IEEE 802.11 i Security and Vulnerabilities

Despite using a variety of comprehensive preventive security measures, the Robust Secure Networks (RSNs) remain vulnerable to a number of attacks. Failure of preventive measures to address all RSN vulnerabilities dictates the need for enhancing the performance of Wireless Intrusion Detection Systems (WIDSs) to detect all attacks on RSNs with less false positive and false negative rates

Ant-based evidence distribution with periodic broadcast in attacked wireless network

In order to establish trust among nodes in large wireless networks, the trust certicates need to be distributed and be readily accessible. However, even so, searching for trust certicates will still become highly cost and delay especially when wireless network is suering CTS jamming attack. We believe the individual solution can lead us to solve this combination problems in the future. Therefore, in this work, we investigate the delay and cost of searching a distributed certicate and the adverse eects of fabiricated control packet attacks on channel throughput and delivery ratio respectively, and propose two techniques that can improve the eciency of searching for such certicates in the network and mitigate the CTS jamming attack's eect. Evidence Distribution based on Periodic Broadcast (EDPB) is the rst solution we presented to help node to quickly locate trust certicates in a large wireless sensor network. In this solution, we not only take advantages from swarm intelligence alogrithm, but also allow nodes that carrying certicates to periodically announce their existence. Such announcements, together with a swarm-intelligence pheromone pdate procedure, will leave traces on the nodes to lead query packets toward the certicate nodes. We then investigate the salient features of this schema and evaluate its performance in both static and mobile networks. This schema can also be used for other essential information dissemination in mobile ad hoc networks. The second technqiue, address inspection schema (AIS) xes vulnerabilities exist in distribution coordinating function (DCF) dened in IEEE 802.11 standard so that each node has the ability to beat the impact of CTS jamming attack and furthermore, benets network throughput. We then perform ns-2 simulations to evaluate the benet of AIS

The Design and Analysis of a Wireless LAN Relayed Frame Protocol Extension

Computing stations networked on wireless LANs (wLANs) typically have a limited range of mobility: the station must always be within an access point’s coverage area. If a station moves outside of that area, and if it is unable to locate another base station within its range to perform a handover of communication connectivity responsibility, then it will ex perience a disruption in network services until it migrates into the coverage area of another wLAN. Typical causes for such losses of service include station migration to outside of the wLAN’s coverage area, changing environmental conditions, and “holes” within the cumu lative cell coverage area of multiple access points. There could be several mobile stations simultaneously sharing the network in a wLAN. Each station may be stationary or in motion for part or all of its service life. How ever, in order to use the wLAN, it must be within service range of a access point. Theoreti cally, if a station is outside the access point’s coverage area, yet its own radio signal is within range of one of the stations which has connectivity with an access point, the isolated station could relay its network negotiations and traffic through a relay station which has direct communication with the access point. Therefore, the station nearer to the base sta tion acts as a relay point for the isolated station out of the access point’s range. In this thesis, the author proposed, the design of a MAC Frame Relaying Protocol Extension which enables this type of dynamic relaying of network frames between stations in wLANs. It requires additional logic in the networking process on both the access point and the stations involved (both relay station and the isolated station) to support the bidirec tional forwarding of network traffic, and the definition of several new message types to support relay connection setup and data exchange. Both cryptography and digital signature concepts are employed to make secure the process of establishing of a relayed network session, and the exchange of data between the end stations. To verify the validity of the protocol extension and to measure its performance, the protocol extension was implemented into an existing and widely accepted wireless network standard, IEEE 802.11. To study its effectiveness and impact on the wLAN protocol, the network simulation software, OPNET, was used. An existing model of IEEE 802.11 was enhanced with the additional logic introduced by the protocol extension. Through simulation, it is proved that the logic presented by the protocol extension is able to function. In addition, the impact to overall network performance, and the quality of service the isolated station experiences during a relayed network session were quantita tively analyzed. Through the OPNET simulation, it was found that overall wLAN perfor mance diminished a moderate amount, while the isolated station experienced a far smaller level of throughput when engaged in a relayed network session, than it did in a normal network session

Mobile Ad Hoc Networks

Guiding readers through the basics of these rapidly emerging networks to more advanced concepts and future expectations, Mobile Ad hoc Networks: Current Status and Future Trends identifies and examines the most pressing research issues in Mobile Ad hoc Networks (MANETs). Containing the contributions of leading researchers, industry professionals, and academics, this forward-looking reference provides an authoritative perspective of the state of the art in MANETs. The book includes surveys of recent publications that investigate key areas of interest such as limited resources and the mobility of mobile nodes. It considers routing, multicast, energy, security, channel assignment, and ensuring quality of service. Also suitable as a text for graduate students, the book is organized into three sections: Fundamentals of MANET Modeling and Simulation—Describes how MANETs operate and perform through simulations and models Communication Protocols of MANETs—Presents cutting-edge research on key issues, including MAC layer issues and routing in high mobility Future Networks Inspired By MANETs—Tackles open research issues and emerging trends Illustrating the role MANETs are likely to play in future networks, this book supplies the foundation and insight you will need to make your own contributions to the field. It includes coverage of routing protocols, modeling and simulations tools, intelligent optimization techniques to multicriteria routing, security issues in FHAMIPv6, connecting moving smart objects to the Internet, underwater sensor networks, wireless mesh network architecture and protocols, adaptive routing provision using Bayesian inference, and adaptive flow control in transport layer using genetic algorithms

Mobile Ad Hoc Networks

Guiding readers through the basics of these rapidly emerging networks to more advanced concepts and future expectations, Mobile Ad hoc Networks: Current Status and Future Trends identifies and examines the most pressing research issues in Mobile Ad hoc Networks (MANETs). Containing the contributions of leading researchers, industry professionals, and academics, this forward-looking reference provides an authoritative perspective of the state of the art in MANETs. The book includes surveys of recent publications that investigate key areas of interest such as limited resources and the mobility of mobile nodes. It considers routing, multicast, energy, security, channel assignment, and ensuring quality of service. Also suitable as a text for graduate students, the book is organized into three sections: Fundamentals of MANET Modeling and Simulation—Describes how MANETs operate and perform through simulations and models Communication Protocols of MANETs—Presents cutting-edge research on key issues, including MAC layer issues and routing in high mobility Future Networks Inspired By MANETs—Tackles open research issues and emerging trends Illustrating the role MANETs are likely to play in future networks, this book supplies the foundation and insight you will need to make your own contributions to the field. It includes coverage of routing protocols, modeling and simulations tools, intelligent optimization techniques to multicriteria routing, security issues in FHAMIPv6, connecting moving smart objects to the Internet, underwater sensor networks, wireless mesh network architecture and protocols, adaptive routing provision using Bayesian inference, and adaptive flow control in transport layer using genetic algorithms

Internet of Things From Hype to Reality

The Internet of Things (IoT) has gained significant mindshare, let alone attention, in academia and the industry especially over the past few years. The reasons behind this interest are the potential capabilities that IoT promises to offer. On the personal level, it paints a picture of a future world where all the things in our ambient environment are connected to the Internet and seamlessly communicate with each other to operate intelligently. The ultimate goal is to enable objects around us to efficiently sense our surroundings, inexpensively communicate, and ultimately create a better environment for us: one where everyday objects act based on what we need and like without explicit instructions

Verkkoliikenteen hajauttaminen rinnakkaisprosessoitavaksi ohjelmoitavan piirin avulla

The expanding diversity and amount of traffic in the Internet requires increasingly higher performing devices for protecting our networks against malicious activities. The computational load of these devices may be divided over multiple processing nodes operating in parallel to reduce the computation load of a single node. However, this requires a dedicated controller that can distribute the traffic to and from the nodes at wire-speed. This thesis concentrates on the system topologies and on the implementation aspects of the controller. A field-programmable gate array (FPGA) device, based on a reconfigurable logic array, is used for implementation because of its integrated circuit like performance and high-grain programmability. Two hardware implementations were developed; a straightforward design for 1-gigabit Ethernet, and a modular, highly parameterizable design for 10-gigabit Ethernet. The designs were verified by simulations and synthesizable testbenches. The designs were synthesized on different FPGA devices while varying parameters to analyze the achieved performance. High-end FPGA devices, such as Altera Stratix family, met the target processing speed of 10-gigabit Ethernet. The measurements show that the controller's latency is comparable to a typical switch. The results confirm that reconfigurable hardware is the proper platform for low-level network processing where the performance is prioritized over other features. The designed architecture is versatile and adaptable to applications expecting similar characteristics.Internetin edelleen lisääntyvä ja monipuolistuva liikenne vaatii entistä tehokkaampia laitteita suojaamaan tietoliikenneverkkoja tunkeutumisia vastaan. Tietoliikennelaitteiden kuormaa voidaan jakaa rinnakkaisille yksiköille, jolloin yksittäisen laitteen kuorma pienenee. Tämä kuitenkin vaatii erityisen kontrolloijan, joka kykenee hajauttamaan liikennettä yksiköille linjanopeudella. Tämä tutkimus keskittyy em. kontrolloijan järjestelmätopologioiden tutkimiseen sekä kontrolloijan toteuttamiseen ohjelmoitavalla piirillä, kuten kenttäohjelmoitava järjestelmäpiiri (eng. field programmable gate-array, FPGA). Kontrolloijasta tehtiin yksinkertainen toteutus 1-gigabitin Ethernet-verkkoihin sekä modulaarinen ja parametrisoitu toteutus 10-gigabitin Ethernet-verkkoihin. Toteutukset verifioitiin simuloimalla sekä käyttämällä syntetisoituvia testirakenteita. Toteutukset syntetisoitiin eri FPGA-piireille vaihtelemalla samalla myös toteutuksen parametrejä. Tehokkaimmat FPGA-piirit, kuten Altera Stratix -piirit, saavuttivat 10-gigabitin prosessointivaatimukset. Mittaustulokset osoittavat, että kontrollerin vasteaika ei poikkea tavallisesta verkkokytkimestä. Työn tulokset vahvistavat käsitystä, että ohjelmoitavat piirit soveltuvat hyvin verkkoliikenteen matalantason prosessointiin, missä vaaditaan ensisijaisesti suorituskykyä. Suunniteltu arkkitehtuuri on monipuolinen ja soveltuu joustavuutensa ansiosta muihin samantyyppiseen sovelluksiin

System-on-chip architecture for secure sub-microsecond synchronization systems

213 p.En esta tesis, se pretende abordar los problemas que conlleva la protección cibernética del Precision Time Protocol (PTP). Éste es uno de los protocolos de comunicación más sensibles de entre los considerados por los organismos de estandarización para su aplicación en las futuras Smart Grids o redes eléctricas inteligentes. PTP tiene como misión distribuir una referencia de tiempo desde un dispositivo maestro al resto de dispositivos esclavos, situados dentro de una misma red, de forma muy precisa. El protocolo es altamente vulnerable, ya que introduciendo tan sólo un error de tiempo de un microsegundo, pueden causarse graves problemas en las funciones de protección del equipamiento eléctrico, o incluso detener su funcionamiento. Para ello, se propone una nueva arquitectura System-on-Chip basada en dispositivos reconfigurables, con el objetivo de integrar el protocolo PTP y el conocido estándar de seguridad MACsec para redes Ethernet. La flexibilidad que los modernos dispositivos reconfigurables proporcionan, ha sido aprovechada para el diseño de una arquitectura en la que coexisten procesamiento hardware y software. Los resultados experimentales avalan la viabilidad de utilizar MACsec para proteger la sincronización en entornos industriales, sin degradar la precisión del protocolo