A data-oriented network architecture

In the 25 years since becoming commercially available, the Internet has grown into a global communication infrastructure connecting a significant part of mankind and has become an important part of modern society. Its impressive growth has been fostered by innovative applications, many of which were completely unforeseen by the Internet's inventors. While fully acknowledging ingenuity and creativity of application designers, it is equally impressive how little the core architecture of the Internet has evolved during this time. However, the ever evolving applications and growing importance of the Internet have resulted in increasing discordance between the Internet's current use and its original design. In this thesis, we focus on four sources of discomfort caused by this divergence. First, the Internet was developed around host-to-host applications, such as telnet and ftp, but the vast majority of its current usage is service access and data retrieval. Second, while the freedom to connect from any host to any other host was a major factor behind the success of the Internet, it provides little protection for connected hosts today. As a result, distributed denial of service attacks against Internet services have become a common nuisance, and are difficult to resolve within the current architecture. Third, Internet connectivity is becoming nearly ubiquitous and reaches increasingly often mobile devices. Moreover, connectivity is expected to extend its reach to even most extreme places. Hence, applications' view to network has changed radically; it's commonplace that they are offered intermittent connectivity at best and required to be smart enough to use heterogeneous network technologies. Finally, modern networks deploy so-called middleboxes both to improve performance and provide protection. However, when doing so, the middleboxes have to impose themselves between the communication end-points, which is against the design principles of the original Internet and a source of complications both for the management of networks and design of application protocols. In this thesis, we design a clean-slate network architecture that is a better fit with the current use of the Internet. We present a name resolution system based on name-based routing. It matches with the service access and data retrieval oriented usage of the Internet, and takes the network imposed middleboxes properly into account. We then propose modest addressing-related changes to the network layer as a remedy for the denial of service attacks. Finally, we take steps towards a data-oriented communications API that provides better decoupling for applications from the network stack than the original Sockets API does. The improved decoupling both simplifies applications and allows them to be unaffected by evolving network technologies: in this architecture, coping with intermittent connectivity and heterogenous network technologies is a burden of the network stack

Enhancing Mobility in Low Power Wireless Sensor Networks

In the early stages of wireless sensor networks (WSNs), low data rate traffic patterns are assumed as applications have a single purpose with simple sensing task and data packets are generated at a rate of minutes or hours. As such, most of the proposed communication protocols focus on energy efficiency rather than high throughput. Emerging high data rate applications motivate bulk data transfer protocols to achieve high throughput. The basic idea is to enable nodes to transmit a sequence of packets in burst once they obtain a medium. However, due to the low-power, low-cost nature, the transceiver used in wireless sensor networks is prone to packet loss. Especially when the transmitters are mobile, packet loss becomes worse. To reduce the energy expenditure caused by packet loss and retransmission, a burst transmission scheme is required that can adapt to the link dynamics and estimate the number of packets to transmit in burst. As the mobile node is moving within the network, it cannot always maintain a stable link with one specific stationary node. When link deterioration is constantly detected, the mobile node has to initiate a handover process to seamlessly transfer the communication to a new relay node before the current link breaks. For this reason, it is vital for a mobile node to (1) determine whether a fluctuation in link quality eventually results in a disconnection, (2) foresee potential disconnection well ahead of time and establish an alternative link before the disconnection occurs, and (3) seamlessly transfer communication to the new link. In this dissertation, we focus on dealing with burst transmission and handover issues in low power mobile wireless sensor networks. To this end, we begin with designing a novel mobility enabled testing framework as the evaluation testbed for all our remaining studies. We then perform an empirical study to investigate the link characteristics in mobile environments. Using these observations as guidelines, we propose three algorithms related to mobility that will improve network performance in terms of latency and throughput: i) Mobility Enabled Testing Framework (MobiLab). Considering the high fluctuation of link quality during mobility, protocols supporting mobile wireless sensor nodes should be rigorously tested to ensure that they produce predictable outcomes before actual deployment. Furthermore, considering the typical size of wireless sensor networks and the number of parameters that can be configured or tuned, conducting repeated and reproducible experiments can be both time consuming and costly. The conventional method for evaluating the performance of different protocols and algorithms under different network configurations is to change the source code and reprogram the testbed, which requires considerable effort. To this end, we present a mobility enabled testbed for carrying out repeated and reproducible experiments, independent of the application or protocol types which should be tested. The testbed consists of, among others, a server side control station and a client side traffic ow controller which coordinates inter- and intra-experiment activities. ii) Adaptive Burst Transmission Scheme for Dynamic Environment. Emerging high data rate applications motivate bulk data transfer protocol to achieve high throughput. The basic idea is to enable nodes to transmit a sequence of packets in burst once they obtain a medium. Due to the low-power and low-cost nature, the transceiver used in wireless sensor networks is prone to packet loss. When the transmitter is mobile, packet loss becomes even worse. The existing bulk data transfer protocols are not energy efficient since they keep their radios on even while a large number of consecutive packet losses occur. To address this challenge, we propose an adaptive burst transmission scheme (ABTS). In the design of the ABTS, we estimate the expected duration in which the quality of a specific link remains stable using the conditional distribution function of the signal-to-noise ratio (SNR) of received acknowledgment packets. We exploit the expected duration to determine the number of packets to transmit in burst and the duration of the sleeping period. iii) Kalman Filter Based Handover Triggering Algorithm (KMF). Maintaining a stable link in mobile wireless sensor network is challenging. In the design of the KMF, we utilized combined link quality metrics in physical and link layers, such as Received Signal Strength Indicator (RSSI) and packet success rate (PSR), to estimate link quality fluctuation online. Then Kalman filter is adopted to predict link dynamics ahead of time. If a predicted link quality fulfills handover trigger criterion, a handover process will be initiated to discover alternative relay nodes and establish a new link before the disconnection occurs. iv) Mobile Sender Initiated MAC Protocol (MSI-MAC). In cellular networks, mobile stations are always associated with the nearest base station through intra- and inter-cellular handover. The underlying process is that the quality of an established link is continually evaluated and handover decisions are made by resource rich base stations. In wireless sensor networks, should a seamless handover be carried out, the task has to be accomplished by energy-constraint, resource-limited, and low-power wireless sensor nodes in a distributed manner. To this end, we present MSI-MAC, a mobile sender initiated MAC protocol to enable seamless handover

Hierarchical network topographical routing

Within the last 10 years the content consumption model that underlies many of the assumptions about traffic aggregation within the Internet has changed; the previous short burst transfer followed by longer periods of inactivity that allowed for statistical aggregation of traffic has been increasingly replaced by continuous data transfer models. Approaching this issue from a clean slate perspective; this work looks at the design of a network routing structure and supporting protocols for assisting in the delivery of large scale content services. Rather than approaching a content support model through existing IP models the work takes a fresh look at Internet routing through a hierarchical model in order to highlight the benefits that can be gained with a new structural Internet or through similar modifications to the existing IP model. The work is divided into three major sections: investigating the existing UK based Internet structure as compared to the traditional Autonomous System (AS) Internet structural model; a localised hierarchical network topographical routing model; and intelligent distributed localised service models. The work begins by looking at the United Kingdom (UK) Internet structure as an example of a current generation technical and economic model with shared access to the last mile connectivity and a large scale wholesale network between Internet Service Providers (ISPs) and the end user. This model combined with the Internet Protocol (IP) address allocation and transparency of the wholesale network results in an enforced inefficiency within the overall network restricting the ability of ISPs to collaborate. From this model a core / edge separation hierarchical virtual tree based routing protocol based on the physical network topography (layers 2 and 3) is developed to remove this enforced inefficiency by allowing direct management and control at the lowest levels of the network. This model acts as the base layer for further distributed intelligent services such as management and content delivery to enable both ISPs and third parties to actively collaborate and provide content from the most efficient source

Enhancing Mobility in Low Power Wireless Sensor Networks

In the early stages of wireless sensor networks (WSNs), low data rate traffic patterns are assumed as applications have a single purpose with simple sensing task and data packets are generated at a rate of minutes or hours. As such, most of the proposed communication protocols focus on energy efficiency rather than high throughput. Emerging high data rate applications motivate bulk data transfer protocols to achieve high throughput. The basic idea is to enable nodes to transmit a sequence of packets in burst once they obtain a medium. However, due to the low-power, low-cost nature, the transceiver used in wireless sensor networks is prone to packet loss. Especially when the transmitters are mobile, packet loss becomes worse. To reduce the energy expenditure caused by packet loss and retransmission, a burst transmission scheme is required that can adapt to the link dynamics and estimate the number of packets to transmit in burst. As the mobile node is moving within the network, it cannot always maintain a stable link with one specific stationary node. When link deterioration is constantly detected, the mobile node has to initiate a handover process to seamlessly transfer the communication to a new relay node before the current link breaks. For this reason, it is vital for a mobile node to (1) determine whether a fluctuation in link quality eventually results in a disconnection, (2) foresee potential disconnection well ahead of time and establish an alternative link before the disconnection occurs, and (3) seamlessly transfer communication to the new link. In this dissertation, we focus on dealing with burst transmission and handover issues in low power mobile wireless sensor networks. To this end, we begin with designing a novel mobility enabled testing framework as the evaluation testbed for all our remaining studies. We then perform an empirical study to investigate the link characteristics in mobile environments. Using these observations as guidelines, we propose three algorithms related to mobility that will improve network performance in terms of latency and throughput: i) Mobility Enabled Testing Framework (MobiLab). Considering the high fluctuation of link quality during mobility, protocols supporting mobile wireless sensor nodes should be rigorously tested to ensure that they produce predictable outcomes before actual deployment. Furthermore, considering the typical size of wireless sensor networks and the number of parameters that can be configured or tuned, conducting repeated and reproducible experiments can be both time consuming and costly. The conventional method for evaluating the performance of different protocols and algorithms under different network configurations is to change the source code and reprogram the testbed, which requires considerable effort. To this end, we present a mobility enabled testbed for carrying out repeated and reproducible experiments, independent of the application or protocol types which should be tested. The testbed consists of, among others, a server side control station and a client side traffic ow controller which coordinates inter- and intra-experiment activities. ii) Adaptive Burst Transmission Scheme for Dynamic Environment. Emerging high data rate applications motivate bulk data transfer protocol to achieve high throughput. The basic idea is to enable nodes to transmit a sequence of packets in burst once they obtain a medium. Due to the low-power and low-cost nature, the transceiver used in wireless sensor networks is prone to packet loss. When the transmitter is mobile, packet loss becomes even worse. The existing bulk data transfer protocols are not energy efficient since they keep their radios on even while a large number of consecutive packet losses occur. To address this challenge, we propose an adaptive burst transmission scheme (ABTS). In the design of the ABTS, we estimate the expected duration in which the quality of a specific link remains stable using the conditional distribution function of the signal-to-noise ratio (SNR) of received acknowledgment packets. We exploit the expected duration to determine the number of packets to transmit in burst and the duration of the sleeping period. iii) Kalman Filter Based Handover Triggering Algorithm (KMF). Maintaining a stable link in mobile wireless sensor network is challenging. In the design of the KMF, we utilized combined link quality metrics in physical and link layers, such as Received Signal Strength Indicator (RSSI) and packet success rate (PSR), to estimate link quality fluctuation online. Then Kalman filter is adopted to predict link dynamics ahead of time. If a predicted link quality fulfills handover trigger criterion, a handover process will be initiated to discover alternative relay nodes and establish a new link before the disconnection occurs. iv) Mobile Sender Initiated MAC Protocol (MSI-MAC). In cellular networks, mobile stations are always associated with the nearest base station through intra- and inter-cellular handover. The underlying process is that the quality of an established link is continually evaluated and handover decisions are made by resource rich base stations. In wireless sensor networks, should a seamless handover be carried out, the task has to be accomplished by energy-constraint, resource-limited, and low-power wireless sensor nodes in a distributed manner. To this end, we present MSI-MAC, a mobile sender initiated MAC protocol to enable seamless handover

Mobility in IPv6

Masteroppgave i informasjons- og kommunikasjonsteknologi 2001 - Høgskolen i Agder, GrimstadIn the future it is expectable that the number of terminals with wireless access to network resources will be more and more widespread, and it is therefore necessary to integrate mobility support into future generation networks so that users can be online, even while in motion. The increasing use of Internet suggests that the Internet technology can be the best candidate for effective realization of future generation mobile systems. Mobile IP can offer the possibility for use of the mobile Internet in other ways than it is used in the standard wired environment, and may be the solution to increasing mobility demands. Due to this, mobility in IPv6 (MIPv6) is designed to be scalable, stable, efficient and secure, which are the factors considered important for this thesis. Scalable – The number of users are expected to be so many that MIPv6 is, according to its specification, designed to scale almost as well as Internet without mobility support integrated. This implies the elimination of triangle routing, currently a challenge in MIPv4, and also a reasonable amount of data that must be managed by the nodes involved in mobility. MIPv6 is also designed so that future extensions and modifications are possible by allowing further growth. Stable – For the adoption rate of this technology to high, the users must be able to depend on the services provided. At present the implementations shows that there are still a few more steps to take until necessary stability is offered, but product quality releases of MIPv6 is expected to be released sometime next year. The implementation tested in this thesis reflects transparent mobility as to simple higher-level applications such as telnet and http, but not real-time applications. The implementation described in this thesis had some initial problems with the procedures for Duplicate Address Detection (DAD), which shall guarantee that all addresses on any given IPv6 network is unique. Some improvements for DAD have therefore been proposed in order to get better solutions as to fault-handling procedures when DAD fails. Efficient – Base MIPv6 as used in our implementation does not provide the handover efficiency needed for all kinds of applications. Seen from a traditional Internet point of view, the services offered are of best effort quality. A future version of the Internet protocol must, however, be designed to support applications with greater demands to handover latencies, than what a best effort service level can provide. Thus, the handover latency must in these cases be so small that it goes within the boundaries for e.g. demanding real-time applications. Several solutions are proposed for this purpose, but the area of research is still very new and no proposal will be defined for still some time. It seems like the initial mobility deployment phase will be without support for these services, but the technology is very promising and will most likely be integrated as the use of MIPv6 advances. Secure – In a large mobile environment mobile nodes will not only require Internet access within their own domain. They will also probably visit foreign networks, and as known from GSM infrastructure today, this will not be free of charge. Service providers in foreign domains commonly require authorization to ensure a good business relationship with the client. This leads directly to authentication, and of course accounting (AAA). This AAA infrastructure should be in place before mobile Internet can be deployed worldwide

Cooperative & cost-effective network selection: a novel approach to support location-dependent & context-aware service migration in VANETs

Vehicular networking has gained considerable interest within the research community and industry. This class of mobile ad hoc network expects to play a vital role in the design and deployment of intelligent transportation systems. The research community expects to launch several innovative applications over Vehicular Ad hoc Networks (VANETs). The automotive industry is supporting the notion of pervasive connectivity by agreeing to equip vehicles with devices required for vehicular ad hoc networking. Equipped with these devices, mobile nodes in VANETs are capable of hosting many types of applications as services for other nodes in the network. These applications or services are classified as safety-critical (failure or unavailability of which may lead to a life threat) and non-safety-critical (failure of which do not lead to a life threat). Safety-critical and non-safety-critical applications need to be supported concurrently within VANETs. This research covers non-safety-critical applications since the research community has overlooked this class of applications. More specifically, this research focuses on VANETs services that are location-dependent. Due to high speed mobility, VANETs are prone to intermittent network connectivity. It is therefore envisioned that location-dependence and intermittent network connectivity are the two major challenges for VANETs to host and operate non-safety-critical VANETs services. The challenges are further exacerbated when the area where the services are to be deployed is unplanned i.e. lacks communication infrastructure and planning. Unplanned areas show irregular vehicular traffic on the road. Either network traffic flows produced by irregular vehicular traffic may lead to VANETs communication channel congestion, or it may leave the communication channel under-utilized. In both cases, this leads to communication bottlenecks within VANETs. This dissertation investigates the shortcomings of location-dependence, intermittent network connectivity and irregular network traffic flows and addresses them by exploiting location-dependent service migration over an integrated network in an efficient and cost-effective manner

Resilience options for provisioning anycast cloud services with virtual optical networks

Optical networks are crucial to support increasingly demanding cloud services. Delivering the requested quality of services (in particular latency) is key to successfully provisioning end-to-end services in clouds. Therefore, as for traditional optical network services, it is of utter importance to guarantee that clouds are resilient to any failure of either network infrastructure (links and/or nodes) or data centers. A crucial concept in establishing cloud services is that of network virtualization: the physical infrastructure is logically partitioned in separate virtual networks. To guarantee end-to-end resilience for cloud services in such a set-up, we need to simultaneously route the services and map the virtual network, in such a way that an alternate routing in case of physical resource failures is always available. Note that combined control of the network and data center resources is exploited, and the anycast routing concept applies: we can choose the data center to provide server resources requested by the customer to optimize resource usage and/or resiliency. This paper investigates the design of scalable optimization models to perform the virtual network mapping resiliently. We compare various resilience options, and analyze their compromise between bandwidth requirements and resiliency quality

IPv6: a new security challenge

Tese de mestrado em Segurança Informática, apresentada à Universidade de Lisboa, através da Faculdade de Ciências, 2011O Protocolo de Internet versão 6 (IPv6) foi desenvolvido com o intuito de resolver alguns dos problemas não endereçados pelo seu antecessor, o Protocolo de Internet versão 4 (IPv4), nomeadamente questões relacionadas com segurança e com o espaço de endereçamento disponível. São muitos os que na última década têm desenvolvido estudos sobre os investimentos necessários à sua adoção e sobre qual o momento certo para que o mesmo seja adotado por todos os players no mercado. Recentemente, o problema da extinção de endereçamentos públicos a ser disponibilizado pelas diversas Region Internet registry – RIRs - despertou o conjunto de entidades envolvidas para que se agilizasse o processo de migração do IPv4 para o IPv6. Ao contrário do IPv4, esta nova versão considera a segurança como um objetivo fundamental na sua implementação, nesse sentido é recomendado o uso do protocolo IPsec ao nível da camada de rede. No entanto, e devido à imaturidade do protocolo e à complexidade que este período de transição comporta, existem inúmeras implicações de segurança que devem ser consideradas neste período de migração. O objetivo principal deste trabalho é definir um conjunto de boas práticas no âmbito da segurança na implementação do IPv6 que possa ser utilizado pelos administradores de redes de dados e pelas equipas de segurança dos diversos players no mercado. Nesta fase de transição, é de todo útil e conveniente contribuir de forma eficiente na interpretação dos pontos fortes deste novo protocolo assim como nas vulnerabilidades a ele associadas.IPv6 was developed to address the exhaustion of IPv4 addresses, but has not yet seen global deployment. Recent trends are now finally changing this picture and IPv6 is expected to take off soon. Contrary to the original, this new version of the Internet Protocol has security as a design goal, for example with its mandatory support for network layer security. However, due to the immaturity of the protocol and the complexity of the transition period, there are several security implications that have to be considered when deploying IPv6. In this project, our goal is to define a set of best practices for IPv6 Security that could be used by IT staff and network administrators within an Internet Service Provider. To this end, an assessment of some of the available security techniques for IPv6 will be made by means of a set of laboratory experiments using real equipment from an Internet Service Provider in Portugal. As the transition for IPv6 seems inevitable this work can help ISPs in understanding the threats that exist in IPv6 networks and some of the prophylactic measures available, by offering recommendations to protect internal as well as customers’ networks