the MLS divides the user privacy information into different categories according to the security requirements. The mesh router with a particular SL must only be allowed to transmit packets and get user privacy information at the same level or a lower level. Therefore, it delivers data to the correct receiver without revealing any sensitive information.
Equipped with protection features, the route messages as well as the user privacy information are protected from insiders. Packets and privacy information can only be recognized by legitimate mesh routers and opened by the expected destination mesh router.
In the following, we will discuss the security features of our protocols, including Route disruption and diversion attack, flooding attack, and impersonation attack.
Route disruption and diversion attack: route disruption and diversion attack aims to prevent discovering route between two legitimate mesh routers or divert traffic to malicious mesh routers by modifying the mutable fields in routing messages. A malicious mesh router can modify the metric field value to zero on the PREQ message and re-broadcast it. After receiving the modified PREQ, the destination mesh router will choose the malicious mesh router as the next hop in the reverse path and unicast PREP to the malicious mesh router. In this occasion, the malicious mesh router can disrupt the route discovery by dropping the valid PREP message destined for the source mesh router and all traffic to the destination mesh router will be diverted through the attacker. In PA-SHWMP, mutable fields in the routing information are authenticated in each hop, and only mesh routers that meet the security requirement embedded in the packets can participate in the route discovery phase. If there is any malicious modification on the value of a mutable field, it will be readily detected by the next hop by comparing the new MAC with the received one and the modified packet will be discarded. Also by encrypting certain fields at higher SL, read-up violation at the malicious mesh routers with lower SL can be prevented from interpreting the packets without higher-level key. With these methods, it is impossible to launch a route disruption and diversion attack that caused by the malicious behavior of a mesh router through modification of a mutable field and dropping routing information.
Flooding attack: Flooding attack aims to consume the network bandwidth and degrade the overall throughput by flooding the network with PREQ messages destined to an address which is not present in the network. In the sequel, intermediate mesh routers rebroadcast PREQ and within a short time the network is flooded with fake requests. In PA-SHWMP, participants only accept packets processed by a mesh router which meets the security requirement and is considered to be trustworthy. Moreover, the packets are signed with a private key or a group key. Therefore, a malicious mesh router cannot participate in the routing process or initiate a route discovery process with a destination address that is not in the network. Again, as the routing information is encrypted during transmission, a malicious mesh router cannot insert a new destination address.
Impersonation attack: Only inside attackers can do impersonation attack. If a mesh router is compromised, the attacker can use the compromised privacy information to masquerade as any other mesh client. In PA-SHWMP, only the source and destination can sign with its own private key, routers cannot spoof other routers in route instantiation and ensure that only the destination can respond to route discovery. This prevents either the source or the destination from spoofing.
6. Performance analysis
1000 × 1000 m2
Total number of wireless nodes
Maximum number of malicious nodes
Base rate a
Weight factor β
Maximum cooperation rate of selfish nodes θ
Reputation query period T
Isolation time Tmax
We consider the following performance metrics:
Packet delivery ratio (PDR): Ratio of the number of data packets received at the destinations to the number of data packets generated by the CBR sources. It in turn determines the efficiency of the protocol to discover routes successfully.
Path acquisition delay: Time required to establish a route from source to destination which actually measures the delay between sending a PREQ/proactive PREQ to a destination and the receipt of corresponding PREP.
End-to-end delay: Average delay experienced by a data packet from a source to destination. Note that, end-to-end delay includes all the delays including medium access delay, processing delays at intermediate mesh routers, etc.
False positive rate: It is defined as the percentage of number of cooperative mesh routers wrongly detected as selfish or malicious out of the total number of cooperative mesh routers in the network. It is desirable for this rate to be as small as possible.
Convergence time: Another factor of interest is convergence time, which is the time for cooperative wireless mesh routers to detect and throttle selfish or malicious wireless mesh routers completely. It is desirable for this time to be as small as possible.
Simulations have been run over ten times with random seeds. The performance metrics used in our proposed scheme are then collected and averaged. To ensure a valid comparison, the sequence of random seeds is the same and the only variation is the choice of parameters.
In this article, we have investigated the problem of privacy preserving routing in WMNs and proposed a routing protocol, called PA-SHWMP to provide privacy protection and security in WMNs. PA-SHWMP is based on subjective logic and MLS technology and consists of three phases: (1) security classification and reputation computation; (2) packet authentication; (3) routing confidentiality. Relying on the hybrid usage of reputation mechanism and user privacy information classification mechanism, PA-SHWMP can provide scalable security services to assure the authenticity, integrity, and secrecy of routing packets and defend against the internal attacks caused by compromised mesh routers. Detailed security analysis and performance evaluation demonstrate that the proposed PA-SHWMP is secure, privacy preserving, and efficient. More specifically, the simulation results show that the PDR of the proposed PA-SHWMP becomes better than that of the existing HWMP and SHWMP protocols, when the number of malicious nodes and the percentage of lossy links increase. In addition, the convergence time of PA-SHWMP is smaller than HWMP and SHWMP with any percentage of malicious mesh routers.
The authors would like to thank the anonymous reviewers and the editor for their constructive comments that have helped us to improve this article. This study was supported by the Key Program of NSFC-Guangdong Union Foundation (U1135002), Major national S&T program (2011ZX03005-002), the National Natural Science Foundation of China (60872041, 61072080, 61072066), and the Fundamental Research Funds for the Central Universities (JY10000903001).
- Akyildiz IF, Wang X, Wang W: Wireless mesh networks: a survey. Comput Netw 2005, 47(4):445-487. 10.1016/j.comnet.2004.12.001View ArticleGoogle Scholar
- Lou W, Ren K: Security, privacy, and accountability in wireless access networks. IEEE Wirel Commun Mag 2009, 16: 80-87.Google Scholar
- Wan Z, Ren K, Zhu B, Preneel B, Gu M: Anonymous user communication for privacy protection in wireless metropolitan mesh networks. IEEE Trans Veh Technol 2010, 59(2):519-532.View ArticleGoogle Scholar
- Islam MS, Hamid MA, Hong CS: SHWMP: a secure hybrid wireless mesh protocol for IEEE 802.11s wireless mesh networks. Trans Comput Sci VI 2009, 5730: 95-114. 10.1007/978-3-642-10649-1_6View ArticleGoogle Scholar
- Li N, Zhang N, Das SK, Thuraisingham B: Privacy preservation in wireless sensor networks: a state-of-the-art survey. Ad Hoc Netw 2009, 7: 1501-1514. 10.1016/j.adhoc.2009.04.009View ArticleGoogle Scholar
- Khan S, Loo KK, Mast N, Naeem T: SRPM: secure routing protocol for IEEE 802.11 infrastructure based wireless mesh networks. Netw Syst Manag 2010, 18(2):190-209. 10.1007/s10922-009-9143-3View ArticleGoogle Scholar
- Kane P, Browne PC: Using uncertainty in reputation methods to enforce cooperation in ad-hoc networks. In Proc of the 5th ACM Workshop on Wireless Security. New York, NY, USA; 2006:105-113.View ArticleGoogle Scholar
- Liu Yining, Li Keqiu, Jin Yingwei, Zhang Yong, Qu Wenyu: A novel reputation computation model based on subjective logic for mobile ad hoc networks. Future Generation Comput Syst 2011, 27(5):547-554. 10.1016/j.future.2010.03.006View ArticleGoogle Scholar
- Li F, Wu J: Uncertainty modeling and reduction in MANETs. IEEE Trans Mob Comput 2010, 9(7):1035-1048.View ArticleGoogle Scholar
- Li H, Dhawan AP: Mosar: a secured on-demand routing protocol for mobile multilevel ad hoc. Int J Netw Secur 2010, 10(2):121-134.Google Scholar
- Li C, Wang Z, Yang C: Secure routing for wireless mesh networks. Int J Netw Secur 2011, 13(2):109-120.Google Scholar
- Capkun S, Hubaux J, Jakobsson M: Secure and privacy preserving communication in hybrid ad hoc networks. EPFL-IC Technical report IC/2004/10 2004.Google Scholar
- Wu X, Li N: Achieving privacy in mesh networks. In Proc of the fourth ACM Workshop on Security of Ad hoc and Sensor Networks (SASN'06). New York, NY, USA; 2006:13-22.View ArticleGoogle Scholar
- Wu T, Xue Y, Chi Y: Preserving traffic privacy in wireless mesh networks. In Proc of International Symposium WoWMoM. Washington, DC, USA; 2006:449-461.Google Scholar
- Samad F, Makram SA: Protection based on neighborhood-trust in clustered wireless mesh networks. In Proc of Third International Conference on Next Generation Mobile Applications, Services and Technologies (NGMAST). Cardiff, Wales, UK; 2009:487-493.View ArticleGoogle Scholar
- Ren K, Yu S, Lou W, Zhang Y: PEACE: a novel privacy-enhanced yet accountable security framework for metropolitan wireless mesh networks. IEEE Trans Parallel Distrib Syst 2010, 21(2):203-215.View ArticleGoogle Scholar
- Sen J: An efficient and user privacy-preserving routing protocol for wireless mesh networks. Int J Scalable Comput Practice Exp 2011, 11(4):345-358. (Special Issue on Network and Distributed Systems)Google Scholar
- Jøsang A, Hayward R, Pope S: Trust network analysis with subjective logic. Proc of the 29th Australasian Computer Science Conference, CRPIT Volume 48, Hobart, Australia 2006, 85-94.Google Scholar
- Shafer G: A Mathematical Theory of Evidence. Princeton University Press, Princeton, NJ; 1976.Google Scholar
- Lu W-P, Sundareshan MK: A model for multilevel security in computer networks. IEEE Trans Softw Eng 1990, 16(6):647-659. 10.1109/32.55093View ArticleGoogle Scholar
- Islam MS, Yoon YJ, Hamid MA, Hong CS: A secure hybrid wireless mesh protocol for 802.11s mesh network. Proc of ICCSA 2008, LNCS 5072, Davis, CA 2008, 972-985.Google Scholar
- IEEE 802.11s Task Group 2009.Google Scholar
- Kim K, Shin KG: On accurate measurement of link quality in multi-hop wireless mesh networks. In Proc of the 12th Annual International Conference on Mobile Computing and Networking (MobiCom'06). Los Angeles, CA, USA; 2006:38-49.View ArticleGoogle Scholar
- Chen M: OPNET Network Simulation. Beijing Tsinghua University Press, China; 2004.Google Scholar
- Johnson DB, Maltz DA: Dynamic source routing in ad hoc wireless networks. Mob Comput 1996, 353: 153-181. 10.1007/978-0-585-29603-6_5View ArticleGoogle Scholar
This article is published under license to BioMed Central Ltd. This is an Open Access article distributed under the terms of the Creative Commons Attribution License (http://creativecommons.org/licenses/by/2.0), which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.