ABSTRACT
The class of Wireless Mesh Networks (WMN) supports an ample set of applications including wireless community networks,
radio access networks in rural or metropolitan areas, or wireless backbones for factory/process automation. Guaranteeing
security is crucial for within these application scenarios. While contemporary wireless technologies, such as the IEEE 802.16
or the IEEE 802.11s standard, provide the basic protocol mechanisms for mesh networking, they lack in comprehensive
security mechanisms. Additionally, novel security features of the above standards such as per-link encryption break existing
security solutions that rely on overhearing of the wireless channel. We close this gap by developing a holistic approach
toward securing WMNs with particular focus on the network layer. We perform a threat analysis and then develop solutions
(1) guaranteeing the integrity and authenticity of routing messages, (2) to locally and globally detect misbehavior of nodes in
forwarding data or routing messages even for settings that do not allow for overhearing the channel, and (3) to dynamically
manage reputation of nodes throughout the network. The combination of these building blocks enables to provide for secure,
self-organizing WMNs. As a proof-of-concept, we tailor and implement our solutions for the setting of a realistic IEEE
802.16 mesh network; we discuss the protection achieved and assess selected performance trade-offs for the developed
mechanisms. Copyright 2010 John Wiley & Sons, Ltd.
KEYWORDS
wireless mesh networks; security; dependable routing; misbehavior detection
*Correspondence
1. INTRODUCTION
Wireless networks have been tremendously successful during the recent decade. The class of multihop wireless
networks promises to supplement existing cellular (wireless single-hop) networks and to increase the achievable
capacity, reach, and throughput of these networks. In particular, Wireless Mesh Networks (WMNs) support a variety of
applications including wireless community networks, radio
access networks in rural or metropolitan areas, or wireless
backbones for factory/process automation (see e.g. Reference [3] for a survey on WMNs).
Self-organizing features to establish and maintain the
network allow for organic growth of WMNs, while keeping the operational costs to a minimum. The network can
either build on user-controlled devices (e.g. in community
network scenarios), or utilize dedicated mesh nodes (e.g.
This
in provider-operated networks). In contrast to ad hoc networks, we assume the nodes to form a quasi-static topology
and not to be resource constrained.
Guaranteeing security is crucial for within the given
application scenarios. The multihop nature of WMNs makes
provisioning of security mechanisms specially challenging,
though. WMNs are based on the collaboration of nodes for
routing and forwarding of data, the wireless channel is particularly vulnerable to attacks, malicious or selsh nodes
can severely affect the dependability of the network, etc.
Despite the fact that contemporary wireless technologies as specied in the IEEE 802.16 or the IEEE 802.11s
standard provide the basic protocol mechanisms for mesh
networking, they lack in comprehensive security mechanisms. Additionally, novel security features of the above
standards such as per-link encryption break existing security solutions on other layers, e.g. mechanisms to detect
routing/forwarding misbehavior by means of overhearing
the wireless channel. Hence, several challenges coupled to
securing WMNs persist. We argue that a holistic perspective is necessary to secure WMNs. This includes prevention
of, detection of, and reaction to attacks or malfunctioning
of nodes.
371
P. S. Mogre et al.
Wirel. Commun. Mob. Comput. 2011; 11:371391 2010 John Wiley & Sons, Ltd.
DOI: 10.1002/wcm
P. S. Mogre et al.
Secure Routing
(AntSec)
forward
X1
forward
X2
discard
watchdog range
is observed by
configures
is observed by
Reputation
Management
(AntSec)
Local Detection
of Misbehavior
(WatchAnt)
informs
informs
Global Detection
of Misbehavior
(LeakDetector)
Figure 2. Example of colluding misbehavior: X1 forwards messages to X2 , which drops these messages. S observes correct
behavior of X1 . X1 ignores X2 s misbehavior.
X2 drops packets which were not generated by malicious nodes, but received from a colluding malicious
node.
X1 is able to detect the misbehavior of X2 . Since X1
and X2 collude, X1 silently accepts the misbehavior,
which goes unnoticed for the benign nodes S and D.
One-hop mechanisms that detect forwarding misbehavior of neighboring nodes are functional in this scenario as
well; however, in this scenario, the detecting node is colluding with the dropping node. Thus, the misbehavior is
Benign or well-behaved nodes operate as specied by the respective routing protocol, thus supporting the routing process.
Wirel. Commun. Mob. Comput. 2011; 11:371391 2010 John Wiley & Sons, Ltd.
DOI: 10.1002/wcm
373
P. S. Mogre et al.
not punished. We see that two colluding nodes can conceal their forwarding misbehavior from other nodes, which
has to be considered a severe attack on the functionality
of WMNs. Depending on the deployed routing algorithm,
malicious collusion might prohibit regular communication
over multihop routes.
forwarding. Routing overhead should be kept as low as possible, unnecessary transmissions should be avoided, etc. To
harness the power of decentralized operation of the network,
the developed solutions should base routing and security
decisions on local information, wherever this is possible.
3. RELATED WORK
2.4. Reputation management
A central management instance is necessary to put together
the information from the misbehavior detection schemes
and to react to node misbehavior by appropriately conguring the secure routing scheme. In related work a number
of reputation management approaches both centralized as
well as decentralized have been explored (see also Section
5). For within our work, a reputation management system
has to honor the probabilistic nature of the routing protocol. Also, since WMNs build on potentially unreliable
wireless communication links, we have to assume imprecision of the misbehavior detection component. Thus, we aim
to provide a reputation management solution that is adaptable and self-stabilizing, i.e. a solution that is able to deal
with the probabilistic nature of the routing scheme that is
robust to misclassications. For the case of open networks,
the integration of new nodes and the re-integration of formerly malicious nodes into the network is a desired feature
as wellif these start collaborating again to contribute to
the welfare of the network.
Authenticity and authorization of the source and destination node can be veried by all nodes on the route.
The detection of malicious nodes that refuse to forward messages is a challenging task in decentralized, open networks.
This is particularly true for wireless multihop networks such
as WMNs. In the area of mobile ad hoc networks, recently a
number of security solutions have been discussed. Various
approaches build on reactive routing protocols for wireless
multihop networks: Dynamic Source Routing (DSR) [7] and
Ad-hoc On-demand Distance Vector (AODV) [8] and reach
a variety of specialized security goals, typically by utilizing
asymmetric and/or symmetric cryptography in combination
with protocol mechanisms. See References [9] and [10] for
an up-to-date survey on security issues and solutions in such
networks.
Secure routing algorithms typically protect the route
setup and maintenance phase. They counter various attacks
such as forging, modifying, or dropping of routing messages. For example, Secure DSR [11], Ariadne [12], ARAN
[13], and Secure AODV [14] provide mechanisms to enable
route establishment such that malicious nodes cannot cause
inappropriate routes. However, these routing schemes only
protect the control plane, i.e. the routing control messages,
but do not secure the forwarding of data messages.
Some approaches exist, that secure both the routing and
casual data trafc. TESLA [15] provides a mechanism of
self-authenticating packets. The authenticity of packets is
revealed only after a dened period of time which is unacceptable for instantaneous processing of received data.
Ariadne [12] is a routing protocol based on DSR, which can
use digital signatures, HMACs and TESLA for authenticating routing packets. Using TESLA results in a source routing
algorithm with delayed authentication of the packets used in
the route discovery phase. TIK [16] is a mechanism to detect
wormhole attacks by verifying that the distance a packet
has covered is tolerable. To measure the distance a packet
has traveled geographical leashes or temporal leashes are
applied. Both concepts have limitations, which results in
very strict constraints on route discovery, end-to-end delay,
and clock synchronization. SRP [17] is a routing protocol based on DSR, with minimalistic security features. SRP
assumes pre-established secret keys between every pair of
nodes in the network. With these keys, HMACs to the routing messages are computed. SEAD [18] uses hash chains
to guarantee that the distance values broadcasted in route
update messages are not decreased invalidly.
To detect misbehavior a number of approaches exist.
Marti et al. introduced in 2000 the idea of Watchdog and
Pathrater [6] in order to solve the problem of malicious
nodes. The main idea of the mechanism is to store an identier for every packet forwarded to a neighbor and, by
Wirel. Commun. Mob. Comput. 2011; 11:371391 2010 John Wiley & Sons, Ltd.
DOI: 10.1002/wcm
P. S. Mogre et al.
counterparts, which take evaluation results of neighboring nodes into account. The detection criteria given by the
authors in Reference [29] are very complex and need training data for the intrusion detection system in order to learn
valid behavior.
Current state-of-the-art wireless technology poses strong
constraints that have not sufciently been considered in
related work. In particular, hop-by-hop encryption on link
layer prohibits overhearing of forwarded messages. Moreover, there exist reservation-based MAC layers, which
might only possess limited broadcast-capabilities, thus,
making the use of ooding-based reactive routing protocols
prohibitively expensive. We identied that stigmergy-based
routing algorithms fulll most of the requirements of
current and upcoming WMNs. Stigmergy-based routing
protocols imitate the routing behavior of insects such as
ants, which randomly explore the landscape until they discover food resources. To inform their colony, they return on
the path traveled toward the food and lay a pheromone trail
that attracts further ants to use this route. Routing algorithms
based on this principle were introduced in Reference [30]
by Di Caro et al. The advantage of this class of routing algorithms is that they do not demand broadcasting capabilities
from the underlying MAC layer and routing decisions are
made entirely localized, only based on probabilistic ratings
of individual links.
Reviewing stigmergy-based routing algorithms we can
identify the advantages of probabilistic routing algorithms
based on local decisions. In contrast to centralized or source
routing algorithms, route errors can be bypassed through
the usage of alternative routes or by locally launching
route discovery mechanisms. Probabilistic routing adapts
the routes to changes in network topology and speeds up
the integration of new nodes. Also, local observation of e.g.
misbehavior can be taken instantly into account.
Ant Based Control [31] is a routing protocol which was
designed for stigmergy-based routing in telephone networks. Thus, it is optimized for static networks in which
congestion may appear but the set of participating nodes is
xed. ARA [32] is a reactive routing algorithm for mobile,
multi-hop ad hoc networks. Its main design goal is to reduce
the overhead for routing. We follow a proactive approach,
thus routes can be instantly used. PERA [33] is a proactive
routing algorithm designed for mobile ad hoc networks with
broadcasting capabilities. We follow a proactive approach,
thus routes can be instantly used. Termite [34] is a more
recent approach, which uses regular data packets for route
maintenance. Each data packet leaves pheromones for its
source node while being routed to the destination node,
using the pheromone based routing tables in each node. For
security reasons it is more complex to counteract the misuse of all data packets than the misuse of special routing
messages. We follow a proactive approach, thus routes can
be instantly used. AntHocNet [35] and HOPNET [36] are
hybrid routing algorithms combining reactive route setup
with proactive route probing and exploration. This hybrid
approach is taken to combine the best of both worlds.
This idea inspired us to introduce two types of Forward
Wirel. Commun. Mob. Comput. 2011; 11:371391 2010 John Wiley & Sons, Ltd.
DOI: 10.1002/wcm
375
P. S. Mogre et al.
4. AUTHENTICATED NETWORK
ENTRY
In the following sections we present our security framework
for wireless mesh networks. We rst introduce necessary steps for secure network entry and for establishing
a cryptographic key infrastructure. The security mechanism presented in the following sections operate on this
key infrastructure.
As stated in the introduction, we have identied open
subscription-based and open subscription-less based network. We focus on open subscription-based mesh networks,
assuming the existence of a trusted third party (the network
provider). Each node which wants to gain access to the network has to be authorized out-of-band, so that each user is
identied and misbehaving can result in consequences for
the user. We assume that devices are equipped with a certicate (IdentCert) issued by their manufacturer containing
their Public Key and MAC address. Devices are registered
at the network provider, which thus knows all valid device
certicates. The credentials of the network provider are also
stored on the device, e.g. by means of a SIM card. Besides
the device certicates, we also use (daily) authorization certicates which are handed out during network entry to valid
users.
During the network entry phase a new node has both to
join and also to authenticate itself, the network and its new
neighboring nodes. In order to join the WMN a new node
attaches to nodes which are already part of the network.
A new node we call Candidate Node (CN), the particular
contact node we call Sponsor Node (SN). The SN acts as
376
Wirel. Commun. Mob. Comput. 2011; 11:371391 2010 John Wiley & Sons, Ltd.
DOI: 10.1002/wcm
P. S. Mogre et al.
Wirel. Commun. Mob. Comput. 2011; 11:371391 2010 John Wiley & Sons, Ltd.
DOI: 10.1002/wcm
377
P. S. Mogre et al.
nation node, so that every node on the way back to the source
node (using the path history) can verify the integrity of the
BANT. To achieve this, the Public Key of the destination
node is provided in the BANT upon request. The integrity of
FANTs is guaranteed by comparison of the invariant elds
of the bypassing FANT during the route discovery and the
bypassing BANT at the route establishment. Before forwarding a FANT, each node stores a hash of the critical elds
of the FANT, i.e. the path history up to the current node, the
certicates, source and destination identiers. Each node,
upon receipt of a BANT, checks the BANTs path history up
to this nodes occurrence and other immutable parts of the
routing message, to see whether the corresponding FANT is
known and has not been tampered with. Any invalid modication of the FANT results in a BANT which cannot be
associated to its corresponding FANT. In case of a valid
match, the integrity of the FANT is assured. The matching entry is then deleted from the stored memory. In case
a corresponding FANT cannot be found, the integrity of
the original FANT must have been compromised or a new
FANT has been forged, in this case the BANT is dropped.
For any unexpected error the previous hop (node) is punished with a reputation decrease. In case of a valid BANT
the routing tables are updated.
We see that forging and invalid modication of routing
messages have no effect. Even replays of old FANTs and
BANTs do not cause harm, as replayed BANTs are dropped
due to the missing corresponding FANT. Replayed FANTs
have the effect of new FANTs, so benet is gained from this
attack (by helping to update routing tables). Only routing
information taken from the BANT is used to update the
routing tables, when the integrity and authenticity of the
routing messages is assured.
Malicious nodes may try to cause inefcient routes or
even loops, but effects of such attacks are limited, because
each node can only determine the next hop of the routing
packet.
One additional advantage of the stigmergy-based security approach is that attacks have to be performed several
times to have effect. Routing probabilities change only signicantly after several routing table updates. With increase
in number of attacks, malicious behavior is easier to detect.
Wirel. Commun. Mob. Comput. 2011; 11:371391 2010 John Wiley & Sons, Ltd.
DOI: 10.1002/wcm
P. S. Mogre et al.
Wirel. Commun. Mob. Comput. 2011; 11:371391 2010 John Wiley & Sons, Ltd.
DOI: 10.1002/wcm
379
P. S. Mogre et al.
380
25 No-reputation-bonus threshold
40 Punishment threshold
60 Minimum reputation value
Wirel. Commun. Mob. Comput. 2011; 11:371391 2010 John Wiley & Sons, Ltd.
DOI: 10.1002/wcm
P. S. Mogre et al.
6. LEAKDETECTOR: SOLUTION TO
THE COLLUDING MISBEHAVIOR
PROBLEM
Colluding misbehaving nodes are a severe threat to the correct routing functionality in MANETs and WMNs. Before
presenting LeakDetector, our solution for detecting colluding misbehaving nodes without the use of cryptography,
we discuss the assumptions we made while designing the
solution.
6.1. Assumptions
The detection of misbehaving nodes depends on the underlying routing algorithm. For our scheme, we assume the
following characteristics for this routing algorithm.
(1) Distributed and Unicast: Each node autonomously
calculates the next hop node; for each individual
packet a single next hop neighbor is chosen.
(2) Proactive: The routing mechanism periodically
refreshes the routing information.
(3) Secure Route Information: Message integrity and
authenticity for routing messages is guaranteed; routing messages contain the information for the entire
routing path.
(4) Multipath Routing: Various paths from source to destination exist; LeakDetector compares these paths in
order to identify malicious nodes.
(5) Single-hop Monitoring: A watchdog (or similar)
mechanism is in use for detecting routing misbehavior in the one-hop neighborhood.
Wirel. Commun. Mob. Comput. 2011; 11:371391 2010 John Wiley & Sons, Ltd.
DOI: 10.1002/wcm
381
P. S. Mogre et al.
N1
45%
45%
100%
S
30%
N2
40%
N3
5%
25%
10%
N5
10%
N7
10%
20%
30%
10%
40%
30%
N6
10%
N8
N4
20%
D
20%
N9
40%
In
Out
N1,2
N3
N4,5
N6
N7,8
N9
45%
45%
40%
20%
40%
40%
50%
50%
30%
30%
40%
40%
80%
7. EVALUATION
As a proof-of-concept, we implemented our framework in
a simulation environment. We next present a performance
evaluation of our security solution. To this end we performed a set of simulation studies for selected experimental
designs, which have been chosen to scrutinize the individual mechanisms developed. The goals of the performed
experiments are as follows.
(1) We analyze the performance of our secure probabilistic routing scheme AntSec in the setting of a
realistic WMN. We particularly focus on the successfully delivered packets (delivery ratio) in the
network under attack, which demonstrates the effects
of attacks and countermeasures from an application
level perspective.
(2) We investigate the performance of the local misbehavior detection scheme WatchAnt in combination
with the reputation management AntRep. We chose
a basic topology and model nodes that randomly drop
packets with a given probability, which allows us to
evaluate the detection quality of the system and its
dynamics. We investigate the detection quality using
the reputation values assigned to the misbehaving
nodes. The overall performance is assessed by means
of the obtained delivery ratios.
(3) We analyze the performance of the global misbehavior detection scheme LeakDetector. We again
Wirel. Commun. Mob. Comput. 2011; 11:371391 2010 John Wiley & Sons, Ltd.
DOI: 10.1002/wcm
P. S. Mogre et al.
Table II. Average packet delivery ratio of the secure routing scheme AntSec in Experiment 1 with standard deviation.
Routing algorithm
AntSec
Ant
DSR
10%
20%
30%
40%
50%
97.91.1%
97.30.8%
100.00.0%
81.211.8%
68.411.9%
63.213.9%
65.46.2%
48.78.4%
44.412.7%
46.78.2%
32.97.5%
30.710.3%
35.37.8%
27.07.0%
23.28.4%
25.26.1%
21.96.2%
17.78.0%
investigate the measures of delivery ratio and detection quality, albeit for a scenario with colluding
misbehaving nodes.
Wirel. Commun. Mob. Comput. 2011; 11:371391 2010 John Wiley & Sons, Ltd.
DOI: 10.1002/wcm
383
P. S. Mogre et al.
(a)
(b)
Figure 5. Quality of detection of malicious nodes over time in Experiment 1. (a) Fraction of malicious nodes identied at a given time.
(b) Cumulative fraction of malicious nodes identied at least once until the given time.
using AntSec, because they are not forwarded to malicious nodes. Over the entire experiment set, the established
paths followed by the data packets are in turn prolonged
for AntSec with an average length of 4.53 hops, which
is an increase of 1.21 hops over AntNet. This behavior is
typical for multihop networks under attack, where it has
been shown that in case of node misbehavior the probability of establishing longer routes is diminished; here AntSec
counteracts this and is able to maintain longer routes.
N1
Source
NS
N2
N3
ND
Destination
Malicious Node
Wirel. Commun. Mob. Comput. 2011; 11:371391 2010 John Wiley & Sons, Ltd.
DOI: 10.1002/wcm
P. S. Mogre et al.
Table III. Average packet delivery ratio of the secure routing scheme AntSec in Experiment 2 with standard deviation.
Routing algorithm
AntSec
40%
60%
80%
100%
92.23.3%
91.05.0%
87.87.6%
82.29.5%
82.58.6%
N1
flow S - D
discard
N2
X1
N3
X2
D
flow D - S
discard
Wirel. Commun. Mob. Comput. 2011; 11:371391 2010 John Wiley & Sons, Ltd.
DOI: 10.1002/wcm
385
P. S. Mogre et al.
8. SECURITY ANALYSIS
7.5. Summary
We have analyzed the performance of our security
framework comprising AntSec, WatchAnt, LeakDetector,
and AntRep for different scenarios. Our results are very
promising and show that our framework is able to achieve
the intended goal, namely to detect malicious nodes
in WMNs that operate with the constraint (feature) of
encrypted links between mesh nodes. We can also conclude
386
In the previous section we evaluated the the security framework both in terms of performance and cost. An exhaustive
discussion of potential attack strategies and their effects in
our security framework is given in this section. The discussion addresses the security challenges for WMNs stated in
Section 2 and shows that all issues are either detected with
our security framework or without effect.
We assume three types of threats/attackers: selsh, malicious, and defective nodes. Selsh nodes aim at conserving
resources and try to cheat in protocols in order to reach this
goal. Malicious nodes also aim at attacks on the operability of the whole network. Defective nodes are randomly or
systematically biased in their operation. They can only do
attacks that selsh or malicious nodes can also do intentionally. Therefore, we do not look further at attacks done
by defective nodes, these attacks will be considered at the
analysis of the attacks done by selsh or malicious nodes.
Wirel. Commun. Mob. Comput. 2011; 11:371391 2010 John Wiley & Sons, Ltd.
DOI: 10.1002/wcm
P. S. Mogre et al.
packet. Thus an attack does not pay off and is not distinguish
from valid trafc.
M.2b.1: Route discovery storm: In contrast to various
routing algorithms AntSec does not use broadcasting. In
many other routing algorithms route discovery storms are a
problem, as with a single request the network can be ooded.
In AntSec a route request causes the generated FANT to be
routed using random walk to a specic destination node.
Still in AntSec Discovery Forward Ants are sent quite frequently (400 ms). Therefore any node processes Discovery
Forward Ants from any of its neighbors only if these are
sent in an interval higher or equal 400 ms.
M.2b.2/M.2b.3: Replay of old packets (FANT / BANT /
data): Replay of old packets can be seen as forgery of new
invalid packets. The same solution counts here, too. The
WatchAnt mechanism checks the correct transmission of a
set of packets. If packets were forged or replayed, then the
set of forwarded packets contains invalid packets and the
WatchAnt reply becomes invalid and malicious nodes are
detected.
M.2b.4: Route packets over bad (not optimal) paths:
This attack effects longer paths and even loops may occur.
As AntSec is a probabilistic routing algorithm, forwarding
packets over non-optimal paths may occur and cannot be
detected as attack. The effect of this attack is limited, as a
malicious node can only chose the next hop for a packet,
not the complete route.
M.2b.5: Generate routing loops: Rooting loops cannot
be generated by one single node. This is due to the fact
that AntSec is a decentralized routing algorithm, each node
decides about the next hop of a packet. A single node can
generate a loop only by sending a back over the hop it came.
This simple attack is detected immediately. For the case that
alternative nodes to the previous hop exist, it is not allowed
to send the packet back.
Malicious colluding nodes can generated routing loops
by passing packets to each other until the TTL limit is
reached. This attack is equal in its effect to the dropping
attack of colluding malicious nodes. The counteraction to
this attack is dened by the LeakDetector, which detects
leaks on routes caused by colluding malicious nodes.
M.2b.6: Forwarding as many packets as possible over
a specic neighboring node: A malicious node may forward any packet it receives to a specic neighboring node
to stress it. This cannot be detected as misbehavior, as it
may also be protocol conform. Each node has only local
sight on the network, so due to the topology it may be that
some neighboring nodes are stronger utilized in routing than
others.
M.2c: Overload by claiming all free bandwidth for
own usage: A malicious node can try to reserve all free
bandwidth for itself and decrease by this the remaining
bandwidth for all other nodes. This attack is performed on
the MAC layer. With our security framework focusing on
dependable routing we cannot detect this. The MAC layer
should provide mechanisms to detect invalid reservations.
M.3a.1: Send the packets to a fake neighbor: It is ineffective for an attacker to denote to have sent packets to a node,
Wirel. Commun. Mob. Comput. 2011; 11:371391 2010 John Wiley & Sons, Ltd.
DOI: 10.1002/wcm
387
P. S. Mogre et al.
Wirel. Commun. Mob. Comput. 2011; 11:371391 2010 John Wiley & Sons, Ltd.
DOI: 10.1002/wcm
P. S. Mogre et al.
2.
3.
4.
5.
6.
9. CONCLUSION
7.
8.
9.
10.
11.
12.
13.
ACKNOWLEDGEMENTS
14.
The authors would like to thank the reviewers for their helpful feedback and comments which has led to improvements
of the quality of the paper.
15.
REFERENCES
16.
P. S. Mogre et al.
Wirel. Commun. Mob. Comput. 2011; 11:371391 2010 John Wiley & Sons, Ltd.
DOI: 10.1002/wcm
P. S. Mogre et al.
AUTHORS BIOGRAPHIES
Parag S. Mogre obtained the M.Tech.
degree in Computer Science and Engineering from the Indian Institute of
Technology, Guwahati in 2004. His
Masters Thesis has won the KuVS prize
in 2005. Since October 2004 he is
active as a researcher at the Multimedia Communications Lab (KOM), TU
Darmstadt, Germany, and is pursuing
his Ph.D. there. His research focuses on medium access
control, routing and resource management in wireless mesh
and ad hoc networks. He has over 10 patent applications
in the area of WiMAX based mesh networks, and has been
awarded the invention achievement award for 2007/2008 by
the Department of Electrical Engineering and Information
Technology, at the TU Darmstadt. He is leading the mobile
communications and sensor networking group at KOM, TU
Darmstadt.
Wirel. Commun. Mob. Comput. 2011; 11:371391 2010 John Wiley & Sons, Ltd.
DOI: 10.1002/wcm
391