Security aspects of OSPF as a MANET routing protocol

OSPF, Open Shortest Path First, is an Intra-gateway routing protocol first developed as an IETF effort. It is widely adopted in large enterprise-scale networks, being well regarded for its fast convergence and loop-free routing. It is versatile in terms of which interface types it supports, such as point-to-point links or broadcast networks. It also offers scalability through hierarchical routing and by using centralization to reduce the amount of overhead on networks which have broadcast or broadcast-similar properties. An interface type missing from the standard so far is that of a wireless network, characterized by non-guaranteed bidirectional links combined with unreliable broadcasting, and existing interface types generally perform poorly under these networks. The IETF has therefore instituted a Working Group to standardize such an interface type extension to the latest version, OSPF version 3. This interface type will permit mobility and multi-hop characteristics in addition to those of wireless links in general. Such networks are usually referred to as Mobile Ad-hoc Networks (MANET). MANET routing protocols are subject to more severe security issues than ordinary, wireline-oriented protocols are. This thesis aims to indentify key security aspects of OSPF as a MANET routing protocol

Unified Role Assignment Framework For Wireless Sensor Networks

Wireless sensor networks are made possible by the continuing improvements in embedded sensor, VLSI, and wireless radio technologies. Currently, one of the important challenges in sensor networks is the design of a systematic network management framework that allows localized and collaborative resource control uniformly across all application services such as sensing, monitoring, tracking, data aggregation, and routing. The research in wireless sensor networks is currently oriented toward a cross-layer network abstraction that supports appropriate fine or course grained resource controls for energy efficiency. In that regard, we have designed a unified role-based service paradigm for wireless sensor networks. We pursue this by first developing a Role-based Hierarchical Self-Organization (RBSHO) protocol that organizes a connected dominating set (CDS) of nodes called dominators. This is done by hierarchically selecting nodes that possess cumulatively high energy, connectivity, and sensing capabilities in their local neighborhood. The RBHSO protocol then assigns specific tasks such as sensing, coordination, and routing to appropriate dominators that end up playing a certain role in the network. Roles, though abstract and implicit, expose role-specific resource controls by way of role assignment and scheduling. Based on this concept, we have designed a Unified Role-Assignment Framework (URAF) to model application services as roles played by local in-network sensor nodes with sensor capabilities used as rules for role identification. The URAF abstracts domain specific role attributes by three models: the role energy model, the role execution time model, and the role service utility model. The framework then generalizes resource management for services by providing abstractions for controlling the composition of a service in terms of roles, its assignment, reassignment, and scheduling. To the best of our knowledge, a generic role-based framework that provides a simple and unified network management solution for wireless sensor networks has not been proposed previously

Encounter gossip: a high coverage broadcast protocol for MANET

PhD ThesisMobile Ad-hoc Networks (MANETs) allow deployment of mobile wireless devices or nodes in a range of environments without any fixed infrastructure and hence at a minimal setup cost. Broadcast support that assures a high coverage (i.e., a large fraction of nodes receiving a broadcast) is essential for hosting user applications, and is also non-trivial to achieve due to the nature of devices and mobility. We propose Encounter Gossip, a novel broadcast protocol, which holds minimal state and is unaware of network topology. Coverage obtained can be made arbitrarily close to 1 at a moderate cost of extra message tra c, even in partition-prone networks. Under certain simplifying assumptions, it is shown that a high coverage is achieved by making a total of O(n ln n) broadcasts, where n is the number of nodes, and the time to propagate a message is O(ln n). The e ect of various network parameters on the protocol performance is examined. We then propose modifications to minimise the number of redundant transmissions without compromising the achieved coverage. Two approaches are pursued: timer based and history based. The e ectiveness of each of these approaches is assessed through an extensive set of simulation experiments in the context of two mobility models. Specifically, we introduce a new heuristic alpha policy which achieves significant reduction in redundancy with negligible reduction in coverage. A generalisation to multiple broadcasts proceeding in parallel is proposed and the protocol is refined to reduce problems that can occur due to the effects of high mobility when transmitting a large number of messages. Finally, we implement and validate Encounter Gossip in the context of a real-life mobile ad-hoc network. All these investigations suggest that the protocol, together with the proposed modifications and re nements, is suited to MANETs of varying degrees of node densities and speeds

Design and Evaluation of Online Fault Diagnosis Protocols forwireless Networks

Any node in a network, or a component of it may fail and show undesirable behavior due to physical defects, imperfections, or hardware and/or software related glitches. Presence of faulty hosts in the network affects the computational efficiency, and quality of service (QoS). This calls for the development of efficient fault diagnosis protocols to detect and handle faulty hosts. Fault diagnosis protocols designed for wired networks cannot directly be propagated to wireless networks, due to difference in characteristics, and requirements. This thesis work unravels system level fault diagnosis protocols for wireless networks, particularly for Mobile ad hoc Networks (MANETs), and Wireless Sensor Networks (WSNs), considering faults based on their persistence (permanent, intermittent, and transient), and node mobility. Based on the comparisons of outcomes of the same tasks (comparison model ), a distributed diagnosis protocol has been proposed for static topology MANETs, where a node requires to respond to only one test request from its neighbors, that reduces the communication complexity of the diagnosis process. A novel approach to handle more intractable intermittent faults in dynamic topology MANETs is also discussed.Based on the spatial correlation of sensor measurements, a distributed fault diagnosis protocol is developed to classify the nodes to be fault-free, permanently faulty, or intermittently faulty, in WSNs. The nodes affected by transient faults are often considered fault-free, and should not be isolated from the network. Keeping this objective in mind, we have developed a diagnosis algorithm for WSNs to discriminate transient faults from intermittent and permanent faults. After each node finds the status of all 1-hop neighbors (local diagnostic view), these views are disseminated among the fault-free nodes to deduce the fault status of all nodes in the network (global diagnostic view). A spanning tree based dissemination strategy is adopted, instead of conventional flooding, to have less communication complexity. Analytically, the proposed protocols are shown to be correct, and complete. The protocols are implemented using INET-20111118 (for MANETs) and Castalia-3.2 (forWSNs) on OMNeT++ 4.2 platform. The obtained simulation results for accuracy and false alarm rate vouch the feasibility and efficiency of the proposed algorithms over existing landmark protocols

Mobile Ad-Hoc Networks

Being infrastructure-less and without central administration control, wireless ad-hoc networking is playing a more and more important role in extending the coverage of traditional wireless infrastructure (cellular networks, wireless LAN, etc). This book includes state-of the-art techniques and solutions for wireless ad-hoc networks. It focuses on the following topics in ad-hoc networks: vehicular ad-hoc networks, security and caching, TCP in ad-hoc networks and emerging applications. It is targeted to provide network engineers and researchers with design guidelines for large scale wireless ad hoc networks

Between Ostrogothic and Carolingian Italy : survivals, revivals, ruptures

The victory of Justinian, achieved after a lacerating war, put an end to the ambitious project conceived and implemented by Theoderic after his arrival in Italy: that of a new society in which peoples divided by centuries-old cultural barriers would live together in peace and justice, without renouncing their own traditions but respecting shared principles inspired by the values of civilitas. What did this great experiment leave to Europe and Italy in the centuries to come? What were the survivals and the ruptures, what were the revivals of that world in early medieval society? How did that past continue to be recounted and how did it interact with the present, especially in the decisive moment of the Frankish conquest of Italy? This book aims to confront these questions, and it does so by exploring different themes, concerning politics and ideology, culture and literary tradition, law, epigraphy and archaeology

Cooperation in open, decentralized, and heterogeneous computer networks

Community Networks (CN) are naturally open and decentralized structures, that grow organically with the addition of heterogeneous network devices, contributed and configured as needed by their participants. The continuous growth in popularity and dissemination of CNs in recent years has raised the perception of a mature and sustainable model for the provisioning of networking services. However, because such infrastructures include uncontrolled entities with non delimited responsibilities, every single network entity does indeed represent a potential single-point of failure that can stop the entire network from working, and that no other entity can prevent or even circumvent. Given the open and decentralized nature of CNs, that brings together individuals and organizations with different and even conflicting economic, political, and technical interests, the achievement of no more than basic consensus on the correctness of all network nodes is challenging. In such environment, the lack of self-determination for CN participants in terms of control and security of routing can be regarded as an obstacle for growth or even as a risk of collapse. To address this problem we first consider deployments of existing Wireless CN and we analyze their technology, characteristics, and performance. We perform an experimental evaluation of a production 802.11an Wireless CN, and compare to studies of other Wireless CN deployments in the literature. We compare experimentally obtained throughput traces with path-capacity calculations based on well-known conflict graph models. We observe that in the majority of cases the path chosen by the employed BMX6 routing protocol corresponds with the best identified path in our model. We analyze monitoring and interaction shortcomings of CNs and address these with Network Characterization Tool (NCT), a novel tool that allows users to assess network state and performance, and improve their quality of experience by individually modifying the routing parameters of their devices. We also evaluate performance outcomes when different routing policies are in use. Routing protocols provide self-management mechanisms that allow the continuous operation of a Community Mesh Network (CMN). We focus on three widely used proactive mesh routing protocols and their implementations: BMX6, OLSR, and Babel. We describe the core idea behind these protocols and study the implications of these in terms of scalability, performance, and stability by exposing them to typical but challenging network topologies and scenarios. Our results show the relative merits, costs, and limitations of the three protocols. Built upon the studied characteristics of typical CN deployments, their requirements on open and decentralized cooperation, and the potential controversy on the trustiness of particular components of a network infrastructure, we propose and evaluate SEMTOR, a novel routing-protocol that can satisfy these demands. SEMTOR allows the verifiable and undeniable definition and distributed application of individually trusted topologies for routing traffic towards each node. One unique advantage of SEMTOR is that it does not require a global consensus on the trustiness of any node and thus preserves cooperation among nodes with even oppositional defined trust specification. This gives each node admin the freedom to individually define the subset, and the resulting sub-topology, from the whole set of participating nodes that he considers sufficiently trustworthy to meet their security, data-delivery objectives and concerns. The proposed mechanisms have been realized as a usable and open-source implementation called BMX7, as successor of BMX6. We have evaluated its scalability, contributed robustness, and security. These results show that the usage of SEMTOR for securing trusted routing topologies is feasible, even when executed on real and very cheap (10 Euro, Linux SoC) routers as commonly used in Community Mesh Networks.Las Redes Comunitarias (CNs) son estructuras de naturaleza abierta y descentralizada, que crecen orgánicamente con la adición de dispositivos de red heterogéneos que aportan y configuran sus participantes según sea necesario. Sin embargo, debido a que estas infraestructuras incluyen entidades con responsabilidades poco delimitadas, cada entidad puede representar un punto de fallo que puede impedir que la red funcione y que ninguna otra entidad pueda prevenir o eludir. Dada la naturaleza abierta y descentralizada de las CNs, que agrupa individuos y organizaciones con diferentes e incluso contrapuestos intereses económicos, políticos y técnicos, conseguir poco más que un consenso básico sobre los nodos correctos en la red puede ser un reto. En este entorno, la falta de autodeterminación para los participantes de una CN en cuanto a control y seguridad del encaminamiento puede considerarse un obstáculo para el crecimiento o incluso un riesgo de colapso. Para abordar este problema consideramos las implementaciones de redes comunitarias inalámbricas (WCN) y se analiza su tecnología, características y desempeño. Realizamos una evaluación experimental de una WCN establecida y se compara con estudios de otros despliegues. Comparamos las trazas de rendimiento experimentales con cálculos de la capacidad de los caminos basados en modelos bien conocidos del grafo. Se observa que en la mayoría de los casos el camino elegido por el protocolo de encaminamiento BMX6 corresponde con el mejor camino identificado en nuestro modelo. Analizamos las limitaciones de monitorización e interacción en CNs y los tratamos con NCT, una nueva herramienta que permite evaluar el estado y rendimiento de la red, y mejorar la calidad de experiencia modificando los parámetros de sus dispositivos individuales. También evaluamos el rendimiento resultante para diferentes políticas de encaminamiento. Los protocolos de encaminamiento proporcionan mecanismos de autogestión que hacen posible el funcionamiento continuo de una red comunitaria mesh (CMN). Nos centramos en tres protocolos de encaminamiento proactivos para redes mesh ampliamente utilizados y sus implementaciones: BMX6, OLSR y Babel. Se describe la idea central de estos protocolos y se estudian la implicaciones de éstos en términos de escalabilidad, rendimiento y estabilidad al exponerlos a topologías y escenarios de red típicos pero exigentes. Nuestros resultados muestran los méritos, costes y limitaciones de los tres protocolos. A partir de las características analizadas en despliegues típicos de redes comunitarias, y de las necesidades en cuanto a cooperación abierta y descentralizada, y la esperable divergencia sobre la confiabilidad en ciertos componentes de la infraestructura de red, proponemos y evaluamos SEMTOR, un nuevo protocolo de encaminamiento que puede satisfacer estas necesidades. SEMTOR permite definir de forma verificable e innegable, así como aplicar de forma distribuida, topologías de confianza individualizadas para encaminar tráfico hacia cada nodo. Una ventaja única de SEMTOR es que no precisa de consenso global sobre la confianza en cualquier nodo y por tanto preserva la cooperación entre los nodos, incluso con especificaciones de confianza definidas por oposición. Esto proporciona a cada administrador de nodo la libertad para definir el subconjunto, y la sub-topología resultante, entre el conjunto de todos los nodos participantes que considere dignos de suficiente confianza para cumplir con su objetivo y criterio de seguridad y entrega de datos. Los mecanismos propuestos se han realizado en forma de una implementación utilizable de código abierto llamada BMX7. Se ha evaluado su escalabilidad, robustez y seguridad. Estos resultados demuestran que el uso de SEMTOR para asegurar topologías de encaminamiento de confianza es factible, incluso cuando se ejecuta en routers reales y muy baratos utilizados de forma habitual en WCN.Postprint (published version