Stuck in Traffic (SiT) Attacks: A Framework for Identifying Stealthy Attacks that Cause Traffic Congestion

Recent advances in wireless technologies have enabled many new applications in Intelligent Transportation Systems (ITS) such as collision avoidance, cooperative driving, congestion avoidance, and traffic optimization. Due to the vulnerable nature of wireless communication against interference and intentional jamming, ITS face new challenges to ensure the reliability and the safety of the overall system. In this paper, we expose a class of stealthy attacks -- Stuck in Traffic (SiT) attacks -- that aim to cause congestion by exploiting how drivers make decisions based on smart traffic signs. An attacker mounting a SiT attack solves a Markov Decision Process problem to find optimal/suboptimal attack policies in which he/she interferes with a well-chosen subset of signals that are based on the state of the system. We apply Approximate Policy Iteration (API) algorithms to derive potent attack policies. We evaluate their performance on a number of systems and compare them to other attack policies including random, myopic and DoS attack policies. The generated policies, albeit suboptimal, are shown to significantly outperform other attack policies as they maximize the expected cumulative reward from the standpoint of the attacker

EVEREST IST - 2002 - 00185 : D23 : final report

Deliverable públic del projecte europeu EVERESTThis deliverable constitutes the final report of the project IST-2002-001858 EVEREST. After its successful completion, the project presents this document that firstly summarizes the context, goal and the approach objective of the project. Then it presents a concise summary of the major goals and results, as well as highlights the most valuable lessons derived form the project work. A list of deliverables and publications is included in the annex.Postprint (published version

Resource management in IP-based radio access networks

IP is being considered to be used in the Radio Access Network (RAN) of UMTS. It is of paramount importance to be able to provide good QoS guarantees to real time services in such an IP-based RAN. QoS in IP networks is most efficiently provided with Differentiated services (Diffserv). However, currently Diffserv mainly specifies Per Hop Behaviors (PHB). Proper mechanisms for admission control and resource reservation have not yet been defined. A new resource management concept in the IP-based RAN is needed to offer QoS guarantees to real time services. We investigate the current Diffserv mechanisms and contribute to development of a new resource management protocol. We focus on the load control algorithm [9], which is an attempt to solve the problem of admission control and resource reservation in IP-based networks. In this document we present some load control issues and propose to enhance the load control protocol with the Measurement Based Admission Control (MBAC) concept. With this enhancement the traffic load in the IP-based RAN can be estimated, since the ingress router in the network path can be notified by marking packets with the resource state information. With this knowledge, the ingress router can perform admission control to keep the IP-based RAN stable with a high utilization even in overload situations

Final report on the evaluation of RRM/CRRM algorithms

Deliverable public del projecte EVERESTThis deliverable provides a definition and a complete evaluation of the RRM/CRRM algorithms selected in D11 and D15, and evolved and refined on an iterative process. The evaluation will be carried out by means of simulations using the simulators provided at D07, and D14.Preprin

Pre-Congestion Notification (PCN) Architecture

This document describes a general architecture for flow admission and termination based on pre-congestion information in order to protect the quality of service of established, inelastic flows within a single Diffserv domain.\u

Cross-layer design of multi-hop wireless networks

MULTI -hop wireless networks are usually defined as a collection of nodes equipped with radio transmitters, which not only have the capability to communicate each other in a multi-hop fashion, but also to route each others’ data packets. The distributed nature of such networks makes them suitable for a variety of applications where there are no assumed reliable central entities, or controllers, and may significantly improve the scalability issues of conventional single-hop wireless networks. This Ph.D. dissertation mainly investigates two aspects of the research issues related to the efficient multi-hop wireless networks design, namely: (a) network protocols and (b) network management, both in cross-layer design paradigms to ensure the notion of service quality, such as quality of service (QoS) in wireless mesh networks (WMNs) for backhaul applications and quality of information (QoI) in wireless sensor networks (WSNs) for sensing tasks. Throughout the presentation of this Ph.D. dissertation, different network settings are used as illustrative examples, however the proposed algorithms, methodologies, protocols, and models are not restricted in the considered networks, but rather have wide applicability. First, this dissertation proposes a cross-layer design framework integrating a distributed proportional-fair scheduler and a QoS routing algorithm, while using WMNs as an illustrative example. The proposed approach has significant performance gain compared with other network protocols. Second, this dissertation proposes a generic admission control methodology for any packet network, wired and wireless, by modeling the network as a black box, and using a generic mathematical 0. Abstract 3 function and Taylor expansion to capture the admission impact. Third, this dissertation further enhances the previous designs by proposing a negotiation process, to bridge the applications’ service quality demands and the resource management, while using WSNs as an illustrative example. This approach allows the negotiation among different service classes and WSN resource allocations to reach the optimal operational status. Finally, the guarantees of the service quality are extended to the environment of multiple, disconnected, mobile subnetworks, where the question of how to maintain communications using dynamically controlled, unmanned data ferries is investigated

Joint in-network video rate adaptation and measurement-based admission control: algorithm design and evaluation

The important new revenue opportunities that multimedia services offer to network and service providers come with important management challenges. For providers, it is important to control the video quality that is offered and perceived by the user, typically known as the quality of experience (QoE). Both admission control and scalable video coding techniques can control the QoE by blocking connections or adapting the video rate but influence each other's performance. In this article, we propose an in-network video rate adaptation mechanism that enables a provider to define a policy on how the video rate adaptation should be performed to maximize the provider's objective (e.g., a maximization of revenue or QoE). We discuss the need for a close interaction of the video rate adaptation algorithm with a measurement based admission control system, allowing to effectively orchestrate both algorithms and timely switch from video rate adaptation to the blocking of connections. We propose two different rate adaptation decision algorithms that calculate which videos need to be adapted: an optimal one in terms of the provider's policy and a heuristic based on the utility of each connection. Through an extensive performance evaluation, we show the impact of both algorithms on the rate adaptation, network utilisation and the stability of the video rate adaptation. We show that both algorithms outperform other configurations with at least 10 %. Moreover, we show that the proposed heuristic is about 500 times faster than the optimal algorithm and experiences only a performance drop of approximately 2 %, given the investigated video delivery scenario

Spare capacity modelling and its applications in survivable iP-over-optical networks

As the interest in IP-over-optical networks are becoming the preferred core network architecture, survivability has emerged as a major concern for network service providers; a result of the potentially huge traffic volumes that will be supported by optical infrastructure. Therefore, implementing recovery strategies is critical. In addition to the traditional recovery schemes based around protection and restoration mechanisms, pre-allocated restoration represents a potential candidate to effect and maintain network resilience under failure conditions. Preallocated restoration technique is particularly interesting because it provides a trade-off in terms of recovery performance and resources between protection and restoration schemes. In this paper, the pre-allocated restoration performance is investigated under single and dual-link failures considering a distributed GMPLSbased IP/WDM mesh network. Two load-based spare capacity optimisation methods are proposed in this paper; Local Spare Capacity Optimisation (LSCO) and Global Spare Capacity Optimisation (GSCO)