Energy-constrained paths for optimization of energy consumption in wireless sensor networks

© 2014 IEEE. A sensor spends a large part of its energy in transmitting its data and relay its neighbours' data. The overall lifetime of a wireless sensor network depends strongly on how a sensor selects its relaying neighbours and the data path to the destination. One critical problem is that if a sensor has to support too many neighbours, its energy is exhausted rapidly and may bring down the whole network. This paper suggests algorithms for assigning weights to links between neighbours taking into account the number of neighbours who rely on them to relay traffic to the destination. In order to do so, the paper also proposes an algorithm for constructing node connectivity based on sensors position within the broadcast range of another sensor, and a shortest energy-constrained path from a sensor to the destination

Can maturity models support cyber security?

© 2016 IEEE. We are living in a cyber space with an unprecedented rapid expansion of the space and its elements. All interactive information is processed and exchanged via this space. Clearly a well-built cyber security is vital to ensure the security of the cyber space. However the definitions and scopes of both cyber space and cyber security are still not well-defined and this makes it difficult to establish sound security models and mechanisms for protecting this space. Out of existing models, maturity models offer a manageable approach for assessing the security level of a system or organization. The paper first provides a review of various definitions of cyber space and cyber security in order to ascertain a common understanding of the space and its security. The paper investigates existing security maturity models, focusing on their defining characteristics and identifying their strengths and weaknesses. Finally, the paper discusses and suggests measures for a sound and applicable cyber security model

On software-defined networking and the design of SDN controllers

© 2015 IEEE. Software-Defined Networking (SDN) has emerged as a networking paradigm that can remove the limitations of current network infrastructures by separating the control plane from the data forwarding plane. The implications include: the underlying network state and decision making capability are centralized; programmability is provided on the control plane; the operation at the forwarding plane is simplified; and the underlying network infrastructure is abstracted and presented to the applications. This paper discusses and exposes the details of the design of a common SDN controller based on our study of many controllers. The emphasis is on interfaces as they are essential for evolving the scope of SDN in supporting applications with different network resources requirements. In particular, the paper review and compare the design of the three controllers: Beacon, OpenDaylight, and Open Networking Operation System

A pragmatic approach: Achieving acceptable security mechanisms for high speed data transfer protocol-UDT

The development of next generation protocols, such as UDT (UDP-based data transfer), promptly addresses various infrastructure requirements for transmitting data in high speed networks. However, this development creates new vulnerabilities when these protocols are designed to solely rely on existing security solutions of existing protocols such as TCP and UDP. It is clear that not all security protocols (such as TLS) can be used to protect UDT, just as security solutions devised for wired networks cannot be used to protect the unwired ones. The development of UDT, similarly in the development of TCP/UDP many years ago, lacked a well-thought security architecture to address the problems that networks are presently experiencing. This paper proposes and analyses practical security mechanisms for UDT

SDN applications - The intent-based Northbound Interface realisation for extended applications

© 2016 IEEE. The Northbound Interface (NBI) plays a crucial role in promoting the adoption of SDN as it allows developers the freedom of developing their revenue-generating applications without being affected and constrained by the complexities of the underlying networks. To do so the NBI has to allow applications to express their requirements and constraints in their own application specific language, and the SDN controller to translate those requirements into SDN network specific language for provisioning network resources and services to satisfy the application requirements. The intent-based NBI is born from this consideration and the Open Networking Foundation (ONF) provides principles and guidelines to build such an intent-based NBI. However, these principles do not lend themselves readily to the design and practical realization of an intent-based NBI for extended classes of business-like network applications. This paper introduces a solution and its initial implementation in the form of a novel architecture for realizing the intent-based NBI. The new solution exploits the modularized and reuse features of the micro services and service oriented architectures

Applying graph coloring in resource coordination for a high-density wireless environment

In a high density wireless environment, channel interference among users of many overlapped Basic Service Sets (OBSSs) is a serious problem. Our solution for the problem relies on a resource coordination scheme that utilizes the spatial distribution of the transceivers for channel reuse and time-slot division multiplexing for downlink transmission sharing among all participating BSSs. In this paper we show that an OBSS environment can be modeled by a planar graph and the OBSS group coordination assignment problem can be considered as a vertex coloring problem whose solution involves at most four colors. The graph coloring solution algorithm for the OBSS group coordination assignment is presented. The actual coloring is demonstrated, using a heuristics of Maximum Degree First. Performance simulation results of the coordination algorithm are also presented. © 2008 IEEE

FBRC: Optimization of task scheduling in Fog-based Region and Cloud

© 2017 IEEE. Fog computing preserves benefits of cloud computing and is strategically positioned to address effectively many local and performance issues because its resources and specific services are virtualized and located at the edge of the customer premises. Resource management is a critical issue affecting system performance significantly. Due to the complex distribution and high mobility of fog devices, computation resources still experience high latencies in fog's large coverage area. This paper considers a Fog-based Region and Cloud (FBRC) in which requests are locally handled not just by a region but multiple regions when additional resources are needed. An efficient task scheduling mechanism is thus essential to minimize the completion time of tasks and improve user experiences. To this end, two issues are investigated in the paper: 1) designing a fog-based region architecture to provide nearby computing resources; 2) investigating efficient scheduling algorithms to distribute tasks among regions and remote clouds. To deal with the complexity of scheduling tasks, a heuristic-based algorithm is proposed based on our formulation and validated by extensive simulations

S-MANAGE Protocol for Software-Defined IoT

© 2018 IEEE. The Internet of Things (IoT) has started to make a real impact with many IoT-based services in agriculture, smart farming, smart cities, personal health, and critical infrastructures. Sensor/IoT devices form one of the indispensable elements in these IoT systems and services. An effective IoT system requires the interoperability among its heterogeneous physical devices, but this presents a significant challenge regarding various communication protocols, networking management policies, as well as data processing approaches. Software-defined paradigm is considered essential for managing and provisioning IoT services on demand. An emerging solution is the application of software-defined networking (SDN) and Network Function Virtualization (NFV) in programming WSN/IoT systems. However, these technologies cannot be directly deployed due to the differences in the functionality of SDN network devices and sensor/IoT devices as well as the limitation of resources in IoT devices. We proposed the software-defined IoT(SD-IoT) model in our earlier work. This paper focuses on the S-MANAGE protocol that enables an SD-IoT controller to control and manage sensor/IoT devices via their virtual representation, called software-defined virtual sensors (SDVS). The paper presents in detail the design and the implementation of the S-MANAGE southbound protocol

Security threat probability computation using Markov Chain and Common Vulnerability Scoring System

© 2018 IEEE. Security metrics have become essential for assessing the security risks and making effective decisions concerning system security. Many security metrics rely on mathematical models, but are mainly based on empirical data, qualitative method, or compliance checking and this renders the outcome far from accurate. This paper proposes a novel approach to compute the probability distribution of cloud security threats based on Markov chain and Common Vulnerability Scoring System (CVSS). The paper gives an application on cloud systems to demonstrate the use of the proposed approach

A Threat Computation Model using a Markov Chain and Common Vulnerability Scoring System and its Application to Cloud Security

Copyright © 2019 Securing cyber infrastructures has become critical because they are increasingly exposed to attackers while accommodating a huge number of IoT devices and supporting numerous sophisticated emerging applications. Security metrics are essential for assessing the security risks and making effective decisions concerning system security. Many security metrics rely on mathematical models, but are mainly based on empirical data, qualitative methods, or compliance checking, and this renders the outcome far from satisfactory. Computing the probability of an attack, or more precisely a threat that materialises into an attack, forms an essential basis for a quantitative security metric. This paper proposes a novel approach to compute the probability distribution of cloud security threats based on a Markov chain and Common Vulnerability Scoring System. Moreover, the paper introduces the method to estimate the probability of security attacks. The use of the new security threat model and its computation is demonstrated through their application to estimating the probabilities of cloud threats and types of attacks