4,820 research outputs found
Security and Privacy Issues in Wireless Mesh Networks: A Survey
This book chapter identifies various security threats in wireless mesh
network (WMN). Keeping in mind the critical requirement of security and user
privacy in WMNs, this chapter provides a comprehensive overview of various
possible attacks on different layers of the communication protocol stack for
WMNs and their corresponding defense mechanisms. First, it identifies the
security vulnerabilities in the physical, link, network, transport, application
layers. Furthermore, various possible attacks on the key management protocols,
user authentication and access control protocols, and user privacy preservation
protocols are presented. After enumerating various possible attacks, the
chapter provides a detailed discussion on various existing security mechanisms
and protocols to defend against and wherever possible prevent the possible
attacks. Comparative analyses are also presented on the security schemes with
regards to the cryptographic schemes used, key management strategies deployed,
use of any trusted third party, computation and communication overhead involved
etc. The chapter then presents a brief discussion on various trust management
approaches for WMNs since trust and reputation-based schemes are increasingly
becoming popular for enforcing security in wireless networks. A number of open
problems in security and privacy issues for WMNs are subsequently discussed
before the chapter is finally concluded.Comment: 62 pages, 12 figures, 6 tables. This chapter is an extension of the
author's previous submission in arXiv submission: arXiv:1102.1226. There are
some text overlaps with the previous submissio
On application of least-delay variation problem in ethernet networks using SDN concept
The goal of this paper is to present an application idea of SDN in Smart Grids, particularly, in the area of L2 multicast as defined by IEC 61850-9-2. Authors propose an Integer Linear Formulation (ILP) dealing with a Least-Delay-Variation multicast forwarding problem that has a potential to utilize Ethernet networks in a new way. The proposed ILP formulation is numerically evaluated on random graph topologies and results are compared to a shortest path tree approach that is traditionally a product of Spanning Tree Protocols. Results confirm the correctness of the ILP formulation and illustrate dependency of a solution quality on the selected graph models, especially, in a case of scale-free topologies
QoS multicast tree construction in IP/DWDM optical internet by bio-inspired algorithms
Copyright @ Elsevier Ltd. All rights reserved.In this paper, two bio-inspired Quality of Service (QoS) multicast algorithms are proposed in IP over dense wavelength division multiplexing (DWDM) optical Internet. Given a QoS multicast request and the delay interval required by the application, both algorithms are able to find a flexible QoS-based cost suboptimal routing tree. They first construct the multicast trees based on ant colony optimization and artificial immune algorithm, respectively. Then a dedicated wavelength assignment algorithm is proposed to assign wavelengths to the trees aiming to minimize the delay of the wavelength conversion. In both algorithms, multicast routing and wavelength assignment are integrated into a single process. Therefore, they can find the multicast trees on which the least wavelength conversion delay is achieved. Load balance is also considered in both algorithms. Simulation results show that these two bio-inspired algorithms can construct high performance QoS routing trees for multicast applications in IP/DWDM optical Internet.This work was supported in part ny the Program for New Century Excellent Talents in University, the Engineering and Physical Sciences Research Council (EPSRC) of UK under Grant EP/E060722/1, the National Natural Science Foundation of China under Grant no. 60673159 and 70671020, the National High-Tech Reasearch and Development Plan of China under Grant no. 2007AA041201, and the Specialized Research Fund for the Doctoral Program of Higher Education under Grant no. 20070145017
SDNsec: Forwarding Accountability for the SDN Data Plane
SDN promises to make networks more flexible, programmable, and easier to
manage. Inherent security problems in SDN today, however, pose a threat to the
promised benefits. First, the network operator lacks tools to proactively
ensure that policies will be followed or to reactively inspect the behavior of
the network. Second, the distributed nature of state updates at the data plane
leads to inconsistent network behavior during reconfigurations. Third, the
large flow space makes the data plane susceptible to state exhaustion attacks.
This paper presents SDNsec, an SDN security extension that provides
forwarding accountability for the SDN data plane. Forwarding rules are encoded
in the packet, ensuring consistent network behavior during reconfigurations and
limiting state exhaustion attacks due to table lookups. Symmetric-key
cryptography is used to protect the integrity of the forwarding rules and
enforce them at each switch. A complementary path validation mechanism allows
the controller to reactively examine the actual path taken by the packets.
Furthermore, we present mechanisms for secure link-failure recovery and
multicast/broadcast forwarding.Comment: 14 page
Resilient networking in wireless sensor networks
This report deals with security in wireless sensor networks (WSNs),
especially in network layer. Multiple secure routing protocols have been
proposed in the literature. However, they often use the cryptography to secure
routing functionalities. The cryptography alone is not enough to defend against
multiple attacks due to the node compromise. Therefore, we need more
algorithmic solutions. In this report, we focus on the behavior of routing
protocols to determine which properties make them more resilient to attacks.
Our aim is to find some answers to the following questions. Are there any
existing protocols, not designed initially for security, but which already
contain some inherently resilient properties against attacks under which some
portion of the network nodes is compromised? If yes, which specific behaviors
are making these protocols more resilient? We propose in this report an
overview of security strategies for WSNs in general, including existing attacks
and defensive measures. In this report we focus at the network layer in
particular, and an analysis of the behavior of four particular routing
protocols is provided to determine their inherent resiliency to insider
attacks. The protocols considered are: Dynamic Source Routing (DSR),
Gradient-Based Routing (GBR), Greedy Forwarding (GF) and Random Walk Routing
(RWR)
Scalability of broadcast performance in wireless network-on-chip
Networks-on-Chip (NoCs) are currently the paradigm of choice to interconnect the cores of a chip multiprocessor. However, conventional NoCs may not suffice to fulfill the on-chip communication requirements of processors with hundreds or thousands of cores. The main reason is that the performance of such networks drops as the number of cores grows, especially in the presence of multicast and broadcast traffic. This not only limits the scalability of current multiprocessor architectures, but also sets a performance wall that prevents the development of architectures that generate moderate-to-high levels of multicast. In this paper, a Wireless Network-on-Chip (WNoC) where all cores share a single broadband channel is presented. Such design is conceived to provide low latency and ordered delivery for multicast/broadcast traffic, in an attempt to complement a wireline NoC that will transport the rest of communication flows. To assess the feasibility of this approach, the network performance of WNoC is analyzed as a function of the system size and the channel capacity, and then compared to that of wireline NoCs with embedded multicast support. Based on this evaluation, preliminary results on the potential performance of the proposed hybrid scheme are provided, together with guidelines for the design of MAC protocols for WNoC.Peer ReviewedPostprint (published version
Quality of Service over Specific Link Layers: state of the art report
The Integrated Services concept is proposed as an enhancement to the current Internet architecture, to provide a better Quality of Service (QoS) than that provided by the traditional Best-Effort service. The features of the Integrated Services are explained in this report. To support Integrated Services, certain requirements are posed on the underlying link layer. These requirements are studied by the Integrated Services over Specific Link Layers (ISSLL) IETF working group. The status of this ongoing research is reported in this document. To be more specific, the solutions to provide Integrated Services over ATM, IEEE 802 LAN technologies and low-bitrate links are evaluated in detail. The ISSLL working group has not yet studied the requirements, that are posed on the underlying link layer, when this link layer is wireless. Therefore, this state of the art report is extended with an identification of the requirements that are posed on the underlying wireless link, to provide differentiated Quality of Service
- …