• wireless routing;
  • intrusion mitigation;
  • security and system performance tradeoffs


A wireless mesh network is a self organized set of nodes that are connected by wireless links. Communicating parties that are not in wireless range of each other relay packets via intermediate nodes. A common approach to wireless mesh routing is reactive routing, where a fixed path between the communicating endpoints is established on-demand when a new session is initiated. This paper proposes a distributed algorithm which guarantees service even when some wireless mesh nodes deliberately change, discard, or misroute data packets to disrupt service. When a misbehaving route is encountered, the proposed algorithm starts a process in which a “virtual” cost penalty is iteratively added to suspicious nodes and a new shortest route is derived until the disrupted path is replaced with one that avoids the misbehaving nodes. The algorithm enables proactive calculation of several alternative routes. The proactively calculated routes can be used to perform multipath routing that drastically enhances the robustness of the algorithm versus adversaries that dynamically change their behavior. Our algorithm can co-exist with common reactive wireless routing protocols. Furthermore, although every intermediate nodes may be malicious, the proposed algorithm does not impose costly authentication of messages from the participating intermediate nodes. This means that existing deployed infrastructures of wireless mesh nodes can be software-modified to work with the algorithm. We show that the proposed algorithm quickly converges to efficient alternative routes and present a bounded complexity for its time, communication, and computation overhead. Copyright © 2013 John Wiley & Sons, Ltd.