End to end architecture and mechanisms for mobile and wireless communications in the Internet

Architecture et mécanismes de bout en bout pour les communications mobiles et sans fil dans l'Internet. La gestion performante de la mobilité et l'amélioration des performances des couches basses sont deux enjeux fondamentaux dans le contexte des réseaux sans fil. Cette thèse apporte des solutions originales et innovantes qui visent à répondre à ces deux problématiques empêchant à ce jour d'offrir des possibilités de communication performantes et sans couture aux usagers mobiles accédant à l'Internet via des réseaux d'accès locaux sans fil (WLAN). Ces solutions se distinguent en particulier par l'impact minimum qu'elles ont sur les protocoles standards de l'Internet (niveaux transport et réseau) ou de l'IEEE (niveaux physique et liaison de données). S'inscrivant dans les paradigmes de "bout en bout" et "cross-layer", notre architecture permet d'offrir des solutions efficaces pour la gestion de la mobilité : gestion de la localisation et des handover en particulier. En outre, nous montrons que notre approche permet également d'améliorer l'efficacité des transmissions ainsi que de résoudre efficacement plusieurs syndromes identifiés au sein de 802.11 tels que les anomalies de performance, l'iniquité entre les flux et l'absence de contrôle de débit entre la couche MAC et les couches supérieures. Cette thèse résout ces problèmes en combinant des modèles analytiques, des simulations et de réelles expérimentations. Ces mécanismes adaptatifs ont été développés et intégrés dans une architecture de communication qui fournit des services de communication à haute performance pour réseaux sans fils tels que WIFI et WIMAX. ABSTRACT : Wireless networks, because of the potential pervasive and mobile communication services they offer, are becoming the dominant Internet access networks. However, the legacy Internet protocols, still dominant at that time, have not been designed with mobility and wireless in mind. Therefore, numerous maladjustments and “defaults of impedance” can be observed when combining wireless physical and MAC layers with the traditional upper layers. This thesis proposes several solutions for a pacific coexistence between these communication layers that have been defined and designed independently. Reliable mobility management and Low layer performance enhancements are two main challenging issues in the context of wireless networks. Mobility management (which is mostly based on mobile IP architecture nowadays) aims to continuously assign and control the wireless connections of mobile nodes amongst a space of wireless access networks. Low layer performance enhancements mainly focus on the transmission efficiency such as higher rate, lower loss, interference avoidance. This thesis addresses these two important issues from an original and innovative approach that, conversely to the traditional contributions, entails a minimum impact on the legacy protocols and internet infrastructure. Following the “end to end” and “cross layer” paradigms, we address and offer efficient and light solutions to fast handover, location management and continuous connection support through a space of wireless networks. Moreover, we show that such an approach makes it possible to enhance transmission efficiency and solve efficiently several syndromes that plague the performances of current wireless networks such as performance anomaly, unfairness issues and maladjustment between MAC layer and upper layers. This thesis tackles these issues by combining analytical models, simulations and real experiments. The resulting mechanisms have been developed and integrated into adaptive mobility management communication architecture that delivers high performing communication services to mobile wireless systems, with a focus on WIFI and WIMAX access networks

Evolving an efficient and effective off-the-shelf computing infrastructure for schools in rural areas of South Africa

Upliftment of rural areas and poverty alleviation are priorities for development in South Africa. Information and knowledge are key strategic resources for social and economic development and ICTs act as tools to support them, enabling innovative and more cost effective approaches. In order for ICT interventions to be possible, infrastructure has to be deployed. For the deployment to be effective and sustainable, the local community needs to be involved in shaping and supporting it. This study describes the technical work done in the Siyakhula Living Lab (SLL), a long-term ICT4D experiment in the Mbashe Municipality, with a focus on the deployment of ICT infrastructure in schools, for teaching and learning but also for use by the communities surrounding the schools. As a result of this work, computing infrastructure was deployed, in various phases, in 17 schools in the area and a “broadband island” connecting them was created. The dissertation reports on the initial deployment phases, discussing theoretical underpinnings and policies for using technology in education as well various computing and networking technologies and associated policies available and appropriate for use in rural South African schools. This information forms the backdrop of a survey conducted with teachers from six schools in the SLL, together with experimental work towards the provision of an evolved, efficient and effective off-the-shelf computing infrastructure in selected schools, in order to attempt to address the shortcomings of the computing infrastructure deployed initially in the SLL. The result of the study is the proposal of an evolved computing infrastructure model for use in rural South African schools

Enabling and Understanding Failure of Engineering Structures Using the Technique of Cohesive Elements

In this paper, we describe a cohesive zone model for the prediction of failure of engineering solids and/or structures. A damage evolution law is incorporated into a three-dimensional, exponential cohesive law to account for material degradation under the influence of cyclic loading. This cohesive zone model is implemented in the finite element software ABAQUS through a user defined subroutine. The irreversibility of the cohesive zone model is first verified and subsequently applied for studying cyclic crack growth in specimens experiencing different modes of fracture and/or failure. The crack growth behavior to include both crack initiation and crack propagation becomes a natural outcome of the numerical simulation. Numerical examples suggest that the irreversible cohesive zone model can serve as an efficient tool to predict fatigue crack growth. Key issues such as crack path deviation, convergence and mesh dependency are also discussed

Survival in the e-conomy: 2nd Australian information warfare & security conference 2001

This is an international conference for academics and industry specialists in information warfare, security, and other related fields. The conference has drawn participants from national and international organisations

Organisational and cross-organisational identity management

We are all familiar with the overwhelming number of usernames and passwords needed in our daily life in the networked world. Services need to identify their end users and keep record on them. Traditionally, this has been done by providing the end user with an extra username and password for each new service. Managing all these isolated user identities is painful for the end user and work-intensive for the service owner. Having out-of-date user accounts and privileges is also a security threat for an organisation. Identity management refers to the process of representing and recognising entities as digital identities in computer networks. In an organisation, an end user s identity has a lifecycle. An identity is created when the user enters the organisation; for example, a new employee is hired, a student is admitted in a school or a company gets a new customer. Changes in the end user s affiliation to the organisation are reflected to his identity, and when the end user departs, his identity needs to be revoked. Organisational identity management develops and maintains an architecture that supports maintenance of user identities during their life cycle. In crossorganisational identity management, these identities are used also when accessing services that are outside the organisation. This thesis studies identity management in organisational and cross-organisational services. An organisation s motivations for improving identity management are presented. Attention is paid to how the person registries in an organisation should be interconnected to introduce an aggregated view on an end user s identity. Connection between identity management and introduction of more reliable authentication methods is shown. The author suggests what needs to be taken into account in a usable deployment of single sign-on and PKI for authentication. Federated identity management is a new way to implement end user identity management in services that cross organisational boundaries. This thesis studies how to establish a federation, an association of organisations that wants to exchange information about their users and services to enable cross-organisational collaborations and transactions. The author presents guidelines for organising a federation and preserving an end user s privacy in it. Finally, common use scenarios for federated identity management are presented

A session-based architecture for Internet mobility

Thesis (Ph. D.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, February 2003.Includes bibliographical references (p. 179-189).The proliferation of mobile computing devices and wireless networking products over the past decade has led to an increasingly nomadic computing lifestyle. A computer is no longer an immobile, gargantuan machine that remains in one place for the lifetime of its operation. Today's personal computing devices are portable, and Internet access is becoming ubiquitous. A well-traveled laptop user might use half a dozen different networks throughout the course of a day: a cable modem from home, wide-area wireless on the commute, wired Ethernet at the office, a Bluetooth network in the car, and a wireless, local-area network at the airport or the neighborhood coffee shop. Mobile hosts are prone to frequent, unexpected disconnections that vary greatly in duration. Despite the prevalence of these multi-homed mobile devices, today's operating systems on both mobile hosts and fixed Internet servers lack fine-grained support for network applications on intermittently connected hosts. We argue that network communication is well-modeled by a session abstraction, and present Migrate, an architecture based on system support for a flexible session primitive. Migrate works with application-selected naming services to enable seamless, mobile "suspend/resume" operation of legacy applications and provide enhanced functionality for mobile-aware, session-based network applications, enabling adaptive operation of mobile clients and allowing Internet servers to support large numbers of intermittently connected sessions. We describe our UNIX-based implementation of Migrate and show that sessions are a flexible, robust, and efficient way to manage mobile end points, even for legacy applications.(cont.) In addition, we demonstrate two popular Internet servers that have been extended to leverage our novel notion of session continuations to enable support for large numbers of suspended clients with only minimal resource impact. Experimental results show that Migrate introduces only minor throughput degradation (less than 2% for moderate block sizes) when used over popular access link technologies, gracefully detects and suspends disconnected sessions, rapidly resumes from suspension, and integrates well with existing applications.by Mark Alexander Connell Snoeren.Ph.D

An examination of the Asus WL-HDD 2.5 as a nepenthes malware collector

The Linksys WRT54g has been used as a host for network forensics tools for instance Snort for a long period of time. Whilst large corporations are already utilising network forensic tools, this paper demonstrates that it is quite feasible for a non-security specialist to track and capture malicious network traffic. This paper introduces the Asus Wireless Hard disk as a replacement for the popular Linksys WRT54g. Firstly, the Linksys router will be introduced detailing some of the research that was undertaken on the device over the years amongst the security community. It then briefly discusses malicious software and the impact this may have for a home user. The paper then outlines the trivial steps in setting up Nepenthes 0.1.7 (a malware collector) for the Asus WL-HDD 2.5 according to the Nepenthes and tests the feasibility of running the malware collector on the selected device. The paper then concludes on discussing the limitations of the device when attempting to execute Nepenthes

A Model for User Based IP Traffic Accounting

Nowadays, accounting, charging and billing users' network resource consumption are commonly used for the purpose of facilitating reasonable network usage, controlling congestion, allocating cost, gaining revenue, etc. In traditional IP traffic accounting systems, IP addresses are used to identify the corresponding consumers of the network resources. However, there are some situations in which IP addresses cannot be used to identify users uniquely, for example, in multi-user systems. In these cases, network resource consumption can only be ascribed to the owners of these hosts instead of corresponding real users who have consumed the network resources. Therefore, accurate accountability in these systems is practically impossible. This is a flaw of the traditional IP address based IP traffic accounting technique. This dissertation proposes a user based IP traffic accounting model which can facilitate collecting network resource usage information on the basis of users. With user based IP traffic accounting, IP traffic can be distinguished not only by IP addresses but also by users. In this dissertation, three different schemes, which can achieve the user based IP traffic accounting mechanism, are discussed in detail. The inband scheme utilizes the IP header to convey the user information of the corresponding IP packet. The Accounting Agent residing in the measured host intercepts IP packets passing through it. Then it identifies the users of these IP packets and inserts user information into the IP packets. With this mechanism, a meter located in a key position of the network can intercept the IP packets tagged with user information, extract not only statistic information, but also IP addresses and user information from the IP packets to generate accounting records with user information. The out-of-band scheme is a contrast scheme to the in-band scheme. It also uses an Accounting Agent to intercept IP packets and identify the users of IP traffic. However, the user information is transferred through a separated channel, which is different from the corresponding IP packets' transmission. The Multi-IP scheme provides a different solution for identifying users of IP traffic. It assigns each user in a measured host a unique IP address. Through that, an IP address can be used to identify a user uniquely without ambiguity. This way, traditional IP address based accounting techniques can be applied to achieve the goal of user based IP traffic accounting. In this dissertation, a user based IP traffic accounting prototype system developed according to the out-of-band scheme is also introduced. The application of user based IP traffic accounting model in the distributed computing environment is also discussed.Ein Modell für Nutzerbasiertes IP-Verkehr Accountin

Bioinspired metaheuristic algorithms for global optimization

This paper presents concise comparison study of newly developed bioinspired algorithms for global optimization problems. Three different metaheuristic techniques, namely Accelerated Particle Swarm Optimization (APSO), Firefly Algorithm (FA), and Grey Wolf Optimizer (GWO) are investigated and implemented in Matlab environment. These methods are compared on four unimodal and multimodal nonlinear functions in order to find global optimum values. Computational results indicate that GWO outperforms other intelligent techniques, and that all aforementioned algorithms can be successfully used for optimization of continuous functions

Experimental Evaluation of Growing and Pruning Hyper Basis Function Neural Networks Trained with Extended Information Filter

In this paper we test Extended Information Filter (EIF) for sequential training of Hyper Basis Function Neural Networks with growing and pruning ability (HBF-GP). The HBF neuron allows different scaling of input dimensions to provide better generalization property when dealing with complex nonlinear problems in engineering practice. The main intuition behind HBF is in generalization of Gaussian type of neuron that applies Mahalanobis-like distance as a distance metrics between input training sample and prototype vector. We exploit concept of neuron’s significance and allow growing and pruning of HBF neurons during sequential learning process. From engineer’s perspective, EIF is attractive for training of neural networks because it allows a designer to have scarce initial knowledge of the system/problem. Extensive experimental study shows that HBF neural network trained with EIF achieves same prediction error and compactness of network topology when compared to EKF, but without the need to know initial state uncertainty, which is its main advantage over EKF