Throughput and fairness of multiple TCP connections in wireless networks

TCP suffers from poor throughput performance in wireless networks. Furthermore, when multiple TCP connections compete at the base station, link errors and congestion lead to serious unfairness among the connections. Although the issue of TCP performance in wireless networks has attracted significant attention, most reports focus only on TCP throughput and assume that there is only a single connection in a congestion-free network. This paper studies the throughput and fairness of popular improvement mechanisms (the Snoop [8] and ELN [5]) and TCP variants with multiple TCP connections. Simulation results show that the improvement mechanisms under investigation are effective to improve TCP throughput in a wireless network. However, they cannot provide fairness among multiple TCP connections. From the studies presented, it is concluded that mechanisms to enhance TCP fairness are needed in wireless network

An autonomous router-based solution to detect and defend low rate DDoS attacks

Internet security was not a concern when the Internet was invented, but we cannot deny this fact anymore. Since all forms of businesses and communications are aligned to the Internet in one form or the other, the security of these assets (both infrastructure and content) is of prime importance. Some of the well known consequences of an attack include gaining access to a network, intellectual property thefts, and denial of service. This thesis focuses on countering flood-type attacks that result in denial of service to end users. A new classification of this denial of service attacks, known as the low rate denial of service, will be the crux of our discussion. The average rate of this attack is so low that most routers or victims fail to detect the attack. Thus far, no solution can counter the low rate attacks without degrading the normal performance of the Transmission Control Protocol. This work proposes a router-based solution to detect and defend low as well as high rate distributed denial of service attacks (DDoS). A per flow approach coupled with the Deterministic Packet Marking scheme is used to detect and block attack flows autonomously. The solution provides a rapid detection and recovery procedure during an attack

Concurrent Multipath Transfer: Scheduling, Modelling, and Congestion Window Management

Known as smartphones, multihomed devices like the iPhone and BlackBerry can simultaneously connect to Wi-Fi and 4G LTE networks. Unfortunately, due to the architectural constraints of standard transport layer protocols like the transmission control protocol (TCP), an Internet application (e.g., a file transfer) can use only one access network at a time. Due to recent developments, however, concurrent multipath transfer (CMT) using the stream control transmission protocol (SCTP) can enable multihomed devices to exploit additional network resources for transport layer communications. In this thesis we explore a variety of techniques aimed at CMT and multihomed devices, such as: packet scheduling, transport layer modelling, and resource management. Some of our accomplishments include, but are not limited to: enhanced performance of CMT under delay-based disparity, a tractable framework for modelling the throughput of CMT, a comparison of modelling techniques for SCTP, a new congestion window update policy for CMT, and efficient use of system resources through optimization. Since the demand for a better communications system is always on the horizon, it is our goal to further the research and inspire others to embrace CMT as a viable network architecture; in hopes that someday CMT will become a standard part of smartphone technology

Evaluation of a Set of TCP Features over Narrowband Radio Bearer for Train Communication

An engineering approach to the evaluation of the TCP as a narrowband bearer for short messages in the low latency train-trackside communication scenario is described in this report. The project was developed in cooperation with Bombardier Transportation Sweden AB as a part of the “ETCS over GPRS” venture. With the increase of the demands from the railway industry, the currently used circuit-switched GSM-R technology becomes unsatisfactory from the radio system capacity point of view and the need of a new solution is highly required. The packet-switched GPRS solution using TCP as a suite is under research for this specific scenario. The investigated problem in this report concerns the tuning of the retransmission mechanism, which includes the TCP features TCP_RTO_MIN and TCP_KEEPALIVE. This implies the tuning of those features to be able to detect a loss of communication and to react less aggressively for the short and instantaneous changes in the network delay. This thesis work began with a preparation phase in which a broad literature analysis of the background theory was made and followed by the development of applications that realizes the traffic model. Later in the performance phase the required changes were applied on the system and finally tested in a lab. The tests have been performed using one and four pairs of client-server applications communicating over an emulated link. The TCP features were modified at two levels, the TCP_RTO_MIN by a kernel recompilation and the TCP_KEEPALIVE by changes on the live system. Results from the tests have shown that for the higher than the default value of the TCP_RTO_MIN the less retransmissions were triggered. The TCP_KEEPALIVE has proven to be a sufficient feature to indicate a loss of the link. However the achieved improvement in performance was not as high as expected, but acceptable for this scenario. The train-trackside communication system could benefit from the proposed changes

A holistic approach to ZigBee performance enhancement for home automation networks

Wireless home automation networks are gaining importance for smart homes. In this ambit, ZigBee networks play an important role. The ZigBee specification defines a default set of protocol stack parameters and mechanisms that is further refined by the ZigBee Home Automation application profile. In a holistic approach, we analyze how the network performance is affected with the tuning of parameters and mechanisms across multiple layers of the ZigBee protocol stack and investigate possible performance gains by implementing and testing alternative settings. The evaluations are carried out in a testbed of 57 TelosB motes. The results show that considerable performance improvements can be achieved by using alternative protocol stack configurations. From these results, we derive two improved protocol stack configurations for ZigBee wireless home automation networks that are validated in various network scenarios. In our experiments, these improved configurations yield a relative packet delivery ratio increase of up to 33.6%, a delay decrease of up to 66.6% and an improvement of the energy efficiency for battery powered devices of up to 48.7%, obtainable without incurring any overhead to the network.Postprint (published version

Best effort measurement based congestion control

Abstract available: p.

Contributions to the security of cognitive radio networks

The increasing emergence of wireless applications along with the static spectrum allocation followed by regulatory bodies has led to a high inefficiency in spectrum usage, and the lack of spectrum for new services. In this context, Cognitive Radio (CR) technology has been proposed as a possible solution to reuse the spectrum being underutilized by licensed services. CRs are intelligent devices capable of sensing the medium and identifying those portions of the spectrum being unused. Based on their current perception of the environment and on that learned from past experiences, they can optimally tune themselves with regard to parameters such as frequency, coding and modulation, among others. Due to such properties, Cognitive Radio Networks (CRNs) can act as secondary users of the spectrum left unused by their legal owners or primary users, under the requirement of not interfering primary communications. The successful deployment of these networks relies on the proper design of mechanisms in order to efficiently detect spectrum holes, adapt to changing environment conditions and manage the available spectrum. Furthermore, the need for addressing security issues is evidenced by two facts. First, as for any other type of wireless network, the air is used as communications medium and can easily be accessed by attackers. On the other hand, the particular attributes of CRNs offer new opportunities to malicious users, ranging from providing wrong information on the radio environment to disrupting the cognitive mechanisms, which could severely undermine the operation of these networks. In this Ph.D thesis we have approached the challenge of securing Cognitive Radio Networks. Because CR technology is still evolving, to achieve this goal involves not only providing countermeasures for existing attacks but also to identify new potential threats and evaluate their impact on CRNs performance. The main contributions of this thesis can be summarized as follows. First, a critical study on the State of the Art in this area is presented. A qualitative analysis of those threats to CRNs already identified in the literature is provided, and the efficacy of existing countermeasures is discussed. Based on this work, a set of guidelines are designed in order to design a detection system for the main threats to CRNs. Besides, a high level description of the components of this system is provided, being it the second contribution of this thesis. The third contribution is the proposal of a new cross-layer attack to the Transmission Control Protocol (TCP) in CRNs. An analytical model of the impact of this attack on the throughput of TCP connections is derived, and a set of countermeasures in order to detect and mitigate the effect of such attack are proposed. One of the main threats to CRNs is the Primary User Emulation (PUE) attack. This attack prevents CRNs from using available portions of the spectrum and can even lead to a Denial of Service (DoS). In the fourth contribution of this the method is proposed in order to deal with such attack. The method relies on a set of time measures provided by the members of the network and allows estimating the position of an emitter. This estimation is then used to determine the legitimacy of a given transmission and detect PUE attacks. Cooperative methods are prone to be disrupted by malicious nodes reporting false data. This problem is addressed, in the context of cooperative location, in the fifth and last contribution of this thesis. A method based on Least Median Squares (LMS) fitting is proposed in order to detect forged measures and make the location process robust to them. The efficiency and accuracy of the proposed methodologies are demonstrated by means of simulation

Understanding the characteristics of Internet traffic and designing an efficient RaptorQ-based data transport protocol for modern data centres

This thesis is the amalgamation of research on efficient data transport protocols for data centres and a comprehensive and systematic study of Internet traffic, which came as a result of the need to understand traffic patterns and workloads in modern computer networks. The first part of the thesis is on the development of efficient data transport pro- tocols for data centres. We study modern data transport protocols for data centres through large scale simulations using the OMNeT++ simulator. We developed and experimented with an OMNeT++ model of NDP. This has led to the identification of limitations of the state of the art and the formulation of research questions with respect to data transport protocols for modern data centres. The developed model includes an implementation of a Fat-tree topology and per-packet ECMP load bal- ancing. We discuss how we integrated the model with the INET Framework and validated it by running various experiments that test different model parameters and components. This work revealed limitations of NDP with respect to efficient one-to-many and many-to-one communication in data centres, which led to the de- velopment of SCDP, a novel and general-purpose data transport protocol for data centres that, in contrast to all other protocols proposed to date, natively supports one-to-many and many-to-one data communication, which is extremely common in modern data centres. SCDP does so without compromising on efficiency for short and long unicast flows. SCDP achieves this by integrating RaptorQ codes with receiver-driven data transport, in-network packet trimming and Multi-Level Feed- back Queuing (MLFQ); (1) RaptorQ codes enable efficient one-to-many and many- to-one data transport; (2) on top of RaptorQ codes, receiver- driven flow control, in combination with in-network packet trimming, enable efficient usage of network re- sources as well as multi-path transport and packet spraying for all transport modes. Incast and Outcast are eliminated; (3) the systematic nature of RaptorQ codes, in combination with MLFQ, enable fast, decoding-free completion of short flows. We extensively evaluated SCDP in a wide range of simulated scenarios with realistic data centre workloads. For one-to-many and many-to-one transport sessions, SCDP performs significantly better than NDP. For short and long unicast flows, SCDP performs equally well or better compared to NDP. In the second part of the thesis, we extensively study Internet traffic. Getting good statistical models of traffic on network links is a well-known, often-studied problem. A lot of attention has been given to correlation patterns and flow duration. The distribution of the amount of traffic per unit time is an equally important but less studied problem. We study a large number of traffic traces from many different networks including academic, commercial and residential networks using state-of-the-art statistical techniques. We show that the log-normal distribution is a better fit than the Gaussian distribution. We also investigate a second, heavy- tailed distribution and show that its performance is better than Gaussian but worse than log-normal. We examine anomalous traces which are a poor fit for all tested distributions and show that this is often due to traffic outages or links that hit maximum capacity. Stationarity tests showed that the traffic is stationary at some range of aggregation times. We demonstrate the utility of the log-normal distribution in two contexts: predicting the proportion of time traffic will exceed a given level (for link capacity estimation) and predicting 95th percentile pricing. We also show the log-normal distribution is a better predictor than Gaussian orWeibull distributions