Named Data Networking in Vehicular Ad hoc Networks: State-of-the-Art and Challenges

International audienceInformation-Centric Networking (ICN) has been proposed as one of the future Internet architectures. It is poised to address the challenges faced by today's Internet that include, but not limited to, scalability, addressing, security, and privacy. Furthermore, it also aims at meeting the requirements for new emerging Internet applications. To realize ICN, Named Data Networking (NDN) is one of the recent implementations of ICN that provides a suitable communication approach due to its clean slate design and simple communication model. There are a plethora of applications realized through ICN in different domains where data is the focal point of communication. One such domain is Intelligent Transportation System (ITS) realized through Vehicular Ad hoc NETwork (VANET) where vehicles exchange information and content with each other and with the infrastructure. To date, excellent research results have been yielded in the VANET domain aiming at safe, reliable, and infotainment-rich driving experience. However, due to the dynamic topologies, host-centric model, and ephemeral nature of vehicular communication, various challenges are faced by VANET that hinder the realization of successful vehicular networks and adversely affect the data dissemination, content delivery, and user experiences. To fill these gaps, NDN has been extensively used as underlying communication paradigm for VANET. Inspired by the extensive research results in NDN-based VANET, in this paper, we provide a detailed and systematic review of NDN-driven VANET. More precisely, we investigate the role of NDN in VANET and discuss the feasibility of NDN architecture in VANET environment. Subsequently, we cover in detail, NDN-based naming, routing and forwarding, caching, mobility, and security mechanism for VANET. Furthermore, we discuss the existing standards, solutions, and simulation tools used in NDN-based VANET. Finally, we also identify open challenges and issues faced by NDN-driven VANET and highlight future research directions that should be addressed by the research community

Security aspects of OSPF as a MANET routing protocol

OSPF, Open Shortest Path First, is an Intra-gateway routing protocol first developed as an IETF effort. It is widely adopted in large enterprise-scale networks, being well regarded for its fast convergence and loop-free routing. It is versatile in terms of which interface types it supports, such as point-to-point links or broadcast networks. It also offers scalability through hierarchical routing and by using centralization to reduce the amount of overhead on networks which have broadcast or broadcast-similar properties. An interface type missing from the standard so far is that of a wireless network, characterized by non-guaranteed bidirectional links combined with unreliable broadcasting, and existing interface types generally perform poorly under these networks. The IETF has therefore instituted a Working Group to standardize such an interface type extension to the latest version, OSPF version 3. This interface type will permit mobility and multi-hop characteristics in addition to those of wireless links in general. Such networks are usually referred to as Mobile Ad-hoc Networks (MANET). MANET routing protocols are subject to more severe security issues than ordinary, wireline-oriented protocols are. This thesis aims to indentify key security aspects of OSPF as a MANET routing protocol

Applying named data networking in mobile ad hoc networks

This thesis presents the Name-based Mobile Ad-hoc Network (nMANET) approach to content distribution that ensure and enables responsible research on applying named data networking protocol in mobile ad-hoc networks. The test framework of the nMANET approach allows reproducibility of experiments and validation of expected results based on analysis of experimental data. The area of application for nMANETs is the distribution of humanitarian information in emergency scenarios. Named-Data Networking (NDN) and ad-hoc mobile communication allow exchange of emergency information in situations where central services such as cellular towers and electric systems are disrupted. The implemented prototype enables researchers to reproduce experiments on content distribution that consider constraints on mobile resources, such as the remaining power of mobile devices and available network bandwidth. The nMANET framework validates a set of experiments by measuring network traffic and energy consumption from both real mobile devices and those in a simulated environment. Additionally, this thesis presents results from experiments in which the nMANET forwarding strategies and traditional wireless services, such as hotpost, are analysed and compared. This experimental data represents the evidence that supports and validates the methodology presented in this thesis. The design and implementation of an nMANET prototype, the Java NDN Forwarder Daemon (JNFD) is presented as a testing framework, which follows the principles of continuous integration, continuous testing and continuous deployment. This testing framework is used to validate JNFD and IP-based technologies, such as HTTP in a MANET using the OLSR routing protocol, as well as traditional wireless infrastructure mode wireless. The set of experiments executed, in a small network of Android smart-phones connected in ad-hoc mode and in a virtual ad-hoc network simulator show the advantages of reproducibility using nMANET features. JNFD is open source, all experiments are scripted, they are repeatable and scalable. Additionally, JNFD utilises real GPS traces to simulate mobility of nodes during experiments. This thesis provides experimental evidence to show that nMANET allows reproducibility and validation of a wide range of future experiments applying NDN on MANETs

Mecanismos de facturação segura em redes auto-organizadas

Mestrado em Engenharia Electrónica e TelecomunicaçõesAs redes ad-hoc e as redes auto-organizadas constituem uma área de investigação com grande interesse. Estas redes são uteis em cenários onde seja necessária uma rede de baixo custo, elevada adaptabilidade e reduzido tempo de criação. As redes infra-estruturadas, tendo uma gestão centralizada, estão agora a começar a adoptar os conceitos de redes autoorganizadas nas suas arquitecturas. Ao contrário dos sistemas centralizados, redes auto-organizadas requerem que todos os terminais participantes operem de acordo com o melhor interesse da rede. O facto de, em redes ad-hoc, os equipamentos possuírem recursos limitados, pôe em causa este requisito levando a comportamentos egoístas. Este comportamento é espectavel criando problemas nas redes auto-organizativas, ameaçando o funcionamento de uma rede inteira. Algumas propostas foram ja criadas de modo a motivar a sua utilização correcta. Destas, algumas são baseadas em trocas de credito entre utilizadores, outras preveêm a existência de entidades gestoras de creditos. Estas ultimas propostas, que irão ser o foco desta dissertação, permitem a facil integração de redes ad-hoc com redes infra-estruturadas e geridas por um operador. Este trabalho descreve o estado da arte actual e, com algum detalhe, os métodos utilizados e as solucões relevantes para esta area. São propostas duas novas soluções de taxação para estas redes. Ambas as soluções possibilitam a integração das redes com metodos de taxação habituais em redes geridas por operadores. Para além disto, a motivação à participaçãao é aumentada através de incentivos ao encaminhamento de pacotes. Todos os processos são criptograficamente seguros através da utilização de métodos standard como DSA sobre Curvas Elípticas e funções de síntese robustas. As soluções propostas são descritas analiticamente e analisadas, sendo os os resultados obtidos comparados com outra proposta do estado da arte. Um exaustivo trabalho de simulação é igualmente descrito de forma a avaliar as soluções em cenários mais complexos. Os resultados obtidos em simulação são avaliados tendo em conta a variação de várias métricas como mobilidade, carga na rede, protocolo de encaminhamento e protocolo de transporte. No final, a arquitectura, implementação e resultados obtidos com uma implementação real de uma das propostas e os seus resultados analisados.Self-organised and ad-hoc networks are an area with an existing large research community. These networks are much useful in scenarios requiring a rapidly deployed, low cost and highly adaptable network. Recently, infrastructure networks, which are managed in a much centralised form, are starting to introduce concepts of self-organised networks in its architecture. In opposition to centralised systems, self-organisation creates the necessity for all nodes to behave according to the best interest of the network. The fact that in many ad-hoc networks nodes have scarce resources poses some threats to this requirement. As resources decreases, such as battery or wireless bandwidth, nodes can start acting selfishly. This behaviour is known to bring damage to self-organised networks and threatens the entire network. Several proposals were made in order to promote the correct usage of the network. Some proposals are based on local information and direct credit exchange while others envision the existence of a central bank. The later solutions are further elaborated in this thesis, as they make possible integration of ad-hoc network with operator driven infrastructures. This work presents the current state-of-the-art on the area providing a detailed insight on the methods adopted by each solution presented. Two novel solutions are proposed providing charging support for integrated ad-hoc networks. Both solutions provide means of integration with standard management methods found in operator networks. Also, node´s motivation is increased through the reward of nodes forwarding data packets. The entire process is cryptographically secure, making use of standard methods such as Elliptic Curve DSA and strong digest functions. The solutions proposed are described and analysed analytically, comparing the results with other state-of-the-art proposals. Extensive simulation work is also presented which furthers evaluates the solutions in complex scenarios. Results are obtained from these scenarios and several metrics are evaluated taking in consideration mobility, network load, routing protocol and transport protocol. The architecture and results obtained with a real implementation are finally presented and analysed

Design and Implementation of a Communication Protocol to Improve Multimedia QoS and QoE in Wireless Ad Hoc Networks

[EN] This dissertation addresses the problem of multimedia delivery over multi-hop ad hoc wireless networks, and especially over wireless sensor networks. Due to their characteristics of low power consumption, low processing capacity and low memory capacity, they have major difficulties in achieving optimal quality levels demanded by end users in such communications. In the first part of this work, it has been carried out a study to determine the behavior of a variety of multimedia streams and how they are affected by the network conditions when they are transmitted over topologies formed by devices of different technologies in multi hop wireless ad hoc mode. To achieve this goal, we have performed experimental tests using a test bench, which combine the main codecs used in audio and video streaming over IP networks with different sound and video captures representing the characteristic patterns of multimedia services such as phone calls, video communications, IPTV and video on demand (VOD). With the information gathered in the laboratory, we have been able to establish the correlation between the induced changes in the physical and logical topology and the network parameters that measure the quality of service (QoS) of a multimedia transmission, such as latency, jitter or packet loss. At this stage of the investigation, a study was performed to determine the state of the art of the proposed protocols, algorithms, and practical implementations that have been explicitly developed to optimize the multimedia transmission over wireless ad hoc networks, especially in ad hoc networks using clusters of nodes distributed over a geographic area and wireless sensor networks. Next step of this research was the development of an algorithm focused on the logical organization of clusters formed by nodes capable of adapting to the circumstances of real-time traffic. The stated goal was to achieve the maximum utilization of the resources offered by the set of nodes that forms the network, allowing simultaneously sending reliably and efficiently all types of content through them, and mixing conventional IP data traffic with multimedia traffic with stringent QoS and QoE requirements. Using the information gathered in the previous phase, we have developed a network architecture that improves overall network performance and multimedia streaming. In parallel, it has been designed and programmed a communication protocol that allows implementing the proposal and testing its operation on real network infrastructures. In the last phase of this thesis we have focused our work on sending multimedia in wireless sensor networks (WSN). Based on the above results, we have adapted both the architecture and the communication protocol for this particular type of network, whose use has been growing hugely in recent years.[ES] Esta tesis doctoral aborda el problema de la distribución de contenidos multimedia a través de redes inalámbricas ad hoc multisalto, especialmente las redes inalámbricas de sensores que, debido a sus características de bajo consumo energético, baja capacidad de procesamiento y baja capacidad de memoria, plantean grandes dificultades para alcanzar los niveles de calidad óptimos que exigen los usuarios finales en dicho tipo de comunicaciones. En la primera parte de este trabajo se ha llevado a cabo un estudio para determinar el comportamiento de una gran variedad de flujos multimedia y como se ven afectados por las condiciones de la red cuando son transmitidos a través topologías formadas por dispositivos de diferentes tecnologías que se comunican en modo ad hoc multisalto inalámbrico. Para ello, se han realizado pruebas experimentales sobre una maqueta de laboratorio, combinando los principales códecs empleados en la transmisión de audio y video a través de redes IP con diversas capturas de sonido y video que representan patrones característicos de servicios multimedia tales como las llamadas telefónicas, videoconferencias, IPTV o video bajo demanda (VOD). Con la información reunida en el laboratorio se ha podido establecer la correlación entre los cambios inducidos en la topología física y lógica de la red con los parámetros que miden la calidad de servicio (QoS) de una transmisión multimedia, tales como la latencia el jitter o la pérdida de paquetes. En esta fase de la investigación se realiza un estudio para determinar el estado del arte de las propuestas de desarrollo e implementación de protocolos y algoritmos que se han generado de forma explícita para optimizar la transmisión de tráfico multimedia sobre redes ad hoc inalámbricas, especialmente en las redes inalámbricas de sensores y redes ad hoc utilizando clústeres de nodos distribuidos en un espacio geográfico. El siguiente paso en la investigación ha consistido en el desarrollo de un algoritmo propio para la organización lógica de clústeres formados por nodos capaces de adaptarse a las circunstancias del tráfico en tiempo real. El objetivo planteado es conseguir un aprovechamiento máximo de los recursos ofrecidos por el conjunto de nodos que forman la red, permitiendo de forma simultánea el envío de todo tipo de contenidos a través de ellos de forma confiable y eficiente, permitiendo la convivencia de tráfico de datos IP convencional con tráfico multimedia con requisitos exigentes de QoS y QoE. A partir de la información conseguida en la fase anterior, se ha desarrollado una arquitectura de red que mejora el rendimiento general de la red y el de las transmisiones multimedia de audio y video en particular. De forma paralela, se ha diseñado y programado un protocolo de comunicación que permite implementar el modelo y testear su funcionamiento sobre infraestructuras de red reales. En la última fase de esta tesis se ha dirigido la atención hacia la transmisión multimedia en las redes de sensores inalámbricos (WSN). Partiendo de los resultados anteriores, se ha adaptado tanto la arquitectura como el protocolo de comunicaciones para este tipo concreto de red, cuyo uso se ha extendido en los últimos años de forma considerable[CA] Esta tesi doctoral aborda el problema de la distribució de continguts multimèdia a través de xarxes sense fil ad hoc multi salt, especialment les xarxes sense fil de sensors que, a causa de les seues característiques de baix consum energètic, baixa capacitat de processament i baixa capacitat de memòria, plantegen grans dificultats per a aconseguir els nivells de qualitat òptims que exigixen els usuaris finals en eixos tipus de comunicacions. En la primera part d'este treball s'ha dut a terme un estudi per a determinar el comportament d'una gran varietat de fluxos multimèdia i com es veuen afectats per les condicions de la xarxa quan són transmesos a través topologies formades per dispositius de diferents tecnologies que es comuniquen en mode ad hoc multi salt sense fil. Per a això, s'han realitzat proves experimentals sobre una maqueta de laboratori, combinant els principals códecs empleats en la transmissió d'àudio i vídeo a través de xarxes IP amb diverses captures de so i vídeo que representen patrons característics de serveis multimèdia com son les cridades telefòniques, videoconferències, IPTV o vídeo baix demanda (VOD). Amb la informació reunida en el laboratori s'ha pogut establir la correlació entre els canvis induïts en la topologia física i lògica de la xarxa amb els paràmetres que mesuren la qualitat de servei (QoS) d'una transmissió multimèdia, com la latència el jitter o la pèrdua de paquets. En esta fase de la investigació es realitza un estudi per a determinar l'estat de l'art de les propostes de desenvolupament i implementació de protocols i algoritmes que s'han generat de forma explícita per a optimitzar la transmissió de tràfic multimèdia sobre xarxes ad hoc sense fil, especialment en les xarxes sense fil de sensors and xarxes ad hoc utilitzant clusters de nodes distribuïts en un espai geogràfic. El següent pas en la investigació ha consistit en el desenvolupament d'un algoritme propi per a l'organització lògica de clusters formats per nodes capaços d'adaptar-se a les circumstàncies del tràfic en temps real. L'objectiu plantejat és aconseguir un aprofitament màxim dels recursos oferits pel conjunt de nodes que formen la xarxa, permetent de forma simultània l'enviament de qualsevol tipus de continguts a través d'ells de forma confiable i eficient, permetent la convivència de tràfic de dades IP convencional amb tràfic multimèdia amb requisits exigents de QoS i QoE. A partir de la informació aconseguida en la fase anterior, s'ha desenvolupat una arquitectura de xarxa que millora el rendiment general de la xarxa i el de les transmissions multimèdia d'àudio i vídeo en particular. De forma paral¿lela, s'ha dissenyat i programat un protocol de comunicació que permet implementar el model i testejar el seu funcionament sobre infraestructures de xarxa reals. En l'última fase d'esta tesi s'ha dirigit l'atenció cap a la transmissió multimèdia en les xarxes de sensors sense fil (WSN). Partint dels resultats anteriors, s'ha adaptat tant l'arquitectura com el protocol de comunicacions per a aquest tipus concret de xarxa, l'ús del qual s'ha estés en els últims anys de forma considerable.Díaz Santos, JR. (2016). Design and Implementation of a Communication Protocol to Improve Multimedia QoS and QoE in Wireless Ad Hoc Networks [Tesis doctoral no publicada]. Universitat Politècnica de València. https://doi.org/10.4995/Thesis/10251/62162TESI

A Concept for a Trustworthy Integration of Smartphones in Business Environments

Smartphones are commonly used within business environments nowadays. They provide sophisticated communicational means which go far beyond simple telephone capabilities. Email access and particular apps on the device are examples of their versatile abilities. While these features allow them to be used in a very flexible way, e.g. in different infrastructures, they impose new threats to their surrounding infrastructure. For example, if used in an environment which allows the installation of custom apps, malicious software may be placed on the device. In order to mitigate these threats, a detailed awareness combined with the possibility to enforce certain constraints on such devices need to be established. In detail, it is necessary to include such devices into a decision making process which decides about the policy compliance of such devices. The policy used in this process defines the rules which apply to the particular infrastructure, e.g. if custom apps are allowed or if a specific software version may not be allowed. However, even when relying on this process, there is one limitation as it does not include a trust-based evaluation. This leads to the problem that a malicious smartphone might compromise the information used for the decision making process which should determine the policy compliance of this device. This renders the overall approach ineffective as the decision wether a device is policy compliant or not may be false. Given that, the thesis presented here provides means to evaluate the trustworthiness of such information to allow a trustworthy decision making about the policy compliance. It therefore introduces two things: (1) a generic trust model for such environments and (2) a domain-specific extension called Trustworthy Context-related Signature and Anomaly Detection system for Smartphones (TCADS). The trust model (1) allows to specify, to calculate and to evaluate trust for the information used by the decision making process. More in detail, the trust founding process of (1) is done by introducing so-called security properties which allow to rate the trustworthiness of certain aspects. The trust model does not limit these aspects to a particular type. That is, device-specific aspects like the number of installed apps or the current version of the operating system may be used as well as device independent aspects like communicational parameters. The security properties defined in (1) are then used to calculate an overall trust level, which provides an evaluable representation of trust for the information used by the decision making process. The domain-specific extension (2) uses the trust model and provides a deployable trust-aware decision making solution for smartphone environments. The resulting system, TCADS, allows not only to consider trust within the decisions about the policy compliance but also enables to base the decisions solely on the trust itself. Besides the theoretical specification of the trust model (1) and the domain-specific extension (2), a proof of concept implementation is given. This implementation leverages both, the abilities of the generic trust model (1) as well as the abilities of the TCADS system (2), thus providing a deployable set of programs. Using this proof of concept implementation, an assessment shows the benefits of the proposed concept and its practical relevance. A conclusion and an outlook to future work extending this approach is given at the end of this thesis.Smartphones sind in heutigen Unternehmensnetzen mittlerweile nicht mehr wegzudenken. Über einfache Telefonie-basierte Fähigkeiten hinaus bieten sie Eigenschaften wie zum Beispiel Email-Zugriff oder hohe Anpassbarkeit auf Basis von Apps. Obwohl diese Funktionalitäten eine vielseitige Nutzung solcher Smartphones erlauben, stellen sie gleichzeitig eine neuartige Bedrohung für die umgebende Infrastruktur dar. Erlaubt eine spezifische Umgebung beispielsweise die Installation von eigenen Apps auf dem Smartphone, so ist es über diesen Weg möglich, Schadprogramme auf dem Gerät zu platzieren. Um diesen Bedrohungen entgegenzuwirken, ist es zum einen nötig Smartphones in der jeweiligen Umgebung zu erkennen und zum anderen, Richtlinien auf den jeweiligen Geräten durchsetzen zu können. Die durchzusetzenden Richtlinien legen fest, welche Einschränkungen für die jeweilige Umgebung gelten, z.B. die Erlaubnis zur Installation von eigenen Apps oder die Benutzung einer bestimmten Softwareversion. Aber auch wenn eine entsprechende Lösung zur Einbeziehung von Smartphones in die Infrastruktur verwendet wird, bleibt ein Problem ungelöst: die Betrachtung der Vertrauenswürdigkeit von durch das Smartphone bereitgestellten Informationen. Diese Einschränkung führt zu dem Problem, dass ein entsprechend kompromittiertes Smartphone die Informationen, welche zur Entscheidungsfindung über die Richtlinienkonformität des Gerätes verwendet werden, in einer Art und Weise ändert, welche den gesamten Entscheidungsprozess ineffizient und somit wirkungslos macht. Die hier vorliegende Arbeit stellt daher einen neuen Ansatz vor um einen vertrauenswürdigen Entscheidungsprozess zur Regelkonformität des Gerätes zu ermöglichen. Im Detail werden dazu zwei Ansätze vorgestellt: (1) Ein generisches Modell für Vertrauensürdigkeit sowie eine (2) domänenspezifische Abbildung dieses Modells, welches als Trustworthy Context-related Signature and Anomaly Detection system for Smartphones (TCADS) bezeichnet wird. Das Modell für Vertrauenswürdigkeit (1) erlaubt die Definition, Berechnung und Auswertung von Vetrauenswürdigkeit für Informationen welche im Entscheidungsprozess verwendet werden. Im Detail basiert die Vertrauenswürdigkeitsbestimmung auf Grundfaktoren für Vertrauen, den sogenannten Sicherheitseigenschaften. Diese Eigenschaften bewerten die Vertrauenswürdigkeit anhand von bestimmten Aspekten die entweder gerätespezifisch und Geräteunabhängig sein können. Basierend auf dieser Bewertung wird dann eine Gesamtvertrauenswürdigkeit, der sogenannte Trust Level berechnet. Dieser Trust Level erlaubt die Berücksichtigung der Vertrauenswürdigkeit bei der Entscheidungsfindung. Teil (2) der Lösung stellt, basierend auf dem Modell der Vertrauenswürdigkeit, ein System zur vertrauensbasierten Entscheidungsfindung in Smartphone Umgebungen bereit. Mit diesem System, TCADS, ist es nicht nur möglich, Entscheidungen auf ihre Korrektheit bezüglich der Vertrauenswürdigkeit zu prüfen, sondern auch Entscheidungen komplett auf Basis der Vertrauenswürdigkeit zu fällen. Neben dem allgemeingültigen Modell (1) und dem daraus resultierenden domänenspezifischen System (2), stellt die Arbeit außerdem einen Tragfähigkeitsnachweis in Form einer Referenzimplementierung bereit. Diese Implementierung nutzt sowohl Fähigkeiten des Modells der Vertrauenswürdigkeit (1) als auch des TCADS Systems (2) und stellt ein nutzbares Set von Programmen bereit. Eine Evaluierung basierend auf diesem Tragfähigkeitsnachweis zeigt die Vorteile und die Praktikabilität der vorgestellten Ansätze. Abschließend findet sich eine Zusammenfassung der Arbeit sowie ein Ausblick auf weiterführende Fragestellungen

RFC6622: Integrity Check Value and Timestamp TLV Definitions for Mobile Ad Hoc Networks (MANETs)

This document describes general and flexible TLVs for representing cryptographic Integrity Check Values (ICVs) (i.e., digital signatures or Message Authentication Codes (MACs)) as well as timestamps, using the generalized Mobile Ad Hoc Network (MANET) packet/message format defined in RFC 5444. It defines two Packet TLVs, two Message TLVs, and two Address Block TLVs for affixing ICVs and timestamps to a packet, a message, and an address, respectively. Status of This Memo This is an Internet Standards Track document. This document is a product of the Internet Engineering Task Force (IETF). It represents the consensus of the IETF community. It has received public review and has been approved for publication by the Internet Engineering Steering Group (IESG). Further information on Internet Standards is available in Section 2 of RFC 5741. Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at http://www.rfc-editor.org/info/rfc6622

RFC7182: Integrity Check Value and Timestamp TLV Definitions for Mobile Ad Hoc Networks (MANETs)

This document revises, extends, and replaces RFC 6622. It describes general and flexible TLVs for representing cryptographic Integrity Check Values (ICVs) and timestamps, using the generalized Mobile Ad Hoc Network (MANET) packet/message format defined in RFC 5444. It defines two Packet TLVs, two Message TLVs, and two Address Block TLVs for affixing ICVs and timestamps to a packet, a message, and one or more addresses, respectively. Status of This Memo This is an Internet Standards Track document. This document is a product of the Internet Engineering Task Force (IETF). It represents the consensus of the IETF community. It has received public review and has been approved for publication by the Internet Engineering Steering Group (IESG). Further information on Internet Standards is available in Section 2 of RFC 5741