Delay Tolerant Networking over the Metropolitan Public Transportation

We discuss MDTN: a delay tolerant application platform built on top of the Public Transportation System (PTS) and able to provide service access while exploiting opportunistic connectivity. Our solution adopts a carrier-based approach where buses act as data collectors for user requests requiring Internet access. Simulations based on real maps and PTS routes with state-of-the-art routing protocols demonstrate that MDTN represents a viable solution for elastic nonreal-time service delivery. Nevertheless, performance indexes of the considered routing policies show that there is no golden rule for optimal performance and a tailored routing strategy is required for each specific case

Multi-Factor Authentication: A Survey

Today, digitalization decisively penetrates all the sides of the modern society. One of the key enablers to maintain this process secure is authentication. It covers many different areas of a hyper-connected world, including online payments, communications, access right management, etc. This work sheds light on the evolution of authentication systems towards Multi-Factor Authentication (MFA) starting from Single-Factor Authentication (SFA) and through Two-Factor Authentication (2FA). Particularly, MFA is expected to be utilized for human-to-everything interactions by enabling fast, user-friendly, and reliable authentication when accessing a service. This paper surveys the already available and emerging sensors (factor providers) that allow for authenticating a user with the system directly or by involving the cloud. The corresponding challenges from the user as well as the service provider perspective are also reviewed. The MFA system based on reversed Lagrange polynomial within Shamir’s Secret Sharing (SSS) scheme is further proposed to enable more flexible authentication. This solution covers the cases of authenticating the user even if some of the factors are mismatched or absent. Our framework allows for qualifying the missing factors by authenticating the user without disclosing sensitive biometric data to the verification entity. Finally, a vision of the future trends in MFA is discussed.Peer reviewe

Cognitive privacy for personal clouds

This paper proposes a novel Cognitive Privacy (CogPriv) framework that improves privacy of data sharing between Personal Clouds for different application types and across heterogeneous networks. Depending on the behaviour of neighbouring network nodes, their estimated privacy levels, resource availability, and social network connectivity, each Personal Cloud may decide to use different transmission network for different types of data and privacy requirements. CogPriv is fully distributed, uses complex graph contacts analytics and multiple implicit novel heuristics, and combines these with smart probing to identify presence and behaviour of privacy compromising nodes in the network. Based on sensed local context and through cooperation with remote nodes in the network, CogPriv is able to transparently and on-the-fly change the network in order to avoid transmissions when privacy may be compromised. We show that CogPriv achieves higher end-to-end privacy levels compared to both noncognitive cellular network communication and state-of-the-art strategies based on privacy-aware adaptive social mobile networks routing for a range of experiment scenarios based on real-world user and network traces. CogPriv is able to adapt to varying network connectivity and maintain high quality of service while managing to keep low data exposure for a wide range of privacy leakage levels in the infrastructure

Reliability analysis of wireless sensor network for smart farming applications

Wireless Sensor Networks are subjected to some design constraints (e.g., processing capability, storage memory, energy consumption, fixed deployment, etc.) and to outdoor harsh conditions that deeply affect the network reliability. The aim of this work is to provide a deeper understanding about the way redundancy and node deployment affect the network reliability. In more detail, the paper analyzes the design and implementation of a wireless sensor network for low-power and low-cost applications and calculates its reliability considering the real environmental conditions and the real arrangement of the nodes deployed in the field. The reliability of the system has been evaluated by looking for both hardware failures and communication errors. A reliability prediction based on different handbooks has been carried out to estimate the failure rate of the nodes self-designed and self-developed to be used under harsh environments. Then, using the Fault Tree Analysis the real deployment of the nodes is taken into account considering the Wi-Fi coverage area and the possible communication link between nearby nodes. The findings show how different node arrangements provide significantly different reliability. The positioning is therefore essential in order to obtain maximum performance from a Wireless sensor network

A survey on mobility management protocols in Wireless Sensor Networks based on 6LoWPAN technology

International audienceMobility has the advantage of enlarging WSN applications. However, proposing a mobility support protocol in Wireless Sensor Networks (WSNs) represents a significant challenge. In this paper, we propose a survey on the mobility management protocols in Wireless Sensor Networks based on 6LoWPAN technology. This technology enables to connect IP sensor devices to other IP networks without any need for gateways. We highlight the advantages and drawbacks with performances issues of each studied solution. Then, in order to select a typical classification of mobility management protocols in WSNs, we provide some classification criteria and approaches on which these protocols are based. Finally, we present a comparative study of the existing protocols in terms of the required performances for this network type

A specification-based IDS for detecting attacks on RPL-based network topology

Routing Protocol for Low power and Lossy network (RPL) topology attacks can downgrade the network performance significantly by disrupting the optimal protocol structure. To detect such threats, we propose a RPL-specification, obtained by a semi-auto profiling technique that constructs a high-level abstract of operations through network simulation traces, to use as reference for verifying the node behaviors. This specification, including all the legitimate protocol states and transitions with corresponding statistics, will be implemented as a set of rules in the intrusion detection agents, in the form of the cluster heads propagated to monitor the whole network. In order to save resources, we set the cluster members to report related information about itself and other neighbors to the cluster head instead of making the head overhearing all the communication. As a result, information about a cluster member will be reported by different neighbors, which allow the cluster head to do cross-check. We propose to record the sequence in RPL Information Object (DIO) and Information Solicitation (DIS) messages to eliminate the synchronized issue created by the delay in transmitting the report, in which the cluster head only does cross-check on information that come from sources with the same sequence. Simulation results show that the proposed Intrusion Detection System (IDS) has a high accuracy rate in detecting RPL topology attacks, while only creating insignificant overhead (about 6.3%) that enable its scalability in large-scale network

A specification-based IDS for detecting attacks on RPL-based network topology

Routing Protocol for Low power and Lossy network (RPL) topology attacks can downgrade the network performance significantly by disrupting the optimal protocol structure. To detect such threats, we propose a RPL-specification, obtained by a semi-auto profiling technique that constructs a high-level abstract of operations through network simulation traces, to use as reference for verifying the node behaviors. This specification, including all the legitimate protocol states and transitions with corresponding statistics, will be implemented as a set of rules in the intrusion detection agents, in the form of the cluster heads propagated to monitor the whole network. In order to save resources, we set the cluster members to report related information about itself and other neighbors to the cluster head instead of making the head overhearing all the communication. As a result, information about a cluster member will be reported by different neighbors, which allow the cluster head to do cross-check. We propose to record the sequence in RPL Information Object (DIO) and Information Solicitation (DIS) messages to eliminate the synchronized issue created by the delay in transmitting the report, in which the cluster head only does cross-check on information that come from sources with the same sequence. Simulation results show that the proposed Intrusion Detection System (IDS) has a high accuracy rate in detecting RPL topology attacks, while only creating insignificant overhead (about 6.3%) that enable its scalability in large-scale network

Design and implementation of simulation tools, protocols and architectures to support service platforms on vehicular networks

Tesis por compendioProducts related with Intelligent Transportation Systems (ITS) are becoming a reality on our roads. All car manufacturers are starting to include Internet access in their vehicles and to integrate smartphones directly from the dashboard, but more and more services will be introduced in the near future. Connectivity through "vehicular networks" will become a cornerstone of every new proposal, and offering an adequate quality of service is obviously desirable. However, a lot of work is needed for vehicular networks to offer performances similar to those of the wired networks. Vehicular networks can be characterized by two main features: high variability due to mobility levels that can reach up to 250 kilometers per hour, and heterogeneity, being that various competing versions from different vendors have and will be released. Therefore, to make the deployment of efficient services possible, an extensive study must be carried out and adequate tools must be proposed and developed. This PhD thesis addresses the service deployment problem in these networks at three different levels: (i) the physical and link layer, showing an exhaustive analysis of the physical channel and models; (ii) the network layer, proposing a forwarding protocol for IP packets; and (iii) the transport layer, where protocols are proposed to improve data delivery. First of all, the two main wireless technologies used in vehicular networks where studied and modeled, namely the 802.11 family of standards, particularly 802.11p, and the cellular networks focusing on LTE. Since 802.11p is a quite mature standard, we defined (i) a propagation and attenuation model capable of replicating the transmission range and the fading behavior of real 802.11p devices, both in line-of-sight conditions and when obstructed by small obstacles, and (ii) a visibility model able to deal with large obstacles, such as buildings and houses, in a realistic manner. Additionally, we proposed a model based on high-level performance indicators (bandwidth and delay) for LTE, which makes application validation and evaluation easier. At the network layer, a hybrid protocol called AVE is proposed for packet forwarding by switching among a set of standard routing strategies. Depending on the specific scenario, AVE selects one out of four different routing solutions: a) two-hop direct delivery, b) Dynamic MANET On-demand (DYMO), c) greedy georouting, and d) store-carry-and-forward technique, to dynamically adapt its behavior to the specific situation. At the transport layer, we proposed a content delivery protocol for reliable and bidirectional unicast communication in lossy links that improves content delivery in situations where the wireless network is the bottleneck. It has been designed, validated, optimized, and its performance has been analyzed in terms of throughput and resource efficiency. Finally, at system level, we propose an edge-assisted computing model that allows reducing the response latency of several queries by placing a computing unit at the network edge. This way, traffic traversal through the Internet is avoided when not needed. This scheme could be used in both 802.11p and cellular networks, and in this thesis we decided to focus on its evaluation using LTE networks. The platform presented in this thesis combines all the individual efforts to create a single efficient platform. This new environment could be used by any provider to improve the quality of the user experience obtainable through the proposed vehicular network-based services.Los productos relacionados con los Sistemas Inteligentes de Transporte (ITS) se están transformando en una realidad en nuestras carreteras. Todos los fabricantes de coches comienzan a incluir acceso a internet en sus vehículos y a facilitar su integración con los teléfonos móviles, pero más y más servicios se introducirán en el futuro. La conectividad usando las "redes vehiculares" se convertirá en la piedra angular de cada nueva propuesta, y ofrecer una calidad de servicio adecuada será, obviamente, deseable. Sin embargo, se necesita una gran cantidad de trabajo para que las redes vehiculares ofrezcan un rendimiento similar al de las redes cableadas. Las redes vehiculares quedan definidas por sus dos características básicas: alto dinamismo, pues los nodos pueden alcanzar una velocidad relativa de más de 250 km/h; y heterogeneidad, por la gran cantidad de propuestas diferentes que los fabricantes están lanzando al mercado. Por ello, para hacer posible el despliegue de servicios sobre ellas, se impone la necesidad de hacer un estudio en profundidad de este entorno, y deben de proponerse y desarrollarse las herramientas adecuadas. Esta tesis ataca la problemática del despliegue de servicios en estas redes a tres niveles diferentes: (i) el nivel físico y de enlace, mostrando varios análisis en profundidad del medio físico y modelos derivados para su simulación; (ii) el nivel de red, proponiendo un protocolo de difusión de la información para los paquetes IP; y (iii) el nivel de transporte, donde otros protocolos son propuestos para mejorar el rendimiento del transporte de datos. En primer lugar, se han estudiado y modelado las dos principales tecnologías inalámbricas que se utilizan para la comunicación en redes vehiculares, la rama de estándares 802.11, en concreto 802.11p; y la comunicación celular, en particular LTE. Dado que el estándar 802.11p es un estándar bastante maduro, nos centramos en crear (i) un modelo de propagación y atenuación capaz de replicar el rango de transmisión de dispositivos 802.11p reales, en condiciones de visión directa y obstrucción por pequeños obstáculos, y (ii) un modelo de visibilidad capaz de simular el efecto de grandes obstáculos, como son los edifcios, de una manera realista. Además, proponemos un modelo basado en indicadores de rendimiento de alto nivel (ancho de banda y retardo) para LTE, que facilita la validación y evaluación de aplicaciones. En el plano de red, se propone un protocolo híbrido, llamado AVE, para el encaminamiento y reenvío de paquetes usando un conjunto de estrategias estándar de enrutamiento. Dependiendo del escenario, AVE elige entre cuatro estrategias diferentes: a) entrega directa a dos saltos, b) Dynamic MANET On-demand (DYMO) c) georouting voraz, y d) una técnica store-carry-and- forward, para adaptar su comportamiento dinámicamente a cada situación. En el plano de transporte, se propone un protocolo bidireccional de distribución de contenidos en canales con pérdidas que mejora la entrega de contenidos en situaciones en las que la red es un cuello de botella, como las redes inalámbricas. Ha sido diseñado, validado, optimizado, y su rendimiento ha sido analizado en términos de productividad y eficiencia en la utilización de recursos. Finalmente, a nivel de sistema, proponemos un modelo de computación asistida que permite reducir la latencia en la respuesta a muchas consultas colocando una unidad de computación en el borde de la red, i.e., la red de acceso. Este esquema podría ser usado en redes basadas en 802.11p y en redes celulares, si bien en esta tesis decidimos centrarnos en su evaluación usando redes LTE. La plataforma presentada en esta tesis combina todos los esfuerzos individuales para crear una plataforma única y eficiente. Este nuevo entorno puede ser usado por cualquier proveedor para mejorar la calidad de la experiencia de usuario en los servicios desplegados sobre redes vehiculares.Els productes relacionats amb els sistemes intel · ligents de transport (ITS) s'estan transformant en una realitat en les nostres carreteres. Tots els fabri- cants de cotxes comencen a incloure accés a internet en els vehicles i a facilitar- ne la integració amb els telèfons mòbils, però en el futur més i més serveis s'hi introduiran. La connectivitat usant les xarxes vehicular esdevindrà la pedra angular de cada nova proposta, i oferir una qualitat de servei adequada serà, òbviament, desitjable. No obstant això, es necessita una gran quantitat de treball perquè les xarxes vehiculars oferisquen un rendiment similar al de les xarxes cablejades. Les xarxes vehiculars queden definides per dues característiques bàsiques: alt dinamisme, ja que els nodes poden arribar a una velocitat relativa de més de 250 km/h; i heterogeneïtat, per la gran quantitat de propostes diferents que els fabricants estan llançant al mercat. Per això, per a fer possible el desplegament de serveis sobre aquestes xarxes, s'imposa la necessitat de fer un estudi en profunditat d'aquest entorn, i cal proposar i desenvolupar les eines adequades. Aquesta tesi ataca la problemàtica del desplegament de serveis en aquestes xarxes a tres nivells diferents: (i) el nivell físic i d'enllaç , mostrant diverses anàlisis en profunditat del medi físic i models derivats per simular-lo; (ii) el nivell de xarxa, proposant un protocol de difusió de la informació per als paquets IP; i (iii) el nivell de transport, on es proposen altres protocols per a millorar el rendiment del transport de dades. En primer lloc, s'han estudiat i modelat les dues principals tecnologies sense fils que s'utilitzen per a la comunicació en xarxes vehiculars, la branca d'estàndards 802.11, en concret 802.11p; i la comunicació cel · lular, en partic- ular LTE. Atès que l'estàndard 802.11p és un estàndard bastant madur, ens centrem a crear (i) un model de propagació i atenuació capaç de replicar el rang de transmissió de dispositius 802.11p reals, en condicions de visió directa i obstrucció per petits obstacles, i (ii) un model de visibilitat capaç de simular l'efecte de grans obstacles, com són els edificis, d'una manera realista. A més, proposem un model basat en indicadors de rendiment d'alt nivell (ample de banda i retard) per a LTE, que facilita la validació i l'avaluació d'aplicacions. En el pla de xarxa, es proposa un protocol híbrid, anomenat AVE, per a l'encaminament i el reenviament de paquets usant un conjunt d'estratègies estàndard d'encaminament. Depenent de l'escenari , AVE tria entre quatre estratègies diferents: a) lliurament directe a dos salts, b) Dynamic MANET On-demand (DYMO) c) georouting voraç, i d) una tècnica store-carry-and- forward, per a adaptar-ne el comportament dinàmicament a cada situació. En el pla de transport, es proposa un protocol bidireccional de distribució de continguts en canals amb pèrdues que millora el lliurament de continguts en situacions en què la xarxa és un coll de botella, com les xarxes sense fils. Ha sigut dissenyat, validat, optimitzat, i el seu rendiment ha sigut analitzat en termes de productivitat i eficiència en la utilització de recursos. Finalment, a nivell de sistema, proposem un model de computació assistida que permet reduir la latència en la resposta a moltes consultes col · locant una unitat de computació a la vora de la xarxa, és a dir, la xarxa d'accés. Aquest esquema podria ser usat en xarxes basades en 802.11p i en xarxes cel · lulars, si bé en aquesta tesi decidim centrar-nos en la seua avaluació usant xarxes LTE. La plataforma presentada en aquesta tesi combina tots els esforços indi- viduals per a crear una plataforma única i eficient. Aquest nou entorn pot ser usat per qualsevol proveïdor per a millorar la qualitat de l'experiència d'usuari en els serveis desplegats sobre xarxes vehiculars.Báguena Albaladejo, M. (2017). Design and implementation of simulation tools, protocols and architectures to support service platforms on vehicular networks [Tesis doctoral no publicada]. Universitat Politècnica de València. https://doi.org/10.4995/Thesis/10251/85333TESISCompendi

THE CASE FOR DYNAMIC KEY DISTRIBUTION FOR PKI-BASED VANETS

ABSTRACT Vehicular Ad hoc Networks (VANETs) are becoming a reality where secure communication is a prerequisite. Public key infrastructure (PKI) can be used to secure VANETs where an onboard tamper proof device (TPD) stores a number of encryption keys which are renewed upon visiting a certificate authority (CA). We previously proposed a dynamic key distribution protocol for PKI-based VANETs [1] to reduce the role of the TPD. A vehicle dynamically requests a key from its nearest road side unit. This request is propagated through network infrastructure to reach a CA cloud and a key is securely returned. A proposed key revocation mechanism reduced the number of messages needed for revocation through Certificate Revocation List (CRL) distribution. In this paper, performance evaluation and security of the proposed dynamic key distribution is investigated analyticall