Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
EMERGING TOPICS
IN COMPUTING
Received 1 April 2013; revised 3 June 2013; accepted 29 June 2013. Date of publication 12 July 2013;
date of current version 21 January 2014.
Digital Object Identifier 10.1109/TETC.2013.2273220
ABSTRACT
In this paper, we propose a wormhole attack resistant secure neighbor discovery
(SND) scheme for a centralized 60-GHz directional wireless network. Specifically, the proposed SND
scheme consists of three phases: the network controller (NC) broadcasting phase, the network nodes
response/authentication phase, and the NC time analysis phase. In the broadcasting phase and the
response/authentication phase, local time information and antenna direction information are elegantly
exchanged with signature-based authentication techniques between the NC and the legislate network nodes,
which can prevent most of the wormhole attacks. In the NC time analysis phase, the NC can further detect
the possible attack using the time-delay information from the network nodes. To solve the transmission
collision problem in the response/authentication phase, we also introduce a novel random delay multiple
access (RDMA) protocol to divide the RA phase into M periods, within which the unsuccessfully transmitting
nodes randomly select a time slot to transmit. The optimal parameter setting of the RDMA protocol and the
optional strategies of the NC are discussed. Both neighbor discovery time analysis and security analysis
demonstrate the efficiency and effectiveness of the proposed SND scheme in conjunction with the RDMA
protocol.
INDEX TERMS
Cyber physical systems, 60 GHz directional network, secure neighbor discovery, wormhole
attack, random delay multiple access.
I. INTRODUCTION
One distinguishing feature of the 60 GHz communication is its high propagation loss due to the extremely high
carrier frequency and the oxygen absorption peaks at this
frequency band [2]. To combat this, directional antenna
with high directivity gain can be adopted to obtain sufficient link budget for multi-Gbps data rate. Although the
directional antenna offers many advantages for the 60 GHz
communication, the antenna beam should be aligned in
the opposite direction for a communication pair before
their communication starts. This poses many special challenges for higher layer protocol design [9][13], and one
of these challenges is the neighbor discovery problem
[14][16].
2168-6750
2013 IEEE. Translations and content mining are permitted for academic research only.
Personal use is also permitted, but republication/redistribution requires IEEE permission.
See http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
341
IEEE TRANSACTIONS ON
EMERGING TOPICS
IN COMPUTING
For each network node, neighbor discovery is a process
to determine the total number and identities of other nodes
within its communication range. Since neighbor discovery
serves as the foundation of several high layer system functionalities [17], the overlying protocols and applications of
a system will be compromised if neighbor discovery is successfully attacked. One type of major attacks to neighbor
discovery is wormhole attack, in which malicious node(s)
relay packets for two legislate nodes to fool them believing that they are direct neighbors [18][20]. It seems a
merit that this kind of attack can enlarge the communication
ranges, however, since it causes unauthorized physical access,
selective dropping of packets and even denial of services,
the wormhole attack is intrinsically a very serious problem
especially in case of emergent information transmission. For
example, in one of the outdoor application scenarios named
Police/Surveillance Car Upload as defined in the usage
models of 802.11ad [5], this attack may cause very severe
consequences. Therefore, it is very important to design a
wormhole attack resistant neighbor discovery scheme for
60 GHz directional networks.
Wormhole attack is more difficult to combat in 60 GHz
directional networks than in networks with omni-directional
antenna. The reason can be explained as follows. In a network with omni-directional antenna, when a malicious node
attempts to launch a wormhole attack, nearby nodes around it
from all directions can hear it and can co-operate to detect the
attack [21]. However, in a 60 GHz network with directional
antenna, when a wormhole attack happens, only nodes in the
specific direction can hear the data transmission, and consequently the probability of attack detection becomes much less
than that with omni-directional antenna.
To address this difficulty, we propose a wormhole attack
resistant secure neighbor discovery (SND) scheme for a
60 GHz wireless network operating in infrastructure mode
in this paper. All devices in the network are equipped with
directional antenna. Although there are some related works
[18], [22], [23] on the wormhole attack resistant scheme for
wireless networks with directional antenna, the wormhole
attack in the 60 GHz infrastructure mode network remains a
problem. The main contributions of this work is summarized
as follows.
First, we propose a wormhole attack resistant SND
scheme, which establishes the communications with
signature-based authentication techniques, and achieves
SND by utilizing the information of antenna direction,
local time information and carefully designed length of
the broadcast message.
Second, we introduce a random delay multiple access
(RDMA) protocol to solve the transmission collision
problem in the response/authetication phase when each
node in the same sector does not have information of
others and can not listen to the others transmissions due
to the limitation of directional antenna.
Third, we conduct extensive secure analysis and
neighbor discover time analysis to demonstrate the
342
W1
NC
V
East
W2
W3
IEEE TRANSACTIONS ON
EMERGING TOPICS
IN COMPUTING
(2)
where k1 is a constant coefficient dependant on the wavelength, GT and GR are antenna gain of the transmitter and
receiver, respectively, d is the distance from the transmitter
to the receiver, is the path loss exponent, and PT is the
averaged transmitting power. When both the NC and the
network nodes employ directional antennas, the maximum
reachable distance R is dependant on the sector number L and
can be determined when the transmitting power is fixed and
a minimum threshold value of PR_th is required.
All the links between the network nodes and the NC are
bidirectional, i.e., if a wireless node A can hear the NC
(or another node B), then the NC (or the node B) can also
hear node A. All the wireless nodes do not have specialized
hardware such as a GPS module to know its own global
position, but they do have a kind of electronic compass which
is much cheaper than the GPS module and used to align the
beam direction, i.e., different antennas with the same beam
number point to the same sector.
C. ASSUMPTIONS
40
20
0
Y/m
-20
-40
-60
-80
B. ATTACK MODEL
-50
X/m
50
100
In this section, we first introduce the main idea of the proposed scheme, followed by the detailed description of the
three phases in the scheme, namely the NC broadcast (BC)
phase, response/authentication (RA) phase and the NA time
analysis (TA) phase.
To illustrate the main idea of the proposed scheme clearly,
Fig. 2 shows a simulated network scenario, where the average
node density = 0.002 per square meter, and the attacker
node density m = 0.0004. The NC is located at the original
point (0,0). The circular area around the NC is seamlessly
covered by L = 8 beams, and the direct communication range
R is 50 meters. In this scenario, there exist three attackers
marked with hollow square. Though the region that each
343
IEEE TRANSACTIONS ON
EMERGING TOPICS
IN COMPUTING
...
...
tn / 2
Start
RA Phase N RAtr
tn / 2
tn / 2
tr
td
i =1
i>L
tr
...
tr
Finish
TA Phase
tr
NC Broadcasting
A. NC BC PHASE
i = i +1
Response/
Authentication
NC Time Analysis
(4)
xc H (Rc ||Mc )
= g g
(5)
=
mod p
(6)
IEEE TRANSACTIONS ON
EMERGING TOPICS
IN COMPUTING
IEEE TRANSACTIONS ON
EMERGING TOPICS
IN COMPUTING
2.5
x 10
-6
Sec 1
Time Delay
Sec 2
Sec 3
1.5
Sec 4
Sec 5
Sec 6
Sec 7
Sec 8
0.5
0
4
6
8
10
Node index in each sector
12
14
Period 1
1
Period 2
...
tr
tr
1
max
tr
Period M
...
tr
tr
2
max
...
tr
...
tr
M
N max
tr
tr
346
IEEE TRANSACTIONS ON
EMERGING TOPICS
IN COMPUTING
(11)
(12)
k ,
Nmax
Set
d
k
dNmax
k 1)mk 1
1m k
(Nmax
=
m
.
k
k
k mk
Nmax
Nmax
1
mk
= 0, we have
Nk
(13)
max
k
k
(mk 1)Nmax
= mk (Nmax
1).
(14)
Therefore, we have
k
Nmax
= mk ,
(15)
IEEE TRANSACTIONS ON
EMERGING TOPICS
IN COMPUTING
C. NCS STRATEGIES
In the above subsection, we have shown by theoretical analysis and simulation that, the optimal value of the number of
k
slots used in periods of the RA phase is Nmax
= mk . However,
in the network shown in Fig. 1, it is impractical for nodes in a
specific sector to know the total number of nodes Nnd . Thus,
it is the responsibility of the NC to broadcast the strategies
that how many periods M are allowed in the RA phase and in
each period how many time slots are allocated to the nodes.
In the following, we investigate the strategies of the NC to set
k .
up proper values of M and Nmax
For a given value of Nnd , the NC can theoretically calculate
k
the value of M and Nmax
by using Algorithm 2, where NRA
denotes the number of total slots in the RA phase, and the
function ceil() rounds its input to the nearest integers towards
infinity. In each step of the WHILE loop, the number of
remaining unscheduled nodes mk is calculated by using (10)
and (11). Every time the period number M increases, the
number of total slot NRA is accumulated. The close of the
WHILE loop means that only one more period with one time
slot is needed to schedule all the nodes.
1 In this algorithm, some Matlab system functions are invoked: rand(),
find(), size(), sum(), std(), and max(). For their operations, please refer to
the Matlab help file.
348
k
The NC can also get the statistical values of M and Nmax
by using Algorithm 3, where Nsim denotes the total Monte
Carlo simulation rounds, Nslot (Sind , k) records the slot number used in period k in the Sind -th round of simulation.
NAve (k), NStd (k), and NMax (k) denote the average, standard
deviation and maximum value of slot number in period k of
the RA phases, respectively.
By using Algorithms 2 and 3, with a given Nnd , the
NC can get the number of time slots in successive periods in a RA phase for the nodes in a specific sector. In
Fig. 9(a) and Fig. 9(b), we plot the number of time slots
used in different periods with Nnd = 40 and Nnd =
100, respectively. From Fig. 9, it can be seen that for a
k
given Nnd , the average value of Nmax
obtained by simulation roughly equals the corresponding theoretical value for
every period, and both of them are smaller than the corresponding maximum values obtained by using Monte Carlo
method.
VOLUME 1, NO. 2, DECEMBER 2013
IEEE TRANSACTIONS ON
EMERGING TOPICS
IN COMPUTING
k
Algorithm 2 Theoretical Calculation of M and Nmax
With
Given Nnd
BEGIN:
1: Set k = 1;
2: Set NRA = 0;
k
3: Set Nmax
= Nnd ;
4: Set M = 0;
5: Set mk = Nnd ;
k
6: while Nmax
1 do
7:
SET M = M + 1;
k ;
8:
SET NRA = NRA + Nmax
k
k 1 m 1
Nmax
9:
SET mk+1 = mk (1
)
k
Nmax
10:
11:
12:
13:
14:
15:
0.92
0.9
10
20
30
40
50
60
70
Number of Node Nnd
80
90
100
Note that different strategies have different scheduling performance, along with different computational complexity for
the NC. To investigate the scheduling performance of different strategies, in Fig. 10, we plot the ratio of successful transmission nodes Rsuc versus different Nnd when the three differk
ent strategies are used by the NC. The results of using Nmax
=
NAve (k) are also shown in this figure, and its performance is
at the same level of strategy 1. In Fig. 10, all the results are
VOLUME 1, NO. 2, DECEMBER 2013
k
Algorithm 3 Calculation of M and Nmax
With Given Nnd by
Using Monte Carlo Method
BEGIN:
1: SET Nsim = 1000;
2: for Sind =1:1:Nsim do
3:
SET k = 1;
4:
SET mk = Nnd ;
k
5:
SET Nmax
= Nnd ;
6:
while mk > 0 do
k ;
7:
SET Nslot (Sind , k) = Nmax
k
8:
for i=1:1:Nmax
do
k
9:
SET Islot (i) =ceil1 (Nmax
rand());
10:
end for
k ) = 1;
11:
SET Mslot (1 : Nmax
k
12:
for i=1:1:Nmax do
k
13:
for j=i+1:1:Nmax
do
14:
if Islot (i) == Islot (j) then
15:
SET Mslot (i) = 0;
16:
SET Mslot (j) = 0;
17:
end if
18:
end for
19:
end for
20:
SET mk+1 = mk size(find(Mslot 6 = 0));
21:
SET k = k + 1;
22:
end while
23: end for
24: for k=1:1:M do
25:
SET NAve (k) =sum(Nslot (:, k))/Nsim ;
26:
SET NStd (k) =std(Nslot (:, k));
27:
SET NMax (k) =max(Nslot (:, k));
28: end for
END;
IEEE TRANSACTIONS ON
EMERGING TOPICS
IN COMPUTING
Theoretic
Ave
Ave+Std
Max
4.5
3.5
2.5
10
20
30
40
50
60
70
Number of Node Nnd
80
90
100
where TBC , TRA denote the time of the NC BC phase and the
RA phase, respectively, and TTA denotes the extra time caused
by the NC TA phase. From Fig. 4, TBC = LTn , TRA = NRA tr
and TTA = td . From Fig. 11, the total number in a RA phase
can be written as:
NRA = Nnorm Nnd
(17)
(18)
V. SECURITY ANALYSIS
(16)
So (16) becomes
(19)
(20)
R = KL
where K =
k1 G20 PT
PR_th
(21)
. Then, we have
4
TSND = tn L 2 + Nnorm L K 2 tr + td L.
(22)
(23)
IEEE TRANSACTIONS ON
In this paper, we have proposed a wormhole attack resistant SND scheme. By using antenna direction information,
transmission time information and carefully designed broadcast frame length, the proposed SND scheme can effectively
prevent and detect wormhole attack, which has been demonstrated by security analysis and simulation. In addition, we
have introduced the RDMA protocol to effectively solve the
transmission collision problem when there are many nodes
transmitting frames to the NC without knowing each other
and unable to listen to each other limited by directional antennas. Our work is valuable since the security requirements
are ever-increasing for the 60 GHz network with directional
antenna, especially in some outdoor application scenarios. In
our future work, we will consider how to identify the security
problem in neighbor discovery of ad hod 60 GHz networks
by extending the scheme and protocol proposed in this paper.
REFERENCES
[1] Z. Shi, R. Lu, J. Qiao, and X. Shen, Snd: Secure neighbor discovery
for 60 ghz network with directional antenna, in Proc. IEEE WCNC, Feb.
2013, pp. 16.
[2] R. Daniels and R. Heath, 60 ghz wireless communications: Emerging
requirements and design recommendations, IEEE Veh. Technol. Mag.,
vol. 2, no. 3, pp. 4150, Sep. 2007.
[3] J. Foerster, J. Lansford, J. Laskar, T. Rappaport, and S. Kato,
Realizing Gbps wireless personal area networks-guest editorial,
IEEE J. Sel. Areas Commun., vol. 27, no. 8, pp. 13131317,
Oct. 2009.
[4] Z. Shi, R. Lu, J. Chen, and X. S. Shen, Three-dimensional spatial multiplexing for directional millimeter-wave communications in multi-cubicle
office environments, in Proc. Globecom, 2013, pp. 16.
[5] A. Myles and R. de Vegt, (Mar. 2008). Wi-Fi Alliance (WFA) VHT
Study Group Usage Models [Online] Available: https://mentor.ieee.
org/802.11/dcn/07/11-07-2988-04-0000-liaison-from-wi-fi-allian-to-80211-regarding-wfa-vht-study-group-consolidation-of-usage-models.ppt
[6] H. Singh, S. Yong, J. Oh, and C. Ngo, Principles of ieee 802.15. 3c: Multigigabit millimeter-wave wireless PAN, in Proc. 18th IEEE Int. Conf.
Comput. Commun. Netw., Aug. 2009, pp. 16.
[7] T. Baykas, C. Sum, Z. Lan, J. Wang, M. Rahman, H. Harada, and
S. Kato, IEEE 802.15. 3c: The first IEEE wireless standard for data
rates over 1 Gb/s, IEEE Commun. Mag., vol. 49, no. 7, pp. 114121,
Jul. 2011.
VOLUME 1, NO. 2, DECEMBER 2013
EMERGING TOPICS
IN COMPUTING
[8] C. Cordeiro, D. Akhmetov, and M. Park, Ieee 802.11 ad: Introduction and performance evaluation of the first multi-gbps wifi technology,
in Proc. ACM Int. Workshop mmWave Commun., Circuits Netw., 2010,
pp. 38.
[9] X. An, R. Prasad, and I. Niemegeers, Neighbor discovery in 60 Ghz
wireless personal area networks, in Proc. IEEE Int. Symp. World Wireless
Mobile Multimedia Netw., Jun. 2010, pp. 18.
[10] L. X. Cai, L. Cai, X. Shen, and J. Mark, Resource management and
QoS provisioning for IPTV over mmwave-based WPANs with directional antenna, Mobile Netw. Appl., vol. 14, no. 2, pp. 210219,
Apr. 2009.
[11] L. X. Cai, L. Cai, X. Shen, and J. Mark, Rex: A randomized exclusive
region based scheduling scheme for mmwave WPANs with directional
antenna, IEEE Trans. Wireless Commun., vol. 9, no. 1, pp. 113121, Jan.
2010.
[12] J. Qiao, L. X. Cai, X. Shen, and J. W. Mark, Enabling multihop concurrent transmissions in 60 GHz wireless personal area networks, IEEE Trans. Wireless Commun., vol. 10, no. 11, pp. 38243833,
Nov. 2011.
[13] R. Sun, Z. Shi, R. Lu, J. Qiao, and X. Shen, A lightweight key
management scheme for 60 GHz WPAN, in Proc. WCSP, Oct. 2012,
pp. 16.
[14] S. Vasudevan, J. Kurose, and D. Towsley, On neighbor discovery in
wireless networks with directional antennas, in Proc. 24th Annu. Joint
Conf. IEEE INFOCOM, vol. 4. Mar. 2005, pp. 25022512.
[15] X. An, R. Prasad, and I. Niemegeers, Impact of antenna pattern
and link model on directional neighbor discovery in 60 GHz networks, IEEE Trans. Wireless Commun., vol. 10, no. 5, pp. 14351447,
May 2011.
[16] J. Ning, T. Kim, S. Krishnamurthy, and C. Cordeiro, Directional neighbor
discovery in 60 GHz indoor wireless networks, Perform. Evaluation,
vol. 68, no. 9, pp. 897915, 2011.
[17] P. Papadimitratos, M. Poturalski, P. Schaller, P. Lafourcade, D. Basin,
S. Capkun, and J. Hubaux, Secure neighborhood discovery: A fundamental element for mobile ad hoc networking, IEEE Commun. Mag., vol. 46,
no. 2, pp. 132139, Feb. 2008.
[18] L. Hu and D. Evans, Using directional antennas to prevent wormhole attacks, in Proc. Netw. Distrib. Syst. Security Symp., Feb. 2004,
pp. 111.
[19] R. Lu, X. Li, X. Liang, X. Shen, and X. Lin, GRS: The green, reliability,
and security of emerging machine to machine communications, IEEE
Commun. Mag., vol. 49, no. 4, pp. 2835, Apr. 2011.
[20] R. Lu, X. Lin, T. Luan, X. Liang, and X. Shen, Pseudonym changing at
social spots: An effective strategy for location privacy in VANETs, IEEE
Trans. Veh. Technol., vol. 61, no. 1, pp. 116, Jan. 2011.
[21] J. Du, E. Kranakis, and A. Nayak, Cooperative neighbor discovery
protocol for a wireless network using two antenna patterns, in Proc.
32nd IEEE Int. Conf. Distrib. Comput. Syst. Workshops, Jun. 2012,
pp. 178186.
[22] R. Zhao, A. Wen, Z. Liu, and J. Yang, A trustworthy neighbor discovery
algorithm for pure directional transmission and reception in MANET,
in Proc. IEEE 9th Int. Conf. Adv. Commun. Technol., vol. 2. Feb. 2007,
pp. 926931.
[23] H. Park, Y. Kim, I. Jang, and S. Pack, Cooperative neighbor disco very for
consumer devices in mmwave ad-hoc networks, in Proc. IEEE Int. Conf.
Consum. Electron., Jan. 2012, pp. 100101.
[24] R. Mudumbai, S. Singh, and U. Madhow, Medium access control for 60
GHz outdoor mesh networks with highly directional links, in Proc. IEEE
INFOCOM, Apr. 2009, pp. 28712875.
[25] T. ElGamal, A public key cryptosystem and a signature scheme based on
discrete logarithms, in Proc. Adv. Cryptol., 1985, pp. 1018.
[26] J. Jansson, A. Mantyniemi, and J. Kostamovaara, A delay line based
CMOS time digitizer IC with 13 ps single-shot precision, in Proc. IEEE
ISCAS, May 2005, pp. 42694272.
[27] L. Georgiadis, L. Merakos, and P. Papantoni-Kazakos, A method for the
delay analysis of random multiple-access algorithms whose delay process
is regenerative, IEEE J. Sel. Areas Commun., vol. 5, no. 6, pp. 10511062,
Jul. 1987.
[28] A. Burrell and P. Papantoni-Kazakos, Random access algorithms in
packet networksa review of three research decades, Int. J. Commun.,
Netw. Syst. Sci., vol. 5, no. 10, pp. 691707, 2012.
351
IEEE TRANSACTIONS ON
EMERGING TOPICS
IN COMPUTING
ZHIGUO SHI (M10) received the B.S. and Ph.D.
degrees in electronic engineering from Zhejiang
University, Hangzhou, China, in 2001 and 2006,
respectively. From 2006 to 2009, he was an Assistant Professor with the Department of Information
and Electronic Engineering, Zhejiang University,
where currently he is an Associate Professor. From
September 2011, he begins a two-year visit with
the Broadband Communications Research Group,
University of Waterloo, Waterloo, ON, Canada.
His current research interests include radar data and signal processing,
wireless communication, and security. He received the Best Paper Award of
the IEEE WCNC in 2013, Shanghai, China, and the IEEE WCSP in 2012,
Huangshan, China. He received the Scientific and Technological Award of
Zhejiang, China, in 2012. He serves as an Editor of the KSII Transactions on
Internet and Information Systems. He serves as TPC member for IEEE VTC
in 2013, the IEEE ICCC in 2013, MSN in 2013, IEEE INFOCOM in 2014,
IEEE ICNC in 2014.