Wisent: Robust Downstream Communication and Storage for Computational RFIDs

Computational RFID (CRFID) devices are emerging platforms that can enable perennial computation and sensing by eliminating the need for batteries. Although much research has been devoted to improving upstream (CRFID to RFID reader) communication rates, the opposite direction has so far been neglected, presumably due to the difficulty of guaranteeing fast and error-free transfer amidst frequent power interruptions of CRFID. With growing interest in the market where CRFIDs are forever-embedded in many structures, it is necessary for this void to be filled. Therefore, we propose Wisent-a robust downstream communication protocol for CRFIDs that operates on top of the legacy UHF RFID communication protocol: EPC C1G2. The novelty of Wisent is its ability to adaptively change the frame length sent by the reader, based on the length throttling mechanism, to minimize the transfer times at varying channel conditions. We present an implementation of Wisent for the WISP 5 and an off-the-shelf RFID reader. Our experiments show that Wisent allows transfer up to 16 times faster than a baseline, non-adaptive shortest frame case, i.e. single word length, at sub-meter distance. As a case study, we show how Wisent enables wireless CRFID reprogramming, demonstrating the world's first wirelessly reprogrammable (software defined) CRFID.Comment: Accepted for Publication to IEEE INFOCOM 201

OSCAR: A Collaborative Bandwidth Aggregation System

The exponential increase in mobile data demand, coupled with growing user expectation to be connected in all places at all times, have introduced novel challenges for researchers to address. Fortunately, the wide spread deployment of various network technologies and the increased adoption of multi-interface enabled devices have enabled researchers to develop solutions for those challenges. Such solutions aim to exploit available interfaces on such devices in both solitary and collaborative forms. These solutions, however, have faced a steep deployment barrier. In this paper, we present OSCAR, a multi-objective, incentive-based, collaborative, and deployable bandwidth aggregation system. We present the OSCAR architecture that does not introduce any intermediate hardware nor require changes to current applications or legacy servers. The OSCAR architecture is designed to automatically estimate the system's context, dynamically schedule various connections and/or packets to different interfaces, be backwards compatible with the current Internet architecture, and provide the user with incentives for collaboration. We also formulate the OSCAR scheduler as a multi-objective, multi-modal scheduler that maximizes system throughput while minimizing energy consumption or financial cost. We evaluate OSCAR via implementation on Linux, as well as via simulation, and compare our results to the current optimal achievable throughput, cost, and energy consumption. Our evaluation shows that, in the throughput maximization mode, we provide up to 150% enhancement in throughput compared to current operating systems, without any changes to legacy servers. Moreover, this performance gain further increases with the availability of connection resume-supporting, or OSCAR-enabled servers, reaching the maximum achievable upper-bound throughput

The Role of Quantum Cryptography under Distributed Protocols for Secured Communication in Ad Hoc Networks

Most of the cryptographic methods employed so far has been using symmetric and asymmetric cryptography, and had involved cryptographic keys extensively. Usually it is observed that many of the cryptographic algorithms are infeasible as the key distribution system is feeble. As an emerging approach Ad Hoc networks is subjected to Quantum cryptography concept or quantum key distribution in distributed environment and has drawn a good attention as an appropriate solution to the Key Distribution issue. QKD extends unconditional secured inter-communication by means of quantum mechanics. The paper focuses on quantum theory as a substitute to conventional key distribution protocols and a comprehensive narration is offered illustrating implementations of quantum key distribution protocols. This paper depicts quantum key distribution protocols (QKDP) to preserve safety in large and Ad hoc networks, guiding towards novel direction. It is aimed to narrate the efficiency of communication in terms of effort, security, suitability and confidentiality by the use of QKDPs

Defending against Sybil Devices in Crowdsourced Mapping Services

Real-time crowdsourced maps such as Waze provide timely updates on traffic, congestion, accidents and points of interest. In this paper, we demonstrate how lack of strong location authentication allows creation of software-based {\em Sybil devices} that expose crowdsourced map systems to a variety of security and privacy attacks. Our experiments show that a single Sybil device with limited resources can cause havoc on Waze, reporting false congestion and accidents and automatically rerouting user traffic. More importantly, we describe techniques to generate Sybil devices at scale, creating armies of virtual vehicles capable of remotely tracking precise movements for large user populations while avoiding detection. We propose a new approach to defend against Sybil devices based on {\em co-location edges}, authenticated records that attest to the one-time physical co-location of a pair of devices. Over time, co-location edges combine to form large {\em proximity graphs} that attest to physical interactions between devices, allowing scalable detection of virtual vehicles. We demonstrate the efficacy of this approach using large-scale simulations, and discuss how they can be used to dramatically reduce the impact of attacks against crowdsourced mapping services.Comment: Measure and integratio

Evaluation of on-demand routing in mobile ad hoc networks and proposal for a secure routing protocol

Secure routing Mobile Ad hoc Networks (MANETs) has emerged as an important MANET research area. Initial work in MANET focused mainly on the problem of providing efficient mechanisms for finding paths in very dynamic networks, without considering the security of the routing process. Because of this, a number of attacks exploit these routing vulnerabilities to manipulate MANETs. In this thesis, we performed an in-depth evaluation and performance analysis of existing MANET Routing protocols, identifying Dynamic Source Routing (DSR) as the most robust (based on throughput, latency and routing overhead) which can be secured with negligible routing efficiency trade-off. We describe security threats, specifically showing their effects on DSR. We proposed a new routing protocol, named Authenticated Source Routing for Ad hoc Networks (ASRAN) which is an out-of-band certification-based, authenticated source routing protocol with modifications to the route acquisition process of DSR to defeat all identified attacks. Simulation studies confirm that ASRAN has a good trade-off balance in reference to the addition of security and routing efficiency

Pervasive Secure Content Delivery Networks Implementation

Over the years, communication networks have been shifting their focus from providing connectivity in a client/server model to providing a service or content. This shift has led to topic areas like Service-Oriented Architecture (SOA), Heterogeneous Wireless Mesh Networks, and Ubiquitous Computing. Furthermore, probably the broadest of these areas which embarks all is the Internet of Things (IoT). The IoT is defined as an Internet where all physical entities (e.g., vehicles, appliances, smart phones, smart homes, computers, etc.), which we interact daily are connected and exchanging data among themselves and users. The IoT has become a global goal for companies, researchers, and users alike due to its different implementation and functional benefits: performance efficiency, coverage, economic and health. Due to the variety of devices which connect to it, it is expected that the IoT is composed of multiple technologies interacting together, to deliver a service. This technologies interactions renders an important challenge that must be overcome: how to communicate these technologies effectively and securely? The answer to this question is vital for a successful deployment of IoT and achievement of all the potential benefits that the IoT promises. This thesis proposes a SOA approach at the Network Layer to be able to integrate all technologies involved, in a transparent manner. The proposed set of solutions is composed of primarily the secure implementation of a unifying routing algorithm and a layered messaging model to standardize communication of all devices. Security is targeted to address the three main security concerns (i.e., confidentiality, integrity, and availability), with pervasive schemes that can be employed for any kind of device on the client, backbone, and server side. The implementation of such schemes is achieved by standard current security mechanisms (e.g., encryption), in combination with novel context and intelligent checks that detect compromised devices. Moreover, a decentralized content processing design is presented. In such design, content processing is handled at the client side, allowing server machines to serve more content, while being more reliable and capable of processing complete security checks on data and client integrity

Mobile Ad-Hoc Networks

Being infrastructure-less and without central administration control, wireless ad-hoc networking is playing a more and more important role in extending the coverage of traditional wireless infrastructure (cellular networks, wireless LAN, etc). This book includes state-of-the-art techniques and solutions for wireless ad-hoc networks. It focuses on the following topics in ad-hoc networks: quality-of-service and video communication, routing protocol and cross-layer design. A few interesting problems about security and delay-tolerant networks are also discussed. This book is targeted to provide network engineers and researchers with design guidelines for large scale wireless ad hoc networks

A real time demonstrative analysis of lightweight payload encryption in resource constrained devices based on mqtt

06.03.2018 tarihli ve 30352 sayılı Resmi Gazetede yayımlanan “Yükseköğretim Kanunu İle Bazı Kanun Ve Kanun Hükmünde Kararnamelerde Değişiklik Yapılması Hakkında Kanun” ile 18.06.2018 tarihli “Lisansüstü Tezlerin Elektronik Ortamda Toplanması, Düzenlenmesi ve Erişime Açılmasına İlişkin Yönerge” gereğince tam metin erişime açılmıştır.Kısıtlı cihazların kaynakları, yani bellek (ROM ve RAM), CPU ve pil ömrü (varsa) sınırlıdır. Genellikle, veri toplayan sensörler, makinadan makineye (M2M) veya servisleri ve elektrikli ev aletlerini kontrol eden akıllı cihazlar için puanlar. Bu tür aygıtlar bir ağa bağlandığında "nesnelerin Internet'i" nin (IoT) bir parçasını oluştururlar. Message Queue Telemetry Transport (yani MQTT), hafif, açık, basit, istemci-sunucu yayın/abone mesajlaşma taşıma protokolüdür. Güvenilir iletişim için üç Hizmet Kalitesi (QoS) seviyesini destekleyen çoğu kaynak kısıtlamalı IoT cihazı için kullanışlıdır ve verimlidir. Cihazdan Cihaza (D2D) ve nesnelerin Internet'i (IoT) bağlamları gibi kısıtlı ortamlarda iletişim için gerekli olan bir protokoldür. MQTT protokolü, güvenli soket katmanı (SSL) sertifikalarına dayalı taşıma katmanı güvenliği (TLS) dışında somut güvenlik mekanizmalarından yoksundur. Bununla birlikte, bu güvenlik protokollerinin en hafif değildir ve özellikle kısıtlı cihazlar için ağ yüklerini artırır. IoT cihazlarının yaklaşık %70'inde özellikle de istemci tarafında veri şifrelemesi yoktur ve TLS için mükemmel bir alternatif olabilir. Bu tezde, farklı Hizmet Kalitesi (QoS) ve veri yüklerin değişken boyutu için kısıtlı bir cihaz üzerinde MQTT protokolünün ağ performansı üzerindeki etkisini göstermek için bir deney düzeneği tasarlanmıştır. Bu çalışmanın yeni kısmı, yüklerin istemci tarafında şifrelenmesini ve ağ performansı üzerindeki etkisini kapsıyor. Denemelerde, verilere 128-bits ileileri şifreleme standardı (AES) hafif bir şifreleme uygulanmıştır. Mesajlar, farklı yük boyutlarına dayanan bir komisyoncu sunucusu aracılığıyla gerçek kablolu alt uçtakı yayıncılık istemcisi ve düşük uçtakı abone istemcisi üzerinden MQTT'deki üç farklı QoS seviyesini kullanarak aktarılır. Paketler, şifreleme ve şifre çözme işlem süresinin ölçülmesiyle birlikte uçtan uca gecikme, verimlilik ve mesaj kaybı analiz etmek için yakalanır. Deney sonuçlarına göre, şifrelenmemiş (şifresiz metin) yükün daha düşük bir ağ yük etkisine sahip olduğu ve bu nedenle, yüzde kaybı ve mesaj tesliminde, şifreli yüke göre MQTT'yi kullanarak nispeten daha iyi bir ağ performansı ürettiği sonucuna varılmıştır.Constrained devices are limited in resources namely, memory (ROM and RAM), CPU and battery life (if available). They are often used as sensors that collects data, machine to machine (M2M) or smart devices that control services and electrical appliances. When such devices are connected to a network they form what is called "things" and in a whole, they form part of the "Internet of Things" (IoT). Message Queue Telemetry Transport (MQTT) is a common light weight, open, simple, client-server publish/subscribe messaging transport protocol useful and efficient for most resource constrained IoT devices that supports three Quality of Service (QoS) levels for reliable communication. It is an essential protocol for communication in constrained environments such as Device to Device (D2D) and Internet of Things (IoT) contexts. MQTT protocol is devoid of concrete security mechanisms apart from Transport Layer Security (TLS) based on Secure Socket Layer (SSL) certificates. However, this is not the lightest of security protocols and increases network overheads especially for constrained devices. About 70 % of most ordinary IoT devices also lack data encryption especially at the client-end which could have been a perfect alternative for TLS. In this thesis, an experimental setup is designed to demonstrate the effect on network performance of MQTT protocol on a constrained device for different Quality of Service (QoS) and variable size of payloads. The novel part of this study covers client-side encryption of payloads and its effect over network performance. In the experiments, a lightweight encryption of 128-bits Advanced Encryption Standard (AES) is applied on the data. The messages are transferred using the three different QoS levels in MQTT over real wired low-end publish client and low-end subscriber client via a broker server based on different payload sizes. The packets are captured to analyze end-to-end latency, throughput and message loss along with the measurement of encryption and decryption processing time. According to the results of the experiment, it was concluded that, non-encrypted (plaintext) payload have a lower network load effect and hence produces a relatively better network performance using MQTT in terms of percentage loss and message delivery than the encrypted payload