Software Defined Based Pure VPN Protocol for Preventing IP Spoofing Attacks in IOT

The Internet of things (IoT) is the network of devices, vehicles, and home appliances that contain electronics, software, actuators, and connectivity which allows these things to connect, interact and exchange data. IoT involves extending Internet connectivity beyond standard devices, such as desktops, laptops, smart phones and tablets, to any range of traditionally dumb or non-internet-enabled physical devices and everyday objects. Embedded with technology, these devices can communicate and interact over the Internet, and they can be remotely monitored and controlled. Traditionally, current internet packet delivery only depends on packet destination IP address and forward devices neglect the validation of packet’s IP source address. It makes attacks can leverage this flow to launch attacks with forge IP source address so as to meet their violent purpose and avoid to be tracked. In order to reduce this threat and enhance internet accountability, many solution proposed in the inter domain and intra domain aspects. Furthermore, most of them faced with some issues hard to cope, i.e., data security, data privacy. And most importantly code cover PureVPN protocol for both inter and intra domain areas. The novel network architecture of SDN possess whole network PureVPN protocol rule instead of traditional SDN switches, which brings good opportunity to solve IP spoofing problems. However, use authentication based on key exchange between the machines on your network; something like IP Security protocol will significantly cut down on the risk of spoofing. This paper proposes a SDN based PureVPN protocol architecture, which can cover both inter and intra domain areas with encrypted format effectively than SDN devices. The PureVPN protocol scheme is significant in improving the security and privacy in SDN for IoT

A formal semantics for control and data flow in the gannet service-based system-on-chip architecture

There is a growing demand for solutions which allow the design of large and complex reconfigurable Systems-on- Chip (SoC) at high abstraction levels. The Gannet project proposes a functional programming approach for high-abstraction design of very large SoCs. Gannet is a distributed service-based SoC architecture, i.e. a network of services offered by hardware or software cores. The Gannet SoC is task-level reconfigurable: it performs tasks by executing functional task description programs using a demand-driven dataflow mechanism. The Gannet architecture combines the flexible connectivity offered by a Networkon- Chip with the functional language paradigm to create a fully concurrent distributed SoC with the option to completely separate data flows from control flows. This feature is essential to avoid a bottleneck at he controller for run-time control of multiple high-throughput data flows. In this paper we present the Gannet architecture and language and introduce an operational semantics to formally describe the mechanism to separate control and data flows

New Cryptographic Algorithms for Enhancing Security of Voice Data

A real-time application Voice over Internet Protocol (VoIP) is the technology that enables voice packets transmission over internet protocol (IP). Security is of concern whenever open networks are to be used. In general, the real-time applications suffer from packet latency and loss due to the nature of IP network. Cryptographic systems may be used to achieve VoIP security, but their impact on the Quality of Services (QoS) should be minimized. Most of the known encryption algorithms are computationally expensive resulting in a significant amount of time added to packet delay. VoIP is usually used by public users resulting in a key exchange problem and a trusted intermediate authority normally takes this responsibility. In this research, VoIP security was enhanced via a proposed cryptographic system. The proposed solution consists of a simple, but strong encryption/decryption algorithm as well as an embedded method to exchange the keys between the users. In this research, a new keys is generated in a random fashion and then used to encrypt each new voice packet to strengthen the security level. Key exchange is carried out by inserting the key with the ciphered voice packet that depends on the table of the key positions at the sender and receiver sides, and the target receiver is the only one who is able to extract the key. The encryption process in this research is divided into three main stages: key generation, encryption process, and key insertion process. The decryption process on the other hand is divided into two main stages: key extraction process, and decryption process. The proposed solution was implemented and tested and the results showed that the required time for the security processes is minimized compared to some known algorithms such as AES_Rijndael algorithm. Furthermore, the analysis has proved that the security level has a direct relationship to the key length and the voice packet size in that large packet size requires more processing time. Finally, the implementation result in this research shows the average time needed to encrypt and decrypt a voice packet size using a proposed algorithm with the long key of 1024-bits is much smaller than AES_Rijndael algorithm with a short key length of 128-bits

SOFTWARE AND HARDWARE DESIGN OF A MINIATURIZED MOBILE AUTONOMOUS ROBOT, OPERATING IN A WIRELESS SENSOR NETWORK

Nowadays wireless nodes are becoming more and more popular in the field of localization. Thanks to the high research effort in this area, wireless sensors become more and more sophisticated. From year to year the accuracy in terms of distance estimation increases. In comparison to other localization devices like a Local Positioning System (LPS) or Global Positioning System (GPS), the wireless nodes are considered as a cheap alternative. The Finnish defence department, police and fire department support current research activities within this area, in the hope that they will get beneficial applications. The target of this Master’s Thesis “Software and Hardware Design of a Miniaturized Mobile Autonomous Robot, Operating in a Wireless Sensor Network” was the construction of miniaturized autonomous robot acting within a Wireless Sensor Network (WSN). The robot consists of an Embedded Linux PC, a wireless node and a mobile platform that are connected with each other. In this Master’s Thesis we describe the software and hardware tasks that were necessary for the interaction between the three mentioned components. We also discuss the software implementation for the communication between the wireless nodes and the results of the distance measurements.fi=Opinnäytetyö kokotekstinä PDF-muodossa.|en=Thesis fulltext in PDF format.|sv=Lärdomsprov tillgängligt som fulltext i PDF-format

Supporting distributed computation over wide area gigabit networks

The advent of high bandwidth fibre optic links that may be used over very large distances has lead to much research and development in the field of wide area gigabit networking. One problem that needs to be addressed is how loosely coupled distributed systems may be built over these links, allowing many computers worldwide to take part in complex calculations in order to solve "Grand Challenge" problems. The research conducted as part of this PhD has looked at the practicality of implementing a communication mechanism proposed by Craig Partridge called Late-binding Remote Procedure Calls (LbRPC). LbRPC is intended to export both code and data over the network to remote machines for evaluation, as opposed to traditional RPC mechanisms that only send parameters to pre-existing remote procedures. The ability to send code as well as data means that LbRPC requests can overcome one of the biggest problems in Wide Area Distributed Computer Systems (WADCS): the fixed latency due to the speed of light. As machines get faster, the fixed multi-millisecond round trip delay equates to ever increasing numbers of CPU cycles. For a WADCS to be efficient, programs should minimise the number of network transits they incur. By allowing the application programmer to export arbitrary code to the remote machine, this may be achieved. This research has looked at the feasibility of supporting secure exportation of arbitrary code and data in heterogeneous, loosely coupled, distributed computing environments. It has investigated techniques for making placement decisions for the code in cases where there are a large number of widely dispersed remote servers that could be used. The latter has resulted in the development of a novel prototype LbRPC using multicast IP for implicit placement and a sequenced, multi-packet saturation multicast transport protocol. These prototypes show that it is possible to export code and data to multiple remote hosts, thereby removing the need to perform complex and error prone explicit process placement decisions

A Comprehensive Survey of Voice over IP Security Research

We present a comprehensive survey of Voice over IP security academic research, using a set of 245 publications forming a closed cross-citation set. We classify these papers according to an extended version of the VoIP Security Alliance (VoIPSA) Threat Taxonomy. Our goal is to provide a roadmap for researchers seeking to understand existing capabilities and to identify gaps in addressing the numerous threats and vulnerabilities present in VoIP systems. We discuss the implications of our findings with respect to vulnerabilities reported in a variety of VoIP products. We identify two specific problem areas (denial of service, and service abuse) as requiring significant more attention from the research community. We also find that the overwhelming majority of the surveyed work takes a black box view of VoIP systems that avoids examining their internal structure and implementation. Such an approach may miss the mark in terms of addressing the main sources of vulnerabilities, i.e., implementation bugs and misconfigurations. Finally, we argue for further work on understanding cross-protocol and cross-mechanism vulnerabilities (emergent properties), which are the byproduct of a highly complex system-of-systems and an indication of the issues in future large-scale systems

Telecommunications Networks

This book guides readers through the basics of rapidly emerging networks to more advanced concepts and future expectations of Telecommunications Networks. It identifies and examines the most pressing research issues in Telecommunications and it contains chapters written by leading researchers, academics and industry professionals. Telecommunications Networks - Current Status and Future Trends covers surveys of recent publications that investigate key areas of interest such as: IMS, eTOM, 3G/4G, optimization problems, modeling, simulation, quality of service, etc. This book, that is suitable for both PhD and master students, is organized into six sections: New Generation Networks, Quality of Services, Sensor Networks, Telecommunications, Traffic Engineering and Routing

Quantum-Aware Software Defined Networks

Software Defined Networks (SDN) represent a major paradigm change in communications networks. It provides a level of abstraction and independence from the traditional networking practice that allows for a fast path of innovation and, specifically, opens new opportunities for Quantum Key Distribution (QKD) networks. In this contribution we explore the implications of this paradigm for the deployment of QKD in practice from the point of view of telecommunications? providers, network equipment manufacturers and applied research and development. We propose a generic quantum-aware SDN architecture and two applications, a generic end to end encryption one and other for the network infrastructure itself