A Survey on Wireless Sensor Network Security

Wireless sensor networks (WSNs) have recently attracted a lot of interest in the research community due their wide range of applications. Due to distributed nature of these networks and their deployment in remote areas, these networks are vulnerable to numerous security threats that can adversely affect their proper functioning. This problem is more critical if the network is deployed for some mission-critical applications such as in a tactical battlefield. Random failure of nodes is also very likely in real-life deployment scenarios. Due to resource constraints in the sensor nodes, traditional security mechanisms with large overhead of computation and communication are infeasible in WSNs. Security in sensor networks is, therefore, a particularly challenging task. This paper discusses the current state of the art in security mechanisms for WSNs. Various types of attacks are discussed and their countermeasures presented. A brief discussion on the future direction of research in WSN security is also included.Comment: 24 pages, 4 figures, 2 table

Measurement-Driven Algorithm and System Design for Wireless and Datacenter Networks

The growing number of mobile devices and data-intensive applications pose unique challenges for wireless access networks as well as datacenter networks that enable modern cloud-based services. With the enormous increase in volume and complexity of traffic from applications such as video streaming and cloud computing, the interconnection networks have become a major performance bottleneck. In this thesis, we study algorithms and architectures spanning several layers of the networking protocol stack that enable and accelerate novel applications and that are easily deployable and scalable. The design of these algorithms and architectures is motivated by measurements and observations in real world or experimental testbeds. In the first part of this thesis, we address the challenge of wireless content delivery in crowded areas. We present the AMuSe system, whose objective is to enable scalable and adaptive WiFi multicast. AMuSe is based on accurate receiver feedback and incurs a small control overhead. This feedback information can be used by the multicast sender to optimize multicast service quality, e.g., by dynamically adjusting transmission bitrate. Specifically, we develop an algorithm for dynamic selection of a subset of the multicast receivers as feedback nodes which periodically send information about the channel quality to the multicast sender. Further, we describe the Multicast Dynamic Rate Adaptation (MuDRA) algorithm that utilizes AMuSe's feedback to optimally tune the physical layer multicast rate. MuDRA balances fast adaptation to channel conditions and stability, which is essential for multimedia applications. We implemented the AMuSe system on the ORBIT testbed and evaluated its performance in large groups with approximately 200 WiFi nodes. Our extensive experiments demonstrate that AMuSe can provide accurate feedback in a dense multicast environment. It outperforms several alternatives even in the case of external interference and changing network conditions. Further, our experimental evaluation of MuDRA on the ORBIT testbed shows that MuDRA outperforms other schemes and supports high throughput multicast flows to hundreds of nodes while meeting quality requirements. As an example application, MuDRA can support multiple high quality video streams, where 90% of the nodes report excellent or very good video quality. Next, we specifically focus on ensuring high Quality of Experience (QoE) for video streaming over WiFi multicast. We formulate the problem of joint adaptation of multicast transmission rate and video rate for ensuring high video QoE as a utility maximization problem and propose an online control algorithm called DYVR which is based on Lyapunov optimization techniques. We evaluated the performance of DYVR through analysis, simulations, and experiments using a testbed composed of Android devices and o the shelf APs. Our evaluation shows that DYVR can ensure high video rates while guaranteeing a low but acceptable number of segment losses, buffer underflows, and video rate switches. We leverage the lessons learnt from AMuSe for WiFi to address the performance issues with LTE evolved Multimedia Broadcast/Multicast Service (eMBMS). We present the Dynamic Monitoring (DyMo) system which provides low-overhead and real-time feedback about eMBMS performance. DyMo employs eMBMS for broadcasting instructions which indicate the reporting rates as a function of the observed Quality of Service (QoS) for each UE. This simple feedback mechanism collects very limited QoS reports which can be used for network optimization. We evaluated the performance of DyMo analytically and via simulations. DyMo infers the optimal eMBMS settings with extremely low overhead, while meeting strict QoS requirements under different UE mobility patterns and presence of network component failures. In the second part of the thesis, we study datacenter networks which are key enablers of the end-user applications such as video streaming and storage. Datacenter applications such as distributed file systems, one-to-many virtual machine migrations, and large-scale data processing involve bulk multicast flows. We propose a hardware and software system for enabling physical layer optical multicast in datacenter networks using passive optical splitters. We built a prototype and developed a simulation environment to evaluate the performance of the system for bulk multicasting. Our evaluation shows that the optical multicast architecture can achieve higher throughput and lower latency than IP multicast and peer-to-peer multicast schemes with lower switching energy consumption. Finally, we study the problem of congestion control in datacenter networks. Quantized Congestion Control (QCN), a switch-supported standard, utilizes direct multi-bit feedback from the network for hardware rate limiting. Although QCN has been shown to be fast-reacting and effective, being a Layer-2 technology limits its adoption in IP-routed Layer 3 datacenters. We address several design challenges to overcome QCN feedback's Layer- 2 limitation and use it to design window-based congestion control (QCN-CC) and load balancing (QCN-LB) schemes. Our extensive simulations, based on real world workloads, demonstrate the advantages of explicit, multi-bit congestion feedback, especially in a typical environment where intra-datacenter traffic with short Round Trip Times (RTT: tens of s) run in conjunction with web-facing traffic with long RTTs (tens of milliseconds)

Large scale collaborative virtual environments

[N.B. Pagination of eThesis differs from printed thesis. The content is identical.] This thesis is concerned with the theory, design, realisation and evaluation of large-scale collaborative virtual environments. These are 3D audio-graphical computer generated environments which actively support collaboration between potentially large numbers of distributed users. The approach taken in this thesis reflects both the sociology of interpersonal communication and the management of communication in distributed systems. The first part of this thesis presents and evaluates MASSIVE-1, a virtual reality tele-conferencing system which implements the spatial model of interaction of Benford and Fahlén. The evaluation of MASSIVE-1 has two components: a user-oriented evaluation of the system’s facilities and the underlying awareness model; and a network-oriented evaluation and modelling of the communication requirements of the system with varying numbers of users. This thesis proposes the “third party object” concept as an extension to the spatial model of interaction. Third party objects can be used to represent the influence of context or environment on interaction and awareness, for example, the effects of boundaries, rooms and crowds. Third party objects can also be used to introduce and manage dynamic aggregates or abstractions within the environments (for example abstract overviews of distant crowds of participants). The third party object concept is prototyped in a second system, MASSIVE-2. MASSIVE-2 is also evaluated in two stages. The first is a user-oriented reflection on the capabilities and effectiveness of the third party concept as realised in the system. The second stage of the evaluation develops a predictive model of total and per-participant network bandwidth requirements for systems of this kind. This is used to analyse a number of design decisions relating to this type of system, including the use of multicasting and the form of communication management adopted

Quality of service aware data dissemination in vehicular Ad Hoc networks

Des systèmes de transport intelligents (STI) seront éventuellement fournis dans un proche avenir pour la sécurité et le confort des personnes lors de leurs déplacements sur les routes. Les réseaux ad-hoc véhiculaires (VANETs) représentent l'élément clé des STI. Les VANETs sont formés par des véhicules qui communiquent entre eux et avec l'infrastructure. En effet, les véhicules pourront échanger des messages qui comprennent, par exemple, des informations sur la circulation routière, les situations d'urgence et les divertissements. En particulier, les messages d'urgence sont diffusés par des véhicules en cas d'urgence (p.ex. un accident de voiture); afin de permettre aux conducteurs de réagir à temps (p.ex., ralentir), les messages d'urgence doivent être diffusés de manière fiable dans un délai très court. Dans les VANETs, il existe plusieurs facteurs, tels que le canal à pertes, les terminaux cachés, les interférences et la bande passante limitée, qui compliquent énormément la satisfaction des exigences de fiabilité et de délai des messages d'urgence. Dans cette thèse, en guise de première contribution, nous proposons un schéma de diffusion efficace à plusieurs sauts, appelé Dynamic Partitioning Scheme (DPS), pour diffuser les messages d'urgence. DPS calcule les tailles de partitions dynamiques et le calendrier de transmission pour chaque partition; à l'intérieur de la zone arrière de l'expéditeur, les partitions sont calculées de sorte qu'en moyenne chaque partition contient au moins un seul véhicule; l'objectif est de s'assurer que seul un véhicule dans la partition la plus éloignée (de l'expéditeur) est utilisé pour diffuser le message, jusqu'au saut suivant; ceci donne lieu à un délai d'un saut plus court. DPS assure une diffusion rapide des messages d'urgence. En outre, un nouveau mécanisme d'établissement de liaison, qui utilise des tonalités occupées, est proposé pour résoudre le problème du problème de terminal caché. Dans les VANETs, la Multidiffusion, c'est-à-dire la transmission d'un message d'une source à un nombre limité de véhicules connus en tant que destinations, est très importante. Par rapport à la diffusion unique, avec Multidiffusion, la source peut simultanément prendre en charge plusieurs destinations, via une arborescence de multidiffusion, ce qui permet d'économiser de la bande passante et de réduire la congestion du réseau. Cependant, puisque les VANETs ont une topologie dynamique, le maintien de la connectivité de l'arbre de multidiffusion est un problème majeur. Comme deuxième contribution, nous proposons deux approches pour modéliser l'utilisation totale de bande passante d'une arborescence de multidiffusion: (i) la première approche considère le nombre de segments de route impliqués dans l'arbre de multidiffusion et (ii) la seconde approche considère le nombre d'intersections relais dans l'arbre de multidiffusion. Une heuristique est proposée pour chaque approche. Pour assurer la qualité de service de l'arbre de multidiffusion, des procédures efficaces sont proposées pour le suivi des destinations et la surveillance de la qualité de service des segments de route. Comme troisième contribution, nous étudions le problème de la congestion causée par le routage du trafic de données dans les VANETs. Nous proposons (1) une approche de routage basée sur l’infonuagique qui, contrairement aux approches existantes, prend en compte les chemins de routage existants qui relaient déjà les données dans les VANETs. Les nouvelles demandes de routage sont traitées de sorte qu'aucun segment de route ne soit surchargé par plusieurs chemins de routage croisés. Au lieu d'acheminer les données en utilisant des chemins de routage sur un nombre limité de segments de route, notre approche équilibre la charge des données en utilisant des chemins de routage sur l'ensemble des tronçons routiers urbains, dans le but d'empêcher, dans la mesure du possible, les congestions locales dans les VANETs; et (2) une approche basée sur le réseau défini par logiciel (SDN) pour surveiller la connectivité VANET en temps réel et les délais de transmission sur chaque segment de route. Les données de surveillance sont utilisées en entrée de l'approche de routage.Intelligent Transportation Systems (ITS) will be eventually provided in the near future for both safety and comfort of people during their travel on the roads. Vehicular ad-hoc Networks (VANETs), represent the key component of ITS. VANETs consist of vehicles that communicate with each other and with the infrastructure. Indeed, vehicles will be able to exchange messages that include, for example, information about road traffic, emergency situations, and entertainment. Particularly, emergency messages are broadcasted by vehicles in case of an emergency (e.g., car accident); in order to allow drivers to react in time (e.g., slow down), emergency messages must be reliably disseminated with very short delay. In VANETs, there are several factors, such as lossy channel, hidden terminals, interferences and scarce bandwidth, which make satisfying reliability and delay requirements of emergency messages very challenging. In this thesis, as the first contribution, we propose a reliable time-efficient and multi-hop broadcasting scheme, called Dynamic Partitioning Scheme (DPS), to disseminate emergency messages. DPS computes dynamic partition sizes and the transmission schedule for each partition; inside the back area of the sender, the partitions are computed such that in average each partition contains at least a single vehicle; the objective is to ensure that only a vehicle in the farthest partition (from the sender) is used to disseminate the message, to next hop, resulting in shorter one hop delay. DPS ensures fast dissemination of emergency messages. Moreover, a new handshaking mechanism, that uses busy tones, is proposed to solve the problem of hidden terminal problem. In VANETs, Multicasting, i.e. delivering a message from a source to a limited known number of vehicles as destinations, is very important. Compared to Unicasting, with Multicasting, the source can simultaneously support multiple destinations, via a multicast tree, saving bandwidth and reducing overall communication congestion. However, since VANETs have a dynamic topology, maintaining the connectivity of the multicast tree is a major issue. As the second contribution, we propose two approaches to model total bandwidth usage of a multicast tree: (i) the first approach considers the number of road segments involved in the multicast tree and (ii) the second approach considers the number of relaying intersections involved in the multicast tree. A heuristic is proposed for each approach. To ensure QoS of the multicasting tree, efficient procedures are proposed for tracking destinations and monitoring QoS of road segments. As the third contribution, we study the problem of network congestion in routing data traffic in VANETs. We propose (1) a Cloud-based routing approach that, in opposition to existing approaches, takes into account existing routing paths which are already relaying data in VANETs. New routing requests are processed such that no road segment gets overloaded by multiple crossing routing paths. Instead of routing over a limited set of road segments, our approach balances the load of communication paths over the whole urban road segments, with the objective to prevent, whenever possible, local congestions in VANETs; and (2) a Software Defined Networking (SDN) based approach to monitor real-time VANETs connectivity and transmission delays on each road segment. The monitoring data is used as input to the routing approach