Information-centric communication in mobile and wireless networks

Information-centric networking (ICN) is a new communication paradigm that has been proposed to cope with drawbacks of host-based communication protocols, namely scalability and security. In this thesis, we base our work on Named Data Networking (NDN), which is a popular ICN architecture, and investigate NDN in the context of wireless and mobile ad hoc networks. In a first part, we focus on NDN efficiency (and potential improvements) in wireless environments by investigating NDN in wireless one-hop communication, i.e., without any routing protocols. A basic requirement to initiate informationcentric communication is the knowledge of existing and available content names. Therefore, we develop three opportunistic content discovery algorithms and evaluate them in diverse scenarios for different node densities and content distributions. After content names are known, requesters can retrieve content opportunistically from any neighbor node that provides the content. However, in case of short contact times to content sources, content retrieval may be disrupted. Therefore, we develop a requester application that keeps meta information of disrupted content retrievals and enables resume operations when a new content source has been found. Besides message efficiency, we also evaluate power consumption of information-centric broadcast and unicast communication. Based on our findings, we develop two mechanisms to increase efficiency of information-centric wireless one-hop communication. The first approach called Dynamic Unicast (DU) avoids broadcast communication whenever possible since broadcast transmissions result in more duplicate Data transmissions, lower data rates and higher energy consumption on mobile nodes, which are not interested in overheard Data, compared to unicast communication. Hence, DU uses broadcast communication only until a content source has been found and then retrieves content directly via unicast from the same source. The second approach called RC-NDN targets efficiency of wireless broadcast communication by reducing the number of duplicate Data transmissions. In particular, RC-NDN is a Data encoding scheme for content sources that increases diversity in wireless broadcast transmissions such that multiple concurrent requesters can profit from each others’ (overheard) message transmissions. If requesters and content sources are not in one-hop distance to each other, requests need to be forwarded via multi-hop routing. Therefore, in a second part of this thesis, we investigate information-centric wireless multi-hop communication. First, we consider multi-hop broadcast communication in the context of rather static community networks. We introduce the concept of preferred forwarders, which relay Interest messages slightly faster than non-preferred forwarders to reduce redundant duplicate message transmissions. While this approach works well in static networks, the performance may degrade in mobile networks if preferred forwarders may regularly move away. Thus, to enable routing in mobile ad hoc networks, we extend DU for multi-hop communication. Compared to one-hop communication, multi-hop DU requires efficient path update mechanisms (since multi-hop paths may expire quickly) and new forwarding strategies to maintain NDN benefits (request aggregation and caching) such that only a few messages need to be transmitted over the entire end-to-end path even in case of multiple concurrent requesters. To perform quick retransmission in case of collisions or other transmission errors, we implement and evaluate retransmission timers from related work and compare them to CCNTimer, which is a new algorithm that enables shorter content retrieval times in information-centric wireless multi-hop communication. Yet, in case of intermittent connectivity between requesters and content sources, multi-hop routing protocols may not work because they require continuous end-to-end paths. Therefore, we present agent-based content retrieval (ACR) for delay-tolerant networks. In ACR, requester nodes can delegate content retrieval to mobile agent nodes, which move closer to content sources, can retrieve content and return it to requesters. Thus, ACR exploits the mobility of agent nodes to retrieve content from remote locations. To enable delay-tolerant communication via agents, retrieved content needs to be stored persistently such that requesters can verify its authenticity via original publisher signatures. To achieve this, we develop a persistent caching concept that maintains received popular content in repositories and deletes unpopular content if free space is required. Since our persistent caching concept can complement regular short-term caching in the content store, it can also be used for network caching to store popular delay-tolerant content at edge routers (to reduce network traffic and improve network performance) while real-time traffic can still be maintained and served from the content store

Named Data Networking in Vehicular Ad hoc Networks: State-of-the-Art and Challenges

International audienceInformation-Centric Networking (ICN) has been proposed as one of the future Internet architectures. It is poised to address the challenges faced by today's Internet that include, but not limited to, scalability, addressing, security, and privacy. Furthermore, it also aims at meeting the requirements for new emerging Internet applications. To realize ICN, Named Data Networking (NDN) is one of the recent implementations of ICN that provides a suitable communication approach due to its clean slate design and simple communication model. There are a plethora of applications realized through ICN in different domains where data is the focal point of communication. One such domain is Intelligent Transportation System (ITS) realized through Vehicular Ad hoc NETwork (VANET) where vehicles exchange information and content with each other and with the infrastructure. To date, excellent research results have been yielded in the VANET domain aiming at safe, reliable, and infotainment-rich driving experience. However, due to the dynamic topologies, host-centric model, and ephemeral nature of vehicular communication, various challenges are faced by VANET that hinder the realization of successful vehicular networks and adversely affect the data dissemination, content delivery, and user experiences. To fill these gaps, NDN has been extensively used as underlying communication paradigm for VANET. Inspired by the extensive research results in NDN-based VANET, in this paper, we provide a detailed and systematic review of NDN-driven VANET. More precisely, we investigate the role of NDN in VANET and discuss the feasibility of NDN architecture in VANET environment. Subsequently, we cover in detail, NDN-based naming, routing and forwarding, caching, mobility, and security mechanism for VANET. Furthermore, we discuss the existing standards, solutions, and simulation tools used in NDN-based VANET. Finally, we also identify open challenges and issues faced by NDN-driven VANET and highlight future research directions that should be addressed by the research community

IMPLEMENTING NDN USING SDN: A REVIEW ON METHODS AND APPLICATIONS

In recent years many claims about the limitations of todays’ network architecture, its lack of flexibility and ability to response to ongoing changes and increasing users demands. In this regard, new network architectures are proposed. Software Defined Networking (SDN) is one of these new architectures which centralizes the control of network by separating control plane from data plane. This separation leads to intelligence, flexibility and easier control in computer networks. One of the advantages of this framework is the ability to implement and test new protocols and architectures in actual networks without any concern of interruption. Named Data Networking (NDN) is another paradigm for future network architecture. With NDN the network becomes aware of the content that is providing, rather than just transferring it among end-points. NDN attracts researchers’ attention and known as the potential future of networking and internet. Providing NDN functionalities over SDN is an important requirement to enable the innovation and optimization of network resources. In this paper first we describe about SDN and NDN, and then we introduce methods for implementing NDN using SDN. We also point out the advantages and applications of implementing NDN over SDN

An efficient pending interest table control management in named data network

Named Data Networking (NDN) is an emerging Internet architecture that employs a new network communication model based on the identity of Internet content. Its core component, the Pending Interest Table (PIT) serves a significant role of recording Interest packet information which is ready to be sent but in waiting for matching Data packet. In managing PIT, the issue of flow PIT sizing has been very challenging due to massive use of long Interest lifetime particularly when there is no flexible replacement policy, hence affecting PIT performance. The aim of this study is to propose an efficient PIT Control Management (PITCM) approach to be used in handling incoming Interest packets in order to mitigate PIT overflow thus enhancing PIT utilization and performance. PITCM consists of Adaptive Virtual PIT (AVPIT) mechanism, Smart Threshold Interest Lifetime (STIL) mechanism and Highest Lifetime Least Request (HLLR) policy. The AVPIT is responsible for obtaining early PIT overflow prediction and reaction. STIL is meant for adjusting lifetime value for incoming Interest packet while HLLR is utilized for managing PIT entries in efficient manner. A specific research methodology is followed to ensure that the work is rigorous in achieving the aim of the study. The network simulation tool is used to design and evaluate PITCM. The results of study show that PITCM outperforms the performance of standard NDN PIT with 45% higher Interest satisfaction rate, 78% less Interest retransmission rate and 65% less Interest drop rate. In addition, Interest satisfaction delay and PIT length is reduced significantly to 33% and 46%, respectively. The contribution of this study is important for Interest packet management in NDN routing and forwarding systems. The AVPIT and STIL mechanisms as well as the HLLR policy can be used in monitoring, controlling and managing the PIT contents for Internet architecture of the future

Recent advances in information-centric networking based internet of things (ICN-IoT)

Information-Centric Networking (ICN) is being realized as a promising approach to accomplish the shortcomings of current IP-address based networking. ICN models are based on naming the content to get rid of address-space scarcity, accessing the content via name-based-routing, caching the content at intermediate nodes to provide reliable, efficient data delivery and self-certifying contents to ensure better security. Obvious benefits of ICN in terms of fast and efficient data delivery and improved reliability raises ICN as highly promising networking model for Internet of Things (IoTs) like environments. IoT aims to connect anyone and/or anything at any time by any path on any place. From last decade, IoTs attracts both industry and research communities. IoTs is an emerging research field and still in its infancy. Thus, this paper presents the potential of ICN for IoTs by providing state-of-the-art literature survey. We discuss briefly the feasibility of ICN features and their models (and architectures) in the context of IoT. Subsequently, we present a comprehensive survey on ICN based caching, naming, security and mobility approaches for IoTs with appropriate classification. Furthermore, we present operating systems (OS) and simulation tools for ICN-IoT. Finally, we provide important research challenges and issues faced by ICN for IoTs

防災システムに向けたコンテンツ指向共通プラットフォームに関する研究

早大学位記番号:新8116早稲田大

Network Coding Enabled Named Data Networking Architectures

The volume of data traffic in the Internet has increased drastically in the last years, mostly due to data intensive applications like video streaming, file sharing, etc.. This motivates the development of new communication methods that can deal with the growing volume of data traffic. To this aim, Named Data Networking (NDN) has been proposed as a future Internet architecture that changes how the Internet works, from the exchange of content between particular nodes of the network, to retrieval of particular content in the network. The NDN architecture enables ubiquitous in-network caching and naturally supports dynamic selection of content sources, characteristics that fit well with the communication needs of data intensive applications. However, the performance of data intensive applications is degraded by the limited throughput seen by applications, which can be caused by (i) limited bandwidth, (ii) network bottlenecks and (iii) packet losses. In this thesis, we argue that introducing network coding into the NDN architecture improves the performance of NDN-based data intensive applications by alleviating the three issues presented above. In particular, network coding (i) enables efficient multipath data retrieval in NDN, which allows nodes to aggregate all the bandwidth available through their multiple interfaces; (ii) allows information from multiple sources to be combined at the intermediate routers, which alleviates the impact of network bottlenecks; and (iii) enables clients to efficiently handle packet losses. This thesis first provides an architecture that enables network coding in NDN for data intensive applications. Then, a study demonstrates and quantifies the benefits that network coding brings to video streaming over NDN, a particular data intensive application. To study the benefits that network coding brings in a more realistic NDN scenario, this thesis finally provides a caching strategy that is used when the in-network caches have limited capacity. Overall, the evaluation results show that the use of network coding permits to exploit more efficiently available network resources, which leads to reduced data traffic load on the sources, increased cache-hit rate at the in-network caches and faster content retrieval at the clients. In particular, for video streaming applications, network coding enables clients to watch higher quality videos compared to using traditional NDN, while it also reduces the video servers' load. Moreover, the proposed caching strategy for network coding enabled NDN maintains the benefits that network coding brings to NDN even when the caches have limited storage space

Side-channel timing attack on content privacy of named data networking

Tese de Doutoramento em Engenharia Electrónica e de ComputadoresA diversity of current applications, such as Netflix, YouTube, and social media, have used the Internet mainly as a content distribution network. Named Data Networking (NDN) is a network paradigm that attempts to answer today’s applications need by naming the content. NDN promises an optimized content distribution through a named content-centric design. One of the NDN key features is the use of in-network caching to improve network efficiency in terms of content distribution. However, the cached contents may put the consumer privacy at risk. Since the time response of cached contents is different from un-cached contents, the adversary may distinguish the cached contents (targets) from un-cached ones, through the side-channel timing responses. The scope of attack can be towards the content, the name, or the signature. For instance, the adversary may obtain the call history, the callee or caller location on a trusted Voice over NDN (VoNDN) and the popularity of contents in streaming applications (e.g. NDNtube, NDNlive) through side-channel timing responses of the cache. The side-channel timing attack can be mitigated by manipulating the time of the router responses. The countermeasures proposed by other researches, such as additional delay, random/probabilistic caching, group signatures, and no-caching can effectively be used to mitigate the attack. However, the content distribution may be affected by pre-configured countermeasures which may go against the goal of the original NDN paradigm. In this work, the detection and defense (DaD) approach is proposed to mitigate the attack efficiently and effectively. With the DaD usage, an attack can be detected by a multi-level detection mechanism, in order to apply the countermeasures against the adversarial faces. Also, the detections can be used to determine the severity of the attack. In order to detect the behavior of an adversary, a brute-force timing attack was implemented and simulated with the following applications and testbeds: i. a trusted application that mimics the VoNDN and identifies the cached certificate on a worldwide NDN testbed, and ii. a streaming-like NDNtube application to identify the popularity of videos on the NDN testbed and AT&T company. In simulation primary results showed that the multi-level detection based on DaD mitigated the attack about 39.1% in best-route, and 36.6% in multicast communications. Additionally, the results showed that DaD preserves privacy without compromising the efficiency benefits of in-network caching in NDNtube and VoNDN applications.Várias aplicações atuais, como o Netflix e o YouTube, têm vindo a usar a Internet como uma rede de distribuição de conteúdos. O Named Data Networking (NDN) é um paradigma recente nas redes de comunicações que tenta responder às necessidades das aplicações modernas, através da nomeação dos conteúdos. O NDN promete uma otimização da distribuição dos conteúdos usando uma rede centrada nos conteúdos. Uma das características principais do NDN é o uso da cache disponivel nos nós da rede para melhorar a eficiência desta em termos de distribuição de conteúdos. No entanto, a colocação dos conteúdos em cache pode colocar em risco a privacidade dos consumidores. Uma vez que a resposta temporal de um conteúdo em cache é diferente do de um conteúdo que não está em cache, o adversário pode distinguir os conteúdos que estão em cache dos que não estão em cache, através das respostas de side-channel. O objectivo do ataque pode ser direcionado para o conteúdo, o nome ou a assinatura da mensagem. Por exemplo, o adversário pode obter o histórico de chamadas, a localização do callee ou do caller num serviço seguro de voz sobre NDN (VoNDN) e a popularidade do conteúdos em aplicações de streaming (e.g. NDNtube, NDNlive) através das respostas temporais de side-channel. O side-channel timing attack pode ser mitigado manipulando o tempo das respostas dos routers. As contramedidas propostas por outros pesquisadores, tais como o atraso adicional, o cache aleatório /probabilístico, as assinaturas de grupo e não fazer cache, podem ser efetivamente usadas para mitigar um ataque. No entanto, a distribuição de conteúdos pode ser afetada por contramedidas pré-configuradas que podem ir contra o propósito original do paradigma NDN. Neste trabalho, a abordagem de detecção e defesa (DaD) é proposta para mitigar o ataque de forma eficiente e eficaz. Com o uso do DaD, um ataque pode ser detectado por um mecanismo de detecção multi-nível, a fim de aplicar as contramedidas contra as interfaces dos adversários. Além disso, as detecções podem ser usadas para determinar a gravidade do ataque. A fim de detectar o comportamento de um adversário, um timing attack de força-bruta foi implementado e simulado com as seguintes aplicações e plataformas (testbeds): i. uma aplicação segura que implementa o VoNDN e identifica o certificado em cache numa plataforma NDN mundial; e ii. uma aplicação de streaming do tipo NDNtube para identificar a popularidade de vídeos na plataforma NDN da empresa AT&T. Os resultados da simulação mostraram que a detecção multi-nível oferecida pelo DaD atenuou o ataque cerca de 39,1% em best-route e 36,5% em comunicações multicast. Para avaliar o efeito nos pedidos legítimos, comparou-se o DaD com uma contramedida estática, tendo-se verificado que o DaD foi capaz de preservar todos os pedidos legítimos

Creation of new laboratory exercises explaining the principles of communication protocols

Cieľom diplomovej práce bolo vytvoriť dve laboratórne úlohy pre vysvetlenie princípov vybraných komunikačných protokolov v simulačnom prostredí ns-3. Vybranými protokolmi boli BGP a ICMPv6. Prvá kapitola práce obsahuje teoretický opis fungovania vybraných protokolov a ich správ. Pre protokol BGP sú v tejto kapitole zhrnuté vlastnosti troch možností implementácie v prostredí ns-3. Druhú časť práce tvoria vytvorené laboratórne úlohy. Úloha pre protokol BGP opisuje spôsob akým si smerovače vytvárajú susedstvá na úrovni autonómnych systémov, ako v rámci týchto susedstiev komunikujú a ako protokol reaguje na výpadok prepojenia susedných smerovačov. Úloha pre protokol ICMPv6 sa zameriava na správy protokolu a ich využitie v rámci viacerých funkcionalít protokolu ako je napríklad konfigurácia adries, získanie linkovej adresy zaradenia či hlásenia chýb v sieti.The aim of this master thesis is to create two laboratory exercises in ns-3 network simulator for chosen communication protocols. The chosen protocols are BGP and ICMPv6. The first part of this thesis contains teoretical knowledge used in order to design laboratory exercise. It contains descriptions of funcionality of both protocols and messages they use. This chapter also includes brief description of three options which were considered for implementation of BGP protocol into ns-3 enviroment. The second chapter consists of actual laboratory exercises which were created as a purpose of this thesis. Exercise for BGP protocol deals with creating neighborhoods between routers at autonomous system level, analyzing the way routers communicate within their neighborhoods and how protocol reacts when the connection between two neighbor routers fails. Exercise created for ICMPv6 protocol is focused on its messages and their usage within multiple protocol funcionalities, such as address configuration, link address resolution and error detection.