Backscatter from the Data Plane --- Threats to Stability and Security in Information-Centric Networking

Information-centric networking proposals attract much attention in the ongoing search for a future communication paradigm of the Internet. Replacing the host-to-host connectivity by a data-oriented publish/subscribe service eases content distribution and authentication by concept, while eliminating threats from unwanted traffic at an end host as are common in today's Internet. However, current approaches to content routing heavily rely on data-driven protocol events and thereby introduce a strong coupling of the control to the data plane in the underlying routing infrastructure. In this paper, threats to the stability and security of the content distribution system are analyzed in theory and practical experiments. We derive relations between state resources and the performance of routers and demonstrate how this coupling can be misused in practice. We discuss new attack vectors present in its current state of development, as well as possibilities and limitations to mitigate them.Comment: 15 page

Secure Publisher Subscriber System Using IBE

In Today's life providing Security such as Authentication and Confidentiality are most demanding security issues. Improvement of basic security mechanisms like authentication, reliability and confidentiality is extremely difficult during a content based publish/subscribe system. This Paper presents a new way to provide confidentiality and authentications in a broker-less content-based publish subscribe system. The authentication of users is done using pairing based cryptography. Confidentiality of message is also ensured, by adapting the pairing-based cryptography mechanisms. In Identity Based Encryption, any unique and valid string which is distinctively identifies a user can be public key of the user. A key server maintains public and private master keys. Public key of each user is known to all users of system. The master public key can be used by the publisher to encrypt and send messages to a subscriber with any identity, for example an email address. To decrypt the message subscriber request a private key from server. Using master private key subscriber decrypt message successfully. On the whole approach provides fine-grained key management. Published events are routed to their subsequent subscribers. The assessment of this System provides security respect to authentication and confidentiality of event distribution. DOI: 10.17762/ijritcc2321-8169.15074

Efficient and adaptive congestion control for heterogeneous delay-tolerant networks

Detecting and dealing with congestion in delay-tolerant networks (DTNs) is an important and challenging problem. Current DTN forwarding algorithms typically direct traffic towards more central nodes in order to maximise delivery ratios and minimise delays, but as traffic demands increase these nodes may become saturated and unusable. We pro- pose CafRep, an adaptive congestion aware protocol that detects and reacts to congested nodes and congested parts of the network by using implicit hybrid contact and resources congestion heuristics. CafRep exploits localised relative utility based approach to offload the traffic from more to less congested parts of the network, and to replicate at adaptively lower rate in different parts of the network with non-uniform congestion levels. We extensively evaluate our work against benchmark and competitive protocols across a range of metrics over three real connectivity and GPS traces such as Sassy [44], San Francisco Cabs [45] and Infocom 2006 [33]. We show that CafRep performs well, independent of network connectivity and mobility patterns, and consistently outperforms the state-of-the-art DTN forwarding algorithms in the face of increasing rates of congestion. CafRep maintains higher availability and success ratios while keeping low delays, packet loss rates and delivery cost. We test CafRep in the presence of two application scenarios, with fixed rate traffic and with real world Facebook application traffic demands, showing that regardless of the type of traffic CafRep aims to deliver, it reduces congestion and improves forwarding performance

Cooperation as a Service in VANET: Implementation and Simulation Results

The past decade has witnessed the emergence of Vehicular Ad-hoc Networks (VANET), specializing from the well-known Mobile Ad Hoc Networks (MANET) to Vehicle-to-Vehicle (V2V) and Vehicle-to-Infrastructure (V2I) wireless communications. While the original motivation for Vehicular Networks was to promote traffic safety, recently it has become increasingly obvious that Vehicular Networks open new vistas for Internet access, providing weather or road condition, parking availability, distributed gaming, and advertisement. In previous papers [27,28], we introduced Cooperation as a Service (CaaS); a new service-oriented solution which enables improved and new services for the road users and an optimized use of the road network through vehicle\u27s cooperation and vehicle-to-vehicle communications. The current paper is an extension of the first ones; it describes an improved version of CaaS and provides its full implementation details and simulation results. CaaS structures the network into clusters, and uses Content Based Routing (CBR) for intra-cluster communications and DTN (Delay and disruption-Tolerant Network) routing for inter-cluster communications. To show the feasibility of our approach, we implemented and tested CaaS using Opnet modeler software package. Simulation results prove the correctness of our protocol and indicate that CaaS achieves higher performance as compared to an Epidemic approach

Congestion avoidance in overlay networks through multipath routing

Overlay networks relying on traditional multicast routing approaches use only a single path between a sender and a receiver. This path is selected based on latency, with the goal of achieving fast delivery. Content is routed through links with low latency, ignoring slower links of the network which remain unused. With the increasing size of content on the Internet, this leads to congestion, messages are dropped and have to be retransmitted. A multicast multipath congestion-avoidance routing scheme which uses multiple bottleneck-disjoint paths between senders and receivers was developed, as was a linear programming model of the network to distribute messages intelligently across these paths according to two goals: minimum network usage and load-balancing. The former aims to use as few links as possible to perform routing, while the latter spreads messages across as many links as possible, evenly distributing the traffic. Another technique, called message splitting, was also used. This allows nodes to send a single copy of a message with multiple receivers, which will then be duplicated by a node closer to the receivers and sent along separate paths only when required. The model considers all of the messages in the network and is a global optimisation. Nevertheless, it can be solved quickly for large networks and workloads, with the cost of routing remaining almost entirely the cost of finding multiple paths between senders and receivers. The Gurobi linear programming solver was used to find solutions to the model. This routing approach was implemented in the NS-3 network simulator. The work is presented as a messaging middleware scheme, which can be applied to any overlay messaging network.Open Acces

Management and Service-aware Networking Architectures (MANA) for Future Internet Position Paper: System Functions, Capabilities and Requirements

Future Internet (FI) research and development threads have recently been gaining momentum all over the world and as such the international race to create a new generation Internet is in full swing: GENI, Asia Future Internet, Future Internet Forum Korea, European Union Future Internet Assembly (FIA). This is a position paper identifying the research orientation with a time horizon of 10 years, together with the key challenges for the capabilities in the Management and Service-aware Networking Architectures (MANA) part of the Future Internet (FI) allowing for parallel and federated Internet(s)