Cross-layer signalling and middleware: a survey for inelastic soft real-time applications in MANETs

This paper provides a review of the different cross-layer design and protocol tuning approaches that may be used to meet a growing need to support inelastic soft real-time streams in MANETs. These streams are characterised by critical timing and throughput requirements and low packet loss tolerance levels. Many cross-layer approaches exist either for provision of QoS to soft real-time streams in static wireless networks or to improve the performance of real and non-real-time transmissions in MANETs. The common ground and lessons learned from these approaches, with a view to the potential provision of much needed support to real-time applications in MANETs, is therefore discussed

Computer based simulation of optical wireless communications for the development of optimized error protection and correction schemes

Commercial application of optical wireless communications is currently limited to the area of short range near ground connections, like networks between buildings over a few kilometers. For other areas of application, like data downlinks from flying platforms, demonstrations have been done, but commercial systems for long range communications over many kilometers are not yet available for general usage. The biggest challenge for reliable optical communications is to mitigate the fading of the received optical signal. A possible solution is to implement error protection and correction mechanisms for securing transmitted data. In this dissertation a simplified channel model is developed which can be used for computer based simulation. This simplified channel model is then used for the evaluation of error protection and correction mechanisms applied to the optical wireless channel. Finally generally proposed communication scenarios are evaluated if optical wireless communication is possible, based on the developed channel model. The results show that the combination of forward error correction and selective repeat automatic repeat request protocols can be used to realize reliable optical communication links in all proposed scenarios, even the most challenging ones. The back channel traffic for automatic repeat request protocols leads to a significant reduction of the transmittable user data rate in worst-case scenarios and has to be taken into account for the system design. The developed simulation approach can be used to optimize protocols for the optical wireless channel in order to reduce the load on the back channel and the over all required memory.Die kommerzielle Anwendung der optischen Freiraumkommunikation ist gegenwärtig auf den Bereich der bodennahen Kurzstreckenverbindungen mit wenigen Kilometern Länge begrenzt, beispielsweise Netzwerkverbindung zwischen Gebäuden. In anderen Anwendungsbereichen, z.B. Datendownlinks von fliegenden Plattformen, wurden zwar Technologiedemonstrationen durchgeführt, jedoch sind für solche Langstreckenverbindungen keine alltagstauglichen kommerziellen Systeme verfügbar. Die größte Herausforderung für zuverlässige optische Kommunikation ist die Kompensation der Signalschwankungen des empfangenen optischen Signals. Eine mögliche Lösung für dieses Problem ist die Implementierung von Fehlersicherungs- und Fehlerkorrekturmechanismen, um die Datenübertragung abzusichern. In dieser Dissertation wird ein vereinfachtes Kanalmodell entwickelt, welches für die Simulationen mittels Computern geeignet ist. Dieses vereinfachte Modell wird anschließend für die Bewertung von Fehlersicherungs- und Fehlerkorrekturmechanismen für den optischen Kanal verwendet. Abschliessend wird basierend auf dem entwickelten Kanalmodell der mögliche Einsatz von optischer Freiraumkommunikation in häufig vorgeschlagenen Szenarien untersucht. Die Ergebnisse zeigen, dass die Kombination von Vorwärtsfehlerkorrektur und Protokollen mit selektiver Wiederholung und automatischer Wiederholungsanfrage geeignet ist, um zuverlässige optische Kommunikationsverbindungen in allen vorgeschlagenen Szenarien zu realisieren, selbst in den anspruchsvollsten. Die Datenübertragung auf dem Rückkanal von Protokollen mit automatischer Wiederholungsanfrage führt im schlechtesten Fall zu einer signifikanten Reduzierung der übertragbaren Nutzdatenrate und muss bei der Systemauslegung berücksichtigt werden. Mit dem entwickelten Simulationsansatz können Protokolle für den optischen Funkkanal optimiert werden, um die Belastung des Rückkanals zu reduzieren und um den allgemeinen Speicherbedarf zu reduzieren

IoT-MQTT based denial of service attack modelling and detection

Internet of Things (IoT) is poised to transform the quality of life and provide new business opportunities with its wide range of applications. However, the bene_ts of this emerging paradigm are coupled with serious cyber security issues. The lack of strong cyber security measures in protecting IoT systems can result in cyber attacks targeting all the layers of IoT architecture which includes the IoT devices, the IoT communication protocols and the services accessing the IoT data. Various IoT malware such as Mirai, BASHLITE and BrickBot show an already rising IoT device based attacks as well as the usage of infected IoT devices to launch other cyber attacks. However, as sustained IoT deployment and functionality are heavily reliant on the use of e_ective data communication protocols, the attacks on other layers of IoT architecture are anticipated to increase. In the IoT landscape, the publish/- subscribe based Message Queuing Telemetry Transport (MQTT) protocol is widely popular. Hence, cyber security threats against the MQTT protocol are projected to rise at par with its increasing use by IoT manufacturers. In particular, the Internet exposed MQTT brokers are vulnerable to protocolbased Application Layer Denial of Service (DoS) attacks, which have been known to cause wide spread service disruptions in legacy systems. In this thesis, we propose Application Layer based DoS attacks that target the authentication and authorisation mechanism of the the MQTT protocol. In addition, we also propose an MQTT protocol attack detection framework based on machine learning. Through extensive experiments, we demonstrate the impact of authentication and authorisation DoS attacks on three opensource MQTT brokers. Based on the proposed DoS attack scenarios, an IoT-MQTT attack dataset was generated to evaluate the e_ectiveness of the proposed framework to detect these malicious attacks. The DoS attack evaluation results obtained indicate that such attacks can overwhelm the MQTT brokers resources even when legitimate access to it was denied and resources were restricted. The evaluations also indicate that the proposed DoS attack scenarios can signi_cantly increase the MQTT message delay, especially in QoS2 messages causing heavy tail latencies. In addition, the proposed MQTT features showed high attack detection accuracy compared to simply using TCP based features to detect MQTT based attacks. It was also observed that the protocol _eld size and length based features drastically reduced the false positive rates and hence, are suitable for detecting IoT based attacks

The Proceedings of 14th Australian Digital Forensics Conference, 5-6 December 2016, Edith Cowan University, Perth, Australia

Conference Foreword This is the fifth year that the Australian Digital Forensics Conference has been held under the banner of the Security Research Institute, which is in part due to the success of the security conference program at ECU. As with previous years, the conference continues to see a quality papers with a number from local and international authors. 11 papers were submitted and following a double blind peer review process, 8 were accepted for final presentation and publication. Conferences such as these are simply not possible without willing volunteers who follow through with the commitment they have initially made, and I would like to take this opportunity to thank the conference committee for their tireless efforts in this regard. These efforts have included but not been limited to the reviewing and editing of the conference papers, and helping with the planning, organisation and execution of the conference. Particular thanks go to those international reviewers who took the time to review papers for the conference, irrespective of the fact that they are unable to attend this year. To our sponsors and supporters a vote of thanks for both the financial and moral support provided to the conference. Finally, to the student volunteers and staff of the ECU Security Research Institute, your efforts as always are appreciated and invaluable. Yours sincerely, Conference Chair Professor Craig Valli Director, Security Research Institut

Towards Trouble-Free Networks for End Users

Network applications and Internet services fail all too frequently. However, end users cannot effectively identify the root cause using traditional troubleshooting techniques due to the limited capability to distinguish failures caused by local network elements from failures caused by elements located outside the local area network. To overcome these limitations, we propose a new approach, one that leverages collaboration of user machines to assist end users in diagnosing various failures related to Internet connectivity and poor network performance. First, we present DYSWIS ("Do You See What I See?"), an automatic network fault detection and diagnosis system for end users. DYSWIS identifies the root cause(s) of network faults using diagnostic rules that consider diverse information from multiple nodes. In addition, the DYSWIS rule system is specially designed to support crowdsourced and distributed probes. We also describe the architecture of DYSWIS and compare its performance with other tools. Finally, we demonstrate that the system successfully detects and diagnoses network failures which are difficult to diagnose using a single-user probe. Failures in lower layers of the protocol stack also have the potential to disrupt Internet access; for example, slow Internet connectivity is often caused by poor Wi-Fi performance. Channel contention and non-Wi-Fi interference are the primary reasons for this performance degradation. We investigate the characteristics of non-Wi-Fi interference that can severely degrade Wi-Fi performance and present WiSlow ("Why is my Wi-Fi slow?"), a software tool that diagnoses the root causes of poor Wi-Fi performance. WiSlow employs user-level network probes and leverages peer collaboration to identify the physical location of these causes. The software includes two principal methods: packet loss analysis and 802.11 ACK number analysis. When the issue is located near Wi-Fi devices, the accuracy of WiSlow exceeds 90%. Finally, we expand our collaborative approach to the Internet of Things (IoT) and propose a platform for network-troubleshooting on home devices. This platform takes advantage of built-in technology common to modern devices --- multiple communication interfaces. For example, when a home device has a problem with an interface it sends a probe request to other devices using an alternative interface. The system then exploits cooperation of both internal devices and remote machines. We show that this approach is useful in home networks by demonstrating an application that contains actual diagnostic algorithms

User-Centric Quality of Service Provisioning in IP Networks

The Internet has become the preferred transport medium for almost every type of communication, continuing to grow, both in terms of the number of users and delivered services. Efforts have been made to ensure that time sensitive applications receive sufficient resources and subsequently receive an acceptable Quality of Service (QoS). However, typical Internet users no longer use a single service at a given point in time, as they are instead engaged in a multimedia-rich experience, comprising of many different concurrent services. Given the scalability problems raised by the diversity of the users and traffic, in conjunction with their increasing expectations, the task of QoS provisioning can no longer be approached from the perspective of providing priority to specific traffic types over coexisting services; either through explicit resource reservation, or traffic classification using static policies, as is the case with the current approach to QoS provisioning, Differentiated Services (Diffserv). This current use of static resource allocation and traffic shaping methods reveals a distinct lack of synergy between current QoS practices and user activities, thus highlighting a need for a QoS solution reflecting the user services. The aim of this thesis is to investigate and propose a novel QoS architecture, which considers the activities of the user and manages resources from a user-centric perspective. The research begins with a comprehensive examination of existing QoS technologies and mechanisms, arguing that current QoS practises are too static in their configuration and typically give priority to specific individual services rather than considering the user experience. The analysis also reveals the potential threat that unresponsive application traffic presents to coexisting Internet services and QoS efforts, and introduces the requirement for a balance between application QoS and fairness. This thesis proposes a novel architecture, the Congestion Aware Packet Scheduler (CAPS), which manages and controls traffic at the point of service aggregation, in order to optimise the overall QoS of the user experience. The CAPS architecture, in contrast to traditional QoS alternatives, places no predetermined precedence on a specific traffic; instead, it adapts QoS policies to each individual’s Internet traffic profile and dynamically controls the ratio of user services to maintain an optimised QoS experience. The rationale behind this approach was to enable a QoS optimised experience to each Internet user and not just those using preferred services. Furthermore, unresponsive bandwidth intensive applications, such as Peer-to-Peer, are managed fairly while minimising their impact on coexisting services. The CAPS architecture has been validated through extensive simulations with the topologies used replicating the complexity and scale of real-network ISP infrastructures. The results show that for a number of different user-traffic profiles, the proposed approach achieves an improved aggregate QoS for each user when compared with Best effort Internet, Traditional Diffserv and Weighted-RED configurations. Furthermore, the results demonstrate that the proposed architecture not only provides an optimised QoS to the user, irrespective of their traffic profile, but through the avoidance of static resource allocation, can adapt with the Internet user as their use of services change.France Teleco

Wireless triple play system

Dissertação para obtenção do Grau de Mestre em Engenharia Electrotécnica e ComputadoresTriple play is a service that combines three types of services: voice, data and multimedia over a single communication channel for a price that is less than the total price of the individual services. However there is no standard for provisioning the Triple play services, rather they are provisioned individually, since the requirements are quite different for each service. The digital revolution helped to create and deliver a high quality media solutions. One of the most demanding services is the Video on Demand (VoD). This implicates a dedicated streaming channel for each user in order to provide normal media player commands (as pause, fast forward). Most of the multimedia companies that develops personalized products does not always fulfil the users needs and are far from being cheap solutions. The goal of the project was to create a reliable and scalable triple play solution that works via Wireless Local Area Network (WLAN), fully capable of dealing with the existing state of the art multimedia technologies only resorting to open-source tools. This project was design to be a transparent web environment using only web technologies to maximize the potential of the services. HyperText Markup Language (HTML),Cascading Style Sheets (CSS) and JavaScript were the used technologies for the development of the applications. Both a administration and user interfaces were developed to fully manage all video contents and properly view it in a rich and appealing application, providing the proof of concept. The developed prototype was tested in a WLAN with up to four clients and the Quality of Service (QoS) and Quality of Experience (QoE) was measured for several combinations of active services. In the end it is possible to acknowledge that the developed prototype was capable of dealing with all the problems of WLAN technologies and successfully delivery all the proposed services with high QoE