Towards Loop-Free Forwarding of Anonymous Internet Datagrams that Enforce Provenance

The way in which addressing and forwarding are implemented in the Internet constitutes one of its biggest privacy and security challenges. The fact that source addresses in Internet datagrams cannot be trusted makes the IP Internet inherently vulnerable to DoS and DDoS attacks. The Internet forwarding plane is open to attacks to the privacy of datagram sources, because source addresses in Internet datagrams have global scope. The fact an Internet datagrams are forwarded based solely on the destination addresses stated in datagram headers and the next hops stored in the forwarding information bases (FIB) of relaying routers allows Internet datagrams to traverse loops, which wastes resources and leaves the Internet open to further attacks. We introduce PEAR (Provenance Enforcement through Addressing and Routing), a new approach for addressing and forwarding of Internet datagrams that enables anonymous forwarding of Internet datagrams, eliminates many of the existing DDoS attacks on the IP Internet, and prevents Internet datagrams from looping, even in the presence of routing-table loops.Comment: Proceedings of IEEE Globecom 2016, 4-8 December 2016, Washington, D.C., US

Prediction and optimization techniques for performance enhancement of vehicular ad-hoc networks

Imperial Users onl

A Message Transfer Framework for Enhanced Reliability in Delay-and Disruption-Tolerant Networks

Many infrastructure-less networks require quick, ad hoc deployment and the ability to deliver messages even if no instantaneous end-to-end path can be found. Such networks include large-scale disaster recovery networks, mobile sensor networks for ecological monitoring, ocean sensor networks, people networks, vehicular networks and projects for connectivity in developing regions such as TIER (Technology and Infrastructure for Emerging Regions). These types of networks can be realized with delay-and disruption-tolerant network (DTN) technology. Generally, messages in DTNs are transferred hop-by-hop toward the destination in an overlay above the transport layer called the ''bundle layer''. Unlike mobile ad hoc networks (MANETs), DTNs can tolerate disruption on end-to-end paths by taking advantage of temporal links emerging between nodes as nodes move in the network. Intermediate nodes store messages before forwarding opportunities become available. A series of encounters (i.e., coming within mutual transmission range) among different nodes will eventually deliver the message to the desired destination. The message delivery performance (such as delivery ratio and delay) in a DTN highly depends on time elapsed between encounters (inter-contact time) and the time two nodes remain in each others communication range once a contact is established (contact-duration). As messages are forwarded opportunistically among nodes, it is important to have sufficient contact opportunities in the network for faster, more reliable delivery of messages. In this thesis, we propose a simple yet efficient method for increasing DTN performance by increasing the contact duration of encountered nodes (i.e., mobile devices). Our proposed sticky transfer framework and protocol enable nodes in DTNs to collect neighbors' information, evaluate their movement patterns and amounts of data to transfer in order to make decisions of whether to ''stick'' with a neighbor to complete the necessary data transfers. Nodes intelligently negotiate sticky transfer parameters such as stick duration, mobility speed and movement directions based on user preferences and collected information. The sticky transfer framework can be combined with any DTN routing protocol to improve its performance. Our simulation results show that the proposed framework can improve the message delivery ratio by up to 38% and the end-to-end message transfer delay by up to 36%

Exploiting the power of multiplicity: a holistic survey of network-layer multipath

The Internet is inherently a multipath network: For an underlying network with only a single path, connecting various nodes would have been debilitatingly fragile. Unfortunately, traditional Internet technologies have been designed around the restrictive assumption of a single working path between a source and a destination. The lack of native multipath support constrains network performance even as the underlying network is richly connected and has redundant multiple paths. Computer networks can exploit the power of multiplicity, through which a diverse collection of paths is resource pooled as a single resource, to unlock the inherent redundancy of the Internet. This opens up a new vista of opportunities, promising increased throughput (through concurrent usage of multiple paths) and increased reliability and fault tolerance (through the use of multiple paths in backup/redundant arrangements). There are many emerging trends in networking that signify that the Internet's future will be multipath, including the use of multipath technology in data center computing; the ready availability of multiple heterogeneous radio interfaces in wireless (such as Wi-Fi and cellular) in wireless devices; ubiquity of mobile devices that are multihomed with heterogeneous access networks; and the development and standardization of multipath transport protocols such as multipath TCP. The aim of this paper is to provide a comprehensive survey of the literature on network-layer multipath solutions. We will present a detailed investigation of two important design issues, namely, the control plane problem of how to compute and select the routes and the data plane problem of how to split the flow on the computed paths. The main contribution of this paper is a systematic articulation of the main design issues in network-layer multipath routing along with a broad-ranging survey of the vast literature on network-layer multipathing. We also highlight open issues and identify directions for future work

From the edge to the core : towards informed vantage point selection for internet measurement studies

Since the early days of the Internet, measurement scientists are trying to keep up with the fast-paced development of the Internet. As the Internet grew organically over time and without build-in measurability, this process requires many workarounds and due diligence. As a result, every measurement study is only as good as the data it relies on. Moreover, data quality is relative to the research question—a data set suitable to analyze one problem may be insufficient for another. This is entirely expected as the Internet is decentralized, i.e., there is no single observation point from which we can assess the complete state of the Internet. Because of that, every measurement study needs specifically selected vantage points, which fit the research question. In this thesis, we present three different vantage points across the Internet topology— from the edge to the Internet core. We discuss their specific features, suitability for different kinds of research questions, and how to work with the corresponding data. The data sets obtained at the presented vantage points allow us to conduct three different measurement studies and shed light on the following aspects: (a) The prevalence of IP source address spoofing at a large European Internet Exchange Point (IXP), (b) the propagation distance of BGP communities, an optional transitive BGP attribute used for traffic engineering, and (c) the impact of the global COVID-19 pandemic on Internet usage behavior at a large Internet Service Provider (ISP) and three IXPs.Seit den frühen Tagen des Internets versuchen Forscher im Bereich Internet Measu- rement, mit der rasanten Entwicklung des des Internets Schritt zu halten. Da das Internet im Laufe der Zeit organisch gewachsen ist und nicht mit Blick auf Messbar- keit entwickelt wurde, erfordert dieser Prozess eine Meg Workarounds und Sorgfalt. Jede Measurement Studie ist nur so gut wie die Daten, auf die sie sich stützt. Und Datenqualität ist relativ zur Forschungsfrage - ein Datensatz, der für die Analyse eines Problems geeiget ist, kann für ein anderes unzureichend sein. Dies ist durchaus zu erwarten, da das Internet dezentralisiert ist, d. h. es gibt keinen einzigen Be- obachtungspunkt, von dem aus wir den gesamten Zustand des Internets beurteilen können. Aus diesem Grund benötigt jede Measurement Studie gezielt ausgewählte Beobachtungspunkte, die zur Forschungsfrage passen. In dieser Arbeit stellen wir drei verschiedene Beobachtungspunkte vor, die sich über die gsamte Internet-Topologie erstrecken— vom Rand bis zum Kern des Internets. Wir diskutieren ihre spezifischen Eigenschaften, ihre Eignung für verschiedene Klas- sen von Forschungsfragen und den Umgang mit den entsprechenden Daten. Die an den vorgestellten Beobachtungspunkten gewonnenen Datensätze ermöglichen uns die Durchführung von drei verschiedenen Measurement Studien und damit die folgenden Aspekte zu beleuchten: (a) Die Prävalenz von IP Source Address Spoofing bei einem großen europäischen Internet Exchange Point (IXP), (b) die Ausbreitungsdistanz von BGP-Communities, ein optionales transitives BGP-Attribut, das Anwendung im Bereich Traffic-Enigneering findet sowie (c) die Auswirkungen der globalen COVID- 19-Pandemie auf das Internet-Nutzungsverhalten an einem großen Internet Service Provider (ISP) und drei IXPs

Scalable Schedule-Aware Bundle Routing

This thesis introduces approaches providing scalable delay-/disruption-tolerant routing capabilities in scheduled space topologies. The solution is developed for the requirements derived from use cases built according to predictions for future space topology, like the future Mars communications architecture report from the interagency operations advisory group. A novel routing algorithm is depicted to provide optimized networking performance that discards the scalability issues inherent to state-of-the-art approaches. This thesis also proposes a new recommendation to render volume management concerns generic and easily exchangeable, including a new simple management technique increasing volume awareness accuracy while being adaptable to more particular use cases. Additionally, this thesis introduces a more robust and scalable approach for internetworking between subnetworks to increase the throughput, reduce delays, and ease configuration thanks to its high flexibility.:1 Introduction 1.1 Motivation 1.2 Problem statement 1.3 Objectives 1.4 Outline 2 Requirements 2.1 Use cases 2.2 Requirements 2.2.1 Requirement analysis 2.2.2 Requirements relative to the routing algorithm 2.2.3 Requirements relative to the volume management 2.2.4 Requirements relative to interregional routing 3 Fundamentals 3.1 Delay-/disruption-tolerant networking 3.1.1 Architecture 3.1.2 Opportunistic and deterministic DTNs 3.1.3 DTN routing 3.1.4 Contact plans 3.1.5 Volume management 3.1.6 Regions 3.2 Contact graph routing 3.2.1 A non-replication routing scheme 3.2.2 Route construction 3.2.3 Route selection 3.2.4 Enhancements and main features 3.3 Graph theory and DTN routing 3.3.1 Mapping with DTN objects 3.3.2 Shortest path algorithm 3.3.3 Edge and vertex contraction 3.4 Algorithmic determinism and predictability 4 Preliminary analysis 4.1 Node and contact graphs 4.2 Scenario 4.3 Route construction in ION-CGR 4.4 Alternative route search 4.4.1 Yen’s algorithm scalability 4.4.2 Blocking issues with Yen 4.4.3 Limiting contact approaches 4.5 CGR-multicast and shortest-path tree search 4.6 Volume management 4.6.1 Volume obstruction 4.6.2 Contact sink 4.6.3 Ghost queue 4.6.4 Data rate variations 4.7 Hierarchical interregional routing 4.8 Other potential issues 5 State-of-the-art and related work 5.1 Taxonomy 5.2 Opportunistic and probabilistic approaches 5.2.1 Flooding approaches 5.2.2 PROPHET 5.2.3 MaxProp 5.2.4 Issues 5.3 Deterministic approaches 5.3.1 Movement-aware routing over interplanetary networks 5.3.2 Delay-tolerant link state routing 5.3.3 DTN routing for quasi-deterministic networks 5.3.4 Issues 5.4 CGR variants and enhancements 5.4.1 CGR alternative routing table computation 5.4.2 CGR-multicast 5.4.3 CGR extensions 5.4.4 RUCoP and CGR-hop 5.4.5 Issues 5.5 Interregional routing 5.5.1 Border gateway protocol 5.5.2 Hierarchical interregional routing 5.5.3 Issues 5.6 Further approaches 5.6.1 Machine learning approaches 5.6.2 Tropical geometry 6 Scalable schedule-aware bundle routing 6.1 Overview 6.2 Shortest-path tree routing for space networks 6.2.1 Structure 6.2.2 Tree construction 6.2.3 Tree management 6.2.4 Tree caching 6.3 Contact segmentation 6.3.1 Volume management interface 6.3.2 Simple volume manager 6.3.3 Enhanced volume manager 6.4 Contact passageways 6.4.1 Regional border definition 6.4.2 Virtual nodes 6.4.3 Pathfinding and administration 7 Evaluation 7.1 Methodology 7.1.1 Simulation tools 7.1.2 Simulator extensions 7.1.3 Algorithms and scenarios 7.2 Offline analysis 7.3 Eliminatory processing pressures 7.4 Networking performance 7.4.1 Intraregional unicast routing tests 7.4.2 Intraregional multicast tests 7.4.3 Interregional routing tests 7.4.4 Behavior with congestion 7.5 Requirement fulfillment 8 Summary and Outlook 8.1 Conclusion 8.2 Future works 8.2.1 Next development steps 8.2.2 Contact graph routin