PAMPA in the wild:a real-life evaluation of a lightweight ad-hoc broadcasting family

Broadcast is one of the core building blocks of many services deployed on ad-hoc wireless networks, such as Mobile Ad-Hoc Networks (MANETs) or Wireless Sensor Networks (WSNs). Most broadcast protocols are however only ever evaluated using simulations, which have repeatedly been shown to be unreliable, and potentially misleading. In this paper, we seek to go beyond simulations, and consider the particular case of PAMPA, a promising family of wireless broadcast algorithms for ad-hoc and wireless networks. We report on our efforts to further our experimental understanding of PAMPA, and present the first ever characterisation of the PAMPA family on a real deployment. Here it has to deal with real network problems such as node, message and sending failure. Our experiments show that the standard PAMPA algorithm out-performs all other protocols in the family, with a delivery ratio consistently around 75%, and a retransmission ratio as low as 44%, for a failure-free run. We use this opportunity to reflect on our findings and lessons learnt when moving from simulations to actual experimentsab

Discovering “unknown known” security requirements

Security is one of the biggest challenges facing organisations in the modern hyper-connected world. A number of theoretical security models are available that provide best practice security guidelines and are widely utilised as a basis to identify and operationalise security requirements. Such models often capture high-level security concepts (e.g., whitelisting, secure configurations, wireless access control, data recovery, etc.), strategies for operationalising such concepts through specific security controls, and relationships between the various concepts and controls. The threat landscape, however, evolves leading to new tacit knowledge that is embedded in or across a variety of security incidents. These unknown knowns alter, or at least demand reconsideration of the theoretical security models underpinning security requirements. In this paper, we present an approach to discover such unknown knowns through multi-incident analysis. The approach is based on a novel combination of grounded theory and incident fault trees. We demonstrate the effectiveness of the approach through its application to identify revisions to a theoretical security model widely used in industry

QoE Assessment for Multi-Video Object Based Media

Recent multimedia experiences using techniques such as DASH allow the streaming delivery to be adapted to suit network context. Object Based Media (OBM) provides even more flexibility as distinct media objects are streamed and combined based on user preferences, allowing the experience to be personalised for the user. As adaptation can lead to degradation, modelling and measuring Quality of Experience (QoE) are crucial to ensure a perceptibly-optimal user experience. QoE models proposed for DASH include quality-related factors from single video-object streams and hence, are unsuitable for multi-video OBM experiences. In this paper, we propose an objective method to quantify QoE for video-based OBM experiences. Our model provides different strategies to aggregate individual object QoE contributions for different OBM experience genres. We apply our model to a case study and contrast it with the QoE levels obtained using a standard QoE model for DASH

Data Exfiltration:A Review of External Attack Vectors and Countermeasures

AbstractContext One of the main targets of cyber-attacks is data exfiltration, which is the leakage of sensitive or private data to an unauthorized entity. Data exfiltration can be perpetrated by an outsider or an insider of an organization. Given the increasing number of data exfiltration incidents, a large number of data exfiltration countermeasures have been developed. These countermeasures aim to detect, prevent, or investigate exfiltration of sensitive or private data. With the growing interest in data exfiltration, it is important to review data exfiltration attack vectors and countermeasures to support future research in this field. Objective This paper is aimed at identifying and critically analysing data exfiltration attack vectors and countermeasures for reporting the status of the art and determining gaps for future research. Method We have followed a structured process for selecting 108 papers from seven publication databases. Thematic analysis method has been applied to analyse the extracted data from the reviewed papers. Results We have developed a classification of (1) data exfiltration attack vectors used by external attackers and (2) the countermeasures in the face of external attacks. We have mapped the countermeasures to attack vectors. Furthermore, we have explored the applicability of various countermeasures for different states of data (i.e., in use, in transit, or at rest). Conclusion This review has revealed that (a) most of the state of the art is focussed on preventive and detective countermeasures and significant research is required on developing investigative countermeasures that are equally important; (b) Several data exfiltration countermeasures are not able to respond in real-time, which specifies that research efforts need to be invested to enable them to respond in real-time (c) A number of data exfiltration countermeasures do not take privacy and ethical concerns into consideration, which may become an obstacle in their full adoption (d) Existing research is primarily focussed on protecting data in ‘in use’ state, therefore, future research needs to be directed towards securing data in ‘in rest’ and ‘in transit’ states (e) There is no standard or framework for evaluation of data exfiltration countermeasures. We assert the need for developing such an evaluation framework

SmartSantander: IoT experimentation over a smart city testbed

This paper describes the deployment and experimentation architecture of the Internet of Things experimentation facility being deployed at Santander city. The facility is implemented within the SmartSantander project, one of the projects of the Future Internet Research and Experimentation initiative of the European Commission and represents a unique in the world city-scale experimental research facility. Additionally, this facility supports typical applications and services of a smart city. Tangible results are expected to influence the definition and specification of Future Internet architecture design from viewpoints of Internet of Things and Internet of Services. The facility comprises a large number of Internet of Things devices deployed in several urban scenarios which will be federated into a single testbed. In this paper the deployment being carried out at the main location, namely Santander city, is described. Besides presenting the current deployment, in this article the main insights in terms of the architectural design of a large-scale IoT testbed are presented as well. Furthermore, solutions adopted for implementation of the different components addressing the required testbed functionalities are also sketched out. The IoT experimentation facility described in this paper is conceived to provide a suitable platform for large scale experimentation and evaluation of IoT concepts under real-life conditions.This work is funded by research project SmartSantander, under FP7-ICT-2009-5 of the 7th Framework Programme of the European Community. Authors would like to acknowledge the collaboration with the rest of partners within the consortium leading to the results presented in this paper

Manetkit: A Framework for MANET Routing Protocols

Research in MANETs has resulted in the development of numerous and diverse routing protocols. We argue in this paper that this diversity is inherent to the MANET domain and therefore it will be important in future environments to simultaneously support multiple MANET protocols. On this basis, we propose a highly configurable component framework that facilitates the support of multiple MANET protocols and accommodates pluggable protocol functionality. Importantly, the framework also allows protocols to be composed, decomposed and hybridised in a variety of ways to create value-added functionality. In addition, it has coherent support for dynamic reconfiguration which opens the possibility for protocol hybridisation strategies to be safely executed at run-time. The paper outlines the functionality of the framework, illustrates its configurability, and offers a preliminary performance evaluation that demonstrates acceptable overhead

MANETkit: A Framework for MANET Routing Protocols

Research in MANETs has resulted in the development of numerous and diverse routing protocols. We argue in this paper that this diversity is inherent to the MANET domain and therefore it will be important in future environments to simultaneously support multiple MANET protocols. On this basis, we propose a highly configurable component framework that facilitates the support of multiple MANET protocols and accommodates pluggable protocol functionality. Importantly, the framework also allows protocols to be composed, decomposed and hybridised in a variety of ways to create value-added functionality. In addition, it has coherent support for dynamic reconfiguration which opens the possibility for protocol hybridisation strategies to be safely executed at run-time. The paper outlines the functionality of the framework, illustrates its configurability, and offers a preliminary performance evaluation that demonstrates acceptable overhead

Differential QoE in Picture-in-Picture Gaming Videos: A Subjective Study

Video streaming continues to be the largest service delivered on the internet. This includes gaming videos, delivered both on-demand and live, where gaming footage is usually accompanied by a video of the player overlaid on top of the gameplay -- resulting in Picture-In-Picture (PiP) content. Currently, PiP content is usually combined into a single video before being delivered to the client via technologies such as HTTP Adaptive Streaming (HAS). In this study, we investigated the QoE importance of gameplay and player elements in PiP gaming videos by varying the video quality of these elements individually. We conducted a subjective study, testing nine quality permutations based on three quality levels across three pieces of content from different gaming genres, with 30 participants recruited using an ethical crowdsourcing platform. We found that gameplay was significantly more important in terms of overall QoE, while the player element made a difference in only a few cases