On the handover security key update and residence management in LTE networks

In LTE networks, key update and residence management have been investigated as an effective solution to cope with desynchronization attacks in mobility management entity (MME) handovers. In this paper, we first analyse the impacts of the key update interval (KUI) and MME residence interval (MRI) on the handover performance in terms of the number of exposed packets (NEP) and signaling overhead rate (SOR). By deriving the bounds of the NEP and SOR over the KUI and MRI, it is shown that there exists a tradeoff between the NEP and the SOR, while our aim is to minimise both of them simultaneously. This accordingly motivates us to propose a multiobjective optimisation problem to find the optimal KUI and MRI that minimise both the NEP and SOR. By introducing a relative importance factor between the SOR and NEP along with their derived bounds, we further transform the proposed optimisation problem into a single-objective optimisation problem which can be solved via a simple numerical method. In particular, the results show that a higher accuracy of up to 1 second is achieved with the proposed approach while requiring a lower complexity compared to the conventional approach employing iterative searches

Impacts of S1 and X2 Interfaces on eMBMS Handover Failure: Solution and Performance Analysis

In evolved Multimedia Broadcast/Multicast Service (eMBMS), service continuity enables users move from one cell to another without interrupting eMBMS service. Unlike traditional handover in unicast transmission, a UE can receive eMBMS service in either unicast or multicast mode. In this paper, we point out a new handover failure problem in eMBMS due to the miss of rekeying information. We first take a close look at the new handover scenarios. We then investigate the problem by using comprehensive mathematical models. Our models provide insights on the new handover problem and introduce theoretical guidelines for mobile operators to design and optimize their networks without wide deployment to save cost and time. Moreover, we propose a solution to combat against the handover failure. Both the simulation and analytical results demonstrate that the impacts of the eMBMS handover failure are reduced significantly. In this paper, we present a systematic way to investigate the handover failure problem in eMBMS

Enhancing security of MME handover via fractional programming and Firefly algorithm

Key update and residence management have been investigated as an effective solution to cope with desynchronisation attacks in Mobility Management Entity (MME) handovers. In this paper, we first analyse the impacts of the Key Update Interval (KUI) and MME Residence Interval (MRI) on handover processes and their secrecy performance in terms of the Number of Exposed Packets (NEP), Signaling Overhead Rate (SOR) and Outage Probability of Vulnerability (OPV). Specifically, the bounds of the derived NEP and SOR not only capture their behaviours at the boundary of the KUI and MRI, but also show the trade-off between the NEP and SOR. Additionally, through the analysis of the OPV, it is shown that the handover security can be enhanced by shortening the KUI and the desynchonisation attacks can be avoided with high-mobility users. The above facts accordingly motivate us to propose a Multi- objective Optimisation (MO) problem to find the optimal KUI and MRI that minimise both the NEP and SOR subject to the constraint on the OPV. To this end, two scalarisation techniques are adopted to transform the proposed MO problem into single- objective optimisation problems, i.e., an achievement-function method via Fractional Programming (FP) and a weighted-sum method. Based on the derived bounds on NEP and SOR, the FP approach can be optimally solved via a simple numerical method. For the weighted-sum method, the Firefly Algorithm (FA) is utilised to find the optimal solution. The results show that both techniques can solve the proposed MO problem with a significantly reduced searching complexity compared to the conventional heuristic iterative search technique

Predictive and core-network efficient RRC signalling for active state handover in RANs with control/data separation

Frequent handovers (HOs) in dense small cell deployment scenarios could lead to a dramatic increase in signalling overhead. This suggests a paradigm shift towards a signalling conscious cellular architecture with intelligent mobility management. In this direction, a futuristic radio access network with a logical separation between control and data planes has been proposed in research community. It aims to overcome limitations of the conventional architecture by providing high data rate services under the umbrella of a coverage layer in a dual connection mode. This approach enables signalling efficient HO procedures, since the control plane remains unchanged when the users move within the footprint of the same umbrella. Considering this configuration, we propose a core-network efficient radio resource control (RRC) signalling scheme for active state HO and develop an analytical framework to evaluate its signalling load as a function of network density, user mobility and session characteristics. In addition, we propose an intelligent HO prediction scheme with advance resource preparation in order to minimise the HO signalling latency. Numerical and simulation results show promising gains in terms of reduction in HO latency and signalling load as compared with conventional approaches

Achieve Secure Handover Session Key Management via Mobile Relay in LTE-Advanced Networks

Internet of Things is increasing the network by group action immense quantity of close objects which needs the secure and reliable transmission of the high volume knowledge generation, and also the mobile relay technique is one among the economical ways in which to satisfy the on-board knowledge explosion in LTE-Advanced (LTE-A) networks. However, the observe of the mobile relay can cause potential threats to the knowledge security throughout the relinquishing method. Therefore, to handle this challenge, during this paper, we have a tendency to propose a secure relinquishing session key management theme via mobile relay in LTE-A networks. Specifically, within the planned theme, to realize forward and backward key separations, the session key shared between the on-board user instrumentality (UE) and also the connected donor evolved node B (DeNB) is initial generated by the on-board UE then firmly distributed to the DeNB. moreover, to cut back the communication overhead and also the process complexness, a unique proxy re-encryption technique is used, wherever the session keys at the start encrypted with the general public key of the quality management entity (MME) are going to be re-encrypted by a mobile relay node (MRN), so alternative DeNB will later rewrite the session keys with their own non-public keys whereas while not the direct involvement of the MME. elaborated security analysis shows that the planned theme will with success establish session keys between the on-board UEs and their connected DeNB, achieving backward and forward key separations, and resisting against the collusion between the MRN and also the DeNB because the same time. Additionally, performance evaluations via in depth simulations area unit applied to demonstrate the potency and effectiveness of the planned theme

Software-defined Networking enabled Resource Management and Security Provisioning in 5G Heterogeneous Networks

Due to the explosive growth of mobile data traffic and the shortage of spectral resources, 5G networks are envisioned to have a densified heterogeneous network (HetNet) architecture, combining multiple radio access technologies (multi-RATs) into a single holistic network. The co-existing of multi-tier architectures bring new challenges, especially on resource management and security provisioning, due to the lack of common interface and consistent policy across HetNets. In this thesis, we aim to address the technical challenges of data traffic management, coordinated spectrum sharing and security provisioning in 5G HetNets through the introduction of a programmable management platform based on Software-defined networking (SDN). To address the spectrum shortage problem in cellular networks, cellular data traffic is efficiently offloaded to the Wi-Fi network, and the quality of service of user applications is guaranteed with the proposed delay tolerance based partial data offloading algorithm. A two-layered information collection is also applied to best load balancing decision-making. Numerical results show that the proposed schemes exploit an SDN controller\u27s global view of the HetNets and take optimized resource allocation decisions. To support growing vehicle-generated data traffic in 5G-vehicle ad hoc networks (VANET), SDN-enabled adaptive vehicle clustering algorithm is proposed based on the real-time road traffic condition collected from HetNet infrastructure. Traffic offloading is achieved within each cluster and dynamic beamformed transmission is also applied to improve trunk link communication quality. To further achieve a coordinated spectrum sharing across HetNets, an SDN enabled orchestrated spectrum sharing scheme that integrates participating HetNets into an amalgamated network through a common configuration interface and real-time information exchange is proposed. In order to effectively protect incumbent users, a real-time 3D interference map is developed to guide the spectrum access based on the SDN global view. MATLAB simulations confirm that average interference at incumbents is reduced as well as the average number of denied access. Moreover, to tackle the contradiction between more stringent latency requirement of 5G and the potential delay induced by frequent authentications in 5G small cells and HetNets, an SDN-enabled fast authentication scheme is proposed in this thesis to simplify authentication handover, through sharing of user-dependent secure context information (SCI) among related access points. The proposed SCI is a weighted combination of user-specific attributes, which provides unique fingerprint of the specific device without additional hardware and computation cost. Numerical results show that the proposed non-cryptographic authentication scheme achieves comparable security with traditional cryptographic algorithms, while reduces authentication complexity and latency especially when network load is high

Mobility management: deployment and adaptability aspects through mobile data traffic analysis

The expected boost in mobile data traffic and the evolution towards the next generation of networks are making cellular operators reconsider whether current approaches for handling mobility could be improved, according to the characteristics of the mobile traffic that actually flows through real networks. In this work, we make use of extensive analysis of real network traces to infer the main characteristics of mobile data traffic for a particular operator. Our analysis focuses on the features related to mobility, i.e., location information, number of handovers, or duration of the data traffic exchange. New techniques to gather the mobility characteristics of the user based on data and control packets correlation are designed and applied to compare the gains of deploying different mobility management approaches.The research leading to these results has received funding from the EU Seventh Framework Programme (FP7/2007-2013) under grant agreement 318115 (Connectivity management for eneRgy Op- timised Wireless Dense networks, CROWD). The work of Antonio de la Oliva has also been funded by the EU H2020 5G-Crosshaul Project (grant no. 671598)

Enhancing security of MME handover via fractional programming and Firefly algorithm

Key update and residence management have been investigated as an effective solution to cope with desynchronisation attacks in Mobility Management Entity (MME) handovers. In this paper, we first analyse the impacts of the Key Update Interval (KUI) and MME Residence Interval (MRI) on handover processes and their secrecy performance in terms of the Number of Exposed Packets (NEP), Signaling Overhead Rate (SOR) and Outage Probability of Vulnerability (OPV). Specifically, the bounds of the derived NEP and SOR not only capture their behaviours at the boundary of the KUI and MRI, but also show the trade-off between the NEP and SOR. Additionally, through the analysis of the OPV, it is shown that the handover security can be enhanced by shortening the KUI and the desynchonisation attacks can be avoided with high-mobility users. The above facts accordingly motivate us to propose a Multi- objective Optimisation (MO) problem to find the optimal KUI and MRI that minimise both the NEP and SOR subject to the constraint on the OPV. To this end, two scalarisation techniques are adopted to transform the proposed MO problem into single- objective optimisation problems, i.e., an achievement-function method via Fractional Programming (FP) and a weighted-sum method. Based on the derived bounds on NEP and SOR, the FP approach can be optimally solved via a simple numerical method. For the weighted-sum method, the Firefly Algorithm (FA) is utilised to find the optimal solution. The results show that both techniques can solve the proposed MO problem with a significantly reduced searching complexity compared to the conventional heuristic iterative search technique

Intelligent Reward based Data Offloading in Next Generation Vehicular Networks

A massive increase in the number of mobile devices and data hungry vehicular network applications creates a great challenge for Mobile Network Operators (MNOs) to handle huge data in cellular infrastructure. However, due to fluctuating wireless channels and high mobility of vehicular users, it is even more challenging for MNOs to deal with vehicular users within a licensed cellular spectrum. Data offloading in vehicular environment plays a significant role in offloading the vehicle s data traffic from congested cellular network s licensed spectrum to the free unlicensed WiFi spectrum with the help of Road Side Units (RSUs). In this paper, an Intelligent Reward based Data Offloading in Next Generation Vehicular Networks (IR-DON) architecture is proposed for dynamic optimization of data traffic and selection of intelligent RSU. Within IR-DON architecture, an Intelligent Access Network Discovery and Selection Function (I-ANDSF) module with Q-Learning, a reinforcement learning algorithm is designed. I-ANDSF is modeled under Software-Defined Network (SDN) controller to solve the dynamic optimization problem by performing an efficient offloading. This increases the overall system throughput by choosing an optimal and intelligent RSU in the network selection process. Simulation results have shown the accurate network traffic classification, optimal network selection, guaranteed QoS, reduced delay and higher throughput achieved by the I-ANDSF module

Analytic Evaluation and Experimental Validation of a Network-Based IPv6 Distributed Mobility Management Solution

Mobile Internet traffic is growing steeply, mainly due to the deployment of new broadband wireless technologies and the ever increasing connectivity demand coming from new services being available to mobile users. Current mobile network architectures rely on centralized mobility protocols which intrinsically pose enormous burdens on the central anchors, both in terms of connectivity needs and user mobility management. In order to face these issues, a new paradigm, called Distributed Mobility Management, is being explored, based on flattening the network architecture by deploying multiple mobility anchors at the edge of the network. In this article we conduct an analytic and experimental evaluation of a network-based IP distributed mobility management solution that leverages Proxy Mobile IPv6 protocol operations. We develop an analytic model of the signaling and packet delivery costs, as well as the handover latency of both Proxy Mobile IPv6 and our distributed solution. We have also implemented a Linux-based prototype of our proposal, which has been used to experimentally assess the handover latency in a real IEEE 802.11 scenario. Finally, we use the results obtained from the analytic and experimental performance to evaluate the benefits that could be achieved by deploying a distributed mobility management solution.The research leading to these results has received funding from the European Community's Seventh Framework Program FP7/2007-2013 under grant agreement 317941-project iJOIN. The European Union and its agencies are not liable or otherwise responsible for the contents of this document; its content reflects the view of its authors only. The research of Antonio de la Oliva has also been partially funded from the Spanish Government, MICINN, under research Grant TIN2010-20136-C03Publicad