Intelligent packet discarding policies for real-time traffic over wireless networks.

Yuen Ching Wan.Thesis (M.Phil.)--Chinese University of Hong Kong, 2006.Includes bibliographical references (leaves 77-83).Abstracts in English and Chinese.Abstract --- p.iAcknowledgement --- p.iiiChapter 1 --- Introduction --- p.1Chapter 1.1 --- Nature of Real-Time Traffic --- p.1Chapter 1.2 --- Delay Variability in Wireless Networks --- p.2Chapter 1.2.1 --- Propagation Medium --- p.3Chapter 1.2.2 --- Impacts of Network Designs --- p.5Chapter 1.3 --- The Keys - Packet Lifetime & Channel State --- p.8Chapter 1.4 --- Contributions of the Thesis --- p.8Chapter 1.5 --- Organization of the Thesis --- p.9Chapter 2 --- Background Study --- p.11Chapter 2.1 --- Packet Scheduling --- p.12Chapter 2.2 --- Call Admission Control (CAC) --- p.12Chapter 2.3 --- Active Queue Management (AQM) --- p.13Chapter 2.3.1 --- AQM for Wired Network --- p.14Chapter 2.3.2 --- AQM for Wireless Network --- p.17Chapter 3 --- Intelligent Packet Discarding Policies --- p.21Chapter 3.1 --- Random Packet Discard --- p.22Chapter 3.1.1 --- Variable Buffer Limit (VABL) --- p.22Chapter 3.2 --- Packet Discard on Expiration Likelihood (PEL) --- p.23Chapter 3.2.1 --- Working Principle --- p.24Chapter 3.2.2 --- Channel State Aware Packet Discard on Expiration Likelihood (CAPEL) --- p.26Chapter 3.3 --- System Modeling --- p.29Chapter 3.3.1 --- Wireless Channel as an Markov-Modulated Poisson Process (MMPP) --- p.30Chapter 3.3.2 --- System Analysis --- p.30Chapter 3.3.3 --- System Time Distribution --- p.33Chapter 3.3.4 --- Approximation of System Time Distribution by Gamma Distribution --- p.36Chapter 3.4 --- Goodput Analysis of Intelligent Packet Discarding Policies --- p.38Chapter 3.4.1 --- Variable Buffer Limit (VABL) --- p.38Chapter 3.4.2 --- CAPEL at the End-of-Line --- p.39Chapter 3.4.3 --- CAPEL at the Head-of-Line --- p.43Chapter 4 --- Performance Evaluation --- p.44Chapter 4.1 --- Simulation --- p.44Chapter 4.1.1 --- General Settings --- p.45Chapter 4.1.2 --- Choices of Parameters --- p.46Chapter 4.1.3 --- Variable Buffer Limit (VABL) --- p.49Chapter 4.1.4 --- CAPEL at the End-of-Line --- p.53Chapter 4.1.5 --- CAPEL at the Head-of-Line --- p.60Chapter 4.2 --- General Discussion --- p.64Chapter 4.2.1 --- CAPEL vs RED --- p.64Chapter 4.2.2 --- Gamma Approximation for System Time Distribution . --- p.69Chapter 5 --- Conclusion --- p.70Chapter A --- Equation Derivation --- p.73Chapter A.l --- Steady State Probabilities --- p.73Bibliography --- p.7

Exploring sensor data management

The increasing availability of cheap, small, low-power sensor hardware and the ubiquity of wired and wireless networks has led to the prediction that `smart evironments' will emerge in the near future. The sensors in these environments collect detailed information about the situation people are in, which is used to enhance information-processing applications that are present on their mobile and `ambient' devices.\ud \ud Bridging the gap between sensor data and application information poses new requirements to data management. This report discusses what these requirements are and documents ongoing research that explores ways of thinking about data management suited to these new requirements: a more sophisticated control flow model, data models that incorporate time, and ways to deal with the uncertainty in sensor data

MANETs: Internet Connectivity and Transport Protocols

A Mobile Ad hoc Network (MANET) is a collection of mobile nodes connected together over a wireless medium, which self-organize into an autonomous multi-hop wireless network. This kind of networks allows people and devices to seamlessly internetwork in areas with no pre-existing communication infrastructure, e.g., disaster recovery environments. Ad hoc networking is not a new concept, having been around in various forms for over 20 years. However, in the past only tactical networks followed the ad hoc networking paradigm. Recently, the introduction of new technologies such as IEEE 802.11, are moved the application field of MANETs to a more commercial field. These evolutions have been generating a renewed and growing interest in the research and development of MANETs. It is widely recognized that a prerequisite for the commercial penetration of the ad hoc networking technologies is the integration with existing wired/wireless infrastructure-based networks to provide an easy and transparent access to the Internet and its services. However, most of the existing solutions for enabling the interconnection between MANETs and the Internet are based on complex and inefficient mechanisms, as Mobile-IP and IP tunnelling. This thesis describes an alternative approach to build multi-hop and heterogeneous proactive ad hoc networks, which can be used as flexible and low-cost extensions of traditional wired LANs. The proposed architecture provides transparent global Internet connectivity and address autocofiguration capabilities to mobile nodes without requiring configuration changes in the pre-existing wired LAN, and relying on basic layer-2 functionalities. This thesis also includes an experimental evaluation of the proposed architecture and a comparison between this architecture with a well-known alternative NAT-based solution. The experimental outcomes confirm that the proposed technique ensures higher per-connection throughputs than the NAT-based solution. This thesis also examines the problems encountered by TCP over multi-hop ad hoc networks. Research on efficient transport protocols for ad hoc networks is one of the most active topics in the MANET community. Such a great interest is basically motivated by numerous observations showing that, in general, TCP is not able to efficiently deal with the unstable and very dynamic environment provided by multi-hop ad hoc networks. This is because some assumptions, in TCP design, are clearly inspired by the characteristics of wired networks dominant at the time when it was conceived. More specifically, TCP implicitly assumes that packet loss is almost always due to congestion phenomena causing buffer overflows at intermediate routers. Furthermore, it also assumes that nodes are static (i.e., they do not change their position over time). Unfortunately, these assumptions do not hold in MANETs, since in this kind of networks packet losses due to interference and link-layer contentions are largely predominant, and nodes may be mobile. The typical approach to solve these problems is patching TCP to fix its inefficiencies while preserving compatibility with the original protocol. This thesis explores a different approach. Specifically, this thesis presents a new transport protocol (TPA) designed from scratch, and address TCP interoperability at a late design stage. In this way, TPA can include all desired features in a neat and coherent way. This thesis also includes an experimental, as well as, a simulative evaluation of TPA, and a comparison between TCP and TPA performance (in terms of throughput, number of unnecessary transmissions and fairness). The presented analysis considers several of possible configurations of the protocols parameters, different routing protocols, and various networking scenarios. In all the cases taken into consideration TPA significantly outperforms TCP

Unified architecture of mobile ad hoc network security (MANS) system

In this dissertation, a unified architecture of Mobile Ad-hoc Network Security (MANS) system is proposed, under which IDS agent, authentication, recovery policy and other policies can be defined formally and explicitly, and are enforced by a uniform architecture. A new authentication model for high-value transactions in cluster-based MANET is also designed in MANS system. This model is motivated by previous works but try to use their beauties and avoid their shortcomings, by using threshold sharing of the certificate signing key within each cluster to distribute the certificate services, and using certificate chain and certificate repository to achieve better scalability, less overhead and better security performance. An Intrusion Detection System is installed in every node, which is responsible for colleting local data from its host node and neighbor nodes within its communication range, pro-processing raw data and periodically broadcasting to its neighborhood, classifying normal or abnormal based on pro-processed data from its host node and neighbor nodes. Security recovery policy in ad hoc networks is the procedure of making a global decision according to messages received from distributed IDS and restore to operational health the whole system if any user or host that conducts the inappropriate, incorrect, or anomalous activities that threaten the connectivity or reliability of the networks and the authenticity of the data traffic in the networks. Finally, quantitative risk assessment model is proposed to numerically evaluate MANS security

Ad hoc network security and modeling with stochastic petri nets

Advances in wireless technology and portable computing along with demands for high user mobility have provided a major promotion toward the development of ad hoc networks. These networks feature dynamic topology, self-organization, limited bandwidth and battery power of a node. Unlike the existing commercial wireless systems and fixed infrastructure networks, they do not rely on specialized routers for path discovery and traffic routing. Security is an important issue in such networks. Typically, mobile nodes are significantly more susceptible to physical attacks than their wired counterparts. This research intends to investigate the ad hoc network routing security by proposing a performance enhanced Secure ad hoc On-demand Routing protocol (SOR). Specifically, it presents a method to embed Security Level into ad hoc on-demand routing protocols using node-disjoint multipath, and to use maximum hopcount to restrict the number of routing packets in a specific area. The proposed scheme enables the use of security as a marked factor to improve the relevance of the routes discovered by ad hoc routing protocols. It provides customizable security to the flow of routing protocol messages. In general, SOR offers an alternative way to implement security in on-demand routing protocols. Ad hoc network is too complex to allow analytical study for explicit performance expressions. This research presents a Stochastic Petri net-based approach to modeling and analysis of mobile ad hoc network. This work illustrates how this model is built as a scalable model and used to exploit the characteristics of the networks. The proposed scheme is a powerful analytical model that can be used to derive network performance much more easily than a simulation-based approach. Furthermore, the proposed model is extended to study the performance of ad hoc network security by adding multipath selection and security measurement parameters. This research gives a quantificational measurement to analyze the performance of a modified SPN model under the effect of multipath and attack of a hypothetical compromised node

Network delay control through adaptive queue management

Timeliness in delivering packets for delay-sensitive applications is an important QoS (Quality of Service) measure in many systems, notably those that need to provide real-time performance. In such systems, if delay-sensitive traffic is delivered to the destination beyond the deadline, then the packets will be rendered useless and dropped after received at the destination. Bandwidth that is already scarce and shared between network nodes is wasted in relaying these expired packets. This thesis proposes that a deterministic per-hop delay can be achieved by using a dynamic queue threshold concept to bound delay of each node. A deterministic per-hop delay is a key component in guaranteeing a deterministic end-to-end delay. The research aims to develop a generic approach that can constrain network delay of delay-sensitive traffic in a dynamic network. Two adaptive queue management schemes, namely, DTH (Dynamic THreshold) and ADTH (Adaptive DTH) are proposed to realize the claim. Both DTH and ADTH use the dynamic threshold concept to constrain queuing delay so that bounded average queuing delay can be achieved for the former and bounded maximum nodal delay can be achieved for the latter. DTH is an analytical approach, which uses queuing theory with superposition of N MMBP-2 (Markov Modulated Bernoulli Process) arrival processes to obtain a mapping relationship between average queuing delay and an appropriate queuing threshold, for queue management. While ADTH is an measurement-based algorithmic approach that can respond to the time-varying link quality and network dynamics in wireless ad hoc networks to constrain network delay. It manages a queue based on system performance measurements and feedback of error measured against a target delay requirement. Numerical analysis and Matlab simulation have been carried out for DTH for the purposes of validation and performance analysis. While ADTH has been evaluated in NS-2 simulation and implemented in a multi-hop wireless ad hoc network testbed for performance analysis. Results show that DTH and ADTH can constrain network delay based on the specified delay requirements, with higher packet loss as a trade-off

Cross-layer design of multi-hop wireless networks

MULTI -hop wireless networks are usually defined as a collection of nodes equipped with radio transmitters, which not only have the capability to communicate each other in a multi-hop fashion, but also to route each others’ data packets. The distributed nature of such networks makes them suitable for a variety of applications where there are no assumed reliable central entities, or controllers, and may significantly improve the scalability issues of conventional single-hop wireless networks. This Ph.D. dissertation mainly investigates two aspects of the research issues related to the efficient multi-hop wireless networks design, namely: (a) network protocols and (b) network management, both in cross-layer design paradigms to ensure the notion of service quality, such as quality of service (QoS) in wireless mesh networks (WMNs) for backhaul applications and quality of information (QoI) in wireless sensor networks (WSNs) for sensing tasks. Throughout the presentation of this Ph.D. dissertation, different network settings are used as illustrative examples, however the proposed algorithms, methodologies, protocols, and models are not restricted in the considered networks, but rather have wide applicability. First, this dissertation proposes a cross-layer design framework integrating a distributed proportional-fair scheduler and a QoS routing algorithm, while using WMNs as an illustrative example. The proposed approach has significant performance gain compared with other network protocols. Second, this dissertation proposes a generic admission control methodology for any packet network, wired and wireless, by modeling the network as a black box, and using a generic mathematical 0. Abstract 3 function and Taylor expansion to capture the admission impact. Third, this dissertation further enhances the previous designs by proposing a negotiation process, to bridge the applications’ service quality demands and the resource management, while using WSNs as an illustrative example. This approach allows the negotiation among different service classes and WSN resource allocations to reach the optimal operational status. Finally, the guarantees of the service quality are extended to the environment of multiple, disconnected, mobile subnetworks, where the question of how to maintain communications using dynamically controlled, unmanned data ferries is investigated

An Experimental Evaluation of Constrained Application Protocol Performance over TCP

The Internet of Things (IoT) is the Internet augmented with diverse everyday and industrial objects, enabling a variety of services ranging from smart homes to smart cities. Because of their embedded nature, IoT nodes are typically low-power devices with many constraints, such as limited memory and computing power. They often connect to the Internet over error-prone wireless links with low or variable speed. To accommodate these characteristics, protocols specifically designed for IoT use have been designed. The Constrained Application Protocol (CoAP) is a lightweight web transfer protocol for resource manipulation. It is designed for constrained devices working in impoverished environments. By default, CoAP traffic is carried over the unreliable User Datagram Protocol (UDP). As UDP is connectionless and has little header overhead, it is well-suited for typical IoT communication consisting of short request-response exchanges. To achieve reliability on top of UDP, CoAP also implements features normally found in the transport layer. Despite the advantages, the use of CoAP over UDP may be sub-optimal in certain settings. First, some networks rate-limit or entirely block UDP traffic. Second, the default CoAP congestion control is extremely simple and unable to properly adjust its behaviour to variable network conditions, for example bursts. Finally, even IoT devices occasionally need to transfer large amounts of data, for example to perform firmware updates. For these reasons, it may prove beneficial to carry CoAP over reliable transport protocols, such as the Transmission Control Protocol (TCP). RFC 8323 specifies CoAP over stateful connections, including TCP. Currently, little research exists on CoAP over TCP performance. This thesis experimentally evaluates CoAP over TCP suitability for long-lived connections in a constrained setting, assessing factors limiting scalability and problems packet loss and high levels of traffic may cause. The experiments are performed in an emulated network, under varying levels of congestion and likelihood of errors, as well as in the presence of overly large buffers. For TCP results, both TCP New Reno and the newer TCP BBR are examined. For baseline measurements, CoAP over UDP is carried using both the default CoAP congestion control and the more advanced CoAP Simple Congestion Control/Advanced (CoCoA) congestion control. This work shows CoAP over TCP to be more efficient or at least on par with CoAP over UDP in a constrained setting when connections are long-lived. CoAP over TCP is notably more adept than CoAP over UDP at fully utilising the capacity of the link when there are no or few errors, even if the link is congested or bufferbloat is present. When the congestion level and the frequency of link errors grow high, the difference between CoAP over UDP and CoAP over TCP diminishes, yet CoAP over TCP continues to perform well, showing that in this setting CoAP over TCP is more scalable than CoAP over UDP. Finally, this thesis finds TCP BBR to be a promising congestion control candidate. It is able to outperform the older New Reno in almost all explored scenarios, most notably in the presence of bufferbloat

Wireless Sensor Data Transport, Aggregation and Security

abstract: Wireless sensor networks (WSN) and the communication and the security therein have been gaining further prominence in the tech-industry recently, with the emergence of the so called Internet of Things (IoT). The steps from acquiring data and making a reactive decision base on the acquired sensor measurements are complex and requires careful execution of several steps. In many of these steps there are still technological gaps to fill that are due to the fact that several primitives that are desirable in a sensor network environment are bolt on the networks as application layer functionalities, rather than built in them. For several important functionalities that are at the core of IoT architectures we have developed a solution that is analyzed and discussed in the following chapters. The chain of steps from the acquisition of sensor samples until these samples reach a control center or the cloud where the data analytics are performed, starts with the acquisition of the sensor measurements at the correct time and, importantly, synchronously among all sensors deployed. This synchronization has to be network wide, including both the wired core network as well as the wireless edge devices. This thesis studies a decentralized and lightweight solution to synchronize and schedule IoT devices over wireless and wired networks adaptively, with very simple local signaling. Furthermore, measurement results have to be transported and aggregated over the same interface, requiring clever coordination among all nodes, as network resources are shared, keeping scalability and fail-safe operation in mind. Furthermore ensuring the integrity of measurements is a complicated task. On the one hand Cryptography can shield the network from outside attackers and therefore is the first step to take, but due to the volume of sensors must rely on an automated key distribution mechanism. On the other hand cryptography does not protect against exposed keys or inside attackers. One however can exploit statistical properties to detect and identify nodes that send false information and exclude these attacker nodes from the network to avoid data manipulation. Furthermore, if data is supplied by a third party, one can apply automated trust metric for each individual data source to define which data to accept and consider for mentioned statistical tests in the first place. Monitoring the cyber and physical activities of an IoT infrastructure in concert is another topic that is investigated in this thesis.Dissertation/ThesisDoctoral Dissertation Electrical Engineering 201