350 research outputs found
Roaming Real-Time Applications - Mobility Services in IPv6 Networks
Emerging mobility standards within the next generation Internet Protocol,
IPv6, promise to continuously operate devices roaming between IP networks.
Associated with the paradigm of ubiquitous computing and communication, network
technology is on the spot to deliver voice and videoconferencing as a standard
internet solution. However, current roaming procedures are too slow, to remain
seamless for real-time applications. Multicast mobility still waits for a
convincing design. This paper investigates the temporal behaviour of mobile
IPv6 with dedicated focus on topological impacts. Extending the hierarchical
mobile IPv6 approach we suggest protocol improvements for a continuous
handover, which may serve bidirectional multicast communication, as well. Along
this line a multicast mobility concept is introduced as a service for clients
and sources, as they are of dedicated importance in multipoint conferencing
applications. The mechanisms introduced do not rely on assumptions of any
specific multicast routing protocol in use.Comment: 15 pages, 5 figure
Performance Analysis of Multicast Mobility in a Hierarchical Mobile IP Proxy Environment
Mobility support in IPv6 networks is ready for release as an RFC, stimulating
major discussions on improvements to meet real-time communication requirements.
Sprawling hot spots of IP-only wireless networks at the same time await voice
and videoconferencing as standard mobile Internet services, thereby adding the
request for multicast support to real-time mobility. This paper briefly
introduces current approaches for seamless multicast extensions to Mobile IPv6.
Key issues of multicast mobility are discussed. Both analytically and in
simulations comparisons are drawn between handover performance characteristics,
dedicating special focus on the M-HMIPv6 approach.Comment: 11 pages, 7 figure
Uncovering Vulnerable Industrial Control Systems from the Internet Core
Industrial control systems (ICS) are managed remotely with the help of
dedicated protocols that were originally designed to work in walled gardens.
Many of these protocols have been adapted to Internet transport and support
wide-area communication. ICS now exchange insecure traffic on an inter-domain
level, putting at risk not only common critical infrastructure but also the
Internet ecosystem (e.g., DRDoS~attacks).
In this paper, we uncover unprotected inter-domain ICS traffic at two central
Internet vantage points, an IXP and an ISP. This traffic analysis is correlated
with data from honeypots and Internet-wide scans to separate industrial from
non-industrial ICS traffic. We provide an in-depth view on Internet-wide ICS
communication. Our results can be used i) to create precise filters for
potentially harmful non-industrial ICS traffic, and ii) to detect ICS sending
unprotected inter-domain ICS traffic, being vulnerable to eavesdropping and
traffic manipulation attacks
Broadcasting in Prefix Space: P2P Data Dissemination with Predictable Performance
A broadcast mode may augment peer-to-peer overlay networks with an efficient,
scalable data replication function, but may also give rise to a virtual link
layer in VPN-type solutions. We introduce a simple broadcasting mechanism that
operates in the prefix space of distributed hash tables without signaling. This
paper concentrates on the performance analysis of the prefix flooding scheme.
Starting from simple models of recursive -ary trees, we analytically derive
distributions of hop counts and the replication load. Extensive simulation
results are presented further on, based on an implementation within the OverSim
framework. Comparisons are drawn to Scribe, taken as a general reference model
for group communication according to the shared, rendezvous-point-centered
distribution paradigm. The prefix flooding scheme thereby confirmed its widely
predictable performance and consistently outperformed Scribe in all metrics.
Reverse path selection in overlays is identified as a major cause of
performance degradation.Comment: final version for ICIW'0
Backscatter from the Data Plane --- Threats to Stability and Security in Information-Centric Networking
Information-centric networking proposals attract much attention in the
ongoing search for a future communication paradigm of the Internet. Replacing
the host-to-host connectivity by a data-oriented publish/subscribe service
eases content distribution and authentication by concept, while eliminating
threats from unwanted traffic at an end host as are common in today's Internet.
However, current approaches to content routing heavily rely on data-driven
protocol events and thereby introduce a strong coupling of the control to the
data plane in the underlying routing infrastructure. In this paper, threats to
the stability and security of the content distribution system are analyzed in
theory and practical experiments. We derive relations between state resources
and the performance of routers and demonstrate how this coupling can be misused
in practice. We discuss new attack vectors present in its current state of
development, as well as possibilities and limitations to mitigate them.Comment: 15 page
A Lesson in Scaling 6LoWPAN -- Minimal Fragment Forwarding in Lossy Networks
This paper evaluates two forwarding strategies for fragmented datagrams in
the IoT: hop-wise reassembly and a minimal approach to directly forward
fragments. Minimal fragment forwarding is challenged by the lack of forwarding
information at subsequent fragments in 6LoWPAN and thus requires additional
data at nodes. We compared the two approaches in extensive experiments
evaluating reliability, end-to-end latency, and memory consumption. In contrast
to previous work and due to our alternate setup, we obtained different results
and conclusions. Our findings indicate that direct fragment forwarding should
be deployed only with care, since higher packet transmission rates on the
link-layer can significantly reduce its reliability, which in turn can even
further reduce end-to-end latency because of highly increased link-layer
retransmissions.Comment: If you cite this paper, please use the LCN reference: M. S. Lenders,
T. C. Schmidt, M. W\"ahlisch. "A Lesson in Scaling 6LoWPAN - Minimal Fragment
Forwarding in Lossy Networks." in Proc. of IEEE LCN, 201
HoPP: Robust and Resilient Publish-Subscribe for an Information-Centric Internet of Things
This paper revisits NDN deployment in the IoT with a special focus on the
interaction of sensors and actuators. Such scenarios require high
responsiveness and limited control state at the constrained nodes. We argue
that the NDN request-response pattern which prevents data push is vital for IoT
networks. We contribute HoP-and-Pull (HoPP), a robust publish-subscribe scheme
for typical IoT scenarios that targets IoT networks consisting of hundreds of
resource constrained devices at intermittent connectivity. Our approach limits
the FIB tables to a minimum and naturally supports mobility, temporary network
partitioning, data aggregation and near real-time reactivity. We experimentally
evaluate the protocol in a real-world deployment using the IoT-Lab testbed with
varying numbers of constrained devices, each wirelessly interconnected via IEEE
802.15.4 LowPANs. Implementations are built on CCN-lite with RIOT and support
experiments using various single- and multi-hop scenarios
Why We Shouldn't Forget Multicast in Name-oriented Publish/Subscribe
Name-oriented networks introduce the vision of an information-centric,
secure, globally available publish-subscribe infrastructure. Current approaches
concentrate on unicast-based pull mechanisms and thereby fall short in
automatically updating content at receivers. In this paper, we argue that an
inclusion of multicast will grant additional benefits to the network layer,
namely efficient distribution of real-time data, a many-to-many communication
model, and simplified rendezvous processes. These aspects are comprehensively
reflected by a group-oriented naming concept that integrates the various
available group schemes and introduces new use cases. A first draft of this
name-oriented multicast access has been implemented in the HAMcast middleware
Old Wine in New Skins? Revisiting the Software Architecture for IP Network Stacks on Constrained IoT Devices
In this paper, we argue that existing concepts for the design and
implementation of network stacks for constrained devices do not comply with the
requirements of current and upcoming Internet of Things (IoT) use cases. The
IoT requires not only a lightweight but also a modular network stack, based on
standards. We discuss functional and non-functional requirements for the
software architecture of the network stack on constrained IoT devices. Then,
revisiting concepts from the early Internet as well as current implementations,
we propose a future-proof alternative to existing IoT network stack
architectures, and provide an initial evaluation of this proposal based on its
implementation running on top of state-of-the-art IoT operating system and
hardware.Comment: 6 pages, 2 figures and table
The Role of the Internet of Things in Network Resilience
Disasters lead to devastating structural damage not only to buildings and
transport infrastructure, but also to other critical infrastructure, such as
the power grid and communication backbones. Following such an event, the
availability of minimal communication services is however crucial to allow
efficient and coordinated disaster response, to enable timely public
information, or to provide individuals in need with a default mechanism to post
emergency messages. The Internet of Things consists in the massive deployment
of heterogeneous devices, most of which battery-powered, and interconnected via
wireless network interfaces. Typical IoT communication architectures enables
such IoT devices to not only connect to the communication backbone (i.e. the
Internet) using an infrastructure-based wireless network paradigm, but also to
communicate with one another autonomously, without the help of any
infrastructure, using a spontaneous wireless network paradigm. In this paper,
we argue that the vast deployment of IoT-enabled devices could bring benefits
in terms of data network resilience in face of disaster. Leveraging their
spontaneous wireless networking capabilities, IoT devices could enable minimal
communication services (e.g. emergency micro-message delivery) while the
conventional communication infrastructure is out of service. We identify the
main challenges that must be addressed in order to realize this potential in
practice. These challenges concern various technical aspects, including
physical connectivity requirements, network protocol stack enhancements, data
traffic prioritization schemes, as well as social and political aspects
- …