Robustness to Inflated Subscription in Multicast Congestion Control

Group subscription is a useful mechanism for multicast congestion control: RLM, RLC, FLID-DL, and WEBRC form a promising line of multi-group protocols where receivers provide no feedback to the sender but control congestion via group membership regulation. Unfortunately, the group subscription mechanism also o#ers receivers an opportunity to elicit self-beneficial bandwidth allocations. In particular, a misbehaving receiver can ignore guidelines for group subscription and choose an unfairly high subscription level in a multi-group multicast session. This poses a serious threat to fairness of bandwidth allocation. In this paper, we present the first solution for the problem of inflated subscription. Our design guards access to multicast groups with dynamic keys and consists of two independent components: DELTA (Distribution of ELigibility To Access) -- a novel method for in-band distribution of group keys to receivers that are eligible to access the groups according to the congestion control protocol, and SIGMA (Secure Internet Group Management Architecture) -- a generic architecture for key-based group access at edge routers

Security and Privacy Issues in Wireless Mesh Networks: A Survey

This book chapter identifies various security threats in wireless mesh network (WMN). Keeping in mind the critical requirement of security and user privacy in WMNs, this chapter provides a comprehensive overview of various possible attacks on different layers of the communication protocol stack for WMNs and their corresponding defense mechanisms. First, it identifies the security vulnerabilities in the physical, link, network, transport, application layers. Furthermore, various possible attacks on the key management protocols, user authentication and access control protocols, and user privacy preservation protocols are presented. After enumerating various possible attacks, the chapter provides a detailed discussion on various existing security mechanisms and protocols to defend against and wherever possible prevent the possible attacks. Comparative analyses are also presented on the security schemes with regards to the cryptographic schemes used, key management strategies deployed, use of any trusted third party, computation and communication overhead involved etc. The chapter then presents a brief discussion on various trust management approaches for WMNs since trust and reputation-based schemes are increasingly becoming popular for enforcing security in wireless networks. A number of open problems in security and privacy issues for WMNs are subsequently discussed before the chapter is finally concluded.Comment: 62 pages, 12 figures, 6 tables. This chapter is an extension of the author's previous submission in arXiv submission: arXiv:1102.1226. There are some text overlaps with the previous submissio

Optimising routing and trustworthiness of ad hoc networks using swarm intelligence

This thesis was submitted for the degree of Doctor of Philsophy and awarded by Brunel UniversityThis thesis proposes different approaches to address routing and security of MANETs using swarm technology. The mobility and infrastructure-less of MANET as well as nodes misbehavior compose great challenges to routing and security protocols of such a network. The first approach addresses the problem of channel assignment in multichannel ad hoc networks with limited number of interfaces, where stable route are more preferred to be selected. The channel selection is based on link quality between the nodes. Geographical information is used with mapping algorithm in order to estimate and predict the links’ quality and routes life time, which is combined with Ant Colony Optimization (ACO) algorithm to find most stable route with high data rate. As a result, a better utilization of the channels is performed where the throughput increased up to 74% over ASAR protocol. A new smart data packet routing protocol is developed based on the River Formation Dynamics (RFD) algorithm. The RFD algorithm is a subset of swarm intelligence which mimics how rivers are created in nature. The protocol is a distributed swarm learning approach where data packets are smart enough to guide themselves through best available route in the network. The learning information is distributed throughout the nodes of the network. This information can be used and updated by successive data packets in order to maintain and find better routes. Data packets act like swarm agents (drops) where they carry their path information and update routing information without the need for backward agents. These data packets modify the routing information based on different network metrics. As a result, data packet can guide themselves through better routes. In the second approach, a hybrid ACO and RFD smart data packet routing protocol is developed where the protocol tries to find shortest path that is less congested to the destination. Simulation results show throughput improvement by 30% over AODV protocol and 13% over AntHocNet. Both delay and jitter have been improved more than 96% over AODV protocol. In order to overcome the problem of source routing introduced due to the use of the ACO algorithm, a solely RFD based distance vector protocol has been developed as a third approach. Moreover, the protocol separates reactive learned information from proactive learned information to add more reliability to data routing. To minimize the power consumption introduced due to the hybrid nature of the RFD routing protocol, a forth approach has been developed. This protocol tackles the problem of power consumption and adds packets delivery power minimization to the protocol based on RFD algorithm. Finally, a security model based on reputation and trust is added to the smart data packet protocol in order to detect misbehaving nodes. A trust system has been built based on the privilege offered by the RFD algorithm, where drops are always moving from higher altitude to lower one. Moreover, the distributed and undefined nature of the ad hoc network forces the nodes to obligate to cooperative behaviour in order not to be exposed. This system can easily and quickly detect misbehaving nodes according to altitude difference between active intermediate nodes

A Scalable and Adaptive Network on Chip for Many-Core Architectures

In this work, a scalable network on chip (NoC) for future many-core architectures is proposed and investigated. It supports different QoS mechanisms to ensure predictable communication. Self-optimization is introduced to adapt the energy footprint and the performance of the network to the communication requirements. A fault tolerance concept allows to deal with permanent errors. Moreover, a template-based automated evaluation and design methodology and a synthesis flow for NoCs is introduced

A use case of low power wide area networks in future 5G healthcare applications

Abstract. The trend in all cellular evolution to the Long-Term Evolution (LTE) has always been to offer users continuously increasing data rates. However, the next leap forwards towards the 5th Generation Mobile Networks (5G) will be mainly addressing the needs of devices. Machines communicating with each other, sensors reporting to a server, or even machines communicating with humans, these are all different aspects of the same technology; the Internet of Things (IoT). The key differentiator between Machine-to-Machine (M2M) communications and IoT will be the added -feature of connecting devices and sensors not only to themselves, but also to the internet. The appropriate communications network is the key to allow this connectivity. Local Area Networks (LANs) and Wide Area Networks (WANs) have been thought of as enablers for IoT, but since they both suffered from limitations in IoT aspects, the need for a new enabling technology was evident. LPWANs are networks dedicated to catering for the needs of IoT such as providing low energy consumption for wireless devices. LPWANs can be categorized into proprietary LPWANs and cellular LPWANs. Proprietary LPWANs are created by an alliance of companies working together on creating a communications standard operating in unlicensed frequency bands. An example of proprietary LPWANs is LoRa. Whereas cellular LPWANs are standardized by the 3rd Partnership Project (3GPP) and they are basically versions of the LTE standard especially designed for machine communications. An example of cellular LPWANs is Narrowband IoT (NB IoT). This diploma thesis documents the usage of LoRa and NB IoT in a healthcare use case of IoT. It describes the steps and challenges of deploying an LTE network at a target site, which will be used by the LoRa and NB IoT sensors to transmit data through the 5G test network (5GTN) to a desired server location for storing and later analysis.Matalan tehonkulutuksen ja pitkänkantaman teknologian käyttötapaus tulevaisuuden 5G:tä hyödyntävissä terveydenhoidon sovelluksissa. Tiivistelmä. Pitemmän aikavälin tarkastelussa matkaviestintäteknologian kehittyminen nykyisin käytössä olevaan Long-Term Evolution (LTE) teknologiaan on tarkoittanut käyttäjille yhä suurempia datanopeuksia. Seuraavassa askeleessa kohti 5. sukupolven matkaviestintäverkkoja (5G) lähestytään kehitystä myös laitteiden tarpeiden lähtökohdista. Toistensa kanssa kommunikoivat koneet, palvelimille dataa lähettävät anturit tai jopa ihmisten kanssa kommunikoivat koneet ovat kaikki eri puolia samasta teknologisesta käsitteestä; esineiden internetistä (IoT). Oleellisin ero koneiden välisessä kommunikoinnissa (M2M) ja IoT:ssä on, että erinäiset laitteet tulevat olemaan yhdistettyinä paitsi toisiinsa myös internettiin. Tätä kytkentäisyyttä varten tarvitaan tarkoitukseen kehitetty matkaviestinverkko. Sekä lähiverkkoja (LAN) että suuralueverkkoja (WAN) on pidetty mahdollisina IoT mahdollistajina, mutta näiden molempien käsitteiden alle kuuluvissa teknologioissa on rajoitteita IoT:n vaatimusten lähtökohdista, joten uuden teknologian kehittäminen oli tarpeellista. Matalan tehonkulutuksen suuralueverkko (LP-WAN) on käsite, johon luokitellaan eri teknologioita, joita on kehitetty erityisesti IoT:n tarpeista lähtien. LP-WAN voidaan jaotella ainakin itse kehitettyihin ja matkaviestinverkkoihin perustuviin teknologisiin ratkaisuihin. Itse kehitetyt ratkaisut on luotu lukuisten yritysten yhteenliittymissä eli alliansseissa ja nämä ratkaisut keskittyvät lisensoimattomilla taajuuksilla toimiviin langattomiin ratkaisuihin, joista esimerkkinä laajasti käytössä oleva LoRa. Matkaviestinverkkoihin perustuvat lisensoiduilla taajuuksilla toimivat ratkaisut on puolestaan erikseen standardoitu 3GPP-nimisessä yhteenliittymässä, joka nykyisellään vastaa 2G, 3G ja LTE:n standardoiduista päätöksistä. Esimerkki 3GPP:n alaisesta LPWAN-luokkaan kuuluvasta teknologiasta on kapea kaistainen IoT-teknologia, NB-IoT. Tässä diplomityössä keskitytään terveydenhoidon käyttötapaukseen, missä antureiden mittaamaa tietoa siirretään langattomasti käyttäen sekä LoRa että NB-IoT teknologioita. Työssä kuvataan eri vaiheet ja haasteet, joita liittyi kun rakennetaan erikseen tiettyyn kohteeseen LTE-verkon radiopeitto, jotta LoRa:a ja NB-IoT:a käyttävät anturit saadaan välittämään mitattua dataa halutulle palvelimelle säilytykseen ja myöhempää analysointia varten. LTE-radiopeiton rakensi Oulun yliopiston omistama 5G testiverkko, jonka tarkoitus on tukea sekä tutkimusta että ympäröivää ekosysteemiä tulevaisuuden 5G:n kehityksessä

A Trust Management Framework for Vehicular Ad Hoc Networks

The inception of Vehicular Ad Hoc Networks (VANETs) provides an opportunity for road users and public infrastructure to share information that improves the operation of roads and the driver experience. However, such systems can be vulnerable to malicious external entities and legitimate users. Trust management is used to address attacks from legitimate users in accordance with a user’s trust score. Trust models evaluate messages to assign rewards or punishments. This can be used to influence a driver’s future behaviour or, in extremis, block the driver. With receiver-side schemes, various methods are used to evaluate trust including, reputation computation, neighbour recommendations, and storing historical information. However, they incur overhead and add a delay when deciding whether to accept or reject messages. In this thesis, we propose a novel Tamper-Proof Device (TPD) based trust framework for managing trust of multiple drivers at the sender side vehicle that updates trust, stores, and protects information from malicious tampering. The TPD also regulates, rewards, and punishes each specific driver, as required. Furthermore, the trust score determines the classes of message that a driver can access. Dissemination of feedback is only required when there is an attack (conflicting information). A Road-Side Unit (RSU) rules on a dispute, using either the sum of products of trust and feedback or official vehicle data if available. These “untrue attacks” are resolved by an RSU using collaboration, and then providing a fixed amount of reward and punishment, as appropriate. Repeated attacks are addressed by incremental punishments and potentially driver access-blocking when conditions are met. The lack of sophistication in this fixed RSU assessment scheme is then addressed by a novel fuzzy logic-based RSU approach. This determines a fairer level of reward and punishment based on the severity of incident, driver past behaviour, and RSU confidence. The fuzzy RSU controller assesses judgements in such a way as to encourage drivers to improve their behaviour. Although any driver can lie in any situation, we believe that trustworthy drivers are more likely to remain so, and vice versa. We capture this behaviour in a Markov chain model for the sender and reporter driver behaviours where a driver’s truthfulness is influenced by their trust score and trust state. For each trust state, the driver’s likelihood of lying or honesty is set by a probability distribution which is different for each state. This framework is analysed in Veins using various classes of vehicles under different traffic conditions. Results confirm that the framework operates effectively in the presence of untrue and inconsistent attacks. The correct functioning is confirmed with the system appropriately classifying incidents when clarifier vehicles send truthful feedback. The framework is also evaluated against a centralized reputation scheme and the results demonstrate that it outperforms the reputation approach in terms of reduced communication overhead and shorter response time. Next, we perform a set of experiments to evaluate the performance of the fuzzy assessment in Veins. The fuzzy and fixed RSU assessment schemes are compared, and the results show that the fuzzy scheme provides better overall driver behaviour. The Markov chain driver behaviour model is also examined when changing the initial trust score of all drivers

Models, services and security in modern online social networks

Modern online social networks have revolutionized the world the same way the radio and the plane did, crossing geographical and time boundaries, not without problems, more can be learned, they can still change our world and that their true worth is still a question for the future

Resilience-Building Technologies: State of Knowledge -- ReSIST NoE Deliverable D12

This document is the first product of work package WP2, "Resilience-building and -scaling technologies", in the programme of jointly executed research (JER) of the ReSIST Network of Excellenc

Multicast Congestion Control with Distrusted Receivers

Congestion control protocols rely on receivers to support fair bandwidth sharing. However, a receiver has incentives to elicit self-bene cial bandwidth allocations and hence may manipulate its congestion control protocol. Whereas the issue of receiver misbehavior has been studied for unicast congestion control, the impact of receiver misbehavior in multicast remains unexplored. In this paper, we examine the problem of fair congestion control in distrusted multicast environments. We classify standard mechanisms for multicast congestion control and determine their potential vulnerabilities to receiver misbehavior. Our evaluation of prominent multicast protocols shows that each of them is susceptible to attacks by a misbehaving receiver

Safety and Reliability - Safe Societies in a Changing World

The contributions cover a wide range of methodologies and application areas for safety and reliability that contribute to safe societies in a changing world. These methodologies and applications include: - foundations of risk and reliability assessment and management - mathematical methods in reliability and safety - risk assessment - risk management - system reliability - uncertainty analysis - digitalization and big data - prognostics and system health management - occupational safety - accident and incident modeling - maintenance modeling and applications - simulation for safety and reliability analysis - dynamic risk and barrier management - organizational factors and safety culture - human factors and human reliability - resilience engineering - structural reliability - natural hazards - security - economic analysis in risk managemen