Security Policy Management for a Cooperative Firewall

Increasing popularity of the Internet service and increased number of connected devices along with the introduction of IoT are making the society ever more dependent on the Internet services availability. Therefore, we need to ensure the minimum level of security and reliability of services. Ultra-Reliable Communication (URC) refers to the availability of life and business critical services nearly 100 percent of the time. These requirements are an integral part of upcoming 5th generation (5G) mobile networks. 5G is the future mobile network, which at the same time is part of the future Internet. As an extension to the conventional communication architecture, 5G needs to provide ultra-high reliability of services where; it needs to perform better than the currently available solutions in terms of security, confidentiality, integrity and reliability and it should mitigate the risks of Internet attack and malicious activities. To achieve such requirements, Customer Edge Switching (CES) architecture is presented. It proposes that the Internet user’s agent in the network provider needs to have prior information about the expected traffic of users to mitigate maximum attacks and only allow expected communication between hosts. CES executes communication security policies of each user or device acting as the user’s agent. The policy describes with fine granularity what traffic is expected by the device. The policies are sourced as automatically as possible but can also be modified by the user. Stored policies will follow the mobile user and will be executed at the network edge node executing Customer Edge Switch functions to stop all unexpected traffic from entering the mobile network. State-of-the-art in mobile network architectures utilizes the Quality of Service (QoS) policies of users. This thesis motivates the extension of current architecture to accommodate security and communication policy of end-users. The thesis presents an experimental implementation of a policy management system which is termed as Security Policy Management (SPM) to handle above-mentioned policies of users. We describe the architecture, implementation and integration of SPM with the Customer Edge Switching. Additionally, SPM has been evaluated in terms of performance, scalability, reliability and security offered via 5G customer edge nodes. Finally, the system has been analyzed for feasibility in the 5G architecture

MDSA, MULTI DECISION SCHEDULING ALGORITHM FOR UE ENERGY POWER SAVING ON MOBILE NETWORKS

Nowadays general different kind of recurrent network applications on mobile phones are like: news feed, podcast and e-mail which mostly run in the background and are a significant source of power consumption on battery limited mobile phones. Theory of scheduling such applications by prioritizing and evaluating step by step based on many conditions (or even parameters, timers) like radio network parameters, timeout values, coverage conditions or RSSI, switching between 2G and 3G on packet data, etc is our main focus on this paper. Cellular network providers typically try to control these timeout values, though some mobile devices use a technique called fast dormancy in order to reduce the time out duration which mostly results in huge power consumption for end user. The duration of this timeout, which ranges from a few seconds to ten seconds or more, is chosen to balance the cost of signaling for resource allocation to move a radio into active state (and the resulting latency and energy costs on the device) and the wasted resources due to maintaining a radio unnecessarily in active state. We also illustrate the significant energy savings that can be achieved via scheduling of recurrent mobile phone applications considering some network parameters, conditions and also user activity time (clock time) and phone battery condition as an add. These kinds of applications such as email syncing, facebook or photo uploads can defer communication, up to a point, without sacrificing service and user perception. Other applications such as on-demand streaming can prefetch content in anticipation of future need and this will not be considered for now on our study. The other very common service for mobile users is voice and by transmitting data when a call is active brings an extension on mobile phones battery life

CAMEO: A Middleware for Mobile Advertisement Delivery

National Research Foundation (NRF) Singapor

An Evaluation of Smartphone Resources Used by Web Advertisements

With the rapid advancement of mobile devices, people have become more attached to them than ever. This rapid growth combined with millions of applications (apps) make smartphones a favourite means of communication among users. In general, the available contents on smartphones, apps and the web, come into two versions: (i) free contents that are monetized via advertisements (ads), and (ii) paid ones that are monetized by user subscription fees. However, the resources (energy, bandwidth, processing power) on-board are limited, and the existence of ads in either websites or free apps can adversely impact these resources. These issues brought the need for good understanding of the mobile advertising eco-system and how such limited resources can be efficiently used. This thesis focuses on mobile web browsing. Surfing web-pages on smatphones is one of the most commonly used task among smartphone users. However, web-page complexity is increasing, especially when designed for desktop computers. On one hand, the existence of ads in web-pages is essential for publishers' monetization strategy. On the other hand, their existence in webpages leads to even higher complexity of the webpages. This complexity in the smartphone environment, where the battery and bandwidth resources are limited, is reflected in longer loading time, more energy consumed, and more bytes transferred. With this view, quantifying the energy consumption due to web ads in smartphones is essential for publishers to optimize their webpages, and for system designers to develop an energy-aware applications (browsers) and protocols. Apart from their energy impact, ads consume network bandwidth as well. Therefore, quantifying the bandwidth consumption due to downloading web ads is crucial to creating more energy and bandwidth aware applications. This thesis first classifies web content into: (i) core information, and (ii) forced ``unwanted" information, namely ads. Then, describes an approach that enables the separation of web content in a number of a websites. Having done so, the energy cost due to downloading, rendering, and displaying web ads over Wi-Fi and 3G networks is evaluated. That is, how much energy web ads contribute to the total consumed energy when a user accesses the web. Furthermore, the bandwidth consumed by web ads in a number of well-known websites is also evaluated. Motivated by our findings about ads' impact on the energy and bandwidth, the thesis proposes and implements a novel web-browsing technique that adapts the webpages delivered to smartphones, based on a smartphone's current battery level and the network type. Webpages are adapted by controlling the amount of ads to be displayed. Validation tests confirm that the system, in some cases, can extend smartphone battery life by up to ~ 30\% and save wireless bandwidth up to ~ 44\%

Test process analysis of Gateway GPRS Support Node

Tässä diplomityössä tarkastellaan GPRS ja 3G verkon yhdyskäytäväsolmun testausprosessia käyttäen apuna erilaisia testauksen mittareita, vika-analyysiä ja riskianalyysiä. Edellä mainittujen analyysien perusteella suunnitellaan riskiperusteisen testauksen tarkka kohdentaminen. Tavoitteena on löytää keinoja parantaa testauksen tehokkuutta kohdentamalla riskiperusteinen testaus asiakkaan kannalta tärkeimmille ja vika-altteimmille toiminnallisuusalueille. Tämän tuloksena asiakkaalle pystytään toimittamaan parempilaatuinen tuote ja testauksen kustannuksia pystytään alentamaan. Työn teoriaosuudessa selvitetään ensin GPRS yhdyskäytäväsolmun toimintaa ja kommunikointia naapuriverkkoelementtien kanssa. Toiseksi selvitetään ohjelmistokehitysprosessin ja ohjelmistotestauksen perusteita. Työn käytännön osuudessa tutkitaan testauksen mittareita ja tehdään vika-analyysi. Mittareihin ja vika-analyysiin perustuen tehdään tuotteen riskianalyysi, jonka jälkeen pystytään suunnittelemaan riskiperusteinen testaus. Tutkimuksen tärkeimmät johtopäätökset: 1) Yhteistyötä tuotekehityksen, testauksen ja asiakasrajapinnan välillä pitää lisätä ja tehostaa. 2) Vaatimustenhallinnan, testitapaustietokannan ja vikatietokannan käyttöä pitää yhdenmukaistaa. 3) Testauksen ohjausta ja seurantaa helpottavien mittareiden saatavuutta ja reaaliaikaisuutta pitää kehittää.In this thesis the test process of Gateway GPRS Support Node was analysed by means of testing metrics, a defect analysis and a product risk analysis. Based on the before mentioned analyses a risk based testing was planned. The objective of the thesis was to improve the efficiency of the testing by concentrating the risk based testing to the features that are most critical to the customers and also by emphasising the testing of the most error prone functionality areas. The goal is a higher product quality and lower testing costs. In the theoretical part of the thesis firstly the functionality of Gateway GPRS Support Node is explained and also the protocols and interfaces towards the other network elements are investigated. Secondly the basics of the software creation process and the software testing are described. In the practical part of the thesis the testing metrics are researched and the defect analysis is performed. Then the risk based testing is planned based on the product risk analysis. Main conclusions of the study: 1) Co-operation between the product development, the testing and the customer support should be strengthened. 2) The usage of the requirement management database, the test management database and the defect tracking database should be harmonized. 3) The availability of the real-time testing metrics should be improved

Mobile Map Browsers: Anticipated User Interaction for Data Pre-fetching

When browsing a graphical display of geospatial data on mobile devices, users typically change the displayed maps by panning, zooming in and out, or rotating the device. Limited storage space on mobile devices and slow wireless communications, however, impede the performance of these operations. To overcome the bottleneck that all map data to be displayed on the mobile device need to be downloaded on demand, this thesis investigates how anticipated user interactions affect intelligent pre-fetching so that an on-demand download session is extended incrementally. User interaction is defined as a set of map operations that each have corresponding effects on the spatial dataset required to generate the display. By anticipating user interaction based on past behavior and intuition on when waiting for data is acceptable, it is possible to device a set of strategies to better prepare the device with data for future use. Users that engage with interactive map displays for a variety of tasks, whether it be navigation, information browsing, or data collection, experience a dynamic display to accomplish their goal. With vehicular navigation, the display might update itself as a result of a GPS data stream reflecting movement through space. This movement is not random, especially as is the case of moving vehicles and, therefore, this thesis suggests that mobile map data could be pre-fetched in order to improve usability. Pre-fetching memory-demanding spatial data can benefit usability in several ways, but in particular it can (1) reduce latency when downloading data over wireless connections and (2) better prepare a device for situations where wireless internet connectivity is weak or intermittent. This thesis investigates mobile map caching and devises an algorithm for pre-fetching data on behalf of the application user. Two primary models are compared: isotropic (direction-independent) and anisotropic (direction-dependent) pre-fetching. A prefetching simulation is parameterized with many trajectories that vary in complexity (a metric of direction change within the trajectory) and it is shown that, although anisotropic pre-fetching typically results in a better pre-fetching accuracy, it is not ideal for all scenarios. This thesis suggests a combination of models to accommodate the significant variation in moving object trajectories. In addition, other methods for pre-fetching spatial data are proposed for future research

The Internet is a Series of Tubes

Internet adoption tends to progress in phases: early rapid adoption in urban areas and by relatively well-educated and higher-income households, then transitioning to a slower pace once between 70 and 85% of households subscribe. For example, in a 2013 survey, the Pew Research Internet Project found that approximately 15% of the adult population does not use the Internet; those least likely to use the Internet include “senior citizens, adults with less than a high-school education and those living in households earning less than $30,000 per year.

Creating Usage Models to Identify Misbehaving Applications on Mobile Devices

Limited battery capacity is currently a major pain point for mobile users. The problem is made worse when poorly designed applications consume a significant amount of power in the background when they are not actively used by the user. To combat this problem, we propose an automated monitoring system that can detect misbehaving applications running on mobile devices. Our system does not require any prior knowledge about the monitored applications. Instead, it collects the user’s usage records and builds models to encapsulate the contexts when the user is likely to use each application. From those models, our system can identify misbehaving applications that are consuming system resources while providing no useful service to the end user. In this dissertation, we demonstrate the overall design for our system. This design allows us to collect detailed usage records while keeping our system’s power consumption at a minimum. We also introduce the steps we take to construct our usage models and the rationale behind each key decisions. In the end, we evaluate the effectiveness of our system by running it on a real Android device during a two month period. From the experiment, we show the misbehaving applications identified by our system have a significant impact on the battery life, and misbehaving applications with high network usage is the main cause of fast battery drain

On Providing Energy-efficient Data Transmission to Mobile Devices

The transformation from telephony to mobile Internet has fundamentally changed the way we interact with the world by delivering ubiquitous Internet access and reasonable cost of connectivity. The mobile networks and Internet services are supportive of each other and together drive a fast development of new services and the whole ecosystem. As a result, the number of mobile subscribers has skyrocketed to a magnitude of billions, and the volume of mobile traffic has boomed up to a scale no-one has seen before with exponential growth predictions. However, the opportunities and problems are both rising. Therefore, to enable sustainable growth of the mobile Internet and continued mobile service adaption, this thesis proposes solutions to ensure that the reduction of overall environmental presence and the level of QoE are mutually addressed by providing energy-efficient data transmission to mobile devices. It is important to understand the characteristics of power consumption of mobile data transmission to find opportunities to balance the energy consumption and the growth of mobile services and the data volumes. This research started with power consumption measurements of various radio interfaces and investigations of the trade-off between computation and communication of modern mobile devices. Power consumption models, state machines and the conditions for energy-efficient mobile data transmission were proposed to guide the development of energy-saving solutions. This research has then employed the defined guideline to optimise data transmission for energy-efficient mobile web access. Proxy-based solutions are presented in this thesis, utilising several strategies: bundling-enabled traffic shaping to optimise TCP behaviour over congested wireless links and keep the radio interface in low power consumption states as much as possible, offloading HTTP-object fetching to shorten the time of DNS lookups and web content downloading, and applying selective compression on HTTP payload to further reduce energy consumption of mobile data transmission. As a result, the solutions dramatically reduce the energy consumption of mobile web access and download time, yet maintain or even increase user experience