Structured Peer-to-Peer Overlay Deployment on MANET: A Survey

There are many common characteristics between Peer-to-Peer (P2P) overlay networks and Mobile Ad-hoc Networks (MANET). Self-organization, decentralization, dynamicity and changing topology are the most shared features. Furthermore, when used together, the two approaches complement each other. P2P overlays provide data storage/retrieval functionality, and their routing information can complement that of MANET. MANET provides wireless connectivity between clients without depending on any pre-existing infrastructure. The aim of this paper is to survey current P2P over MANET systems. Specifically, this paper focuses on and investigates structured P2P over MANET. Overall, more than thirty distinct approaches have been classified into groups and introduced in tables providing a structured overview of the area. The survey addresses the identified approaches in terms of P2P systems, MANET underlay systems and the performance of the reviewed systems

A one hop overlay system for Mobile Ad Hoc Networks

Peer-to-Peer (P2P) overlays were initially proposed for use with wired networks. However, the very rapid proliferation of wireless communication technology has prompted a need for adoption of P2P systems in mobile networks too. There are many common characteristics between P2P overlay networks and Mobile Ad-hoc Networks (MANET). Self-organization, decentralization, a dynamic nature and changing topology are the most commonly shared features. Furthermore, when used together, the two approaches complement each other. P2P overlays provide data storage/retrieval functionality and MANET provides wireless connectivity between clients without depending on any pre-existing infrastructure. P2P overlay networks can be deployed over MANET to address content discovery issues. However, previous research has shown that deploying P2P systems straight over MANET does not exhibit satisfactory performance. Bandwidth limitation, limited resources and node mobility are some of the key constraints. This thesis proposes a novel approach, OneHopOverlay4MANET, to exploit the synergies between MANET and P2P overlays through cross-layering. It combines Distributed Hash Table (DHT) based structured P2P overlays with MANET underlay routing protocols to achieve one logical hop between any pair of overlay nodes. OneHopOverlay4MANET constructs a cross-layer channel to permit direct exchange of routing information between the Application layer, where the overlay operates, and the MANET underlay layer. Consequently, underlay routing information can be shared and used by the overlay. Thus, OneHopOverlay4MANET reduces the typical management traffic when deploying traditional P2P systems over MANET. Moreover, as a result of building one hop overlay, OneHopOverlay4MANET can eliminate the mismatching issue between overlay and underlay and hence resolve key lookups in a short time, enhancing the performance of the overlay. v In this thesis, we present OneHopOverlay4MANET and evaluate its performance when combined with different underlay routing protocols. OneHopOverlay4MANET has been combined with two proactive underlays (OLSR and BATMAN) and with three reactive underlay routing protocols (DSR, AODV and DYMO). In addition, the performance of the proposed system over OLSR has been compared to two recent structured P2P over MANET systems (MA-SP2P and E-SP2P) that adopted OLSR as the routing protocol. The results show that better performance can be achieved using OneHopOverlay4MANET

A New Addressing and Forwarding Architecture for the Internet

The current Internet routing and addressing architecture is facing a serious scalability problem. The default free zone (DFZ) routing table size grows at an increasing and potentially alarming rate. The Internet architecture uses a single namespace - the IP address, to express two functions about a network entity: its identifier and locator. This overloading of semantics leads to the scalability problem as a consequence of multihoming, traffic engineering, and nonaggregatable address allocations. The current Internet architecture does not inherently support emerging features such as mobility either. This thesis presents a simple addressing and forwarding architecture (SAFA) for the Internet. SAFA separates the locator namespace from the ID namespace so that the locators can follow the hierarchies in the Internet topology and be aggregated. The locators are allocated dynamically and automatically. The hierarchical format of locators gives end systems more control over the route selection. A straightforward forwarding scheme is designed based on the hierarchical addressing scheme. The meshed part of the Internet topology is integrated into the forwarding procedure through a special forwarding table. With a rendezvous service that maps from IDs to locators, SAFA also provides scalable support for mobility, multihoming and traffic engineering. Our work also includes an Internet topology study and a prototype implementation of the architecture. The evaluation results suggest that SAFA would be feasible in the current Internet if deployed

DISco: a Distributed Information Store for network Challenges and their Outcome

We present DISco, a storage and communication middleware designed to enable distributed and task-centric autonomic control of networks. DISco is designed to enable multi-agent identification of anomalous situations -- so-called "challenges" -- and assist coordinated remediation that maintains degraded -- but acceptable -- service level, while keeping a track of the challenge evolution in order to enable human-assisted diagnosis of flaws in the network. We propose to use state-of-art peer-to-peer publish/subscribe and distributed storage as core building blocks for the DISco service

Naming and discovery in networks : architecture and economics

In less than three decades, the Internet was transformed from a research network available to the academic community into an international communication infrastructure. Despite its tremendous success, there is a growing consensus in the research community that the Internet has architectural limitations that need to be addressed in a effort to design a future Internet. Among the main technical limitations are the lack of mobility support, and the lack of security and trust. The Internet, and particularly TCP/IP, identifies endpoints using a location/routing identifier, the IP address. Coupling the endpoint identifier to the location identifier hinders mobility and poorly identifies the actual endpoint. On the other hand, the lack of security has been attributed to limitations in both the network and the endpoint. Authentication for example is one of the main concerns in the architecture and is hard to implement partly due to lack of identity support. The general problem that this dissertation is concerned with is that of designing a future Internet. Towards this end, we focus on two specific sub-problems. The first problem is the lack of a framework for thinking about architectures and their design implications. It was obvious after surveying the literature that the majority of the architectural work remains idiosyncratic and descriptions of network architectures are mostly idiomatic. This has led to the overloading of architectural terms, and to the emergence of a large body of network architecture proposals with no clear understanding of their cross similarities, compatibility points, their unique properties, and architectural performance and soundness. On the other hand, the second problem concerns the limitations of traditional naming and discovery schemes in terms of service differentiation and economic incentives. One of the recurring themes in the community is the need to separate an entity\u27s identifier from its locator to enhance mobility and security. Separation of identifier and locator is a widely accepted design principle for a future Internet. Separation however requires a process to translate from the identifier to the locator when discovering a network path to some identified entity. We refer to this process as identifier-based discovery, or simply discovery, and we recognize two limitations that are inherent in the design of traditional discovery schemes. The first limitation is the homogeneity of the service where all entities are assumed to have the same discovery performance requirements. The second limitation is the inherent incentive mismatch as it relates to sharing the cost of discovery. This dissertation addresses both subproblems, the architectural framework as well as the naming and discovery limitations

Status of This Memo

This memo provides information for the Internet community. It does not specify an Internet standard of any kind. Distribution of this memo is unlimited. Copyright Notice Copyright (C) The Internet Society (2006). A mobile node needs at least the following information: a home address, a home agent address, and a security association with home agent to register with the home agent. The process of obtaining this information is called bootstrapping. This document discusses issues involved with how the mobile node can be bootstrapped for Mobile IPv6 (MIPv6) and various potential deployment scenarios for mobile node bootstrapping

Interdomain Route Leak Mitigation: A Pragmatic Approach

The Internet has grown to support many vital functions, but it is not administered by any central authority. Rather, the many smaller networks that make up the Internet - called Autonomous Systems (ASes) - independently manage their own distinct host address space and routing policy. Routers at the borders between ASes exchange information about how to reach remote IP prefixes with neighboring networks over the control plane with the Border Gateway Protocol (BGP). This inter-AS communication connects hosts across AS boundaries to build the illusion of one large, unified global network - the Internet. Unfortunately, BGP is a dated protocol that allows ASes to inject virtually any routing information into the control plane. The Internet’s decentralized administrative structure means that ASes lack visibility of the relationships and policies of other networks, and have little means of vetting the information they receive. Routes are global, connecting hosts around the world, but AS operators can only see routes exchanged between their own network and directly connected neighbor networks. This mismatch between global route scope and local network operator visibility gives rise to adverse routing events like route leaks, which occur when an AS advertises a route that should have been kept within its own network by mistake. In this work, we explore our thesis: that malicious and unintentional route leaks threaten Internet availability, but pragmatic solutions can mitigate their impact. Leaks effectively reroute traffic meant for the leak destination along the leak path. This diversion of flows onto unexpected paths can cause broad disruption for hosts attempting to reach the leak destination, as well as obstruct the normal traffic on the leak path. These events are usually due to misconfiguration and not malicious activity, but we show in our initial work that vrouting-capable adversaries can weaponize route leaks and fraudulent path advertisements to enhance data plane attacks on Internet infrastructure and services. Existing solutions like Internet Routing Registry (IRR) filtering have not succeeded in solving the route leak problem, as globally disruptive route leaks still periodically interrupt the normal functioning of the Internet. We examine one relatively new solution - Peerlocking or defensive AS PATH filtering - where ASes exchange toplogical information to secure their networks. Our measurements reveal that Peerlock is already deployed in defense of the largest ASes, but has found little purchase elsewhere. We conclude by introducing a novel leak defense system, Corelock, designed to provide Peerlock-like protection without the scalability concerns that have limited Peerlock’s scope. Corelock builds meaningful route leak filters from globally distributed route collectors and can be deployed without cooperation from other network

Anatomy of an internet hijack and interception attack: A global and educational perspective

The Internet’s underlying vulnerable protocol infrastructure is a rich target for cyber crime, cyber espionage and cyber warfare operations. The stability and security of the Internet infrastructure are important to the function of global matters of state, critical infrastructure, global e-commerce and election systems. There are global approaches to tackle Internet security challenges that include governance, law, educational and technical perspectives. This paper reviews a number of approaches to these challenges, the increasingly surgical attacks that target the underlying vulnerable protocol infrastructure of the Internet, and the extant cyber security education curricula; we find the majority of predominant cyber security education frameworks do not address security for the Internet’s critical communication system, the Border Gateway Protocol (BGP). Finally, we present a case study as an anatomy of such an attack. The case study can be implemented ethically and safely for educational purposes