SECURING MOBILITY LOCATION MANAGEMENT IN WIRELESS MESH NETWORKS

UoM administered thesis: Phd

  • Authors:
  • Sultan Alkhliwi

Abstract

With roaming comes the desire to access the Internet from a greater range of geographic locations. Wireless mesh networks (WMNs) offer the promise of increasing the spread of accessible Internet. However, a critical function for WMNs is the ability to track the current locations of devices. Therefore, the Hierarchical Mobile IPv6 (HMIPv6) protocol has been selected to support this function in WMNs. The HMIPv6 protocol, which allows devices to maintain ongoing connections with other correspondent nodes (CN) across different locations, consists of three essential registration processes: the mobile anchor point (MAP), the home agent (HA) and the CN registrations. This thesis investigates the improvement of security provisions to provide secure and efficient registration processing when managing a mobile node’s (MN’s) location in a WMN. The MAP registration process has been improved by (1) cryptographically generating and verifying the Local Care-of Address (LCoA) and Regional Care-of Address (RCoA) of the MN and by (2) developing a novel light-weight LCoA reachability test method to allow the MAP to confirm the reachability of MNs at a claimed LCoA. This is called an Enhanced Mobile Anchor Point Registration (E-MAPR) protocol, and it is used to both support the location authentication of the MNs for the MAP in the WMN’s domain and to authorise the MN to use the services of the WMN’s domain. In addition, the E-MAPR protocol allows the MAP to compute a shared secret key with the MN to protect any further mobility messages between the MAP and the MN. Via these actions, the E-MAPR protocol reduces the likelihood that a malicious MN can successfully steal a third party’s nodes’ addresses (i.e. the LCoA and RCoA), prevents a malicious MN from launching a flooding attack and protects any future binding updates (BUs) against a false BU attack. In addition, the E-MAPR enables the MAP to assist with correspondent registration by confirming either the MN’s LCoA or RCoA for the CN. The simulation studies in this research show that the E-MAPR offers better performance in terms of registration delay and packet loss. The signalling overhead is high, yet it does not significantly affect users’ application levels. The HA registration process is also enhanced by (1) making the MAP act as a proxy for the MN to bind and thus authenticate the claimed Home-of address (HoA) as well as register the RCoA with the MN’s HA and by (2) applying a synchronised RCoA reachability test. This is called an Enhanced Home Agent Registration (E-HAR) protocol, and it is used to both verify the ownership of the claimed MN’s HoA and to support the location authentication of the MN to its HA. Via these actions, the E-HAR can prevent a malicious MN from sending a false BU, and it reduces the likelihood of a malicious MN successfully luring an HA to flood a third party with useless traffic via the HMIPv6. The simulation studies in this research show that the E-HAR does not significantly impact users’ application levels in terms of registration delay, packet loss and signalling overhead. This thesis proposes two correspondent registration protocols based on the CN’s location: the Regional Correspondent Registration (RCR) protocol and the Local Correspondent Registration (LCR) protocol. These protocols were designed to (1) allow the CN to cryptographically verify the authenticity of the claimed HoA and (2) receive assistance from the MAP to confirm the MN’s ownership of either the claimed RCoA or LCoA. Each protocol consists of three phases: creation, update and deletion. Simulations of the proposed protocols revealed that, in the creation phase, both the delay and the packet loss were increased in the RCR protocol, yet they were decreased in the LCR protocol. In addition, the signalling overhead was increased in both protocols. In the update phase, both the delay and the packet loss were increased in both protocols, and the signalling overhead was increased in the RCR protocol yet decreased in the LCR protocol. In the deletion phase, both protocols offered better performance in terms of delay, packet loss and signalling overhead. Finally, all proposed protocols were subjected to formal security analyses, which found that all satisfied the required security properties.

Details

Original languageEnglish
Awarding Institution
Supervisors/Advisors
Award date31 Dec 2018