| dc.description.abstract | Today’s smartphones, tablets, and notebooks are equipped with Wi-Fi Direct (the de facto adhoc communication mechanism for mobile devices) that allows users to establish a wireless network (without a wireless router) and exchange data among their devices. The Wi-Fi Direct protocol, developed by the Wi-Fi Alliance, is built upon the IEEE 802.11 infrastructure and it implements the Wi-Fi Protected Setup (WPS) protocol to establish a secure key and connection between two devices. The shipments of Wi-Fi Direct devices reached 1.7 billion in 2016, and it is predicted to reach 3 billion by 2019. With the prevalence of Wi-Fi Direct devices nowadays, the Wi-Fi Direct based Opportunistic Networks (WDON) will play a crucial role in the future mobile networks. A WDON refers to the network paradigm where mobile devices communicate with each other through the opportunistically formed Wi-Fi Direct links. The WDONs have a wide range of applications, e.g., disaster response, battlefield communications, social networks applications, etc. In this dissertation, we identify several vulnerabilities of WDONs, which pose severe threats to the authentication and data confidentiality: a) the brute-force/dictionary attack on the PIN method of the WPS protocol; b) the EvilDirect attack on the Push-Button method of the WPS protocol; and c) the CollusiveHijack attack on routing protocols in WDONs. Consequently, in order to address the aforementioned vulnerabilities, we propose a security framework to defend against these attacks. Our framework contains a set of secure-key-establishment algorithm and protocols that aim to provide secure communication services in WDONs. In this framework, we propose: a) an algorithm to establish a secure key (128 bits) from the contextual sensors data of the devices in WDONs; b) a challenge-response protocol to detect the EvilDirect attack in both dynamic and static environments of WDONs; and c) two detection protocols to detect the CollusiveHijack attack in WDONs. We evaluate the proposed algorithm and protocols through extensive simulations and proof-of-concept implementations in smartphones and notebooks. The evaluation results show that, the proposed framework prevents the brute-force/dictionary attack and detects, within seconds, both EvilDirect and CollusiveHijack attacks with relatively high detection rates while maintaining low false positive rates. | en |
