Research Article Privacy Preserved and Secured Reliable...

Research ArticlePrivacy Preserved and Secured Reliable Routing Protocol forWireless Mesh Networks

Navamani Thandava Meganathan1 and Yogesh Palanichamy2

1Department of Computer Science and Engineering, Easwari Engineering College, Ramapuram, Chennai,Tamilnadu 600 089, India2Department of Information Science and Technology, College of Engineering, Anna University, Guindy, Chennai,Tamilnadu 600 025, India

Correspondence should be addressed to Navamani Thandava Meganathan; [email protected]

Received 25 April 2015; Accepted 3 September 2015

Academic Editor: Raffaele Bruno

Copyright © 2015 N. Thandava Meganathan and Y. Palanichamy. This is an open access article distributed under the CreativeCommons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided theoriginal work is properly cited.

Privacy preservation and security provision against internal attacks in wireless mesh networks (WMNs) are more demandingthan in wired networks due to the open nature and mobility of certain nodes in the network. Several schemes have beenproposed to preserve privacy and provide security in WMNs. To provide complete privacy protection in WMNs, the propertiesof unobservability, unlinkability, and anonymity are to be ensured during route discovery. These properties can be achieved byimplementing group signature and ID-based encryption schemes during route discovery. Due to the characteristics of WMNs,it is more vulnerable to many network layer attacks. Hence, a strong protection is needed to avoid these attacks and this can beachieved by introducing a new Cross-Layer and Subject Logic based Dynamic Reputation (CLSL-DR) mechanism during routediscovery. In this paper, we propose a new Privacy preserved and Secured Reliable Routing (PSRR) protocol for WMNs. Thisprotocol incorporates group signature, ID-based encryption schemes, and CLSL-DRmechanism to ensure strong privacy, security,and reliability in WMNs. Simulation results prove this by showing better performance in terms of most of the chosen parametersthan the existing protocols.

1. Introduction

Wireless mesh networks (WMNs) are an emerging wirelesstechnology by having more advantages over other wirelessad hoc networks. WMNs comprise two types of nodes: meshrouters and mesh clients. Mesh routers, which are static andpower-enabled, form a wireless backbone of the WMNs andinterwork with the wired networks to providemultihop wire-less Internet connectivity to the mesh clients. Mesh routersform a mesh backbone through which mesh clients canaccess the network. Unlikemesh routers, themesh clients canbe battery-operated mobile nodes. In mesh networks, meshrouters can also directly mesh with each other [1]. WMNsare of three types. They are (i) infrastructure based WMN,(ii) hybridWMN, and (iii) clientWMN. Infrastructure basedWMN has a mesh backbone which consists of mesh routers

and gateways. Client nodes can connect to the backbonethrough mesh routers.

The properties pertaining to WMNs like open sharedmedium, absence of centralized server, and dynamic topol-ogy make the network be vulnerable against adversaries(malicious nodes) from both inside and outside. In general,the internal malicious nodes are more difficult to detect inwireless networks than the external attacker nodes. A numberof secure routingmechanisms using public key cryptographicmechanisms are discussed in the literature. However, relyingon public key cryptosystems alone does not provide completesecurity against the internal attacks. To enforce securityagainst malicious nodes, several reputation mechanisms areproposed in the existing systems to monitor the behavior ofthe neighbor nodes and also for evaluating the reputation

Hindawi Publishing Corporatione Scientific World JournalVolume 2015, Article ID 636590, 12 pageshttp://dx.doi.org/10.1155/2015/636590

2 The Scientific World Journal

metrics of the neighbor nodes. However, these mechanismsare not sufficient to provide complete privacy protection andalso to ensure better link reliability in WMN. In most of thesituations, the communication in WMNs has different kindsof sensitive user information which have to be protected andsecured from the unauthorized nodes like malicious nodes.Hence, strong privacy protection mechanisms and securerouting mechanisms are needed to protect communicationthat involves sensitive information in WMNs.

Thus, it is analyzed that privacy and security issues arethe vital problems in the design of WMNs. The clientsshould have end-to-end security and privacy assurance [2].Several privacy preserved secure routing schemes proposedfor WMNs have been discussed in the literature. Howeverthese schemes do not provide complete privacy protection.Moreover they do not ensure better link reliability that isrequired to select the optimal route in infrastructure basedWMNs. In [3, 4], the authors have proposed reputationevaluation mechanisms to enforce security and to defendagainst internal attacks in WMNs. In these reputation evalu-ation mechanisms, the reputation computation incorporatestraditional weighted average model to compute the linkquality metric which in turn evaluates the direct behavior ofthe nodes. However, in general, wireless environment needscross-layer based routing metrics to guarantee the accuratemeasurement of link quality. Hence, in this work we employcross-layer design in reputation evaluation mechanism toenhance the security of WMNs.

Several routing metrics designed for capturing the linkquality to discover high performance routing paths in wire-less mesh networks have been discussed in [5, 6]. However,these routing metrics are designed by having strong assump-tion that all nodes behave honestly during the forwarding ofpackets and the network is more reliable. This assumptionmay not be true always for infrastructure based WMNs,where all the nodes do not cooperate all the times andlink reliability is also not guaranteed. Unlike the complexinfrastructure of cellular networks like base station andmobile switching centre, the WMN infrastructure like meshrouter could be relatively easily reached and modified byattackers. The attackers can be able to track the packets inthe network and can fetch the information from the packets.By reviewing the existing works, it is known that there isno optimal routing solution that is capable of doing allthe three following operations in WMNs: preserving pri-vacy, providing security against adversaries, and discoveringhigh performance reliable routing path. Hence, in orderto establish secured and reliable routing path with betterprivacy protection, the existing routing protocols have to beenhanced further in terms of security and privacy to defendagainst various DoS attacks.

In this paper, Privacy preserved and Secured ReliableRouting (PSRR) for infrastructure based wireless mesh net-works is proposed to provide maximum privacy protectionand to have maximum security against adversaries. Theproposed protocol also provides better network performanceby selecting the more reliable route. Privacy protection inWMNs can be achieved by implementing group signatureand ID-based encryption scheme. The proposed protocol

protects the network against packet dropping and misdirect-ing attacks by implementing a new Cross-Layer and SubjectLogic based Dynamic Reputation (CLSL-DR) mechanismin mesh routers. It also provides optimal path for datatransmission by selecting secured reliable path during routediscovery.Themajor contributions of this paper comprise (1)design of a new Privacy preserved Secure Reliable Routingprotocol for WMNs, (2) protection against packet droppingand misdirecting attacks by introducing a novel Cross-Layerand Subject Logic based Dynamic Reputation (CLSL-DR)mechanism, (3) minimizing the control packets overhead bymeans of trust level (TL) metric, and (4) optimal path dis-covery for efficient data transmission by selecting a securedreliable path using cross-layer information exchange.

The rest of this paper is structured as follows. Section 2discusses related works on privacy, security, and reputationmechanisms for wireless mesh networks. In Section 3, wepresent the proposed protocol. Security and privacy analysesare discussed in Section 4. Section 5 discusses implemen-tation and performance analysis in terms of the simulationresults. Finally, in Section 6, we conclude the paper withfuture enhancements.

2. Related Work

In recent years, more numbers of secure routing protocolswith privacy protection have been proposed for WMNs.These routing protocols consider privacy and security indifferent levels to improve the network performance. Toensure whether the packets are forwarded correctly and toprovide complete privacy preservation to the user trafficmessages, secure reliable routing protocol with better privacyprotection in WMNs is needed.

Mahmoud et al. [7] proposed a low-overhead secureprivacy preserved routing protocol in hybrid ad hoc net-works in which symmetric-key-cryptography operations andpayment system are used to develop secure privacy pre-served route discovery and data transmission. However,this protocol will not be applied for WMNs where thereis no centralized server to process the payment receipts.In our previous work [8], we have proposed a routingscheme that gives better protection against security attacksand anonymity in wireless mesh networks. We introducedsecured identity based routing scheme to provide securityagainst attacks and anonymity. However, it does not providecomplete privacy protection for data packets and controlpackets. Mahmoud et al. [9] developed a stable and reliablerouting protocol named E-STAR in heterogeneous multihopwireless networks.This protocol combines payment and trustsystems with trust based and energy aware routing protocols.Multidimensional trust values are used for computation oftrust and reliability in routing. Payment systems are usedfor rewarding the nodes which are forwarding the packets.However, the protocol incurs more overhead in terms ofprocessing payment receipts and trust metrics evaluation.Wan et al. [10] proposed an unobservable secure on demandrouting protocol for mobile ad hoc networks to providecomplete privacy protection by satisfying the privacy require-ments such as anonymity, unlinkability, and unobservability.

The Scientific World Journal 3

In this protocol, group signature and ID-based encryptiontechniques are implemented along with the route discoveryprotocol to satisfy the above requirements in the network.However, the protocol does not address wormhole attacksand other DoS attacks. Paris et al. [11] proposed a novel cross-layer based routing metric, named Expected ForwardingCounter (EFW), to defend against packet dropping attacks.This metric considers link quality of wireless links usingMediumAccess Control (MAC) layermeasurements and alsomonitors the forwarding behavior in network layer to selectsecure reliable routing path in WMN. Two further variantsof EFW named Minimum Expected Forwarding Counter(MEFW) and Joint Expected Forwarding Counter (JEFW)are also proposed in the same paper to solve the problemof packet dropping behaviour of selfish nodes. Among thesemetrics, MEFW is proved as a robust link quality metricto select secure reliable routing path in WMN. Khan et al.[12] designed a secure routing protocol for infrastructurebased wireless mesh networks. In this scheme, a new routingmetric called Unreliable Value (UV) is proposed, which iscapable of searching the shortest secure path by computingUV of the neighbors by implementing a two-hop passiveacknowledgment scheme. However, this protocol is morevulnerable to packet modification and tampering attacks,since authentication and encryption mechanisms are notimplemented in the route discovery algorithm.

Khan et al. [13] introduced a secure route selectionscheme in wireless mesh networks. This scheme is basedon two-hop passive acknowledgement mechanism which isused to prevent the network from packet dropping attacks.However, thismechanismhas not provided complete securitysolution against all types of packet dropping attacks. In [14],Bansal et al. introduced a secure routing protocol for hybridwireless mesh network which uses cryptographic extensionsto provide authenticity and integrity of Hybrid WirelessMesh Protocol (HWMP) routing messages and preventsunauthorized manipulation of mutable fields in the routinginformation elements. This protocol suffers from routingacquisition delay and control packet overhead because ofcryptographic extensions during route discovery. And also,this protocol is more vulnerable to attacks caused by col-luding compromised nodes within the network. You andWang [15] proposed an efficient secure routing protocolfor hybrid wireless mesh network. The protocol implementsseveral cross-layer parameters to select an optimal routebased on security and robust against variousmultihop threatsin WMNs. Khan and Loo [16] proposed a Cross-layer Secureand Resource aware On demand Routing (CSROR) protocolfor hybrid WMN to ensure routing security and fulfilldifferent applications’ specific requirements for multimediadelivery and real-time communication. The protocol selectsan optimal route by considering routing security as well asdifferent cross-layer parameters. It is resilient to differentpacket dropping attacks, but the protocol is not suitable forthe network with nodes having high mobility and also notproviding solution for packet modification attacks. Seth andGankotiya [17] discussed various Denial of Service (Dos)attacks and detectionmethods inWMNs.They had discussedthese attack detection methods in physical layer, MAC layer,

and routing layer and concluded that cross-layer design is thebetter solution to detect these attacks in routing layer.

Yu et al. [18] have proposed a new dynamic hierarchicalreputation evaluation scheme to provide secure solutionagainst intruders for hybrid wireless mesh networks. Thisscheme is based on virtual cluster structure and behavior,correlations of the nodes in the network. However, thisscheme does not address link reliability to provide highperformance routing path. Sun et al. [19] proposed a securityarchitecture to ensure unconditional anonymity for honestusers and to achieve traceability of misbehaving users in thenetwork. They have implemented ticket based protocols toresolve the conflicting requirements of privacy and security.Kathyaini and Ananthakumaran [20] proposed a protocolwhich implements quantum principles in wireless meshnetwork to achieve anonymity and security. Even though theprotocol provides better authentication, it does not addressall types of network layer attacks.

After reviewing the previous work, we propose a newscheme for routing in wireless mesh networks to providebetter privacy and security and also to select an optimal pathfor data transmission. This can be achieved by implement-ing group signature and ID-based encryption mechanisms,Cross-Layer and Subject Logic based Dynamic Reputation(CLSL-DR) mechanism along with the route discovery pro-tocol.

3. Privacy Preserved Secure ReliableRouting Scheme

In this section, we explain the Privacy preserved Secured andReliable Routing (PSRR) scheme for wireless mesh networks.The following subsections describe the functions of theproposed protocol in detail. This scheme provides completeprivacy protection to preserve privacy and implements CLSL-DR mechanism to defend against the internal attacks causedby compromised nodes of WMN. As a result, the discoveredpath is able to provide reliable communication between thesource and the destination.

3.1. System Model

3.1.1. Network Model and Assumptions. We consider aninfrastructure based wireless mesh network which consistsof mesh routers and mesh clients. Multiple mesh routerscommunicate among themselves to form a wireless backbonethat forwards the user traffic to gateways. Mesh clients candirectly connect to the nearest mesh router. We furtherassume that the traffic from the source client node to thedestination client node passes through the routers presentin the mesh backbone. We combine group signature schemeand ID-based encryption scheme [10, 21] to provide completeprivacy protection in WMNs. Both group signature and ID-based encryption schemes are based on elliptic curve groupswith the order of a big prime number. In accordance withthe group signature scheme, an offline key server generatesgroup public key gpk, which is known to all other nodes,and group signature key gsk for each node in the network.For implementing ID-based encryption scheme, two elliptic


Anonymous key generation

Signature verification

Signature generation

Route discovery RREQ

RREP

messagetransmission

Pseudonyms

Decryption at

nodes

Decryption at destination

Mesh router

RREQ

RREP

Source Destination

Trust level (TL)EncryptionNoncesPseudonymsHash functions

Trust levelcomparison

Optimal pathselection

EncryptionNoncesPseudonymsHash functions

Session key

RREP

RREQ

Mesh router 1

Mesh router 1

Mesh router n

Mesh router n

RREQ

RREQ

RREQ

RREQ

RREP

RREQ

CLSL-DRmechanism

Link quality computation

Local opinion evaluation

Global opinion evaluation

Final trust metric computation

(optimal path)

· · ·

· · ·

Nonces

Encryption

intermediate

Unobservable

Decryption

Payload (message)

Figure 1: Functional components of PSRR.

curve groups 𝐺1 and 𝐺2 with order of a big prime number 𝑝are considered to generate private and public keys. A bilinearpairingmap “𝑒” is also defined as𝐺1×𝐺1 → 𝐺2 according tothe above-discussed works. Initially the key server generatesmaster secret key 𝑠 and ID-based private key for every node𝑁 as 𝐾ID𝑁 = 𝑠 ⋅ 𝐻

1(ID𝑁), where 𝐻

1(ID𝑁) is the secure one-

way hash function which maps the identity of node 𝑁 to anelement in group 𝐺1. The corresponding public key is alsogenerated for the node 𝑁 as (𝑝, 𝐺1, 𝐺2, 𝑒, 𝑅, 𝑅pub, and 𝐻

1),

where 𝑅 is a random generator, which is selected by the keyserver, and 𝑅pub is computed as 𝑠 ⋅ 𝑅.

3.1.2. Attack Model. We assume that an attacker is capableof monitoring the entire traffic passing through the network.The attackers may attempt to eavesdrop all the network com-munication and analyze them to obtain information aboutthe participants, packet type, and so forth. Assumption alsoincludes the possibility of adversaries launching active attacksby injecting, modifying, and dropping packets within thenetwork. Some of the internal nodes may be compromisedby the attackers to generate any Denial of Service attack inthe network.

3.1.3. Notations. The symbols and their description that areused in the proposed scheme are given in the Notationssection.The symbol𝐻

𝑖(∗) represents the three levels of secure

one-way hash functions with 𝑖 = 1, 2, 3. These functions are

used during key establishment and route discovery process.𝐻1function maps the identity of node 𝑁 to an element in

𝐺1, 𝐻2function maps an element in 𝐺1 to a session key, and

𝐻3function maps a session key with a random pseudonym.

3.2. The Proposed Scheme PSRR. The proposed schemeincludes the following phases: anonymous key generation,CLSL-DR mechanism, route discovery, and unobservablemessage transmission. The functional components of theproposed PSRR protocol are shown in Figure 1. Each nodepresent in the network shares a session key between theneighbor nodes and establishes a local broadcast key byanonymous key establishment algorithm. According to theproposed scheme, the discovered routing path is privacy pre-served, secured, and reliable. During route discovery, CLSL-DR mechanism is invoked on the mesh routers to computecross-layer based reputation to isolate the malicious nodesin the routing path. In the route discovery process, sourcenode forwards an unobservable RouteRequestmessage basedon the trust level (TL) metric to minimize the controlpackets overhead and the request reaches the destinationthrough the intermediate nodes. This metric is appendedand cumulatively added in the RREQ packet until it reachesthe destination. Since the source node broadcasts the RouteRequest, the destination receives several route requests untilthe time period 𝑇 through different paths. It selects anoptimal path as the most trusted path for data transmission.


Then the destination performs a unicast Route Reply to thesource through the discovered route. Finally the packets aretransmitted from source and reach the destination throughthis path. Following subsections describe the functions ofeach module in detail.

3.2.1. Anonymous Key Generation. In this phase, each nodein the network establishes a session key with each of itsneighbors within its radio range. Assume node 𝑆 has a privatesigning key gsk

𝑆and private ID-based key𝐾ID𝑆 in thewireless

mesh network. The following algorithm describes the stepby step procedure of anonymous key generation processbetween source node (𝑆) and neighbor node (𝐼𝑗) with respectto the Notations section.

(1) Source node 𝑆 generates the random number 𝑁𝑆

and computes the signature as SIG gsk𝑆(𝑁𝑆𝑅) using

its group signature key, where 𝑅 is the generator ofgroup 𝐺. 𝑆 broadcasts the computed signature to itsneighbors.

(2) Now intermediate node 𝐼𝑗 receives the messagefrom 𝑆 and verifies signature sent by 𝑆. If veri-fication is successful, then the intermediate nodegenerates random number (𝑁

𝐼𝑗𝑅) and computes the

signature SIG gsk𝐼𝑗(𝑁𝑆𝑅 | 𝑁𝐼𝑗𝑅).

(3) Intermediate node 𝐼𝑗 also creates shared sessionkey 𝐾

𝑆𝐼𝑗= 𝐻2(𝑁𝑆𝑁𝐼𝑗𝑅) and replies with {𝑁

𝐼𝑗𝑅,

SIG gsk𝐼𝑗(𝑁𝑆𝑅 | 𝑁

𝐼𝑗𝑅)𝐸𝐾𝑆𝐼𝑗

(𝐾𝐼𝑗

| 𝑁𝑆𝑅 | 𝑁

𝐼𝑗𝑅)} to

𝑆, where 𝐾𝐼𝑗is the local broadcast key of 𝐼𝑗.

(4) Source node 𝑆 again verifies the signature, if it issuccessful, and then it computes session key between𝐼𝑗 and itself as 𝐾

𝑆𝐼𝑗= 𝐻2(𝑁𝑆𝑁𝐼𝑗𝑅). Then it generates

local broadcast key 𝐾𝑆∗ and sends 𝐸

𝐾𝑆𝐼𝑗(𝐾𝑆∗ | 𝐾𝐼𝑗∗ |

𝑁𝑆𝑅 | 𝑁𝐼𝑗𝑅) to 𝐼𝑗.

(5) Finally intermediate node 𝐼𝑗 receives the messagefrom 𝑆 and computes same session key as 𝐾

𝑆𝐼𝑗=

𝐻2(𝑁𝑆𝑁𝐼𝑗𝑅). It decrypts the message received from

𝑆 to get the local broadcast key of 𝑆 (𝐾𝑆∗) ⋅ Nym

𝑁.

This process is repeated for each of the intermediatenodes to get the shared session key with its neighbors. Thiskey establishment process is implemented based on an effi-cient security scheme such as Elliptic Curve Diffie Hellman(ECDH) key exchange and group signature scheme whichhas more advantages such as more security strength andfaster, better performance, compared to other cryptographicschemes [21]. At the end of this key generation process, allintermediate nodes have their own shared session key withtheir neighbor nodes which are used during route discoveryprocess and these keys are generated anonymously withoutknowing each other.

3.2.2. Cross-Layer and Subject Logic Based Reputation Scheme.Here, we propose a new cross-layer and subject logic basedreputation mechanism which is an improved version of thescheme presented in [3, 4]. In this mechanism, cross-layer

based metric and uncertainty are incorporated in associ-ation with subject logic into the reputation computationalgorithm to detect and isolate the malicious nodes andthereby finding reliable routing paths. The metric consid-ers network layer observations of forwarding behavior incombination with MAC-layer measurements of wireless linkquality to select more reliable and high performance path.According to subject logic, a trust metric is represented asan opinion to express subjective beliefs. Each opinion isdefined by four parameters and it is specified as 𝑂

𝑚:𝑛=

(𝑇𝑚:𝑛

, 𝐷𝑚:𝑛

, 𝑈𝑚:𝑛

, 𝑅𝑚:𝑛

), where 𝑇𝑚:𝑛

represents node 𝑚’s truston node 𝑛,𝐷

𝑚:𝑛represents node𝑚’s distrust on node 𝑛, 𝑈

𝑚:𝑛

represents node 𝑚’s uncertainty on node 𝑛, and 𝑅𝑚:𝑛

is thebase rate of 𝑚’s trust on node 𝑛. These parameters shouldsatisfy the following conditions:

𝑇𝑚:𝑛

+ 𝐷𝑚:𝑛

+ 𝑈𝑚:𝑛

= 1.0, (1)

where 𝑇𝑚:𝑛

, 𝐷𝑚:𝑛

, 𝑈𝑚:𝑛

, and 𝑅𝑚:𝑛

∈ [0.0, 1.0].By assuming the opinion as a decision, the final trust

metric is computed as

𝐹 (𝑂𝑚:𝑛

) = 𝑇𝑚:𝑛

+ 𝑅𝑚:𝑛

𝑈𝑚:𝑛

. (2)

(1) Reputation Computation

Local Opinion. Let us assume that 𝑚 and 𝑛 are the twoneighboring nodes. The final opinion of node 𝑚 to 𝑛 𝑂

final𝑚:𝑛

is computed by having both local observation (local opinion)and global observation (global opinion):

𝑂final𝑚:𝑛

= {𝑂loc𝑚:𝑛

, 𝑂glo𝑚:𝑛

} . (3)

The local opinion of node 𝑚 to node 𝑛 𝑂loc𝑚:𝑛

= 𝑇loc𝑚:𝑛

,𝐷

loc𝑚:𝑛

, 𝑈loc𝑚:𝑛

, and 𝑅loc𝑚:𝑛

is computed and it is stored in 𝑚’s localreputation table with respective node’s ID and the values arecomputed as follows:

𝑇loc𝑚:𝑛

=ST𝑚→𝑛

(NT𝑚→𝑛

∗ LQ𝑚→𝑛

),

𝐷loc𝑚:𝑛

=NF𝑚→𝑛

(NT𝑚→𝑛

∗ LQ𝑚→𝑛

),

𝑈loc𝑚:𝑛

= 1.0 − 𝑇loc𝑚:𝑛

− 𝐷loc𝑚:𝑛

,

(4)

where ST𝑚→𝑛

represents the number of packets receivedfrom 𝑚 and successfully forwarded by 𝑛, NF

𝑚→𝑛represents

the number of packets received from𝑚 and not forwarded by𝑛, and NT

𝑚→𝑛is the total number of packet transmissions

received from 𝑚. LQ𝑚→𝑛

denotes the link quality metricfrom 𝑚 to 𝑛, which is computed as in (5).

To measure link quality in WMNs, we use a novelcross-layer based reliable routing metric named MinimumExpected Forwarding Counter (MEFW) [11] to isolate themalicious or selfish nodes during route discovery. MEFWconsiders worst dropping behavior of the nodes and it ismore robust against packet dropping attacks. Compared to


the traditional mechanisms for estimating the link quality inWMNs, MEFWmetric simplifies the network representationand selects the most reliable and high performance routingpath by considering routing layer observations of forwardingbehavior as well as MAC-layer measurements of wireless linkquality:

LQ𝑚→𝑛

= MEFW𝑚→𝑛

= MEFW𝑛→𝑚

=1

(1 − 𝑃𝑚𝑛

) (1 − 𝑃𝑛𝑚

)

⋅1

(1 − max {𝑃𝑑,𝑚𝑛

, 𝑃𝑑,𝑛𝑚

}),

(5)

where 𝑃𝑚𝑛

and 𝑃𝑛𝑚

denote the packet loss probability of thewireless link (𝑚, 𝑛) in forward and reverse directions, respec-tively. 𝑃

𝑑,𝑚𝑛and 𝑃

𝑑,𝑛𝑚represent the dropping probabilities

in 𝑚 to 𝑛 direction and 𝑛 to 𝑚 direction, respectively, atthe network layer of node 𝑛. It is possible to discover highreliability paths that are able to provide better Packet DeliveryRatio with the help of this metric since this metric is able todecide the quality of the links.Whenever a newnode joins thenetwork, the default trust opinion for the new node is set bythe other nodes as (0.0, 0.0, 1.0, 𝑅). These local opinions areupdated in the local reputation table periodically from timeto time.

Global Opinion.These are useful when the local opinions arenot enough to judge a node. If a node𝑚wants to collect globalopinions on node 𝑛 from their common neighbor nodes,it just passes the reputation query to them. When node 𝑚

receives global opinions on node 𝑛 from two recommenders,and if their opinions conflict with each other, then 𝑚 hasto decide which recommender node is more trustworthyand get the opinion from that node and discard the opinionfrom the other node. For more than two recommenders, letus assume that 𝑅 is the set of recommenders, and for eachrecommender 𝑖 ∈ 𝑅, a unique weight is assigned and it iscalculated according to (6):

𝑤𝑖=

𝐹 (𝑂𝑚:𝑖

)

∑𝑘∈𝑅

𝐹 (𝑂𝑚:𝑘

), (6)

where

𝐹 (𝑂𝑚:𝑖

) = 𝑇𝑚:𝑖

+ 𝑅𝑚:𝑖

𝑈𝑚:𝑖

. (7)

Now, the global opinion𝑂glo𝑚:𝑛

= (𝑇glo𝑚:𝑛

, 𝐷glo𝑚:𝑛

, 𝑈glo𝑚:𝑛

, 𝑅glo𝑚:𝑛

) iscalculated as shown in

𝑇glo𝑚:𝑛

= ∑

𝑘∈𝑅

𝑤𝑘𝑇loc𝑘:𝑛

,

𝐷glo𝑚:𝑛

= ∑

𝑘∈𝑅

𝑤𝑘𝐷

loc𝑘:𝑛

,

𝑈glo𝑚:𝑛

= ∑

𝑘∈𝑅

𝑤𝑘𝑈

loc𝑘:𝑛

,

𝑅glo𝑚:𝑛

= ∑

𝑘∈𝑅

𝑤𝑘𝑅loc𝐾:𝑛

.

(8)

After obtaining the local opinion and the global opinion,a final opinion 𝐹

final𝑚:𝑛

= (𝑇final𝑚:𝑛

, 𝐷final𝑚:𝑛

, 𝑈final𝑚:𝑛

, 𝑅final𝑚:𝑛

) is calculatedas shown in

𝑇final𝑚:𝑛

=

(𝑇dir𝑚:𝑛

⋅ 𝑈glo𝑚:𝑛

+ 𝑇glo𝑚:𝑛

⋅ 𝑈dir𝑚:𝑛

)

(𝑈dir𝑚:𝑛

+ 𝑈glo𝑚:𝑛 − 𝑈

glo𝑚:𝑛 ⋅ 𝑈

dir𝑚:𝑛

)

,

𝐷final𝑚:𝑛

=

(𝐷dir𝑚:𝑛


+ 𝐷glo𝑚:𝑛


)

(𝑈dir𝑚:𝑛

+𝑈glo𝑚:𝑛

− 𝑈glo𝑚:𝑛 ⋅ 𝑈

dir𝑚:𝑛

)

,

𝑈final𝑚:𝑛

=

(𝑈dir𝑚:𝑛


)

(𝑈dir𝑚:𝑛

+𝑈glo𝑚:𝑛


dir𝑚:𝑛

)

,

𝑅final𝑚:𝑛

=

(𝑅dir𝑚:𝑛


+ 𝑅glo𝑚:𝑛


)

(𝑈dir𝑚:𝑛

+𝑈glo𝑚:𝑛


dir𝑚:𝑛

)

.

(9)

Since all the trust parameters will change over time, thetrust relationship between any two nodes will also changedynamically. Whenever a new observation comes in, eachnode updates its trust table and the final trust is calculatedby using a moving average model as shown in

𝐹𝑡1

= 𝛼𝐹𝑡0

+ (1 − 𝛼) 𝐹𝑡1, (10)

where 𝛼 (0 < 𝛼 < 1) is the weighting factor which is usedas normalizing factor between previous measurement andcurrent measurement. The route discovery process uses thistrust metric for selecting the secure routing path from sourceto destination.

3.2.3. Route Discovery. Here we discuss the route discoveryprocedure of the proposed protocol based on the keys estab-lished and the computed trust level between the neighbornodes. Assume that source node 𝑆 wants to find a route todestination node𝐷.The route discovery process is carried outby Route Request (RREQ) and Route Reply (RREP) packets.The generation of RREQ and RREP packets is discussed asfollows.

(1) Route Request (RREQ). Source node 𝑆 generates a randomnumber 𝑁

𝑆𝑅 and a sequence number (snum) to uniquely

identify the Route Request and also generates a nonce(Nonce

𝑆) to achieve unobservability. Then it computes the

pseudonym as Nym𝑆

= 𝐻3(𝐾𝑆∗ | Nonce

𝑆). Other route

discovery parameters such as timestamp (ts) which specifiesthe time required to complete the route discovery andmaximumnumber of intermediate hops required (max ℎ) arealso appended within the RREQ message to reduce the routediscovery time. To ensure anonymity and unobservability, 𝑆encrypts the identity information of source and destinationnodes along with the random number using the identity ofnode 𝐷 to create the cipher text as 𝐸ID𝐷 (ID

𝑆, ID𝐷, 𝑁𝑆𝑅).

It means that only the destination node can decrypt therelevant cipher text by using its private ID-based key. Now,𝑆 applies one more level of encryption along with the routediscovery parameters using the local broadcast key 𝐾

𝑆∗ to


obtain 𝐸𝐾𝑆∗(RREQ,TL, ts,max ℎ, 𝐸ID𝐷(ID𝑆, ID𝐷, 𝑁𝑆𝑅)). The

final RREQ message is formulated as shown in

RREQ = (Nonce𝑆,Nym

𝑆, 𝐸𝐾𝑆∗(RREQ,TL, ts,max ℎ,

𝐸ID𝐷 (ID𝑆, ID𝐷, 𝑁𝑆𝑅) , snum)) .

(11)

Before broadcasting RREQ, source 𝑆 applies CLSL-DRmechanism to compute the reputation values of its neighborsaccording to the following steps.

(1) Source 𝑆 checks its local reputation table to retrievelocal opinion 𝑂

loc𝑆:𝐼𝑗

of a neighbor node 𝐼𝑗 and alsocomputes the final trust metric 𝐹(𝑂

loc𝑆:𝐼𝑗

).

(2) If 𝐹(𝑂loc𝑆:𝐼𝑗

) ≥ 𝜃, then 𝐼𝑗 is considered as trustworthynode; else if 𝐹(𝑂

loc𝑆:𝐼𝑗

) < 𝜃, then 𝑆 tries to collect theglobal opinions from the common neighbor nodeswith 𝐼𝑗, where 𝜃 is the threshold parameter which liesbetween [0.0, 1.0].

(3) To retrieve the global opinion, 𝑆 forwards theRep query message to the common neighbor nodesand waits for the time period 𝑇.

(4) If a node’s uncertainty opinion on its neighbor node𝐼𝑗 is less than 1, then it forwards its local opinion on𝐼𝑗 to 𝑆.

(5) When the time period 𝑇 is ended, 𝑆 collects all theglobal opinions from common neighbor nodes andassigns unique weight to them.

(6) Then 𝑆 computes 𝑂glo𝑠:𝐼𝑗

and evaluates the final trustmetric 𝐹(𝑂

glo𝑆:𝐼𝑗

). If 𝐹(𝑂glo𝑆:𝐼𝑗

) ≥ 𝜃, then 𝐼𝑗 is consideredas trustworthy node; otherwise, 𝐼𝑗 is considered asmalicious node and this state is recorded in the trusttable.

According to the above steps, 𝑆 evaluates the trust metricof its neighbor nodes. Now 𝑆 forwards the anonymous RREQmessage only to its neighbors whose trust metric is greaterthan 𝜃 as shown in (11). Let us assume that 𝐼𝑗 is a trustworthynode and receives the RREQ message from 𝑆. Now 𝐼𝑗 triesall its session keys shared with all its neighbors to find out𝐾𝑆∗ by satisfying Nym

𝑆= 𝐻3(𝐾𝑆∗ | Nonce

𝑆). If it is found,

then it uses the key to decrypt the cipher text. Now it canfind that it is a Route Request packet. TL is the trust levelmetric appended by the previous intermediate node. Thetotal time required for route discovery is specified as ts andmax ℎ denotes the maximum number of intermediate nodesrequired in the routing path. Node 𝐼𝑗 also tries its private ID-based key to decrypt the inner message 𝐸ID𝐷(ID𝑆, ID𝐷, 𝑁𝑆𝑅).If this cannot be decrypted, then 𝐼𝑗 is not the destinationnode. Then it generates a new nonce Nonce

𝐼𝑗and computes

Nym𝐼𝑗. The snum stored in the RREQ message is recorded

in the intermediate node’s routing table to identify duplicateRREQ messages. Now 𝐼𝑗 also applies CLSL-DR mechanismto compute the reputation values of its neighbors accordingto the above steps. Once 𝐼𝑗 receives the trust metric of allits neighbor nodes, it forwards the updated RREQ message

according to (12) only to the selected neighbors whose trustmetric is greater than 𝜃. By selectively forwarding the RREQpackets, the control packets overhead are minimized. Thetrust level (TL) metric in the updated RREQ message isupdated by cumulatively adding the existing value with themetric computed by 𝐼𝑗 with each of its neighbor nodes:

RREQ = (Nonce𝐼𝑗,Nym

𝐼𝑗, 𝐸𝐾𝐼𝑗∗(RREQ,TL, ts,

max ℎ, 𝐸ID𝐷 (ID𝑆, ID𝐷, 𝑁𝑆𝑅) , snum)) .

(12)

In this manner, the other intermediate nodes repeat theabove process to forward the RREQ message to its neighbornodes. In this way, RREQ packet in its final form reaches thedestination node. Usually multiple RREQ packets reach thedestination for the same source.

(2) Route Reply (RREP). Destination node receives manyRREQ packets from the same source. The destination nodealso tries its session keys to find out the local broadcast keyto decrypt the cipher text. Once it is successfully decrypted, ittries its private ID-based key to decrypt𝐸ID𝐷(ID𝑆, ID𝐷, 𝑁𝑆𝑅).If it is decrypted then it knows that it is the destinationnode. By checking the snum field in the RREQ packets, itcan receive same RREQ message from different neighbornodes. To select privacy preserved secure reliable path, itwaits for time period 𝑇. Once 𝑇 is over, it compares the TLmetric available in the received RREQ messages. The RREQmessage which has the highest TL metric is chosen as theselected optimal path and RREP message is unicasted onlyto the selected path in the reverse direction. Destination alsocreates a shared session key between source and destinationfor transmitting secure data in future. To forward RREP inthe reverse path, destination creates a random number, anonce, and a pseudonym and also computes shared sessionkey between the penultimate node, say 𝐼

𝑘, and itself to create

the cipher text. The format of the Route Reply (RREP) to thesource from destination is shown in

RREP = (Nonce𝐷,Nym

𝐷,

𝐸𝐾𝐼𝑘𝐷(RREP, 𝐸ID𝑆 (ID𝑆, ID𝐷, 𝑁𝑆𝑅) , snum)) .

(13)

Intermediate nodes forward this RREP to the source nodeby using the path stored in their routing table. The routethat is obtained for data transmission through this phase isprivacy preserved secure reliable route. Hence, data packetsthat flow in this reliable path are more secure and strongprivacy protection is achieved for these packets.

3.2.4. Unobservable Message Transmission. Unobservablemessage transmission is done after the above route discov-ery process. After the source receives RREP packet fromthe destination, it starts message transmission under theprotection of secure keys. Source node sends the mes-sage to the destination through the discovered route as(Nonce

𝑆,Nym

𝑆𝐼1, 𝐸𝐾𝑆𝐼1

(MSG, snum, 𝐸𝐾𝑆𝐷

(payload))), whereMSG denotes the packet type (message). When the desti-nation receives the message through the intermediate nodes


available in the discovered secure reliable path, it decryptsit with the right key and obtains the original message.Now the packets transferred from source to destination areunobservable by intruders. Thus, an unobservable messagetransmission is achieved from source to destination.

4. Privacy and Security Analysis

4.1. Privacy Analysis. The proposed routing scheme providesanonymity, unobservability, and unlinkability properties toensure the privacy by implementing group signature and ID-based encryption mechanisms in mesh routers for route dis-covery.The proposed protocol is implementing the improvedversion of the mechanisms as discussed in [10], and theprivacy analysis of the proposed protocol is carried out in thesame way.

4.1.1. Anonymity. Most people would like to remain anony-mous while roaming in WMNs for privacy reasons. In thisproposed scheme, session key is generated between eachnode with its neighbors. By using this secret session key,each node can authenticate each other anonymously andsubsequent route discovery process is built based on thesesession keys. Since pseudonyms and nonces are used in thisroute discovery process, the nodes present in the networkcannot be able to reveal sender’s identity.

4.1.2. Unlinkability. In the proposed protocol, the pack-ets (control packets and data packets) are identified bypseudonyms which are generated from random nonces andsecret session keys. Within the RREQ message, except thenonce and pseudonyms, the remaining part of the message isencrypted and decrypted at each hop. Hence, for an attackerwho can eavesdrop any transmission within the network, itis very difficult for him to find relation between the messageswithout knowing the encryption key.

4.1.3. Unobservability. Since the nodes involved in the routediscovery process of the proposed protocol are anonymousto other valid nodes, the control and data packets areindistinguishable from dummy packets and unobservable tothe adversary nodes. It is very difficult for an attacker to findany relation between pseudonyms and nonces since noncesare updated periodically. Only the nodes with valid sessionkeys will be able to decrypt and open the cipher text availablewithin the message. Hence, the protocol ensures completeunobservability to the adversary nodes.

4.2. Security Analysis. It is known that most of the externaland internal attacks against the routing protocols can beprevented by encryption and authentication mechanisms.The proposed scheme, in addition to the strong key man-agement scheme, implements a new Cross-Layer and SubjectLogic based Dynamic Reputation (CLSL-DR) mechanismto provide strong security against Denial of Service (DoS)attacks like packet dropping and misdirecting attacks, routedisrupting attacks, and so forth. Compared to the existingrouting mechanisms, the proposed protocol provides bettersecurity against the following DoS attacks.

4.2.1. Packet Dropping and Misdirecting Attacks. PSRR isresistant against packet dropping and misdirecting attackslike worm hole, black hole, gray hole, and jellyfish attacks.The proposed protocol mitigates all these attacks, since thediscovered route is completely privacy protected and trustlevel metric is implemented in the route discovery processwhich captures all the misbehavior information. As a result,the malicious nodes are isolated during route discovery.The trust level metric of each neighbor node is computedbased on link quality metric MEFW which guarantees highperformance reliable path. By introducing this efficient rep-utation computation mechanism in our proposed protocol,the protocol provides strong privacy and security protectionagainst packet dropping and misdirecting attacks.

4.2.2. Access Control. Our protocol ensures that only legit-imate users can gain access to mesh networks. To be ableto access the mesh network, each node has to satisfy thetrust level requirements and also it has to obtain a groupsignature signing key and an ID-based private key throughthe key management scheme. An adversary cannot easily getthese keys for proper authentication and also these nodes areisolated during route discovery. Hence, the access control tothe network is provided.

4.2.3. Preventing Route Disruption Attack. Route disruptionattack is caused by the malicious behavior of a node throughmodification of a mutable field and dropping routing infor-mation elements. It may be noted that, in our scheme, onlyauthenticated nodes can participate in the route discoveryphase. Moreover, routing information elements are authen-ticated and verified per hop. So, it is not possible to launch aroute disruption attack.

5. Implementation and Performance Analysis

The proposed PSRR protocol has been implemented andanalyzed in the network simulatorNS2.Theproposed schemeutilizes a network topology comprising of 25 wireless meshrouters that provides communication to other networks.We evaluate the security capability of PSRR in terms ofthe parameters such as Packet Delivery Ratio (PDR), RouteAcquisition Delay (RAD), average end-to-end delay, FalsePositive Rate (FPR), and message overheads. For privacyanalysis, we have considered an entropy based privacy metricto analyze the anonymity of sender RREQ messages.

For the security analysis, we are comparing the proposedprotocol with the traditional wireless mesh network protocolnamedHybridWireless Mesh Protocol (HWMP) and similarprivacy preserved protocol designed for wireless mesh net-works named Privacy Aware Secure HWMP (PA-SHWMP)[4] in both malicious and nonmalicious environments. Pri-vacy analysis of the proposed protocol is compared onlywith PA-SHWMP. Simulation experiment setup is shown inTable 1.

Figure 2 shows the Packet Delivery Ratio analysis withrespect to the number of malicious nodes present. This isthe ratio of total number of packets successfully received


Table 1: Simulation parameters.

Parameters ValuesNumber of nodes 25Total simulation time 50–250 sPacket size 1000 bytesMAC protocol 802.11nRadio transmission range 250, 550mArea size 1000m × 1000mProtocols PSRR, PA-SHWMP, and HWMP

PSRRPA-SHWMPHWMP

0102030405060708090

100

Pack

et D

elive

ry R

atio

(%)

2 4 6 8 100Number of malicious nodes

Figure 2: Packet Delivery Ratio versus number of malicious nodes.

by the destination nodes to the number of packets sent bythe source nodes throughout the simulation. In additionto group signature and ID-based encryption scheme, PSRRimplements CLSL-DRmechanism to select privacy preservedsecure reliable route and the packets are forwarded only bythe trusted intermediate nodes. In nonmalicious environ-ment (zero malicious nodes), all the three protocols providehigher performance in PDR as shown in Figure 2. Whenthe numbers of malicious nodes are increased, PSRR andPA-SHWMP provide better performance, whereas the PDRperformance of HWMP is highly degraded. By implementingCLSL-DR mechanism in mesh routers, trust values are com-puted for each neighbor node by considering the reliabilityof the links and forwarding behavior of the nodes. In boththe protocols PSRR and PA-SHWMP, malicious nodes areisolated during route discovery and message transmission.Compared to PA-SHWMP, PSRR selects the most reliableroute in addition to privacy protection and security. Hence,the proposed protocol shows better performance comparedto the other two protocols.

Figure 3 shows the Route Acquisition Delay (RAD)comparison of the proposed protocol and the other two

protocols PA-SHWMP and HWMP. This metric is measuredby computing the time interval between forwarding RouteRequest (RREQ) message to a destination and getting theRoute Reply (RREP) at the source node. In this scenario, samesource and destination nodes are kept and by varying themalicious nodes from 2 to 10, the delay values are computedand compared for all the three protocols. Even though theproposed protocol minimizes the control packets overhead,the computation time required for implementing privacy andsecurity mechanisms is high. Comparing the three protocols,PSRR provides higher delay values by keeping the advantageof selecting the most reliable route.

Figure 4 shows the average end-to-end delay ratio ofPSRR and a comparison with PA-SHWMP andHWMP. End-to-end delay is the time taken for a packet to reach a desti-nation from a source. In both malicious and nonmaliciousenvironments, PSRR gives higher end-to-end delay valuesthan the other two protocols. This is because the proposedprotocol implements CLSL-DR mechanism for reputationcomputation and reliable route discovery in addition toauthentication and encryptionmechanisms to have completeprivacy protection and security. Hence, the computationrequired for the trust level metrics and cryptographic mech-anisms make the end-to-end delay of the proposed protocolhigh compared to the other two protocols in both maliciousand nonmalicious environments.

For privacy analysis of the proposed protocol andthe other similar privacy preserved routing protocol PA-SHWMP, we have considered an entropy-based privacy met-ric according to information theoretic approach as discussedin [10]. This metric is computed according to the probabilitydistribution of a node being a sender. Here, we consider thesender anonymity of RREQ packets to measure the entropymetric for our analysis. It is computed as shown in

𝐸𝑘= −∑𝑝

𝑗log2𝑝𝑗, (14)

where 𝑝𝑗is the probability of node 𝑗 being the sender of

RREQ𝑘packet. This metric gives the bits of information that

the attacker should know to effectively identify the senderof RREQ

𝑘packet. The comparison analysis of PSRR and

PA-SHWMP based on entropy metric is shown in Figure 5.It is observed that PSRR provides better privacy protectioncompared to PA-SHWMP by analyzing the entropy metricof RREQ packets. Since the proposed protocol providescomplete unobservability, unlinkability, and anonymity, thesender anonymity of RREQ packets is better, which in turnprovides constant performance of entropymetric irrespectiveof the increase in the number of malicious nodes.

Next we analyze the False Positive Rate (FPR) analysis forthe three protocols by varying the percentage of lossy links inthe network. Normally, packet dropping in wireless networksmay happen by intentional behavior of attackers or by poorlink quality. FPR is computed as follows:

FPR =Number of normal nodes falsely identified as malicious nodesTotal number of normal nodes participated in the network

. (15)


0

20

40

60

80

100

120

140

Rout

e Acq

uisit

ion

Dela

y (m

s)

PSRRPA-SHWMPHWMP


Figure 3: Route Acquisition Delay versus number of maliciousnodes.

0

20

40

60

80

100

120

140

Aver

age e

nd-to

-end

del

ay (m

s)

2 4 6 8 100Numbers of malicious nodes

PSRRPA-SHWMPHWMP

Figure 4: Average end-to-end delay versus number of maliciousnodes.

Figure 6 shows that, among the three protocols, HWMPgives gradual increase in False Positive Rate when there isan increase in percentage of lossy links. This is due to thereason that the mechanisms for the differentiation betweenpacket drops due to poor link quality or malicious nodes areabsent in the HWMP protocol. The proposed protocol andPA-SHWMP give similar performance in FPR even in thecase of increase in the number of lossy links. In the proposedprotocol and PA-SHWMP, reputation, security, and privacymechanisms are incorporated in the mesh routers and hencepacket droppingwith different reasons is correctly recognizedwhich in turn decreases the False Positive Rate.

Figure 7 shows the comparison analysis of messageoverhead for the proposed protocol and the other twoprotocols. The message overhead is less in HWMP since

PSRRPA-SHWMP


0

1

2

3

4

5

6

7

Aver

age p

rivac

y en

tropy

of R

REQ

Figure 5: Average privacy entropy of RREQ versus number ofmalicious nodes.

05

101520253035404550

False

Pos

itive

Rat

e (%

)

5 10 15 20 250Lossy links (%)

PSRRPA-SHWMPHWMP

Figure 6: False Positive Rate versus percentage of lossy links.

it does not include additional control messages requiredfor either trust computation or for cross-layer messageexchange other than the basic control messages that arerequired for route dicovery.The proposed protocol PSRR hasadditional message exchanges due to the implementation oftrust computaion that involves the cross-layer exchange oflink quality information. This cross-layer exchange of linkquality information is required to improve the reliabilityof the discovered route. The message overhead involved inPA-SWHMP is in between the other two protocols sinceit focusses on privacy and security and does not providereliability. There exists least difference in message overheadfor the three protocols when the number of malicious nodesin the network is less. When the number of malicious nodesis increased, linear increase in message overhead is observedin PSRR and PA-SHWMP.


0102030405060708090

100

Mes

sage

ove

rhea

d (%

)


PSRRPA-SHWMPHWMP

Figure 7: Message overhead versus number of malicious nodes.

From the above analysis, it is clear that the proposedscheme (PSRR) provides better security and privacy perfor-mance than PA-SHWMP and HWMP by implementing anew CLSL-DR mechanism to compute trust values and linkreliability in addition to the group signature and ID-basedencryption schemes for preserving the privacy. However,the proposed protocol suffers in terms of end-to-end delay,Route Acquisition Delay, and message overhead parametersby keeping the advantage of providing better security, privacy,and efficient data transmission.

6. Conclusions

This paper deals with the design, implementation and adetailed analysis of Privacy preserved Secure Reliable Rout-ing (PSRR) scheme in Wireless Mesh Networks. The designof PSRR offers strong privacy protection by satisfying theproperties like anonymity, unlinkability, and unobservabilitycompletely. The design also includes the discovery of securereliable routing path by employing CLSL-DR mechanism forefficient data transmission in wireless mesh networks. Theprivacy and security analysis demonstrate that PSRR is notonly resistant to privacy related attacks but also resistantagainst the misbehavior of the malicious nodes caused bypacket dropping and misdirecting attacks. After the imple-mentation of three protocols in malicious and nonmaliciousenvironments, it is observed that the proposed protocolprovides better performance compared to PA-SHWMP andHWMP with respect to privacy and security analysis. Thesimulation results show that PSRR and PA-SHWMP providemore or less similar performance in terms of the parameterssuch as PDR, RAD, end-to-end delay, FPR, privacy basedentropy metric, and message overhead. By implementing anew cross-layer based reputationmechanism in the proposedprotocol PSRR, the link reliability and link quality are wellfocused which in turn gives higher PDR. Moreover, PSRR isable to keep the malicious nodes well isolated. Hence, theproposed protocol PSRR is privacy preserved and reliableand also provides more security against internal attacks in

WMN. However, the proposed protocol suffers in terms ofend-to-end delay, Route Acquisition Delay (RAD), and mes-sage overhead due to the implementation of cryptographicmechanisms, reputationmetric computation, and cross-layerinformation exchange mechanism during route discovery.

In future, performance of the protocol can be enhancedfurther in terms of privacy and security by incorporating effi-cient cryptographic mechanisms and different perspectivesin reputation computation such as Bayesian theorem andGame theory mechanisms and also to focus on minimizingthe computation overhead in wireless mesh networks.

Notations

𝑁: A node in wireless mesh network𝑃: A big prime number𝑆: Master secret key owned by the key server𝑅: Generator of the elliptic curve group 𝐺1

𝐻𝑖(∗): Secure one-way hash functions, 𝑖 = 1, 2, 3

gsk𝑁: Private group signature key of node 𝑁

gpk: Public group signature verification key𝐾ID𝑁 : Node 𝑁’s private ID-based key𝐸𝑁(∗): ID-based encryption using 𝑁’s public key

𝐾𝑁∗ : A local broadcast key of node 𝑁

𝐾𝑁𝑋

: Shared session key between nodes 𝑁 and 𝑋

Nym𝑁: Pseudonym only valid within 𝑁’s neighborhood.

Conflict of Interests

The authors declare that there is no conflict of interestsregarding the publication of this paper.

References

[1] I. F. Akyildiz, X.Wang, andW.Wang, “Wirelessmesh networks:a survey,” Computer Networks, vol. 47, no. 4, pp. 445–487, 2005.

[2] Z. Wan, K. Ren, B. Zhu, B. Preneel, and M. Gu, “Anony-mous user communication for privacy protection in wirelessmetropolitan mesh networks,” IEEE Transactions on VehicularTechnology, vol. 59, no. 2, pp. 519–532, 2010.

[3] H. Lin, J. Hu, J. Ma, L. Xu, and A. Nagar, “A role based privacy-aware secure routing protocol for wireless mesh networks,”Wireless Personal Communications, vol. 75, no. 3, pp. 1611–1633,2014.

[4] H. Lin, J. Ma, J. Hu, and K. Yang, “PA-SHWMP: a privacy-awaresecure hybrid wireless mesh protocol for IEEE 802.11s wirelessmesh networks,” Eurasip Journal on Wireless Communicationsand Networking, vol. 2012, article 69, 2012.

[5] H. A. Mogaibel and M. Othman, “Review of routing protocolsand it’smetrics forwirelessmesh networks,” inProceedings of theInternational Association of Computer Science and InformationTechnology—Spring Conference (IACSITSC ’09), pp. 62–70,April 2009.

[6] M. E. M. Campista, P. M. Esposito, I. M. Moraes et al., “Routingmetrics and protocols for wireless mesh networks,” IEEE Net-work, vol. 22, no. 1, pp. 6–12, 2008.

[7] M. M. E. A. Mahmoud, S. Taha, J. Misic, and X. Shen, “Light-weight privacy-preserving and secure communication protocolfor hybrid Ad Hoc wireless networks,” IEEE Transactions onParallel and Distributed Systems, vol. 25, no. 8, pp. 2077–2090,2014.


[8] R. Ramya, T. M. Navamani, and P. Yogesh, “Secured identitybased routing and privacy preservation in wireless mesh net-works,” in Proceedings of the International Conference on RecentTrends in Information Technology (ICRTIT ’11), vol. 26, pp. 521–526, Chennai, India, June 2011.

[9] M.M. E. A.Mahmoud, X. Lin, and X. Shen, “Secure and reliablerouting protocols for heterogeneous multihop wireless net-works,” IEEE Transactions on Parallel and Distributed Systems,vol. 26, no. 4, pp. 1140–1153, 2013.

[10] Z. Wan, K. Ren, and M. Gu, “USOR: an unobservable secureon-demand routing protocol formobile ad hoc networks,” IEEETransactions on Wireless Communications, vol. 11, no. 5, pp.1922–1932, 2012.

[11] S. Paris, C. Nita-Rotaru, F. Martignon, and A. Capone, “Cross-layer metrics for reliable routing in wireless mesh networks,”IEEE/ACM Transactions on Networking, vol. 21, no. 3, pp. 1003–1016, 2013.

[12] S. Khan, K.-K. Loo, N. Mast, and T. Naeem, “SRPM: securerouting protocol for IEEE 802.11 infrastructure based wirelessmesh networks,” Journal of Network and Systems Management,vol. 18, no. 2, pp. 190–209, 2010.

[13] S. Khan, N. A. Alrajeh, and K.-K. Loo, “Secure route selectionin wireless mesh networks,” Computer Networks, vol. 56, no. 2,pp. 491–503, 2012.

[14] D. Bansal, S. Sofat, and G. Singh, “Secure routing protocol forHybrid Wireless Mesh Network (HWMN),” in Proceedings ofthe International Conference on Computer and CommunicationTechnology (ICCCT ’10), pp. 837–843, Allahabad, India, Septem-ber 2010.

[15] Z. You and Y. Wang, “An efficient and secure routing protocolfor a hybrid wireless mesh network,” Journal of ComputationalInformation Systems, vol. 8, no. 21, pp. 8693–8705, 2012.

[16] S. Khan and J. Loo, “Cross layer secure and resource-aware on-demand routing protocol for hybrid wireless mesh networks,”Wireless Personal Communications, vol. 62, no. 1, pp. 201–214,2012.

[17] S. Seth and A. Gankotiya, “Denial of service attacks and detec-tion methods in wireless mesh networks,” in International Con-ference on Recent Trends in Information, Telecommunication,and Computing (ITC ’10), pp. 238–240, March 2010.

[18] Y. Yu, Y. Peng, Y. Yu, and T. Rao, “A new dynamic hierarchicalreputation evaluation scheme for hybrid wireless mesh net-works,” Computers and Electrical Engineering, vol. 40, no. 2, pp.663–672, 2014.

[19] J. Sun, C. Zhang, Y. Zhang, and Y. Fang, “SAT: a security archi-tecture achieving anonymity and traceability in wireless meshnetworks,” IEEE Transactions on Dependable and Secure Com-puting, vol. 8, no. 2, pp. 295–307, 2011.

[20] N. A. Kathyaini and S. Ananthakumaran, “Unconditional secu-rity based privacy protected user communication in WirelessMesh Networks,” in Proceedings of the International Conferenceon Recent Advances in Computing and Software Systems (RACSS’12), pp. 201–206, Chennai, India, April 2012.

[21] I. R. Jeong, J. O. Kwon, and D. H. Lee, “A Diffie-Hellman keyexchange protocol without random oracles,” in Cryptology andNetwork Security: 5th International Conference, CANS 2006,Suzhou, China, December 8–10, 2006. Proceedings, vol. 4301 ofLecture Notes in Computer Science, pp. 37–54, Springer, Berlin,Germany, 2006.

Submit your manuscripts athttp://www.hindawi.com

Computer Games Technology

International Journal of

Hindawi Publishing Corporationhttp://www.hindawi.com Volume 2014


Distributed Sensor Networks


Advances in

FuzzySystems

Hindawi Publishing Corporationhttp://www.hindawi.com

Volume 2014


ReconfigurableComputing

Hindawi Publishing Corporation http://www.hindawi.com Volume 2014


Applied Computational Intelligence and Soft Computing

Advances in

Artificial Intelligence


Advances inSoftware EngineeringHindawi Publishing Corporationhttp://www.hindawi.com Volume 2014


Electrical and Computer Engineering

Journal of

Journal of

Computer Networks and Communications


Hindawi Publishing Corporation

http://www.hindawi.com Volume 2014

Advances in

Multimedia


Biomedical Imaging


ArtificialNeural Systems

Advances in


RoboticsJournal of



Computational Intelligence and Neuroscience

Industrial EngineeringJournal of


Modelling & Simulation in EngineeringHindawi Publishing Corporation http://www.hindawi.com Volume 2014

The Scientific World JournalHindawi Publishing Corporation http://www.hindawi.com Volume 2014


Human-ComputerInteraction

Advances in

Computer EngineeringAdvances in


Research Article Privacy Preserved and Secured Reliable...

Documents

Transcript of Research Article Privacy Preserved and Secured Reliable...