Quantitative Analysis for Authentication of Low-cost RFID Tags

Formal analysis techniques are widely used today in order to verify and analyze communication protocols. In this work, we launch a quantitative verification analysis for the low- cost Radio Frequency Identification (RFID) protocol proposed by Song and Mitchell. The analysis exploits a Discrete-Time Markov Chain (DTMC) using the well-known PRISM model checker. We have managed to represent up to 100 RFID tags communicating with a reader and quantify each RFID session according to the protocol's computation and transmission cost requirements. As a consequence, not only does the proposed analysis provide quantitative verification results, but also it constitutes a methodology for RFID designers who want to validate their products under specific cost requirements.Comment: To appear in the 36th IEEE Conference on Local Computer Networks (LCN 2011

Poseidon: Mitigating Interest Flooding DDoS Attacks in Named Data Networking

Content-Centric Networking (CCN) is an emerging networking paradigm being considered as a possible replacement for the current IP-based host-centric Internet infrastructure. In CCN, named content becomes a first-class entity. CCN focuses on content distribution, which dominates current Internet traffic and is arguably not well served by IP. Named-Data Networking (NDN) is an example of CCN. NDN is also an active research project under the NSF Future Internet Architectures (FIA) program. FIA emphasizes security and privacy from the outset and by design. To be a viable Internet architecture, NDN must be resilient against current and emerging threats. This paper focuses on distributed denial-of-service (DDoS) attacks; in particular we address interest flooding, an attack that exploits key architectural features of NDN. We show that an adversary with limited resources can implement such attack, having a significant impact on network performance. We then introduce Poseidon: a framework for detecting and mitigating interest flooding attacks. Finally, we report on results of extensive simulations assessing proposed countermeasure.Comment: The IEEE Conference on Local Computer Networks (LCN 2013

Scaling and Interoperability of All-Path with Bridged and SDN Domains using VXLANs

The 44th IEEE Conference on Local Computer Networks (LCN), October 14-17, 2019, Osnabrück, Germany.All-Path protocols, namely ARP-Path and TCPPath, provide shortest path bridging by using path discovery and backwards learning in meshed topologies. However, their domain size may be limited to prevent excessive Layer 2 (L2) broadcast traffic overload in hosts. This paper proposes the use of Virtual Extensible Local Area Network (VXLAN) to solve this issue. Moreover, this paper also verifies the extensibility of All-Path domains and its interoperability with other different L2 protocols via VXLAN, which enables flexible network hybridization. Although encapsulation via VXLAN is heavier than other standard protocols designed for L2 scalability, the overall advantages and suitability for virtualized networks are excellent. Results show full compatibility and interoperability combined with good throughput and delay performance.Comunidad de MadridUniversidad de Alcal

Characterization of the Burst Stabilization Protocol for the RR/RR CICQ Switch

Input buffered switches with Virtual Output Queueing (VOQ) can be unstable when presented with unbalanced loads. Existing scheduling algorithms, including iSLIP for Input Queued (IQ) switches and Round Robin (RR) for Combined Input and Crossbar Queued (CICQ) switches, exhibit instability for some schedulable loads. We investigate the use of a queue length threshold and bursting mechanism to achieve stability without requiring internal speed-up. An analytical model is developed to prove that the burst stabilization protocol achieves stability and to predict the minimum burst value needed as a function of offered load. The analytical model is shown to have very good agreement with simulation results. These results show the advantage of the RR/RR CICQ switch as a contender for the next generation of high-speed switches.Comment: Presented at the 28th Annual IEEE Conference on Local Computer Networks (LCN), Bonn/Konigswinter, Germany, Oct 20-24, 200

Flow-Path: An AllPath flow-based protocol

The work at: The 37th IEEE Conference on Local Computer Networks (LCN). Clearwater, Florida, USA. Date: 22-25 October 2012This paper describes Flow-Path, an AllPath flowbased switching protocol that features improved load adaptive properties. Upon arrival of a new flow to the network, it explores every possible path reaching from source to destination host and selects the lowest latency path at the moment. It is based on the same basic principle than ARPPath, that is, snooping the ARP protocol dialog (request and reply messages) to explore all available paths at the same time that address resolution takes place, but it is flow-based instead of source address-based. While preserving the main advantages of ARP-Path: shortest path bridging exploiting the full network topology, Flow-Path has the advantages of full independence of flows at the time of path creation and guarantees path symmetry (congruency) and increased path diversity. Flow-Path thus improves load distribution, at the expense of increased address table size in each bridge.This work was supported in part by grants from Comunidad de Madrid and Comunidad de Castilla-La Mancha through Projects MEDIANET-CM (S-2009/TIC- 1468) and EMARECE (PII1I09-0204-4319).Publicad

A bridging-based solution for efficient multicast support in wireless mesh networks

Proceedings of: The 34th Annual IEEE Conference on Local Computer Networks (LCN 2009), October 20-23, 2009, Zurich, SwitzerlandWireless mesh networking is a promising, cost effective and efficient technology for realizing backhaul networks supporting high quality services. In such networks, multicast data are transmitted blindly without any mechanism protecting data from loss, ensuring data reception, and optimizing channel allocation. The multicast services may undergo, then, very high data loss ratio which is exacerbated with the number of hops. In this paper, we propose a Reliable Multicast Distribution System (RMDS) to optimize multicast packets transmission in bridged networks. Relying on a modification of the IGMP snooping protocol, RMDS enables reliable services provisioning support in common wireless mesh networks. In particular, RMDS only exploits the local knowledge of a particular node to compute the multicast tree, which significantly reduces the signalling overhead in comparison with network layer and overlay solutions. Simulation results elucidate that RMDS optimizes resources’ allocation by reducing significantly the network load, the media access delay and the data drop rate compared to the classical approach, which is based on the combination of spanning tree algorithm and IGMP snooping protocol.European Community's Seventh Framework ProgramPublicad

SCSP : an Energy Efficient Network-MAC Cross-layer design for wireless Sensor Networks

held in conjunction with The 34th IEEE Conference on Local Computer Networks - LCN'09International audienceThis article presents SCSP (for ``Sleep Collect and Send Protocol'') for wireless sensor networks, a network-MAC cross layer design that resolves the inherent conflict between energy efficiency and throughput. The protocol uses in its MAC layer a new paradigm that we call ``sleep, collect and send''. The idea of SCSP is that a router sleeps for a given amount of time, wakes up and collects data from its children and other routers and then send them into a burst during a period of time that we call transmission period. In its network layer, the protocol uses a hierarchical tree structure as network architecture and a tree routing protocol. SCSP does not require synchronization between routers and dynamically calculates the sleep and collect periods according to the amount of incoming traffic. The protocol is implemented and simulated in OPNET simulator