The Research On Key Technologies In Wireless Mesh Networks Security

Wireless Mesh Networks (WMNs) have emerged as a key technology for next generation wireless networking. Because of their advantages over other wireless networks, WMNs are undergoing rapid progress and inspiring numerous applications. However, many technical issues still exist in this field.The emergence of Wireless Mesh Networks facilitates another major leap with a very broad application prospects, and it has get more and more attention from academia and industry in recent years.WMNs, however, suffers from security, due to its multi-hop and Wireless transmission character. These security issues have highly impact for the popularization of WMNs. The research of security technologies in Wireless Mesh Networks has important theoretical and practical significance. WMNs originate from the Ad hoc network, and inherit the WLAN technology. Therefore, the security threats it faces are similar with the above two network technologies. There are also significant differences, so security mechanisms of Wireless Mesh Network are needed to be re-designed.In this thesis, our object is to construct a safe, reliable Wireless Mesh Network. Based on in-depth analysis of the Wireless Mesh Network security framework and research status, we propose a number of new ideas and solutions on the security of the Wireless Mesh Network.In order to ensure the availability of networks, we design a selfish behavior detection mechanism, a link congestion detection algorithm and a hidden terminal/exposed terminal detection algorithm for WMNs. In order to improve the secure level of Wireless Mesh Networks, this thesis presents the intrusion detection mechanisms and authentication mechanisms.The main contributions of this thesis are as follows:(1) Selfish behavior detection in Wireless Mesh Network We establish of single node and multi-node collaboration selfish behavior model in the MAC layer for Wireless Mesh Networks. The detection mechanisms and algorithms can detect "smart" selfish behavior. We analyze the characteristics of multi-node collaboration selfish behavior in the Wireless Mesh Network, and propose a detection algorithm, based on the cluster. The algorithm can greatly alleviate the impact on network performance (fairness, throughput) of selfish behavior.(2) Fault detection in Wireless Mesh NetworkWe need to detect network faults to improve the availability of WMNs. There are faults, including link congestion, hidden terminal/exposed terminal, and external noise interference. Faults can be caused by many reasons, including open wireless medium, network topology and MAC mechanisms and so on. Therefore, we analyze and summarize the reason of link congestion, hidden terminal / exposed terminal and the noise. The local distributed detection algorithms are proposed. The network topology, signal to noise ratio, and network flow are used for statistical analysis and calculation to detect the network faults.(3) Cross-layer intrusion detection in Wireless Mesh NetworkWhen the other security measures can't prevent malicious attacks in the Wireless Mesh Networks, the intrusion detection technology is needed to detect the attacks. However, there are high false positives rate and other issues. In this thesis, the data in different layers are used as the audit to detect in the cross-layer intrusion detection system. In the system, the data from physical layer, MAC layer and network layer is used for different attacks. To reduce false positives rate that is caused due to network faults, we import the results of fault detection in IDS.(4) The authentication technology in Wireless Mesh NetworkThe mobile clients can roam in Wireless Mesh Networks. But certification process is too long for real-time application in Wireless Mesh Networks. There exists a tradeoff problem of insecurity and excessive handoff delay with IEEE 802.11i protocol using username / password method in Wireless Mesh Network. This thesis presents a digital certificate-based fast optimization authentication solution which is based on pre-certification / pre-configured security fast handoff protocol. Fast authentication optimization solution allows users to handoff between the access points, and ensures clients to access the network with the smaller delay. Pre-Certification / Pre-configuration mechanism allows clients to get the information about network configuration and certification.(5) System design and implementationTo verify the validity of our work in real environment, we build a prototype system of WMNs. Platform uses a router YH-WMR V1.0 which is designed with our own independent intellectual property rights. Intrusion detection system, fault detection, authentication and authority are implemented in the wireless mesh router. The practical test results demonstrate that the proposed security technologies in Wireless Mesh Network can improve the security and reliability.