To enhance network protection against attack, a periodic key refreshment and distribution strategy for better network security has been investigated. While the periodic key updating approach can significantly improve the overall security of mesh networks, message exchanges in the 4-way handshaking process remain vulnerable to Denial of Service (DoS) attacks. The main objective in this project is to develop an efficient 4-way handshaking protection scheme that can improve the security of wireless networks for deployment in various smart grid domains.
Wireless local area networks (WLAN) can be deployed in various smart grid domains, such as the home area network (NAN), neighborhood area network (NAN), and substation area network (SAN). They offer a cost effective solution when compared with other wired or wireless options. However, to overcome their limited transmission range, WLAN can also operate in multihop mesh environments to overcome their limited transmission range. Mesh networks offer various unique features, such as self-configuration, where the network can incorporate a new device (e.g., meter, PMU, etc.) into the existing structure. In addition, ease of installation, scalability, and self-healing are amongst other important features. Despite these advantages, a major drawback of multi-hop mesh networks is that they are more exposed to cyber-attack as data packets have to be relayed on a hop-by-hop basis. For this reason, the security of mesh/sensor networks has been a challenging issue in wireless communications. In particular, due to their lack of infrastructure, these networks would require a distributed approach to authenticate the mesh points (MP’s). Since most protocols deploy a 4-way handshaking, the network can become vulnerable to a denial of service (DoS) attack. In particular, through eavesdropping an intruder can easily block the 4-way handshake by forging the unprotected Message-1 or the defective Message-3 that an MP receives from the mesh authenticator (MA).
In this investigation a dynamically updating key distribution strategy is introduced to enhance mesh network security against cyber-attacks. The strategy has been applied to two security protocols known as simultaneous authentication of equals (SAE) and efficient mesh security association (EMSA). The security of the proposed methods against cyber-attack, as well as network performance in terms of delay and overhead, has been evaluated in this project by developing a denial of service attack model.
The outcome of these investigations has been published.