10 research outputs found
AN EFFICIENT INTERFERENCE AVOIDANCE SCHEME FOR DEVICE-TODEVICE ENABLED FIFTH GENERATION NARROWBAND INTERNET OF THINGS NETWOKSâ
Narrowband Internet of Things (NB-IoT) is a low-power wide-area (LPWA) technology built on long-term evolution (LTE) functionalities and standardized by the 3rd-Generation Partnership Project (3GPP). Due to its support for massive machine-type communication (mMTC) and different IoT use cases with rigorous standards in terms of connection, energy efficiency, reachability, reliability, and latency, NB-IoT has attracted the research community. However, as the capacity needs for various IoT use cases expand, the LTE evolved packet core (EPC) system's numerous functionalities may become overburdened and suboptimal. Several research efforts are currently in progress to address these
challenges. As a result, an overview of these efforts with a specific focus on the optimized architecture of the LTE EPC functionalities, the 5G architectural design for NB-IoT integration, the enabling technologies necessary for 5G NB-IoT, 5G new radio (NR) coexistence with NB-IoT, and feasible architectural deployment schemes of NB-IoT with cellular networks is discussed. This thesis also presents cloud-assisted relay with backscatter communication as part of a detailed study of the technical performance attributes and channel communication characteristics from the physical (PHY) and medium access control
(MAC) layers of the NB-IoT, with a focus on 5G. The numerous drawbacks that come with simulating these systems are explored. The enabling market for NB-IoT, the benefits for a few use cases, and the potential critical challenges associated with their deployment are all highlighted. Fortunately, the cyclic prefix orthogonal frequency division multiplexing (CPOFDM) based waveform by 3GPP NR for improved mobile broadband (eMBB) services does not prohibit the use of other waveforms in other services, such as the NB-IoT service for mMTC. As a result, the coexistence of 5G NR and NB-IoT must be manageably orthogonal (or quasi-orthogonal) to minimize mutual interference that limits the form of
freedom in the waveform's overall design. As a result, 5G coexistence with NB-IoT will introduce a new interference challenge, distinct from that of the legacy network, even though the NR's coexistence with NB-IoT is believed to improve network capacity and expand the coverage of the user data rate, as well as improves robust communication through frequency reuse. Interference challenges may make channel estimation difficult for NB-IoT devices,
limiting the user performance and spectral efficiency. Various existing interference mitigation solutions either add to the network's overhead, computational complexity and delay or are hampered by low data rate and coverage. These algorithms are unsuitable for an NB-IoT network owing to the low-complexity nature. As a result, a D2D communication based interference-control technique becomes an effective strategy for addressing this problem.
This thesis used D2D communication to decrease the network bottleneck in dense 5G NBIoT networks prone to interference. For D2D-enabled 5G NB-IoT systems, the thesis presents an interference-avoidance resource allocation that considers the less favourable cell edge NUEs. To simplify the algorithm's computing complexity and reduce interference power, the system divides the optimization problem into three sub-problems. First, in an orthogonal deployment technique using channel state information (CSI), the channel gain
factor is leveraged by selecting a probable reuse channel with higher QoS control. Second, a bisection search approach is used to find the best power control that maximizes the network sum rate, and third, the Hungarian algorithm is used to build a maximum bipartite matching strategy to choose the optimal pairing pattern between the sets of NUEs and the D2D pairs. The proposed approach improves the D2D sum rate and overall network SINR of the 5G NB-IoT system, according to the numerical data. The maximum power constraint of the D2D
pair, D2D's location, Pico-base station (PBS) cell radius, number of potential reuse channels, and cluster distance impact the D2D pair's performance. The simulation results achieve 28.35%, 31.33%, and 39% SINR performance higher than the ARSAD, DCORA, and RRA algorithms when the number of NUEs is twice the number of D2D pairs, and 2.52%, 14.80%, and 39.89% SINR performance higher than the ARSAD, RRA, and DCORA when the number of NUEs and D2D pairs are equal. As a result, a D2D sum rate increase of 9.23%, 11.26%, and 13.92% higher than the ARSAD, DCORA, and RRA when the NUEâs number is twice the number of D2D pairs, and a D2Dâs sum rate increase of 1.18%, 4.64% and
15.93% higher than the ARSAD, RRA and DCORA respectively, with an equal number of NUEs and D2D pairs is achieved. The results demonstrate the efficacy of the proposed scheme. The thesis also addressed the problem where the cell-edge NUE's QoS is critical to challenges such as long-distance transmission, delays, low bandwidth utilization, and high system overhead that affect 5G NB-IoT network performance. In this case, most cell-edge NUEs boost their transmit power to maximize network throughput. Integrating cooperating D2D relaying technique into 5G NB-IoT heterogeneous network (HetNet) uplink spectrum sharing increases the system's spectral efficiency and interference power, further degrading the network. Using a max-max SINR (Max-SINR) approach, this thesis proposed an interference-aware D2D relaying strategy for 5G NB-IoT QoS improvement for a cell-edge NUE to achieve optimum system performance. The Lagrangian-dual technique is used to optimize the transmit power of the cell-edge NUE to the relay based on the average interference power constraint, while the relay to the NB-IoT base station (NBS) employs a fixed transmit power. To choose an optimal D2D relay node, the channel-to-interference plus noise ratio (CINR) of all available D2D relays is used to maximize the minimum cell-edge NUE's data rate while ensuring the cellular NUEs' QoS requirements are satisfied. Best harmonic mean, best-worst, half-duplex relay selection, and a D2D communication scheme were among the other relaying selection strategies studied. The simulation results reveal that the Max-SINR selection scheme outperforms all other selection schemes due to the high channel gain between the two communication devices except for the D2D communication scheme. The proposed algorithm achieves 21.27% SINR performance, which is nearly identical to the half-duplex scheme, but outperforms the best-worst and harmonic selection techniques by 81.27% and 40.29%, respectively. As a result, as the number of D2D relays increases, the capacity increases by 14.10% and 47.19%, respectively, over harmonic and half-duplex techniques. Finally, the thesis presents future research works on interference control in addition with the open research directions on PHY and MAC properties and a SWOT (Strengths, Weaknesses, Opportunities, and Threats) analysis presented in Chapter 2 to encourage further study on 5G NB-IoT
Contributions to Securing Software Updates in IoT
The Internet of Things (IoT) is a large network of connected devices. In IoT, devices can communicate with each other or back-end systems to transfer data or perform assigned tasks. Communication protocols used in IoT depend on target applications but usually require low bandwidth. On the other hand, IoT devices are constrained, having limited resources, including memory, power, and computational resources. Considering these limitations in IoT environments, it is difficult to implement best security practices. Consequently, network attacks can threaten devices or the data they transfer. Thus it is crucial to react quickly to emerging vulnerabilities. These vulnerabilities should be mitigated by firmware updates or other necessary updates securely. Since IoT devices usually connect to the network wirelessly, such updates can be performed Over-The-Air (OTA). This dissertation presents contributions to enable secure OTA software updates in IoT. In order to perform secure updates, vulnerabilities must first be identified and assessed. In this dissertation, first, we present our contribution to designing a maturity model for vulnerability handling. Next, we analyze and compare common communication protocols and security practices regarding energy consumption. Finally, we describe our designed lightweight protocol for OTA updates targeting constrained IoT devices. IoT devices and back-end systems often use incompatible protocols that are unable to interoperate securely. This dissertation also includes our contribution to designing a secure protocol translator for IoT. This translation is performed inside a Trusted Execution Environment (TEE) with TLS interception. This dissertation also contains our contribution to key management and key distribution in IoT networks. In performing secure software updates, the IoT devices can be grouped since the updates target a large number of devices. Thus, prior to deploying updates, a group key needs to be established among group members. In this dissertation, we present our designed secure group key establishment scheme. Symmetric key cryptography can help to save IoT device resources at the cost of increased key management complexity. This trade-off can be improved by integrating IoT networks with cloud computing and Software Defined Networking (SDN).In this dissertation, we use SDN in cloud networks to provision symmetric keys efficiently and securely. These pieces together help software developers and maintainers identify vulnerabilities, provision secret keys, and perform lightweight secure OTA updates. Furthermore, they help devices and systems with incompatible protocols to be able to interoperate
Lightweight ECC Based Multifactor Authentication Protocol (LEMAP) for Device to Device Cellular Network
Device to Device (D2D) communication is a type of technology where two devices can communicate directly with each other without the need to contact Base Station or any central infrastructure. With emerging of Long Term Evaluation (LTE) and Fifth Generation (5G) technology, D2D has gained a lot of attention for communication between closely located mobile devices for offering high speed, energy efficiency, throughput, less delay, and efficient spectrum usage. D2D has changed recent wireless networks with new trends as D2D can play a vital role in sharing resources by load off the network in local areas by direct communication between devices and useful in natural disasters where BS is destroyed. D2D has revolutionized the direct communication as it is a basis for 5G network. D2D allows miniature devices like cell phone, tablets and radio devices to work as Non-Transparent Relays (NTR) where they can provide services as well as forward traffic, request services by direct communication without the need of Base Station (BS) or central network infrastructure. Multi-hop D2D can be used for peer-to-peer communication or even access to cellular networks. This concept of multihop D2D communication has introduced a number of issues and challenges that were not prevalent in traditional current cellular communication. One of the major issues in D2D is security that is required in D2D communication to transmit information securely over non secure channel. The major challenge when considering security is that current established security techniques cannot be modified as security-requiring devices are miniature with restricted processing and storage or are constrained by power and bandwidth issues. Another issue is that how devices can get secure mutual authentication for secure communication. To tackle these issues, a lightweight multifactor authentication scheme that allows multihop secure communication over open channel is designed called as Lightweight ECC based Multifactor Authentication Protocol (LEMAP) in multihop D2D communication. Formal analysis of scheme is performed using well known BAN Logic method which is used to check correctness of protocol. The formal analysis of LEMAP proves that it can mitigate replay attack, Man-in-the-Middle (MITM) attack, Rogue device attack, Denial of Service (DoS) attack, timestamp exploitation attack, impersonation attack and masquerading attack. LEMAP also achieves security requirements confidentiality, integrity, privacy, non-repudiation, secure mutual authentication and anonymity. The communication cost and computational overhead of benchmark protocols and the proposed scheme LEMAP are also calculated. The results show that LEMAP is 6%-28% percent stronger than the selected benchmark algorithms such as 2PAKEP, Chaotic based authentication and TwoFactor authentication protocol. Additionally, LEMAP provides additional security by using trust validation, double hashing, and reduced authentication overhead. Discrete logarithm analysis shows that LEMAP is more secure compared to current security algorithms or current security algos are used as attacks against LEMAP. LEMAP is a lightweight and flexible scheme which can be used in 5G as well as multihop D2D communication to provide secure communication environment.
Keywords: D2D security, multihop D2D security, multi factor, light-weight security, EC
Security for 5G Mobile Wireless Networks
The advanced features of 5G mobile wireless network systems yield new security requirements and challenges. This paper presents a comprehensive survey on security of 5G wireless network systems compared to the traditional cellular networks. The paper starts with a review on 5G wireless networks particularities as well as on the new requirements and motivations of 5G wireless security. The potential attacks and security services with the consideration of new service requirements and new use cases in 5G wireless networks are then summarized. The recent development and the existing schemes for the 5G wireless security are presented based on the corresponding security services including authentication, availability, data confidentiality, key management and privacy. The paper further discusses the new security features involving different technologies applied to 5G such as heterogeneous networks, device-to-device communications, massive multiple-input multiple-output, software defined networks and Internet of Things. Motivated by these security research and development activities, we propose a new 5G wireless security architecture, based on which the analysis of identity management and flexible authentication is provided. As a case study, we explore a handover procedure as well as a signaling load scheme to show the advantage of the proposed security architecture. The challenges and future directions of 5G wireless security are finally summarized
Vulnerability Analysis of Relay Set Selection Algorithms for the Simplified Multicast Forwarding (SMF) Protocol for Mobile Ad Hoc Networks
International audienceAfter more than a decade of research and standardization , Mobile Ad Hoc NETworks (MANET) are finding their place in real-world deployments, such as in community, tactical and vehicular networks. Becoming so present in "the real world" also means that MANETs, and the protocols operating them, are affronted with a more hostile environment, where misconfiguration, eavesdropping, and attacks must be addressed. A first step in addressing MANET security is understanding the vulnerabilities of MANET protocols, and how an attacker can exploit these. This paper studies the Relay Set Selection (RSS) algorithms that are commonly used in multicast routing protocol for MANETs, and which are undergoing standardization as part of the Simplified Multicast Forwarding (SMF) protocol, developed within the Internet Engineering Task Force (IETF). Attack vectors for these different RSS algorithms are described, with the purpose of enabling future development of security solutions
Vulnerability Analysis of the Simple Multicast Forwarding (SMF) Protocol for Mobile Ad Hoc Networks
If deployments of Mobile Ad Hoc Networks (MANETs) are to become common outside of purely experimental settings, protocols operating such MANETs must be able to preserve network integrity, even when faced with careless or malicious participants. A first step towards protecting a MANET is to analyze the vulnerabilities of the routing protocol(s), managing the connectivity. Understanding how these routing protocols can be exploited by those with ill intent, countermeasures can be developed, readying MANETs for wider deployment and use. One routing protocol for MANETs, developed by the Internet Engineering Task Force (IETF) as a multicast routing protocol for efficient data dissemination, is denoted "Simplified Multicast Forwarding" (SMF). This protocol is analyzed, and its vulnerabilities described, in this memorandum. SMF consists of two independent components: (i) duplicate packet detection and (ii) relay set selection, each of which presents its own set of vulnerabilities that an attacker may exploit to compromise network integrity. This memorandum explores vulnerabilities in each of these, with the aim of identifying attack vectors and thus enabling development of countermeasures.Afin d'augmenter le nombre de dĂ©ploiements de rĂ©seaux ad hoc dehors des "testbeds" purement expĂ©rimentals, des protocoles de routage des rĂ©seaux ad hoc doivent ĂȘtre en mesure de prĂ©server l'intĂ©gritĂ© du rĂ©seau, mĂȘme lorsqu'ils sont confrontĂ©s avec des participants imprudents ou malicieux. Un premier pas vers la protection d'un rĂ©seau ad hoc est d'analyser les vulnĂ©rabilitĂ©s du protocole de routage qui gĂšre la connectivitĂ© du rĂ©seau. En comprenant comment ces protocoles de routage peuvent ĂȘtre exploitĂ©s par des personnes ayant de mauvaises intentions, des contre-mesures peuvent ĂȘtre dĂ©veloppĂ©es. Un protocole de routage pour des rĂ©seaux ad hoc, dĂ©veloppĂ© par l'Internet Engineering Task Force (IETF) comme protocole de routage de multicast pour la diffusion efficace des donnĂ©es, est appelĂ© "Simplified Multicast Forwarding" (SMF). Ce protocole est analysĂ©, et ses vulnĂ©rabilitĂ©s dĂ©crites dans ce rapport. SMF est constituĂ© de deux composantes indĂ©pendantes: (i) la dĂ©tection des paquets dupliquĂ©s et (ii) la sĂ©lection des relais, dont chacun prĂ©sente son propre ensemble de vulnĂ©rabilitĂ©s qu'un attaquant peut exploiter pour compromettre l'intĂ©gritĂ© du rĂ©seau. Ce rapport explore des vulnĂ©rabilitĂ©s dans chacune des deux composantes, afin d'identifier les vecteurs d'attaque, ainsi de permettre de dĂ©velopper des contre-mesures
Easy Wireless: broadband ad-hoc networking for emergency services
Wireless ad-hoc networks will enable emergency services to continuously overview and act upon the actual status of the situation by retrieving and exchanging detailed up-to-date information between the rescue workers. Deployment of high-bandwidth, robust, self-organising ad-hoc networks will enable quicker response to typical what/where/when questions, than the more vulnerable low-bandwidth communication networks currently in use. This paper addresses a number of results of the Easy Wireless project that enable high bandwidth robust ad-hoc networking. Most of the concepts presented here have been experimentally verified and/or prototyped