Prediction-enhanced Routing in Disruption-tolerant Satellite Networks

This thesis introduces a framework for enhancing DTN (Delay-/Disruption-Tolerant Networking) routing in dynamic LEO satellite constellations based on the prediction of contacts. The solution is developed with a clear focus on the requirements imposed by the 'Ring Road' use case, mandating a concept for dynamic contact prediction and its integration into a state-of-the-art routing approach. The resulting system does not restrict possible applications to the 'Ring Road,' but allows for flexible adaptation to further use cases. A thorough evaluation shows that employing proactive routing in concert with a prediction mechanism offers significantly improved performance when compared to alternative opportunistic routing techniques

Backscatter from the Data Plane --- Threats to Stability and Security in Information-Centric Networking

Information-centric networking proposals attract much attention in the ongoing search for a future communication paradigm of the Internet. Replacing the host-to-host connectivity by a data-oriented publish/subscribe service eases content distribution and authentication by concept, while eliminating threats from unwanted traffic at an end host as are common in today's Internet. However, current approaches to content routing heavily rely on data-driven protocol events and thereby introduce a strong coupling of the control to the data plane in the underlying routing infrastructure. In this paper, threats to the stability and security of the content distribution system are analyzed in theory and practical experiments. We derive relations between state resources and the performance of routers and demonstrate how this coupling can be misused in practice. We discuss new attack vectors present in its current state of development, as well as possibilities and limitations to mitigate them.Comment: 15 page

Supporting Protocols for Structuring and Intelligent Information Dissemination in Vehicular Ad Hoc Networks

The goal of this dissertation is the presentation of supporting protocols for structuring and intelligent data dissemination in vehicular ad hoc networks (VANETs). The protocols are intended to first introduce a structure in VANETs, and thus promote the spatial reuse of network resources. Segmenting a flat VANET in multiple cluster structures allows for more efficient use of the available bandwidth, which can effectively increase the capacity of the network. The cluster structures can also improve the scalability of the underlying communication protocols. The structuring and maintenance of the network introduces additional overhead. The aim is to provide a mechanism for creating stable cluster structures in VANETs, and to minimize this associated overhead. Further a hybrid overlay-based geocast protocol for VANETs is presented. The protocol utilizes a backbone overlay virtual infrastructure on top of the physical network to provide geocast support, which is crucial for intervehicle communications since many applications provide group-oriented and location-oriented services. The final contribution is a structureless information dissemination scheme which creates a layered view of road conditions with a diminishing resolution as the viewing distance increases. Namely, the scheme first provides a high-detail local view of a given vehicle\u27s neighbors and its immediate neighbors, which is further extended when information dissemination is employed. Each vehicle gets aggregated information for road conditions beyond this extended local view. The scheme allows for the preservation of unique reports within aggregated frames, such that safety critical notifications are kept in high detail, all for the benefit of the driver\u27s improved decision making during emergency scenarios

TruSDN: Bootstrapping Trust in Cloud Network Infrastructure

Software-Defined Networking (SDN) is a novel architectural model for cloud network infrastructure, improving resource utilization, scalability and administration. SDN deployments increasingly rely on virtual switches executing on commodity operating systems with large code bases, which are prime targets for adversaries attacking the network infrastructure. We describe and implement TruSDN, a framework for bootstrapping trust in SDN infrastructure using Intel Software Guard Extensions (SGX), allowing to securely deploy SDN components and protect communication between network endpoints. We introduce ephemeral flow-specific pre-shared keys and propose a novel defence against cuckoo attacks on SGX enclaves. TruSDN is secure under a powerful adversary model, with a minor performance overhead

The Impact of Rogue Nodes on the Dependability of Opportunistic Networks

Opportunistic Networks (OppNets) are an extension to the classical Mobile Ad hoc Networks (MANETs) where the network is not dependent on any infrastructure (e.g. Access Points or centralized administrative nodes). OppNets can be more flexible than MANETs because an end to end path does not exist and much longer delays can be expected. Whereas a Rogue Access Point is typically immobile in the legacy infrastructure based networks and can have considerable impact on the overall connectivity, the research question in this project evaluates how the pattern and mobility of a rogue nodes impact the dependability and overall "Average Latency" in an Opportunistic Network Environment. We have simulated a subset of the mathematical modeling performed in a previous publication in this regard. Ad hoc networks are very challenging to model due to their mobility and intricate routing schemes. We strategically started our research by exploring the evolution of Opportunistic networks, and then implemented the rogue behavior by utilizing The ONE (Opportunistic Network Environment, by Nokia Research Centre) simulator to carry out our research over rogue behavior. The ONE simulator is an open source simulator developed in Java, simulating the layer 3 of the OSI model. The Rogue behavior is implemented in the simulator to observe the effect of rogue nodes. Finally we extracted the desired dataset to measure the latency by carefully simulating the intended behavior, keeping rest of the parameters (e.g. Node Movement Models, Signal Range and Strength, Point of Interest (POI) etc) unchanged. Our results are encouraging, and coincide with the average latency deterioration patterns as modeled by the previous researchers, with a few exceptions. The practical implementation of plug-in in ONE simulator has shown that only a very high degree of rogue nodes impact the latency, making OppNets more resilient and less vulnerable to malicious attacks

Optimal Control of Epidemics in the Presence of Heterogeneity

We seek to identify and address how different types of heterogeneity affect the optimal control of epidemic processes in social, biological, and computer networks. Epidemic processes encompass a variety of models of propagation that are based on contact between agents. Assumptions of homogeneity of communication rates, resources, and epidemics themselves in prior literature gloss over the heterogeneities inherent to such networks and lead to the design of sub-optimal control policies. However, the added complexity that comes with a more nuanced view of such networks complicates the generalizing of most prior work and necessitates the use of new analytical methods. We first create a taxonomy of heterogeneity in the spread of epidemics. We then model the evolution of heterogeneous epidemics in the realms of biology and sociology, as well as those arising from practice in the fields of communication networks (e.g., DTN message routing) and security (e.g., malware spread and patching). In each case, we obtain computational frameworks using Pontryagin’s Maximum Principle that will lead to the derivation of dynamic controls that optimize general, context-specific objectives. We then prove structures for each of these vectors of optimal controls that can simplify the derivation, storage, and implementation of optimal policies. Finally, using simulations and real-world traces, we examine the benefits achieved by including heterogeneity in the control decision, as well as the sensitivity of the models and the controls to model parameters in each case

Compact routing for the future internet

The Internet relies on its inter-domain routing system to allow data transfer between any two endpoints regardless of where they are located. This routing system currently uses a shortest path routing algorithm (modified by local policy constraints) called the Border Gateway Protocol. The massive growth of the Internet has led to large routing tables that will continue to grow. This will present a serious engineering challenge for router designers in the long-term, rendering state (routing table) growth at this pace unsustainable. There are various short-term engineering solutions that may slow the growth of the inter-domain routing tables, at the expense of increasing the complexity of the network. In addition, some of these require manual configuration, or introduce additional points of failure within the network. These solutions may give an incremental, constant factor, improvement. However, we know from previous work that all shortest path routing algorithms require forwarding state that grows linearly with the size of the network in the worst case. Rather than attempt to sustain inter-domain routing through a shortest path routing algorithm, compact routing algorithms exist that guarantee worst-case sub-linear state requirements at all nodes by allowing an upper-bound on path length relative to the theoretical shortest path, known as path stretch. Previous work has shown the promise of these algorithms when applied to synthetic graphs with similar properties to the known Internet graph, but they haven't been studied in-depth on Internet topologies derived from real data. In this dissertation, I demonstrate the consistently strong performance of these compact routing algorithms for inter-domain routing by performing a longitudinal study of two compact routing algorithms on the Internet Autonomous System (AS) graph over time. I then show, using the k-cores graph decomposition algorithm, that the structurally important nodes in the AS graph are highly stable over time. This property makes these nodes suitable for use as the "landmark" nodes used by the most stable of the compact routing algorithms evaluated, and the use of these nodes shows similar strong routing performance. Finally, I present a decentralised compact routing algorithm for dynamic graphs, and present state requirements and message overheads on AS graphs using realistic simulation inputs. To allow the continued long-term growth of Internet routing state, an alternative routing architecture may be required. The use of the compact routing algorithms presented in this dissertation offer promise for a scalable future Internet routing system

Recursive analytical performance evaluation of broadcast protocols with silencing: application to VANETs

n/