Securing Multi-Layer Communications: A Signal Processing Approach

Security is becoming a major concern in this information era. The development in wireless communications, networking technology, personal computing devices, and software engineering has led to numerous emerging applications whose security requirements are beyond the framework of conventional cryptography. The primary motivation of this dissertation research is to develop new approaches to the security problems in secure communication systems, without unduly increasing the complexity and cost of the entire system. Signal processing techniques have been widely applied in communication systems. In this dissertation, we investigate the potential, the mechanism, and the performance of incorporating signal processing techniques into various layers along the chain of secure information processing. For example, for application-layer data confidentiality, we have proposed atomic encryption operations for multimedia data that can preserve standard compliance and are friendly to communications and delegate processing. For multimedia authentication, we have discovered the potential key disclosure problem for popular image hashing schemes, and proposed mitigation solutions. In physical-layer wireless communications, we have discovered the threat of signal garbling attack from compromised relay nodes in the emerging cooperative communication paradigm, and proposed a countermeasure to trace and pinpoint the adversarial relay. For the design and deployment of secure sensor communications, we have proposed two sensor location adjustment algorithms for mobility-assisted sensor deployment that can jointly optimize sensing coverage and secure communication connectivity. Furthermore, for general scenarios of group key management, we have proposed a time-efficient key management scheme that can improve the scalability of contributory key management from O(log n) to O(log(log n)) using scheduling and optimization techniques. This dissertation demonstrates that signal processing techniques, along with optimization, scheduling, and beneficial techniques from other related fields of study, can be successfully integrated into security solutions in practical communication systems. The fusion of different technical disciplines can take place at every layer of a secure communication system to strengthen communication security and improve performance-security tradeoff

Group key agreement in dynamic tactical networks

Mobile tactical (military) networks have a number of concerns that distinguish them from commercial networks. Of primary concern is information security, achieved in part through message encryption using a common key. These networks are often wireless and ad hoc, that is they lack fixed infrastructure and communications are relayed in a multi-hop fashion. The mobility of the nodes leads to a highly dynamic and unpredictable network topology as well as a dynamic communication group membership. The focus of this thesis is on finding a secure and efficient solution to group key agreement in a tactical network. Existing group key establishment protocols were surveyed, but many were found inept in this setting. The best solution was the Arbitrary Topology Group Diffie Hellman (AT-GDH). However, this protocol has not been fully specified as no provisions were made for auxiliary key agreements. To complete the AT-GDH key agreement, additional protocols are presented to be performed upon group membership changes. Each protocol was evaluated in terms of efficiency and security. All agreements stemming from additions to the group membership were found to be highly efficient. However, the exponential key structure impedes the efficient removal of one or more participant\u27s contributions

Direct communication radio Iinterface for new radio multicasting and cooperative positioning

Cotutela: Universidad de defensa UNIVERSITA’ MEDITERRANEA DI REGGIO CALABRIARecently, the popularity of Millimeter Wave (mmWave) wireless networks has increased due to their capability to cope with the escalation of mobile data demands caused by the unprecedented proliferation of smart devices in the fifth-generation (5G). Extremely high frequency or mmWave band is a fundamental pillar in the provision of the expected gigabit data rates. Hence, according to both academic and industrial communities, mmWave technology, e.g., 5G New Radio (NR) and WiGig (60 GHz), is considered as one of the main components of 5G and beyond networks. Particularly, the 3rd Generation Partnership Project (3GPP) provides for the use of licensed mmWave sub-bands for the 5G mmWave cellular networks, whereas IEEE actively explores the unlicensed band at 60 GHz for the next-generation wireless local area networks. In this regard, mmWave has been envisaged as a new technology layout for real-time heavy-traffic and wearable applications. This very work is devoted to solving the problem of mmWave band communication system while enhancing its advantages through utilizing the direct communication radio interface for NR multicasting, cooperative positioning, and mission-critical applications. The main contributions presented in this work include: (i) a set of mathematical frameworks and simulation tools to characterize multicast traffic delivery in mmWave directional systems; (ii) sidelink relaying concept exploitation to deal with the channel condition deterioration of dynamic multicast systems and to ensure mission-critical and ultra-reliable low-latency communications; (iii) cooperative positioning techniques analysis for enhancing cellular positioning accuracy for 5G+ emerging applications that require not only improved communication characteristics but also precise localization. Our study indicates the need for additional mechanisms/research that can be utilized: (i) to further improve multicasting performance in 5G/6G systems; (ii) to investigate sideline aspects, including, but not limited to, standardization perspective and the next relay selection strategies; and (iii) to design cooperative positioning systems based on Device-to-Device (D2D) technology

Security in Distributed, Grid, Mobile, and Pervasive Computing

This book addresses the increasing demand to guarantee privacy, integrity, and availability of resources in networks and distributed systems. It first reviews security issues and challenges in content distribution networks, describes key agreement protocols based on the Diffie-Hellman key exchange and key management protocols for complex distributed systems like the Internet, and discusses securing design patterns for distributed systems. The next section focuses on security in mobile computing and wireless networks. After a section on grid computing security, the book presents an overview of security solutions for pervasive healthcare systems and surveys wireless sensor network security

Smart Sensor Technologies for IoT

The recent development in wireless networks and devices has led to novel services that will utilize wireless communication on a new level. Much effort and resources have been dedicated to establishing new communication networks that will support machine-to-machine communication and the Internet of Things (IoT). In these systems, various smart and sensory devices are deployed and connected, enabling large amounts of data to be streamed. Smart services represent new trends in mobile services, i.e., a completely new spectrum of context-aware, personalized, and intelligent services and applications. A variety of existing services utilize information about the position of the user or mobile device. The position of mobile devices is often achieved using the Global Navigation Satellite System (GNSS) chips that are integrated into all modern mobile devices (smartphones). However, GNSS is not always a reliable source of position estimates due to multipath propagation and signal blockage. Moreover, integrating GNSS chips into all devices might have a negative impact on the battery life of future IoT applications. Therefore, alternative solutions to position estimation should be investigated and implemented in IoT applications. This Special Issue, “Smart Sensor Technologies for IoT” aims to report on some of the recent research efforts on this increasingly important topic. The twelve accepted papers in this issue cover various aspects of Smart Sensor Technologies for IoT

On Design, Evaluation and Enhancement of IP-Based Routing Solutions for Low Power and Lossy Networks

In early 2008, a new IETF Working Group (WG), namely ROLL, was chartered to investigate the suitability of existing IP routing protocols for Low Power Lossy Networks (LLNs), which at the time were suffering compatibility issues due to the pervasive use of proprietary protocols. Given the vision of the Internet of Things (IoT) and the role LLNs would play in the future Internet, the IETF set out to standardize an IPv6 based routing solution for such networks. After surveying existing protocols and determining their unsuitability, the WG started designing a new distance vector protocol called RPL (recently standardized in IETF RFC 6550) to fulfill their charter. Joining the WG efforts, we developed a very detailed RPL simulator and using link and traffic traces for existing networks, contributed with a performance study of the protocol with respect to several metrics of interest, such as path quality, end-to-end delay, control plane overhead, ability to cope with instability, etc. This work was standardized as IETF Informational RFC 6687.This detailed study uncovered performance issues for networks of very large scale. In this thesis, we provide an overview of RPL, summarize our findings from the performance study, analysis and comparison with a reactive lightweight protocol and suggest modifications to the protocol that yield significant performance improvements with respect to control overhead and memory consumption in very large scale networks. For future work, we propose a routing technique, named Hybrid Intelligent Path Computation (HIPC), along with modifications to the original RPL protocol standard, that outperforms solely distributed or centralized routing techniques. Finally, we also show how one can facilitate Quality of Service (QoS), load balancing and traffic engineering provision in the IoT without incurring any extra control overhead in number of packets other than that already consumed by the proposed IETF standard, using a combination of centralized and distributed computation.Ph.D., Computer Science -- Drexel University, 201

Routing Strategies for Capacity Enhancement in Multi-hop Wireless Ad Hoc Networks

This thesis examines a Distributed Interference Impact Probing (DIIP) strategy for Wireless Ad hoc Networks (WANETs), using a novel cross-layer Minimum Impact Routing (MIR) protocol. Perfonnance is judged in tenns of interference reduction ratio, efficiency, and system and user capacity, which are calculated based on the measurement of Disturbed Nodes (DN). A large number of routing algorithms have been proposed with distinctive features aimed to overcome WANET's fundamental challenges, such as routing over a dynamic topology, scheduling broadcast signals using dynamic Media Access Control (MAC), and constraints on network scalability. However, the scalability problem ofWANET cannot simply adapt the frequency reuse mechanism designed for traditional stationary cellular networks due to the relay burden, and there is no single comprehensive algorithm proposed for it. DIIP enhances system and user capacity using a cross layer routing algorithm, MIR, using feedback from DIIP to balance transmit power in order to control hop length, which consequently changes the number of relays along the path. This maximizes the number of simultaneous transmitting nodes, and minimizes the interference impact, i.e. measured in tenns of 'disturbed nodes'. The perfonnance of MIR is examined compared with simple shortest-path routing. A WANET simulation model is configured to simulate both routing algorithms under multiple scenarios. The analysis has shown that once the transmitting range of a node changes, the total number of disturbed nodes along a path changes accordingly, hence the system and user capacity varies with interference impact variation. By carefully selecting a suitable link length, the neighbouring node density can be adjusted to reduce the total number of DN, and thereby allowing a higher spatial reuse ratio. In this case the system capacity can increase significantly as the number of nodes increases. In contrast, if the link length is chosen regardless ofthe negative impact of interference, capacity decreases. In addition, MIR diverts traffic from congested areas, such as the central part of a network or bottleneck points

Performance Optimization and Dynamics Control for Large-scale Data Transfer in Wide-area Networks

Transport control plays an important role in the performance of large-scale scientific and media streaming applications involving transfer of large data sets, media streaming, online computational steering, interactive visualization, and remote instrument control. In general, these applications have two distinctive classes of transport requirements: large-scale scientific applications require high bandwidths to move bulk data across wide-area networks, while media streaming applications require stable bandwidths to ensure smooth media playback. Unfortunately, the widely deployed Transmission Control Protocol is inadequate for such tasks due to its performance limitations. The purpose of this dissertation is to conduct rigorous analytical study of the design and performance of transport solutions, and develop an integrated transport solution in a systematical way to overcome the limitations of current transport methods. One of the primary challenges is to explore and compose a set of feasible route options with multiple constraints. Another challenge essentially arises from the randomness inherent in wide-area networks, particularly the Internet. This randomness must be explicitly accounted for to achieve both goodput maximization and stabilization over the constructed routes by suitably adjusting the source rate in response to both network and host dynamics.The superior and robust performance of the proposed transport solution is extensively evaluated in a simulated environment and further verified through real-life implementations and deployments over both Internet and dedicated connections under disparate network conditions in comparison with existing transport methods

Systems-compatible Incentives

Originally, the Internet was a technological playground, a collaborative endeavor among researchers who shared the common goal of achieving communication. Self-interest used not to be a concern, but the motivations of the Internet's participants have broadened. Today, the Internet consists of millions of commercial entities and nearly 2 billion users, who often have conflicting goals. For example, while Facebook gives users the illusion of access control, users do not have the ability to control how the personal data they upload is shared or sold by Facebook. Even in BitTorrent, where all users seemingly have the same motivation of downloading a file as quickly as possible, users can subvert the protocol to download more quickly without giving their fair share. These examples demonstrate that protocols that are merely technologically proficient are not enough. Successful networked systems must account for potentially competing interests. In this dissertation, I demonstrate how to build systems that give users incentives to follow the systems' protocols. To achieve incentive-compatible systems, I apply mechanisms from game theory and auction theory to protocol design. This approach has been considered in prior literature, but unfortunately has resulted in few real, deployed systems with incentives to cooperate. I identify the primary challenge in applying mechanism design and game theory to large-scale systems: the goals and assumptions of economic mechanisms often do not match those of networked systems. For example, while auction theory may assume a centralized clearing house, there is no analog in a decentralized system seeking to avoid single points of failure or centralized policies. Similarly, game theory often assumes that each player is able to observe everyone else's actions, or at the very least know how many other players there are, but maintaining perfect system-wide information is impossible in most systems. In other words, not all incentive mechanisms are systems-compatible. The main contribution of this dissertation is the design, implementation, and evaluation of various systems-compatible incentive mechanisms and their application to a wide range of deployable systems. These systems include BitTorrent, which is used to distribute a large file to a large number of downloaders, PeerWise, which leverages user cooperation to achieve lower latencies in Internet routing, and Hoodnets, a new system I present that allows users to share their cellular data access to obtain greater bandwidth on their mobile devices. Each of these systems represents a different point in the design space of systems-compatible incentives. Taken together, along with their implementations and evaluations, these systems demonstrate that systems-compatibility is crucial in achieving practical incentives in real systems. I present design principles outlining how to achieve systems-compatible incentives, which may serve an even broader range of systems than considered herein. I conclude this dissertation with what I consider to be the most important open problems in aligning the competing interests of the Internet's participants