172 research outputs found
Group Rekeying Schemes for Secure Group Communication in Wireless Sensor Networks
Wireless sensor networks are promising solutions for many applications. However, wireless sensor nodes suffer from many constraints such as low computation capability, small memory, limited energy resources, and so on. Grouping is an important technique to localize computation and reduce communication overhead in wireless sensor networks. In this paper, we use grouping to refer to the process of combining a set of sensor nodes with similar properties. We propose two centralized group rekeying (CGK) schemes for secure group communication in sensor networks. The lifetime of a group is divided into three phases, i.e., group formation, group maintenance, and group dissolution. We demonstrate how to set up the group and establish the group key in each phase. Our analysis shows that the proposed two schemes are computationally efficient and secure
BOOM: Broadcast Optimizations for On-chip Meshes
Future many-core chips will require an on-chip network that can support broadcasts and multicasts at good power-performance. A vanilla on-chip network would send multiple unicast packets for each broadcast packet, resulting in latency, throughput and power overheads. Recent research in on-chip multicast support has proposed forking of broadcast/multicast packets within the network at the router buffers, but these techniques are far from ideal, since they increase buffer occupancy which lowers throughput, and packets incur delay and power penalties at each router. In this work, we analyze an ideal broadcast mesh; show the substantial gaps between state-of-the-art multicast NoCs and the ideal; then propose BOOM, which comprises a WHIRL routing protocol that ideally load balances broadcast traffic, a mXbar multicast crossbar circuit that enables multicast traversal at similar energy-delay as unicasts, and speculative bypassing of buffering for multicast flits. Together, they enable broadcast packets to approach the delay, energy, and throughput of the ideal fabric. Our simulations show BOOM realizing an average network latency that is 5% off ideal, attaining 96% of ideal throughput, with energy consumption that is 9% above ideal. Evaluations using synthetic traffic show BOOM achieving a latency reduction of 61%, throughput improvement of 63%, and buffer power reduction of 80% as compared to a baseline broadcast. Simulations with PARSEC benchmarks show BOOM reducing average request and network latency by 40% and 15% respectively
One Video Stream to Serve Diverse Receivers
The fundamental problem of wireless video multicast is to scalably serve multiple receivers which may have very different channel characteristics. Ideally, one would like to broadcast a single stream that allows each receiver to benefit from all correctly received bits to improve its video quality. We introduce Digital Rain, a new approach to wireless video multicast that adapts to channel characteristics without any need for receiver feedback or variable codec rates. Users that capture more packets or have fewer bit errors naturally see higher video quality. Digital Rain departs from current approaches in two ways: 1) It allows a receiver to exploit video packets that may contain bit errors; 2) It builds on the theory of compressed sensing to develop robust video encoding and decoding algorithms that degrade smoothly with bit errors and packet loss. Implementation results from an indoor wireless testbed show that Digital Rain significantly improves the received video quality and the number of supported receivers
Graph Pattern Matching on Symmetric Multiprocessor Systems
Graph-structured data can be found in nearly every aspect of today's world, be it road networks, social networks or the internet itself.
From a processing perspective, finding comprehensive patterns in graph-structured data is a core processing primitive in a variety of applications, such as fraud detection, biological engineering or social graph analytics.
On the hardware side, multiprocessor systems, that consist of multiple processors in a single scale-up server, are the next important wave on top of multi-core systems.
In particular, symmetric multiprocessor systems (SMP) are characterized by the fact, that each processor has the same architecture, e.g. every processor is a multi-core and all multiprocessors share a common and huge main memory space.
Moreover, large SMPs will feature a non-uniform memory access (NUMA), whose impact on the design of efficient data processing concepts should not be neglected.
The efficient usage of SMP systems, that still increase in size, is an interesting and ongoing research topic.
Current state-of-the-art architectural design principles provide different and in parts disjunct suggestions on which data should be partitioned and or how intra-process communication should be realized.
In this thesis, we propose a new synthesis of four of the most well-known principles Shared Everything, Partition Serial Execution, Data Oriented Architecture and Delegation, to create the NORAD architecture, which stands for NUMA-aware DORA with Delegation.
We built our research prototype called NeMeSys on top of the NORAD architecture to fully exploit the provided hardware capacities of SMPs for graph pattern matching.
Being an in-memory engine, NeMeSys allows for online data ingestion as well as online query generation and processing through a terminal based user interface.
Storing a graph on a NUMA system inherently requires data partitioning to cope with the mentioned NUMA effect.
Hence, we need to dissect the graph into a disjunct set of partitions, which can then be stored on the individual memory domains.
This thesis analyzes the capabilites of the NORAD architecture, to perform scalable graph pattern matching on SMP systems.
To increase the systems performance, we further develop, integrate and evaluate suitable optimization techniques.
That is, we investigate the influence of the inherent data partitioning, the interplay of messaging with and without sufficient locality information and the actual partition placement on any NUMA socket in the system.
To underline the applicability of our approach, we evaluate NeMeSys against synthetic datasets and perform an end-to-end evaluation of the whole system stack on the real world knowledge graph of Wikidata
Secure Routing in Wireless Mesh Networks
Wireless mesh networks (WMNs) have emerged as a promising concept to meet the
challenges in next-generation networks such as providing flexible, adaptive,
and reconfigurable architecture while offering cost-effective solutions to the
service providers. Unlike traditional Wi-Fi networks, with each access point
(AP) connected to the wired network, in WMNs only a subset of the APs are
required to be connected to the wired network. The APs that are connected to
the wired network are called the Internet gateways (IGWs), while the APs that
do not have wired connections are called the mesh routers (MRs). The MRs are
connected to the IGWs using multi-hop communication. The IGWs provide access to
conventional clients and interconnect ad hoc, sensor, cellular, and other
networks to the Internet. However, most of the existing routing protocols for
WMNs are extensions of protocols originally designed for mobile ad hoc networks
(MANETs) and thus they perform sub-optimally. Moreover, most routing protocols
for WMNs are designed without security issues in mind, where the nodes are all
assumed to be honest. In practical deployment scenarios, this assumption does
not hold. This chapter provides a comprehensive overview of security issues in
WMNs and then particularly focuses on secure routing in these networks. First,
it identifies security vulnerabilities in the medium access control (MAC) and
the network layers. Various possibilities of compromising data confidentiality,
data integrity, replay attacks and offline cryptanalysis are also discussed.
Then various types of attacks in the MAC and the network layers are discussed.
After enumerating the various types of attacks on the MAC and the network
layer, the chapter briefly discusses on some of the preventive mechanisms for
these attacks.Comment: 44 pages, 17 figures, 5 table
Group Rekeying Schemes for Secure Group Communication in Wireless Sensor Networks
Wireless sensor networks are promising solutions for many applications. However, wireless sensor nodes suffer from many constraints such as low computation capability, small memory, limited energy resources, and so on. Grouping is an important technique to localize computation and reduce communication overhead in wireless sensor networks. In this paper, we use grouping to refer to the process of combining a set of sensor nodes with similar properties. We propose two centralized group rekeying (CGK) schemes for secure group communication in sensor networks. The lifetime of a group is divided into three phases, i.e., group formation, group maintenance, and group dissolution. We demonstrate how to set up the group and establish the group key in each phase. Our analysis shows that the proposed two schemes are computationally efficient and secure
Signal Alignment: Enabling Physical Layer Network Coding for MIMO Networking
published_or_final_versio
Discovery and Group Communication for Constrained Internet of Things Devices using the Constrained Application Protocol
The ubiquitous Internet is rapidly spreading to new domains. This expansion of
the Internet is comparable in scale to the spread of the Internet in the ’90s. The
resulting Internet is now commonly referred to as the Internet of Things (IoT) and
is expected to connect about 50 billion devices by the year 2020. This means that
in just five years from the time of writing this PhD the number of interconnected
devices will exceed the number of humans by sevenfold. It is further expected that
the majority of these IoT devices will be resource constrained embedded devices
such as sensors and actuators. Sensors collect information about the physical world
and inject this information into the virtual world. Next processing and reasoning
can occur and decisions can be taken to enact upon the physical world by injecting
feedback to actuators.
The integration of embedded devices into the Internet introduces new challenges,
since many of the existing Internet technologies and protocols were not
designed for this class of constrained devices. These devices are typically optimized
for low cost and power consumption and thus have very limited power,
memory, and processing resources and have long sleep periods. The networks
formed by these embedded devices are also constrained and have different characteristics
than those typical in todays Internet. These constrained networks have
high packet loss, low throughput, frequent topology changes and small useful payload
sizes. They are referred to as LLN. Therefore, it is in most cases unfeasible to
run standard Internet protocols on this class of constrained devices and/or LLNs.
New or adapted protocols that take into consideration the capabilities of the constrained
devices and the characteristics of LLNs, are required.
In the past few years, there were many efforts to enable the extension of the
Internet technologies to constrained devices. Initially, most of these efforts were
focusing on the networking layer. However, the expansion of the Internet in the
90s was not due to introducing new or better networking protocols. It was a result
of introducing the World Wide Web (WWW), which made it easy to integrate services
and applications. One of the essential technologies underpinning the WWW
was the Hypertext Transfer Protocol (HTTP). Today, HTTP has become a key
protocol in the realization of scalable web services building around the Representational
State Transfer (REST) paradigm. The REST architectural style enables
the realization of scalable and well-performing services using uniform and simple
interfaces. The availability of an embedded counterpart of HTTP and the REST
architecture could boost the uptake of the IoT.
Therefore, more recently, work started to allow the integration of constrained
devices in the Internet at the service level. The Internet Engineering Task Force
(IETF) Constrained RESTful Environments (CoRE) working group has realized
the REST architecture in a suitable form for the most constrained nodes and networks.
To that end the Constrained Application Protocol (CoAP) was introduced,
a specialized RESTful web transfer protocol for use with constrained networks and
nodes. CoAP realizes a subset of the REST mechanisms offered by HTTP, but is
optimized for Machine-to-Machine (M2M) applications.
This PhD research builds upon CoAP to enable a better integration of constrained
devices in the IoT and examines proposed CoAP solutions theoretically
and experimentally proposing alternatives when appropriate. The first part of this
PhD proposes a mechanism that facilitates the deployment of sensor networks
and enables the discovery, end-to-end connectivity and service usage of newly
deployed sensor nodes. The proposed approach makes use of CoAP and combines
it with Domain Name System (DNS) in order to enable the use of userfriendly
Fully Qualified Domain Names (FQDNs) for addressing sensor nodes. It
includes the automatic discovery of sensors and sensor gateways and the translation
of HTTP to CoAP, thus making the sensor resources globally discoverable and
accessible from any Internet-connected client using either IPv6 addresses or DNS
names both via HTTP or CoAP. As such, the proposed approach provides a feasible
and flexible solution to achieve hierarchical self-organization with a minimum
of pre-configuration. By doing so we minimize costly human interventions and
eliminate the need for introducing new protocols dedicated for the discovery and
organization of resources. This reduces both cost and the implementation footprint
on the constrained devices.
The second, larger, part of this PhD focuses on using CoAP to realize communication
with groups of resources. In many IoT application domains, sensors
or actuators need to be addressed as groups rather than individually, since individual
resources might not be sufficient or useful. A simple example is that all
lights in a room should go on or off as a result of the user toggling the light switch.
As not all IoT applications may need group communication, the CoRE working
group did not include it in the base CoAP specification. This way the base protocol
is kept as efficient and as simple as possible so it would run on even the most
constrained devices. Group communication and other features that might not be
needed by all devices are standardized in a set of optional separate extensions. We
first examined the proposed CoAP extension for group communication, which utilizes
Internet Protocol version 6 (IPv6) multicasts. We highlight its strengths and
weaknesses and propose our own complementary solution that uses unicast to realize
group communication. Our solution offers capabilities beyond simple group
communication. For example, we provide a validation mechanism that performs
several checks on the group members, to make sure that combining them together
is possible. We also allow the client to request that results of the individual members
are processed before they are sent to the client. For example, the client can
request to obtain only the maximum value of all individual members.
Another important optional extension to CoAP allows clients to continuously
observe resources by registering their interest in receiving notifications from CoAP
servers once there are changes to the values of the observed resources. By using
this publish/subscribe mechanism the client does not need to continuously poll the
resource to find out whether it has changed its value. This typically leads to more
efficient communication patterns that preserve valuable device and LLN resources.
Unfortunately CoAP observe does not work together with the CoAP group communication
extension, since the observe extension assumes unicast communication
while the group communication extension only support multicast communication.
In this PhD we propose to extend our own group communication solution to offer
group observation capabilities. By combining group observation with group
processing features, it becomes possible to notify the client only about certain
changes to the observed group (e.g., the maximum value of all group members has
changed).
Acknowledging that the use of multicast as well as unicast has strengths and
weaknesses we propose to extend our unicast based solution with certain multicast
features. By doing so we try to combine the strengths of both approaches to obtain
a better overall group communication that is flexible and that can be tailored
according to the use case needs.
Together, the proposed mechanisms represent a powerful and comprehensive
solution to the challenging problem of group communication with constrained devices.
We have evaluated the solutions proposed in this PhD extensively and in
a variety of forms. Where possible, we have derived theoretical models and have
conducted numerous simulations to validate them. We have also experimentally
evaluated those solutions and compared them with other proposed solutions using
a small demo box and later on two large scale wireless sensor testbeds and under
different test conditions. The first testbed is located in a large, shielded room,
which allows testing under controlled environments. The second testbed is located
inside an operational office building and thus allows testing under normal operation
conditions. Those tests revealed performance issues and some other problems.
We have provided some solutions and suggestions for tackling those problems.
Apart from the main contributions, two other relevant outcomes of this PhD are
described in the appendices. In the first appendix we review the most important
IETF standardization efforts related to the IoT and show that with the introduction
of CoAP a complete set of standard protocols has become available to cover the
complete networking stack and thus making the step from the IoT into the Web
of Things (WoT). Using only standard protocols makes it possible to integrate
devices from various vendors into one bigWoT accessible to humans and machines
alike.
In the second appendix, we provide an alternative solution for grouping constrained
devices by using virtualization techniques. Our approach focuses on the
objects, both resource-constrained and non-constrained, that need to cooperate
by integrating them into a secured virtual network, named an Internet of Things
Virtual Network or IoT-VN. Inside this IoT-VN full end-to-end communication
can take place through the use of protocols that take the limitations of the most
resource-constrained devices into account. We describe how this concept maps to
several generic use cases and, as such, can constitute a valid alternative approach
for supporting selected applications
- …