Internet-wide geo-networking problem statement

This document describes the need of specifying Internet-wide location-aware forwarding protocol solutions that provide packet routing using geographical positions for packet transport

Denial of service mitigation approach for IPv6-enabled smart object networks

Denial of service (DoS) attacks can be defined as any third-party action aiming to reduce or eliminate a network's capability to perform its expected functions. Although there are several standard techniques in traditional computing that mitigate the impact of some of the most common DoS attacks, this still remains a very important open problem to the network security community. DoS attacks are even more troublesome in smart object networks because of two main reasons. First, these devices cannot support the computational overhead required to implement many of the typical counterattack strategies. Second, low traffic rates are enough to drain sensors' battery energy making the network inoperable in short times. To realize the Internet of Things vision, it is necessary to integrate the smart objects into the Internet. This integration is considered an exceptional opportunity for Internet growth but, also, a security threat, because more attacks, including DoS, can be conducted. For these reasons, the prevention of DoS attacks is considered a hot topic in the wireless sensor networks scientific community. In this paper, an approach based on 6LowPAN neighbor discovery protocol is proposed to mitigate DoS attacks initiated from the Internet, without adding additional overhead on the 6LoWPAN sensor devices.This work has been partially supported by the Instituto de Telecomunicacoes, Next Generation Networks and Applications Group (NetGNA), Portugal, and by National Funding from the FCT - Fundacao para a Ciencia e Tecnologia through the Pest-OE/EEI/LA0008/2011.Oliveira, LML.; Rodrigues, JJPC.; De Sousa, AF.; Lloret, J. (2013). Denial of service mitigation approach for IPv6-enabled smart object networks. Concurrency and Computation: Practice and Experience. 25(1):129-142. doi:10.1002/cpe.2850S129142251Gershenfeld, N., Krikorian, R., & Cohen, D. (2004). The Internet of Things. Scientific American, 291(4), 76-81. doi:10.1038/scientificamerican1004-76Akyildiz, I. F., Su, W., Sankarasubramaniam, Y., & Cayirci, E. (2002). Wireless sensor networks: a survey. Computer Networks, 38(4), 393-422. doi:10.1016/s1389-1286(01)00302-4Karl, H., & Willig, A. (2005). Protocols and Architectures for Wireless Sensor Networks. doi:10.1002/0470095121IEEE Std 802.15.4-2006 Part 15.4: wireless medium access control (MAC) and physical layer (PHY) specificationsfor low-rate wireless personal area networks (LR-WPANs) 2006ZigBee Alliance ZigBee Specification 2007WirelessHARThomepage 2012 http://www.hartcomm.org/Hui, J. W., & Culler, D. E. (2008). Extending IP to Low-Power, Wireless Personal Area Networks. IEEE Internet Computing, 12(4), 37-45. doi:10.1109/mic.2008.79Kushalnagar N Montenegro G Schumacher C IPv6 over Low-Power Wireless Personal Area Networks (6LoWPANs): Overview, Assumptions, Problem Statement, and Goals 2007Montenegro G Kushalnagar N Hui J Culler D Transmission of IPv6 Packets over IEEE 802.15.4 Networks 2007Shelby Z Thubert P Hui J Chakrabarti S Bormann C Nordmark E 6LoWPAN Neighbor Discovery 2011Zhou, L., Chao, H.-C., & Vasilakos, A. V. (2011). Joint Forensics-Scheduling Strategy for Delay-Sensitive Multimedia Applications over Heterogeneous Networks. IEEE Journal on Selected Areas in Communications, 29(7), 1358-1367. doi:10.1109/jsac.2011.110803Roman, R., & Lopez, J. (2009). Integrating wireless sensor networks and the internet: a security analysis. Internet Research, 19(2), 246-259. doi:10.1108/10662240910952373Wang, Y., Attebury, G., & Ramamurthy, B. (2006). A survey of security issues in wireless sensor networks. IEEE Communications Surveys & Tutorials, 8(2), 2-23. doi:10.1109/comst.2006.315852Xiaojiang Du, & Hsiao-Hwa Chen. (2008). Security in wireless sensor networks. IEEE Wireless Communications, 15(4), 60-66. doi:10.1109/mwc.2008.4599222Pelechrinis, K., Iliofotou, M., & Krishnamurthy, S. V. (2011). Denial of Service Attacks in Wireless Networks: The Case of Jammers. IEEE Communications Surveys & Tutorials, 13(2), 245-257. doi:10.1109/surv.2011.041110.00022Zhou, L., Wang, X., Tu, W., Muntean, G., & Geller, B. (2010). Distributed scheduling scheme for video streaming over multi-channel multi-radio multi-hop wireless networks. IEEE Journal on Selected Areas in Communications, 28(3), 409-419. doi:10.1109/jsac.2010.100412Lin, K., Lai, C.-F., Liu, X., & Guan, X. (2010). Energy Efficiency Routing with Node Compromised Resistance in Wireless Sensor Networks. Mobile Networks and Applications, 17(1), 75-89. doi:10.1007/s11036-010-0287-xLi, H., Lin, K., & Li, K. (2011). Energy-efficient and high-accuracy secure data aggregation in wireless sensor networks. Computer Communications, 34(4), 591-597. doi:10.1016/j.comcom.2010.02.026Oliveira, L. M. L., de Sousa, A. F., & Rodrigues, J. J. P. C. (2011). Routing and mobility approaches in IPv6 over LoWPAN mesh networks. International Journal of Communication Systems, 24(11), 1445-1466. doi:10.1002/dac.1228Narten T Nordmark E Simpson W Soliman H Neighbor Discovery for IP version 6 (IPv6) 2007Singh H Beebee W Nordmark E IPv6 Subnet Model: The Relationship between Links and Subnet Prefixes 2010Roman, R., Lopez, J., & Gritzalis, S. (2008). Situation awareness mechanisms for wireless sensor networks. IEEE Communications Magazine, 46(4), 102-107. doi:10.1109/mcom.2008.4481348Sakarindr, P., & Ansari, N. (2007). Security services in group communications over wireless infrastructure, mobile ad hoc, and wireless sensor networks. IEEE Wireless Communications, 14(5), 8-20. doi:10.1109/mwc.2007.4396938Tsao T Alexander R Dohler M Daza V Lozano A A Security Framework for Routing over Low Power and Lossy Networks 2009Karlof C Wagner D Secure Routing in Wireless Sensor Networks: Attacks and Countermeasures First IEEE International Workshop on Sensor Network Protocols and Applications 2003 113 127 10.1109/SNPA.2003.1203362Hui J Thubert P Compression Format for IPv6 Datagrams in 6LoWPAN Networks 2009Elaine Shi, & Perrig, A. (2004). Designing Secure Sensor Networks. IEEE Wireless Communications, 11(6), 38-43. doi:10.1109/mwc.2004.1368895Akkaya, K., & Younis, M. (2005). A survey on routing protocols for wireless sensor networks. Ad Hoc Networks, 3(3), 325-349. doi:10.1016/j.adhoc.2003.09.01

Efficient cellular load balancing through mobility-enriched vehicular communications

Supporting effective load balancing is paramount for increasing network utilization efficiency and improving the perceivable user experience in emerging and future cellular networks. At the same time, it is becoming increasingly alarming that current communication practices lead to excessive energy wastes both at the infrastructure side and at the terminals. To address both these issues, this paper discusses an innovative communication approach enabled by the implementation of device-to-device (d2d) communication over cellular networks. The technique capitalizes on the delay tolerance of a significant portion of Internet applications and the inherent mobility of the nodes to achieve significant performance gains. For delay-tolerant messages, a mobile node can postpone message transmission—in a store–carry and forward manner—for a later time to allow the terminal to achieve communication over a shorter range or to postpone communication to when the terminal enters a cooler cell, before engaging in communication. Based on this framework, a theoretical model is introduced to study the generalized multihop d2d forwarding scheme where mobile nodes are allowed to buffer messages and carry them while in transit. Thus, a multiobjective optimization problem is introduced where both the communication cost and the varying load levels of multiple cells are to be minimized. We show that the mathematical programming model that arises can be efficiently solved in time. Furthermore, extensive numerical investigations reveal that the proposed scheme is an effective approach for both energy-efficient communication and offering significant gains in terms of load balancing in multicell topologies

Mobility-based Routing Overhead Management in Reconfigurable Wireless Ad hoc Networks

Mobility-Based Routing Overhead Management in Reconfigurable Wireless Ad Hoc Networks Routing Overheads are the non-data message packets whose roles are establishment and maintenance of routes for data packets as well as neighbourhood discovery and maintenance. They have to be broadcasted in the network either through flooding or other techniques that can ensure that a path exists before data packets can be sent to various destinations. They can be sent reactively or periodically to neighbours so as to keep nodes updated on their neighbourhoods. While we cannot do without these overhead packets, they occupy much of the limited wireless bandwidth available in wireless networks. In a reconfigurable wireless ad hoc network scenario, these packets have more negative effects, as links need to be confirmed more frequently than in traditional networks mainly because of the unpredictable behaviour of the ad hoc networks. We therefore need suitable algorithms that will manage these overheads so as to allow data packet to have more access to the wireless medium, save node energy for longer life of the network, increased efficiency, and scalability. Various protocols have been suggested in the research area. They mostly address routing overheads for suitability of particular protocols leading to lack of standardisation and inapplicability to other protocol classes. In this dissertation ways of ensuring that the routing overheads are kept low are investigated. The issue is addressed both at node and network levels with a common goal of improving efficiency and performance of ad hoc networks without dedicating ourselves to a particular class of routing protocol. At node level, a method hereby referred to as "link availability forecast", that minimises routing overheads used for maintenance of neighbourhood, is derived. The targeted packets are packets that are broadcasted periodically (e.g. hello messages). The basic idea in this method is collection of mobility parameters from the neighbours and predictions or forecasts of these parameters in future. Using these parameters in simple calculations helps in identifying link availabilities between nodes participating in maintenance of networks backbone. At the network level, various approaches have been suggested. The first approach is the cone flooding method that broadcasts route request messages through a predetermined cone shaped region. This region is determined through computation using last known mobility parameters of the destination. Another approach is what is hereby referred as "destination search reverse zone method". In this method, a node will keep routes to destinations for a long time and use these routes for tracing the destination. The destination will then initiate route search in a reverse manner, whereby the source selects the best route for next delivery. A modification to this method is for the source node to determine the zone of route search and define the boundaries within which the packet should be broadcasted. The later method has been used for simulation purposes. The protocol used for verification of the improvements offered by the schemes was the AODV. The link availability forecast scheme was implemented on the AODV and labelled AODV_LA while the network level implementation was labelled AODV_RO. A combination of the two schemes was labelled AODV_LARO

Design and implementation of architectures for the deployment of secure community wireless networks

Recientes avances en las tecnologías de la comunicación, así como la proliferación de nuevos dispositivos de computación, están plasmando nuestro entorno hacia un Internet ubicuo. Internet ofrece una plataforma global para acceder con bajo coste a una vasta gama de servicios de telecomunicaciones, como el correo electrónico, comercio electrónico, tele-educación, tele-salud y tele-medicina a bajo coste. Sin embargo, incluso en los países más desarrollados, un gran número de áreas rurales todavía están pobremente equipadas con una infraestructura básica de telecomunicaciones. Hoy en día, existen algunos esfuerzos para resolver esta falta de infraestructura, pero resultan todavía insuficientes. Con este objetivo presentamos en esta tesis RuralNet, una red comunitaria inalámbrica para proveer acceso a Internet de forma personalizada a los subscriptores de un área rural. Los objetivos de este estudio han sido el desarrollo de una nueva arquitectura para ofrecer un acceso a Internet flexible y seguro para zonas rurales aisladas. RuralNet combina el paradigma de las redes mesh y el uso de los dispositivos inalámbricos embebidos más económicos para ofrecer un gran número de servicios y aplicaciones basados en Internet. La solución desarrollada por RuralNet es capaz de cubrir grandes áreas a bajo coste, y puede también ser fácilmente desplegado y extendido tanto en términos de cobertura como de servicios ofrecidos. Dado que la implementación y la evaluación de RuralNet requiere un alto coste y una gran cantidad de mano de obra, hemos considerado que la simulación y la emulación eran una alternativa válida para ahorrar costes. Con este objetivo hemos desarrollado Castadiva, un emulador flexible proyectado para la evaluación de redes MANET y mesh. Castadiva es un emulador basado en dispositivos de bajo coste, utilizado para evaluar los protocolos y las aplicaciones desarrolladas.Hortelano Otero, J. (2011). Design and implementation of architectures for the deployment of secure community wireless networks [Tesis doctoral no publicada]. Universitat Politècnica de València. https://doi.org/10.4995/Thesis/10251/10079Palanci

Security and Prioritization in Multiple Access Relay Networks

In this work, we considered a multiple access relay network and investigated the following three problems: 1- Tradeoff between reliability and security under falsified data injection attacks; 2-Prioritized analog relaying; 3- mitigation of Forwarding Misbehaviors in Multiple access relay network. In the first problem, we consider a multiple access relay network where multiple sources send independent data to a single destination through multiple relays which may inject a falsified data into the network. To detect the malicious relays and discard (erase) data from them, tracing bits are embedded in the information data at each source node. Parity bits may be also added to correct the errors caused by fading and noise. When the total amount of redundancy, tracing bits plus parity bits, is fixed, an increase in parity bits to increase the reliability requires a decrease in tracing bits which leads to a less accurate detection of malicious behavior of relays, and vice versa. We investigate the tradeoff between the tracing bits and the parity bits in minimizing the probability of decoding error and maximizing the throughput in multi-source, multi-relay networks under falsified data injection attacks. The energy and throughput gains provided by the optimal allocation of redundancy and the tradeoff between reliability and security are analyzed. In the second problem, we consider a multiple access relay network where multiple sources send independent data simultaneously to a common destination through multiple relay nodes. We present three prioritized analog cooperative relaying schemes that provide different class of service (CoS) to different sources while being relayed at the same time in the same frequency band. The three schemes take the channel variations into account in determining the relay encoding (combining) rule, but differ in terms of whether or how relays cooperate. Simulation results on the symbol error probability and outage probability are provided to show the effectiveness of the proposed schemes. In the third problem, we propose a physical layer approach to detect the relay node that injects false data or adds channel errors into the network encoder in multiple access relay networks. The misbehaving relay is detected by using the maximum a posteriori (MAP) detection rule which is optimal in the sense of minimizing the probability of incorrect decision (false alarm and miss detection). The proposed scheme does not require sending extra bits at the source, such as hash function or message authentication check bits, and hence there is no transmission overhead. The side information regarding the presence of forwarding misbehavior is exploited at the decoder to enhance the reliability of decoding. We derive the probability of false alarm and miss detection and the probability of bit error, taking into account the lossy nature of wireless links

Virtual Mobility Domains - A Mobility Architecture for the Future Internet

The advances in hardware and wireless technologies have made mobile communication devices affordable by a vast user community. With the advent of rich multimedia and social networking content, an influx of myriads of applications, and Internet supported services, there is an increasing user demand for the Internet connectivity anywhere and anytime. Mobility management is thus a crucial requirement for the Internet today. This work targets novel mobility management techniques, designed to work with the Floating Cloud Tiered (FCT) internetworking model, proposed for a future Internet. We derive the FCT internetworking model from the tiered structure existing among Internet Service Provider (ISP) networks, to define their business and peering relationships. In our novel mobility management scheme, we define Virtual Mobility Domains (VMDs) of various scopes, that can support both intra and inter-domain roaming using a single address for a mobile node. The scheme is network based and hence imposes no operational load on the mobile node. This scheme is the first of its kind, by leveraging the tiered structure and its hierarchical properties, the collaborative network-based mobility management mechanism, and the inheritance information in the tiered addresses to route packets. The contributions of this PhD thesis can be summarized as follows: · We contribute to the literature with a comprehensive analysis of the future Internet architectures and mobility protocols over the period of 2002-2012, in light of their identity and handoff management schemes. We present a qualitative evaluation of current and future schemes on a unified platform. · We design and implement a novel user-centric future Internet mobility architecture called Virtual Mobility Domain. VMD proposes a seamless, network-based, unique collaborative mobility management within/across ASes and ISPs in the FCT Internetworking model. The analytical and simulation-based handoff performance analysis of the VMD architecture in comparison with the IPv6-based mobility protocols presents the considerable performance improvements achieved by the VMD architecture. · We present a novel and user-centric handoff cost framework to analyze handoff performance of different mobility schemes. The framework helps to examine the impacts of registration costs, signaling overhead, and data loss for Internet connected mobile users employing a unified cost metric. We analyze the effect of each parameter in the handoff cost framework on the handoff cost components. We also compare the handoff performance of IPv6-based mobility protocols to the VMD. · We present a handoff cost optimization problem and analysis of its characteristics. We consider a mobility user as the primary focus of our study. We then identify the suitable mathematical methods that can be leveraged to solve the problem. We model the handoff cost problem in an optimization tool. We also conduct a mobility study - best of our knowledge, first of its kind - on providing a guide for finding the number of handoffs in a typical VMD for any given user\u27s mobility model. Plugging the output of mobility study, we then conduct a numerical analysis to find out optimum VMD for a given user mobility model and check if the theoretical inferences are in agreement with the output of the optimization tool