Go to DBLP homepageAn Empirical Analysis of MeshShield: a Network Security System for Fully Distributed Networks
Abstract: Distributed networks, such as wireless mesh networks, of- fer scalability, fault tolerance, and cost-effectiveness but face security challenges due to their decentralized nature. Tradi- tional security approaches are inadequate, necessitating the adoption of the Zero Trust security model. This paper in- troduces MeshShield, a security system for wireless mesh networks. It implements mutual authentication, continuous authentication, a decision engine, and node quarantine in a decentralized manner to enhance network resilience and mitigate risks. It ensures that only authenticated and au- thorized nodes join the network and enables periodic veri- fication of device behavior. Security information is shared among nodes, enabling a global view of network security. Malicious behavior detection triggers rapid response mea- sures, including broadcasting announcements and quaran- tining malicious nodes. Our evaluation demonstrates that MeshShield has minimal impacts on network performance (3.46% drop in throughput) and fairly low average CPU, and memory usage of 14.96%, and 1.38% respectively, making it suitable for resource-constrained devices. Compared to ex- isting approaches, MeshShield integrates security features in a distributed manner, providing an integrated system to safe- guard sensitive data in wireless mesh networks with nominal effects on network performance. 1
Loading