Wireless Netw
DOI 10.1007/s11276-016-1240-0
Wormhole-Free Routing and DoS Attack Defense
in Wireless Mesh Networks
G. Akilarasu1 S. Mercy Shalinie2
 Springer Science+Business Media New York 2016
Abstract Owing to the growth in several applications,
Wireless Mesh Networks (WMN) is emerging as a vital
technology for future wireless networks. Wormhole attack
is one of the major security threats, which can disturb
majority of routing communications, even when placed
strategically. Therefore, a technique that can find worm-
hole-free routes in the network is required. In order to
achieve this, in this paper, we propose a Monitoring
Technique for Wormhole-Free Routing and DoS Attack
Defense in WMNs. Initially, finite state model is applied
where the node keeps the information about its sender and
neighborhood receiver. Then, wormhole-aware secure
routing is implemented to find wormhole free routes in the
network. Finally, the priority mechanism is applied where
the data packets are transmitted based on their priority.
Based on the finite state model and priority mechanism, the
malicious or wormhole nodes in the network are removed.
Keywords Wireless Mesh Network
Wormhole
DoS
attack
Routing
& G. Akilarasu
akilarasu0684@gmail.com
S. Mercy Shalinie
shalinie@tce.edu
1
Department of Information and Communication Engineering,
Thiagarajar College of Engineering, Madurai 625015, India
2
Department of Computer Science and Engineering,
Thiagarajar College of Engineering, Madurai 625015, India
1 Introduction
Wireless Mesh Network (WMN) comprises of radio nodes
that are arranged in a mesh topology for data communi-
cations. WMN is usually a group of mesh clients, mesh
routers, and gateways [1, 2]. WMN is a wireless multihop
technology that is as parallel as the mobile ad hoc networks
and is considered as a superset of the ad hoc networks [2].
The combination of two types of nodes, mesh routers and
mesh clients, is called as a customary WMN. Mesh routers
have a set of fixed nodes with one or more wireless
interface, which present a backbone infrastructure managed
by routing protocols [312].
Various types of attacks in WMN are discussed below
[1318]:
Unauthorized Access is a common attack in which an
unauthorized user gets access to the network services
by masking as a genuine user [19]. It may leak the
trusted data. Hence, it is not suitable for secure system.
Spoofing is the process of falsifying an authentic MAC
or IP address. IP spoofing is well-known in multi-hop
communications in WMNs in which challenger inserts
a false source address to the packets forwarded by it.
Hence, the nasty attacker can intercept a termination
request and hijack a session. In MAC address spoofing,
attacker changes the MAC address of the transmitted
frames from a genuine node [19].
Replay attack is a type of man-in-the-middle attack
launched by external or internal nodes. An external
nasty node gets the information of the broadcast
communication between two nodes in the network [19].
DoS Attack Here, the nasty attacker sends a flood of
packets to an MR by making a buffer overflow in the
router. A spiteful attacker can send false termination
123

messages from the side of a genuine MC by preventing
the genuine user from accessing network services [19].
Intentional Collision of Frames When two or more
nodes try to send at same frequency and time, then
collision occurred that causes the frames to be rejected
or retransmitted. The challenger violates the communi-
cation protocol and continuously transmits the messages
in an attempt to make the collisions. An attacker can also
use repeated collisions to cause resource exhaustion [19].
Compromised or Forged MR An attacker compromises
one or more MRs in a network by physical tampering or
logical break-in. The opponent may announce rogue
MRs to launch a variety of attacks. MRs that is fake or
compromised may be used to attack the wireless link to
implement the attacks such as passive eavesdropping,
jamming, replay and false message injection, traffic
analysis, and so forth [19].
Pre-Computation and Partial Matching Attack In a pre-
computation attack or time memory trade-off (TMTO)
attacks, the attacker calculates and gathers the infor-
mation before launching the attack. When actual
transmission starts, the attacker uses the information,
which is calculated before to accelerate the cryptanal-
ysis process. TMTO attacks are against a large number
of cryptographic solutions [19].
Impersonation Attack Compromised nodes may be able
to join the network and cause the serious problems
when appropriate authentication of parties is not
supported. This node sends the false routing informa-
tion and acts like some other trusted nodes [2027].
The security requirements of Wireless Mesh Networks
are as follows [2832]:
Confidentiality It means that the confidential informa-
tion is accessible only to those who are authoritative to
access that.
Integrity It assured that a message that is being
transferred is never corrupted. Integrity can be com-
promised mainly in the following two ways: (1)
malicious altering in which a message could be
detached, replayed, or revised by an antagonist by a
malicious attacker and (2) accidental altering which is
like a transmission error, goals on the network that is
observed as malicious altering.
Authenticity It assured that the competitors in commu-
nication are authentic or not (imitators).
Non-repudiation It guarantees that the sender and the
receiver of a message cannot contradict. It is construc-
tive for recognition and segregation of a node with
some nonstandard behavior.
Authorization Here, an entity is issued a permit by the
confidence certificate authority. Authorization assigns
the diverse access rights to uncommon levels of users.
123
Wireless Netw
Anonymity It means that all the information needed to
recognize the present user must be kept confidential and
not disseminated to other communicating parties.
Availability It makes certain the survivability of
network services nevertheless of DoS attacks, in which
the whole nodes in the network are the attack objective,
and thus some selfish nodes make the network services
engaged [3338].
Security is a key requirement in WMNs. In Sect. 2, we
analyzed some of the paper related to the attack detection and
defense techniques in WMN. Some techniques for detection
of various attack are present, but still those papers have the
following problems: (1) excessive packets are directly aban-
doned instead of processed and lower priority Packets are
discarded which may cause packet loss [39]; (2) the protocol
[40] incurs little overhead in terms of control overhead due to
cryptographic extension and acquisition delay; (3) simulation
result found in [41] shows that this system is not so secure for
large number of nodes, and it has higher running time; (4)
WARP [42] initially suffers from packet loss due to the
probable selection of wormhole nodes; and (5) there will be
always some detection inaccuracy in this method [43].
From the analysis, we find that attacks are the major issues
while providing security. We find that the wormhole attacks
and DoS attacks are big issue in securing WMN, so we will try
to develop a mechanism that is able to detect these attacks. In
this paper, we propose a Monitoring Technique for Worm-
hole-Free Routing and DoS Attack Defense in WMNs. This
technique can eliminate wormhole and DoS attacks while
achieving better performance compared to the existing works.
The paper is organized as follows. Section 2 describes
the related works and Sect. 3 provides the detailed expla-
nation of the proposed work. Section 4 explains the sim-
ulation results. Finally, Sect. 5 concludes the work.
2 Literature review
Luan et al. [39] have discussed about the detection of
Denial of Service (DoS) attacks in WMN and proposed a
detection scheme based on zone-based hierarchical net-
work model. End-to-end authentication, the utilization rate
of cache memory, two-threshold value, and distributed
voting are used to detect DoS attackers. Packet received
delay, transmission rate, packet load, and byte load are the
performance metrics considered. This scheme successfully
decreases the harm that is caused by a DoS attack and
improves the reliability of the network. While forwarding
message packets, the excessive packets will be directly
abandoned instead of processing when a neighbors packet
reach the threshold, and at the time of DoS attack, lower
priority packets will be discarded.
Wireless Netw
Bansal et al. [40] have proposed a secure Hybrid WMN
(HWMN) routing protocol for WMN, which is a secure
extension of layer-2 routing protocol for IEEE 802.11s. This
technique employs the cryptographic extensions for providing
the authenticity and integrity of HWMN protocol routing
messages and thwarts unauthorized manipulation of variable
fields in the routing information elements. The performance
metrics like throughput are discussed here. However, it
experiences little overhead in terms of control overhead due to
cryptographic extension and acquisition delay.
Kandah et al. [41] have discussed various malicious
attacks and proposed an effective secure key management
scheme (SKeMS) in WMN. This scheme seeks an encryption
key assignment such that the persuaded network is securely
key associated and well sheltered against potential malicious
eavesdropping attacks. This scheme assigns the available
encryption keys amid entire nodes in the network. The per-
formance metrics like neighbor compromise ability ratio,
malicious eavesdropping ability ratio, running time, and total
neighbor compromise ability are used. Simulation results
find that the MEA ratio increases with increase in number of
nodes, which means that this system is not so secure for large
number of nodes, and it has higher running time.
Matam et al. [42] have proposed a wormhole-resistant
secure routing algorithm (WRSR) in WMN to notice the
presence of wormhole through route discovery process and
quarantine it. WRSR knows route requirements negotiating a
wormhole and prevents such routes from being established.
WRSR employs the unit disk graph for deciding the essential
and adequate circumstance for identifying a wormhole-free
path. WRSR contain its capability to protect against all forms
of wormhole attacks without relying on any extra hardware.
Performance metrics such as packet delivery ratio, latency,
packet loss, and detection rate are used. However, WARP
initially suffers from packet loss due to the credible selection
of wormhole nodes in the initial route discovery process.
Gamer et al. [43] have proposed inference-based clustering
algorithm for identifying the selfish nodes in Wireless Mesh
Network. The statistical theory of inference is primarily uti-
lized for providing reliable clustering of the nodes by local
observations of the nodes. In each node, a finite state model is
built on AODV protocol based on local surveillance. The
performance metrics like packet dropping, detection rate, false
alarm rate and detection rate are used here. However, there will
be always some detection inaccuracy present in this approach.
3 Proposed solution
3.1 Overview
In order to solve the issues mentioned in the previous
section, we propose an anomaly detection technique for
wormhole free routing and DoS attack defense. We assume
H hybrid WMN (HWM).
In the proposed solution, first we will apply the finite
state model [43] in which the node keeps the information of
its sender and neighborhood receiver along with the
information of the neighbor nodes that receive the broad-
cast messages (RREQ) sent by the node itself with
encryption keys. Each node acts as a monitor node for its
neighbors. For a routing session, each monitor node
examines a sequence of interleaved Local Message Block
(LMB) with authorized certificates. For every T second, the
monitoring node appeals to a detection algorithm that maps
its neighbors into two clusters and then classifies into two
types, namely selfish node and cooperative node.
Using the collected information of RREQ and RREP by
the monitoring nodes, route requests traversing the worm-
hole link are detected, and a wormhole-aware secure
routing [42] is established. Wormhole-free paths are
selected by monitoring received RREQs by checking the
state transition table of the neighboring nodes. The route
discovery procedure will be similar to Hybrid Wireless
Mesh Protocol (HWMP). It is the default path-selection
(routing) protocol for IEEE 802.11-based WMN. It is a
combination (hybrid) of on-demand route selection mode
and proactive tree-based approach [42].
For the detection of DoS attacks, a table for priority is
setup by the monitoring node for each of its neighbors based
on the frequency of sending data [39]. When the collabo-
rated DoS attack occurs, packets with low priority will be
discarded first to ensure stable transmission of legitimate
nodes. The corresponding DoS attacker node will be
removed from the routing table by the edge routers (Fig. 1).
3.2 Finite state model [43]
In this finite state model, a message unit has been defined.
This message unit contains all the messages analogous to a
RREQ broadcast and the unicast RREP. In this message
unit, not all the transmissions are observed by a node. A
node can monitor only the part of message unit, the Local
Message Unit (LMU). LMU allows a node to observe the
transmitted messages by its neighbor nodes and messages
overheard. A node maintains the details of its sender and
neighborhood receiver for all message transmission in a
LMU. The neighbor nodes that receive the RREQ messages
from the node are monitored by the node itself (Fig. 2).
From the above figure, we can observe various states
(numeric present on the node represent the state of the
node) that a neighbor node goes through for each LMU.
The numbers mentioned on the nodes are explained in the
Table 1. In the above figure, shaded nodes represent their
final sates. Each message causes a state transition in each
of its neighbor nodes finite state machine. The neighbor
123
 Wireless Netw

Fig. 1 Architecture diagram

node monitors a node, and only it can give its activities. In

order to obtain a notion of the monitored nodes behavior,
the mutual contribution of each neighbor node is required.
Monitored node is defined as a node that is being moni-
tored by the neighbors, and these neighbor nodes are
considered as a monitor node. Each node acts both as a
monitor node and as a monitored node.
For a routing session, each monitor node observes a
sequence of interleaved LMU. The sourcedestination pair
in a RREQ message identifies each and every LMU. Let
the kth LMU observed by the monitor node be (sk, dk). The
Fig. 2 Finite state machine of a node [43] tuple (sk, dk) does not exclusively recognize a LMU, since
a source can send multiple RREQs to the same destination.
As RREQs have intervals between them, it is assumed that
there is only one active LMU (sk, dk) at that instance.
Table 1 States of finite state machine [43] When a routing session initiates, a monitored node starts
with the state 1 in its finite state machine. The behavior of
State Interpretation
the monitored node is observed by the monitor node.
1: initp There is no RREQ; Initial phase Finally, a sequence of transitions from state 1 to one of the
2:unexpt RREP With no RREQ, RREP received unexpectedly possible final states: 5, 7 and 8 is recorded.
3: rcpt RREQ RREQ is received After broadcasting a RREQ, a monitor node assumes
4: brct RREQ RREQ is broadcasted that the monitored node has received the RREQ. A state
5: tout RREQ Timeout after receiving RREQ transition from 1 ? 3 for the monitored nodes finite state
6: rcpt RREP RREP is received machine is recorded by the monitor node. A state transition
7: LMB complete RREP forwarding is valid of 3 ? 4 is recorded whenever a monitor node observes a
8: tout RREP Timeout after receiving RREP monitored node to broadcast a RREQ. If not, a transition
from 1 ? 4 is recorded. This transition shows that the

123
Wireless Netw

Table 2 State change of the neighbor nodes of L [43]

Node Events State changes

A A broadcasts RREQ to all its neighbours 1?4

Fig. 3 An LMB observed by node L
monitored node receives RREQ from other neighbor. For
the concerned LMU, if no monitored nodes activity is
found by monitor node before the expiry of a timer, the
transition to a timeout state can occur. Monitor node
records a transition to LMU complete state, after observing
that a monitored node has forwarded a RREP. Finally, the
monitored node develops into a candidate for inclusion on
a routing path.
An example of LMU observed by the node L during the
route discovery from the source (S) to the destination (D) is
illustrated in Fig. 3. The events observed by L and the state
transitions for each of its neighbor A, B and C are shown in
Table 2. As soon as the final state is attained, the finite state
machine ends. Then, each node stores the corresponding
sequences of state transitions for each of its neighbors. A
statistical analysis is performed only when a node collects
the adequate number of events for detecting the presence of
any selfish nodes in the network.
Let x and y be the two nodes. The computation of dis-
similarity between x and y (dxy) does not involve the pair-
wise similarity between nodes x and y (Lxy). dxy measures
the degree of inconsistency in similarity between x and y
with all their neighbors. During computation, the contri-
bution of each neighbor plays its role; dxy presents a robust
indicator for dissimilarity between nodes and plays a cru-
cial part in computing the clusters.
An agglomerative hierarchical clustering technique is
used for clustering. Agglomerative hierarchical clustering
is a single-linkage approach where each cluster is repre-
sented by all of the objects in the cluster, and the similarity
between two clusters is measured by the similarity of the
closest pair of data points belonging to different clusters.
The cluster merging process repeats until all the objects are
eventually merged to form one cluster.
After the nodes are clustered into similar sets, the sets
are further classified into three groups: (1) a set (G) of
cooperative nodes, (2) a set (B) of selfish nodes, and (3) a
set of nodes whose behavior could not be ascertained.
The set B has the selfish nodes. In order to reduce the
rate of false positives (i.e. wrongly identifying a coopera-
tive node as selfish), an ANOVA test is applied where the
probability Pkr of the random variation among the mean
cooperation scores (Cr) of k clusters is computed. The
L then broadcast RREQ 4?4
L replies by sending RREP to A 4?6
A replies by sending RREP to S 6?7
B B broadcasts RREQ to all its neighbors 1?4
L then broadcasts RREQ 4?4
Timeout occurs 4?5
C L broadcasts RREQ 1?3
C broadcasts RREQ 3?4
C replies by sending RREP to L 4?7
lower value of Pk implies that the clusters have distinct
differences in their behavior. At each iteration, k clusters
are formed, and Pk is compared with a predefined value d.
1. If Pk \ d, then it will be believed that the clusters are
reflecting the behavior of the nodes and their classi-
fications are accepted. The cluster with lowest Cr is
assumed to contain the selfish nodes.
2. If Pk [ Pk-1, then the neighbor behavior is not
properly reflected in the cluster formation, resulting
in the higher value of Pk. All the nodes are classified as
cooperative, and the next iteration is executed. The
value of d is tuned to adjust the detection alacrity and
the rate of false positives.
Still, there is a possibility of misclassification. This can
be reduced by a crosschecking mechanism by inserting two
additional fields, namely, next_to_source and dupli-
cate_flag, in the header of a RREQ packet. next_to_source
(address of next hop node to the source) and duplicate_flag.
duplicate_flag indicate whether the packet is duplicate (the
packet is already sent by some other node) or not. In the
header of RREP packet, next_to_destination field is added
to indicate the address of the node to which the packet must
be forwarded in the reverse path.
With these additional fields, it is possible to detect every
instance of selfish behavior in a wireless network, if the
following conditions are satisfied:
1. No packet loss lost due to interference,
2. Links are bidirectional,
3. The nodes are stationary, and
4. The queuing delays are bounded.
3.3 Wormhole-free routing protocol (WFR) [42]
The proposed Wormhole-Free Routing protocol (WFR)
prevents the selection of route requests traversing the
wormhole link. The main principal of WFR is to monitor

123

the neighbor node on receiving the RREQ and identify a
RREQ that traverses a wormhole. A received RREQ should
satisfy the necessary wormhole-free path criterion, which
can be detected by a neighbor node of a wormhole node
and can easily be set apart.
Wormhole-Free Routing Algorithm
Step 1: Initially, WFR checks if any route exists from
source node S or not. If no route exists, then the
source node broadcasts a new RREQ (RREQN)
message to all the nodes in the network.
Step 2: When an intermediate node (NI) receives his
RREQN, it checks RREQID and sequence number
received in RREQN. This RREQN may reach an
intermediate node through different hop
addresses in the network.
Step 3: Node NI compares the two-hop address present
in RREQN with the two-hop addresses of a set of
existing routing entries in the network. If this
matches, then the routing table will be updated.
Step 4: Furthermore, if no matching found, then node NI
compares the three and four-hop addresses
present in RREQN.
Step 5: If any one of the three-/four-hop addresses
present in RREQN matches, then the RREQ is
selected and state of the routing entry is set to
stable.
Step 6: If none of the comparisons match, a new
transient routing entry is created for the
corresponding RREQID.
Step 7: While comparing the two hop addresses present
in the RREQN, the HWMP rejects the selfish
nodes (SN) that are found in the above Sect. 3.2.
3.3.1 RREQ and RREP process
The main goal of WFR is to choose a wormhole-free path
for the transmission. Neighbor nodes monitor the received
RREQs just to find the paths, which are free from worm-
holes. When an RREQ is confirmed to be wormhole free, the
corresponding routing entry is elevated to stable state from
transient state. Like all the intermediate nodes in the net-
work, the intermediate node NI processes multiple RREQs
to the destination node before selecting an optimal worm-
hole-free path also satisfying the route selection criteria. It
unicasts an RREP to receive a stable RREQ. Consequently,
intermediate nodes broadcast the RREP through wormhole-
free routes, which are found in the network.
3.4 DDoS attack detection
In this approach, the priority mechanism has been adopted
in order to reduce the DDoS attackers in the network. In
123
Wireless Netw
this priority mechanism, the highest priority data packets
are sent at the first turn. The priority of the data packets is
decided by the nodes priority, that is, if a node sends k
number of data packets in 1 s, then the nodes priority will
be changed to 1/k by its neighbors. So, in this way, the data
packets with the highest priority are processed first in the
network [39].
Node assigns a buffer in each neighbor nodes. The
threshold value of the buffer is set to Pn. The neighbor with
higher priority is allocated to more buffers. This means that
the Pn of the neighbor is larger. When a neighbors packets
have reached the threshold, then its excessive packets will
be directly abandoned instead of processed and extra
allocated buffer will be taken back.
Each node set a threshold P for its total size of buffer,
which is the sum of all Pn (P = P1 ? P2 ? Pn). When
some nodes join to launch a collaborated DOS attack and
the total used buffer exceeds the threshold P, some packets
will be discarded, and their allocated buffer would be taken
back. Packets with lower priority will be discarded more.
If a node finds its neighbor node being a DoS attacker,
it will notify its backbone router. Then, the backbone
router would disconnect the attacker with the network and
would revoke its authorized key and update the key pair
of the network. Finally, the backbone router announces
that this neighbor node is an ineligible user to the other
neighbor nodes and its neighbor backbone router [39]
(Fig. 4).
In the above figure, the node X and node Y need to
transfer data packets to node B and node C, but the node
Y is an attacked node in the network, that is, the node
X ? node C and node Y ? node B. This transmission of
the data packets takes through node A. This node A
before transmitting the data packets, it checks the priority
table (Table 3). According to the priority of the data
packets, the node A transmits the data packets to the next
node. From the below table, we can observe that the data
packets of node X have higher priority than the node Y
since node Y is malicious node. Due to this reason, the
priority of node Ys data packets will be lesser than the
node Xs data packets in the network. So, the data packets
of the node X will be processed first at the node A. This
priority table is formed based on the Finite State
Machine.
4 Simulation results
4.1 Simulation model and parameters
The Network Simulator (NS2) [44], is used to simulate the
proposed architecture. In the simulation, 50 mobile nodes
move in a 500 m 9 500 m region for 50 s of simulation
Wireless Netw

Fig. 5 Simulation topology

4.2 Performance metrics

The proposed Wormhole-Free Routing and DoS Attack

Defense (WRDAD) is compared with the Wormhole-Re-
sistant Secure Routing (WRSR) technique [42]. The per-
formance is evaluated mainly, according to the following
metrics.
Packet Delivery Ratio It is the ratio between the
Fig. 4 Priority mechanism
number of packets received and the number of packets
sent.
Table 3 Priority table Packet Drop It refers to the average number of packets
Node A
dropped during the transmission.
Node Priority Delay It is the amount of time taken by the nodes to
Node X 1/5 transmit the data packets.
Node Y
4.3 Results

4.3.1 Scenario-1 (direct transmission)

Table 4 Simulation parameters
No. of nodes 50 In this scenario, the data is transmitted from a mesh node
Area Size 500 9 500 directly to another mesh node, without using the mesh
Mac IEEE 802.11 gateway. The number of DoS and warm-hole attackers are
Transmission range 250 m as varied from 1 to 5.
Simulation time 50 s Figure 6 shows the delay of WRDAD and WRSR
Traffic source CBR techniques for increased number of attackers. It is trivial
Routing protocol WRDAD that when the attackers are more, the end-to-end delay
Attackers 1,2,3,4 and 5 increases because of detections and eliminations, as seen in
Rate 50 kb the figure. But, from the figure, we can see that the delay of
No. of wired nodes 2 WRDAD is 71 % less than WRSR, since it mitigates the
No. of base station 1 DoS attacks also in addition to worm-hole attacks.
Packet size 512 When the attackers are increased, naturally the packet
drop will be more thus degrading the packet delivery ratio.
Figures 7 and 8 show the packet drop and delivery ratio of
time. All nodes have the same transmission range of WRDAD and WRSR techniques, respectively, for more
250 m. The simulated traffic is Constant Bit Rate (CBR). number of attackers. We can see that the packet drop is
The simulation settings and parameters are summarized 47 % less and delivery ratio is 15 % more for WRDAD
in Table 4. when compared to WRSR. This is due to the fact that
Simulation topology is shown in the following WRDAD eliminates both selfish and DDoS attacks, in
figure (Fig. 5). addition to worm-hole attacks.

123
 Wireless Netw

Attackers Vs Delay(Scen-1) Attackers Vs Delay(Scen-2)

10 25
Delay(Sec)

Delay(Sec)
8 20
6 WRDAD 15 WRDAD
4 WRSR 10 WRSR
2 5
0 0
1 2 3 4 5 1 2 3 4 5
Attackers Attackers

Fig. 6 Attackers versus delay Fig. 9 Attackers versus delay

Attackers Vs Drop(Scen-1)
4000 Attackers Vs Drop(Scen-2)
30000
3000
WRDAD
Pkts

2000 20000 WRDAD

Pkts
WRSR
1000 10000 WRSR
0 0
1 2 3 4 5 1 2 3 4 5
Attackers Attackers

Fig. 7 Attackers versus drop Fig. 10 Attackers versus drop

Attackers Vs DelvieryRatio(Scen-1) Attackers Vs DeliveryRatio(Scen-2)

1.5 0.3
DelvieryRatio
DelvieryRatio

1 WRDAD 0.2 WRDAD

0.5 WRSR 0.1 WRSR

0 0
1 2 3 4 5 1 2 3 4 5
Attackers Attackers

Fig. 8 Attackers versus delivery ratio Fig. 11 Attackers versus delivery ratio

4.4 Scenario-2 (through mesh gateway)
In this scenario, the data is transmitted from a mesh node to
another mesh node using the mesh gateway. Here also, the
number of DoS and worm-hole attackers are as varied from
1 to 5.
Figure 9 shows the delay of WRDAD and WRSR
techniques for increased number of attackers. It is trivial
that when the attackers are more, the end-to-end delay
increases because of detections and eliminations, as seen in
the figure. From the figure, we can see that the delay is
same up to 2 attackers for both the schemes and beyond 2
attackers, WRDAD attains 22 % lesser delay than WRSR,
since it mitigates the DoS attacks also in addition to worm-
hole attacks.
When the attackers are increased, naturally the packet
drop will be more thus degrading the packet delivery ratio.
Figures 10 and 11 show the packet drop and delivery ratio
of WRDAD and WRSR techniques, respectively, for more
number of attackers. We can see that the packet drop is
65 % less and delivery ratio is 35 % more for WRDAD
when compared to WRSR. This is due to the fact that
WRDAD eliminates both selfish and DDoS attacks, in
addition to worm-hole attacks.
5 Conclusion
In this paper, a monitoring technique for Wormhole-Free
Routing and DoS Attack Defense for Wireless Mesh Net-
works is proposed. Initially, finite-state model is applied
where the node keeps the information about its RREQ that
is sent and received in its neighborhood. Wormhole-free
routes are discovered through a wormhole-aware secure
routing in the network. Lastly, the priority mechanism is
applied where the data packets are transmitted based on
their priority. Based on the finite-state model and priority
mechanism, the malicious or wormhole nodes in the net-
work are removed. Through this approach, it possible to
achieve wormhole-free routes, and also the network can
differentiate between the cooperative nodes and selfish
nodes, and remove these selfish nodes from the network.

123
Wireless Netw
By simulation results, it was shown that the proposed
technique reduces the packet drop due to attacks and
increases the packet delivery ratio. Although the current
work focuses on static mesh network, the future work will
focus on mobile mesh network.
References
1. Jayanthi, M., & Mukunthan, M. A. (2012). A security architec-
ture for implementing anonymity and traceability in wireless
mesh network using clustering concept. International Journal of
Soft Computing and Engineering (IJSCE). ISSN: 2231-2307, vol
1, Issue-ETIC-2011.
2. Li, C., Wang, Z., & Yang, C. (2011). Secure routing for wireless
mesh networks. International Journal of Network Security, 13(2),
109120.
3. Oliviero, F., & Romano, S. P. (2008). A reputation-based metric
for secure routing in wireless mesh networks. In IEEE GLO-
BECOM, 978-1-4244-2324-8/08/$25.00 . IEEE.
4. Lin, H., Ma, J., Hu, J., & Yang, K. (2012). PA-SHWMP: A
privacy-aware secure hybrid wireless mesh protocol for IEEE
802.11s wireless mesh networks. EURASIP Journal on Wireless
Communications and Networking. doi:10.1186/1687-1499-2012-
69.
5. Khan, K., & Akbar, M. (2008). Authentication in multi-hop
wireless mesh networks. World Academy of Science, Engineering
and Technology, 2(10).
6. Zeng, Y., et al. (2013). Directional routing and scheduling for
green vehicular delay tolerant networks. Wireless Networks,
19(2), 161173.
7. Jing, Q., et al. (2014). Security of the internet of things: Per-
spectives and challenges. Wireless Networks, 20(8), 24812501.
8. Wang, X., et al. (2012). A survey of green mobile networks:
Opportunities and challenges. MONET, 17(1), 420.
9. Li, X., et al. (2015). A review of industrial wireless networks in
the context of industry 4.0. Wireless Networks. doi:10.1007/
s11276-015-1133-7.
10. Li, P. et al. (2012). CodePipe: An opportunistic feeding and
routing protocol for reliable multicast with pipelined network
coding. In INFOCOM (pp. 100108).
11. Song, Y., et al. (2014). A biology-based algorithm to minimal
exposure problem of wireless sensor networks. IEEE Transac-
tions on Network and Service Management, 11(3), 417430.
12. Liu, L., et al. (2015). Physarum optimization: A biology-inspired
algorithm for the steiner tree problem in networks. IEEE Trans-
actions on Computers, 64(3), 819832.
13. Liu, Y., et al. (2010). Multi-layer clustering routing algorithm for
wireless vehicular sensor networks. IET Communications, 4(7),
810816.
14. Busch, C., et al. (2012). Approximating congestion ? dilation in
networks via quality of routing games. IEEE Transactions on 35. Yang, H., et al. (2014). Provably secure three-party authenticated
Computers, 61(9), 12701283.
15. Li, P., et al. (2014). Reliable multicast with pipelined network
coding using opportunistic feeding and routing. IEEE Transac-
tions on Parallel and Distributed Systems, 25(12), 32643273.
16. Meng, T., et al. (2015). Spatial reusability-aware routing in multi-
hop wireless networks. IEEE Transactions on Computers. doi:10.
1109/TC.2015.2417543.
17. Dvir, A., et al. (2011). Backpressure-based routing protocol for
DTNs. ACM SIGCOMM Computer Communication Review,
41(4), 405406.
18. Yen, Y.-S., et al. (2011). Flooding-limited and multi-constrained
QoS multicast routing based on the genetic algorithm for
MANETs. Mathematical and Computer Modelling, 53(1112),
22382250.
19. Sen, J. (2013). Secure and privacy-preserving authentication
protocols for wireless mesh networks. Innovation Lab, Tata
Consultancy Services Ltd. eprint arXiv: 1209.1803, Publication
Date: 09/2012. doi:10.5772/39176. www.intechopen.com.
20. Redwan, H., & Kim, K.-H. (2008). Survey of security require-
ments, attacks and network integration in wireless mesh net-
works. 978-0-7695-3540-1/08 $25.00  2008 IEEE. doi:10.1109/
FCST.2008.
21. Spyropoulos, T., et al. (2010). Routing for disruption tolerant
networks: Taxonomy and design. Wireless Networks, 16(8),
23492370.
22. Vasilakos, A., et al. (2012). Delay tolerant networks: Protocols
and applications. Boca Raton: CRC Press.
23. Youssef, M., et al. (2014). Routing metrics of cognitive radio
networks: A survey. IEEE Communications Surveys and Tutori-
als, 16(1), 92109.
24. Woungang, I., et al. (2013). Routing in opportunistic networks.
Berlin: Springer.
25. Zhang, X. M., et al. (2015). Interference-based topology control
algorithm for delay-constrained mobile Ad hoc networks. IEEE
Transactions on Mobile Computing, 14(4), 742754.
26. Duarte, P. B. F., et al. (2012). On the partially overlapped channel
assignment on wireless mesh network backbone: A game theo-
retic approach. IEEE Journal on Selected Areas in Communica-
tions, 30(1), 119127.
27. Attar, A., et al. (2012). A survey of security challenges in cog-
nitive radio networks: Solutions and future research directions.
Proceedings of the IEEE, 100(12), 31723186.
28. Vasilakos, A. V., et al. (2015). Information centric network:
Research challenges and opportunities. Journal of Network and
Computer Applications, 52, 110.
29. Yao, Y. et al. (2013) EDAL: An energy-efficient, delay-aware,
and lifetime-balancing data collection protocol for wireless sen-
sor networks. In MASS 1(pp. 82190).
30. Marwaha, S. et al. (2004). Evolutionary fuzzy multi-objective routing
for wireless mobile ad hoc networks. In Evolutionary Computation,
2004. CEC2004. Congress on. (Vol. 2, pp. 19641971).
31. Vasilakos, A. et al. (2003). Optimizing QoS routing in hierar-
chical ATM networks using computational intelligence tech-
niques. IEEE Systems, Man, and Cybernetics, Part C: Appli-
cations and Reviews.
32. Quan, W. et al. (2014). TB2F: Tree-bitmap and bloom-filter for a
scalable and efficient name lookup in content-centric networking.
In IFIP Networking.
33. Aswal, M. S., Rawat, P., & Kumar, T. (2009). Threats and vul-
nerabilities in wireless mesh networks. International Journal of
Recent Trends in Engineering, 2(4).
34. Yao, G., et al. (2015). Passive IP traceback: Disclosing the
locations of IP spoofers from path backscatter. IEEE Transac-
tions on Information Forensics and Security, 10(3), 471484.
key agreement protocol using smart cards. Computer Networks,
58, 2938.
36. Liu, B., et al. (2014). Toward incentivizing anti-spoofing
deployment. IEEE Transactions on Information Forensics and
Security, 9(3), 436450.
37. Zhou, J., et al. (2015). Secure and privacy preserving protocol for
cloud-based vehicular DTNs. IEEE Transactions on Information
Forensics and Security, 10(6), 12991314.
38. Liu, J., et al. (2016). Leveraging software-defined networking for
security policy enforcement. Information Sciences, 327, 288299.
123
 Wireless Netw

39. Luan, L., Fu, Y., & Xiao, P. (2012). An effective denial of service Dr. S. Mercy Shalinie is
attack detection method in wireless mesh networks. Physics working as Professor and Head
Procedia, 33, 354360. of the Department of Computer
40. Bansal, D., Sofat, S., & Singh, G. (2010). Secure routing protocol Science and Engineering Thia-
for hybrid wireless mesh network (HWMN). In Computer and garajar College of Engineering,
Communication Technology (ICCCT), 2010 International Con- Madurai, India. She has pub-
ference (pp. 837843). Print ISBN: 978-1-4244-9033-2, 978-1- lished over 130 research papers
4244-9034/10/$26.002010 IEEE, 1719 Sept. 2010. in referred journals and reputed
41. Kandah, F., Singh, Y., & Zhang, W. (2012). Mitigating eaves- conferences. Her area of research
dropping attack using secure key management scheme in wireless interest includes Machine
mesh networks. Journal of Communications, 7(8), 596605. Learning and Security Systems.
42. Matam, R., & Tripathy, S. (2013). WRSR: Wormhole-resistant
secure routing for wireless mesh networks. EURASIP Journal on
Wireless Communications and Networking.
43. Sen, J. (2010). Efficient routing anomaly detection in wireless
mesh networks. In First International Conference on Integrated
Intelligent Computing, 978-0-7695-4152-5/10 $26.00  2010
IEEE.
44. Network Simulator: http://www.isi.edu/nsnam/ns.

G. Akilarasu (Ganesan Akila-

rasu) obtained his B-Tech. degree
in Information Technology from
Mahendra Engineering college
under Anna University Chennai.
Then he obtained his M.E. degree
in Computer Science and Engi-
neering at Thiagarajar College of
Engineering under Anna Univer-
sity of Tirunelveli and he is cur-
rently an full time Ph.D. Research
Scholar in Information and Com-
munication Engineering at Thia-
garajar College of Engineering
under Anna University of Chennai.

123