Biblio
Information-Centric Networking (ICN) is an emerging networking paradigm that focuses on content distribution and aims at replacing the current IP stack. Implementations of ICN have demonstrated its advantages over IP, in terms of network performance and resource requirements. Because of these advantages, ICN is also considered to be a good network paradigm candidate for the Internet-of-Things (IoT), especially in scenarios involving resource constrained devices. In this paper we propose OnboardICNg, the first secure protocol for on-boarding (authenticating and authorizing) IoT devices in ICN mesh networks. OnboardICNg can securely onboard resource constrained devices into an existing IoT network, outperforming the authentication protocol selected for the ZigBee-IP specification: EAP-PANA, i.e., the Protocol for carrying Authentication for Network Access (PANA) combined with the Extensible Authentication Protocol (EAP). In particular we show that, compared with EAP-PANA, OnboardICNg reduces the communication and energy consumption, by 87% and 66%, respectively.
Several technologies, such as WiFi, Ethernet and power-line communications (PLC), can be used to build residential and enterprise networks. These technologies often co-exist; most networks use WiFi, and buildings are readily equipped with electrical wires that can offer a capacity up to 1 Gbps with PLC. Yet, current networks do not exploit this rich diversity and often operate far below the available capacity. We design, implement, and evaluate EMPoWER, a system that exploits simultaneously several potentially-interfering mediums. It operates at layer 2.5, between the MAC and IP layers, and combines routing (to find multiple concurrent routes) and congestion control (to efficiently balance traffic across the routes). To optimize resource utilization and robustness, both components exploit the heterogeneous nature of the network. They are fair and efficient, and they operate only within the local area network, without affecting remote Internet hosts. We demonstrate the performance gains of EMPoWER, by simulations and experiments on a 22-node testbed. We show that PLC/WiFi, benefiting from the diversity offered by wireless and electrical mediums, provides significant throughput gains (up to 10x) and improves coverage, compared to multi-channel WiFi.
While the potential advantages of geographic forwarding in wireless sensor networks (WSN) have been demonstrated for a while now, research in applying Information Centric Networking (ICN) has only gained momentum in the last few years. In this paper, we bridge these two worlds by proposing an ICN-compliant and secure implementation of geographic forwarding for ICN. We implement as a proof of concept the Greedy Perimeter Stateless Routing (GPSR) algorithm and compare its performance to that of vanilla ICN forwarding. We also evaluate the cost of security in 802.15.4 networks in terms of energy, memory and CPU footprint. We show that in sparse but large networks, GPSR outperforms vanilla ICN forwarding in both memory footprint and CPU consumption. However, GPSR is more energy intensive because of the cost of communications.
Information Centric Networking (ICN) paradigms nicely fit the world of wireless sensors, whose devices have tight constraints. In this poster, we compare two alternative designs for secure association of new IoT devices in existing ICN deployments, which are based on asymmetric and symmetric cryptography respectively. While the security properties of both approaches are equivalent, an interesting trade-off arises between properties of the protocol vs properties of its implementation in current IoT boards. Indeed, while the asymmetric-keys based approach incurs a lower traffic overhead (of about 30%), we find that its implementation is significantly more energy- and time-consuming due to the cost of cryptographic operations (it requires up to 41x more energy and 8x more time).
We consider wireless networks in which the effects of interference are determined by the SINR model. We address the question of structuring distributed communication when stations have very limited individual capabilities. In particular, nodes do not know their geographic coordinates, neighborhoods or even the size n of the network, nor can they sense collisions. Each node is equipped only with its unique name from a range \1, ..., N\. We study the following three settings and distributed algorithms for communication problems in each of them. In the uncoordinated-start case, when one node starts an execution and other nodes are awoken by receiving messages from already awoken nodes, we present a randomized broadcast algorithm which wakes up all the nodes in O(n log2 N) rounds with high probability. In the synchronized-start case, when all the nodes simultaneously start an execution, we give a randomized algorithm that computes a backbone of the network in O(Δ log7 N) rounds with high probability. Finally, in the partly-coordinated-start case, when a number of nodes start an execution together and other nodes are awoken by receiving messages from the already awoken nodes, we develop an algorithm that creates a backbone network in time O(n log2 N + Δ log7 N) with high probability.
The necessity to deploy wireless mesh network is determined by the real world application requirements. WMN does not fit some application well due to latency issues and capacity related problem with paths having more than 2 hops. With the promising IEEE 802.11ac based device a better fairness for multi-hop communications are expected to support broadband application; the rate usually varies according to the link quality and network environment. Careful network planning can effectively improves the throughput and delay of the overall network. We provide model for the placement of router nodes as an optimization process to improve performance. Our aim is to propose a WMNs planning model based on multiobjective constraints like coverage, reliability, and cost of deployment. The bit rate guarantee therefore necessary to limit the number of stations connected to the access point; to takes into account delay and fairness of the network the user's behaviors are derived. We use a multiobjective evolutionary algorithm based metaheuristic to evaluate the performance of our proposed placement algorithm.
Nowadays Wireless Mesh Networks (WMNs) has come up with a promising solution for modern wireless communications. But, one of the major problems with WMN is the mobility of the Mesh Clients (MCs). To offer seamless connectivity to the MCs, their mobility management is necessary. During mobility management one of the major concerns is the communication overhead incurred during handoff of the MCs. For addressing this concern, many schemes have been proposed by the researchers. In this paper, a classification of the existing intra domain mobility management schemes has been presented. The schemes have been numerically analyzed. Finally, their performance has been analyzed and compared with respect to handoff cost considering different mobility rates of the MCs.
Real world wireless networks usually have diverse connectivity characteristics. Although existing works have identified replication as the key to the successful design of routing protocols for these networks, the questions of when the replication should be used, by how much, and how to distribute packet copies are still not satisfactorily answered. In this paper, we investigate the above questions and present the design of the Hybrid Routing Protocol (HRP). We make a key observation that delay correlations can significantly impact performance improvements gained from packet replication. Thus, we propose a novel model to capture the correlations of inter-contact times among a group of nodes. HRP utilizes both direct delays feedback and the proposed model to estimate the replication gain, which is then fed into a novel regret-minimization algorithm to dynamically decide the amount of packet replication under unknown network conditions. We evaluate HRP through extensive simulations. We show that HRP achieves up to 3.5x delivery ratio improvement and up to 50% delay reduction, with comparable and even lower overhead than state-of-art routing protocols.
Various mobile applications require different QoS requirements, thus there is a need to resolve the application requirement into the underlying mesh network to support them. Existing approach to coordinate the application traffic requirement to underlying network has been applied in wired domains. However, it is complex in the wireless domain due to the mobility and diversity of mobile applications. Much interest is focused on resolving application QoS and match request to mesh network link availability. We propose a testbed architecture which allows dynamic configuration of mesh networks and coordination of each flow to support application-aware QoS. Our prototype testbed shows adaptive change in mesh network routing configuration depending on application requests.
In this research paper, we present a function-based methodology to evaluate the resilience of gas pipeline systems under two different cyber-physical attack scenarios. The first attack scenario is the pressure integrity attack on the natural gas high-pressure transmission pipeline. Through simulations, we have analyzed the cyber attacks that propagate from cyber to the gas pipeline physical domain, the time before which the SCADA system should respond to such attacks, and finally, an attack which prevents the response of the system. We have used the combined results of simulations of a wireless mesh network for remote terminal units and of a gas pipeline simulation to measure the shortest Time to Criticality (TTC) parameter; the time for an event to reach the failure state. The second attack scenario describes how a failure of a cyber node controlling power grid functionality propagates from cyber to power to gas pipeline systems. We formulate this problem using a graph-theoretic approach and quantify the resilience of the networks by percentage of connected nodes and the length of the shortest path between them. The results show that parameters such as TTC, power distribution capacity of the power grid nodes and percentage of the type of cyber nodes compromised, regulate the efficiency and resilience of the power and gas networks. The analysis of such attack scenarios helps the gas pipeline system administrators design attack remediation algorithms and improve the response of the system to an attack.
The future of ambient assisted living (AAL) especially eHealthcare almost depends on the smart objects that are part of the Internet of things (IoT). In our AAL scenario, these objects collect and transfer real-time information about the patients to the hospital server with the help of Wireless Mesh Network (WMN). Due to the multi-hop nature of mesh networks, it is possible for an adversary to reroute the network traffic via many denial of service (DoS) attacks, and hence affect the correct functionality of the mesh routing protocol. In this paper, based on a comparative study, we choose the most suitable secure mesh routing protocol for IoT-based AAL applications. Then, we analyze the resilience of this protocol against DoS attacks. Focusing on the hello flooding attack, the protocol is simulated and analyzed in terms of data packet delivery ratio, delay, and throughput. Simulation results show that the chosen protocol is totally resilient against DoS attack and can be one of the best candidates for secure routing in IoT-based AAL applications.
Smart Grid is the trend of next generation power distribution and network management that enable a two -- way interactive communication and operation between consumers and suppliers, so as to achieve intelligent resource management and optimization. The wireless mesh network technology is a promising infrastructure solution to support these smart functionalities, while it has some inherent vulnerabilities and cyber-attack risks to be addressed. As Smart Grid is heavily relying on the underlie communication networks, which makes their security and dependability issues critical to the entire smart grid technology. Several studies have been conducted in the field of Smart Grid security, but few works were focused on the dependability and its associated resource analysis of the control center networks. In this paper, we have investigated the dependability modeling and also resource allocation in redundant communication networks by adopting two mathematical approaches, Reliability Block Diagrams (RBD) and Stochastic Petri Nets (SPNs), to analyze the dependability of control center networks in Smart Grid environment. We have applied our proposed modeling approach in an extensive case study to evaluate the availability of smart gird networks with different redundancy mechanisms. A combination of dependability models and reliability importance are used to analyze the network availability according to the most important components. We also show the variation of network availability in accordance with Mean Time to Failure (MTTF) in different network architectures.
The traditional Kerberos protocol exists some limitations in achieving clock synchronization and storing key, meanwhile, it is vulnerable from password guessing attack and attacks caused by malicious software. In this paper, a new authentication scheme is proposed for wireless mesh network. By utilizing public key encryption techniques, the security of the proposed scheme is enhanced. Besides, timestamp in the traditional protocol is replaced by random numbers to implementation cost. The analysis shows that the improved authentication protocol is fit for wireless Mesh network, which can make identity authentication more secure and efficient.
Practical intrusion detection in Wireless Multihop Networks (WMNs) is a hard challenge. It has been shown that an active-probing-based network intrusion detection system (AP-NIDS) is practical for WMNs. However, understanding its interworking with real networks is still an unexplored challenge. In this paper, we investigate this in practice. We identify the general functional parameters that can be controlled, and by means of extensive experimentation, we tune these parameters and analyze the trade-offs between them, aiming at reducing false positives, overhead, and detection time. The traces we collected help us to understand when and why the active probing fails, and let us present countermeasures to prevent it.
Wireless Mesh Network (WMN) is a promising wireless network architecture having potential of last few miles connectivity. There has been considerable research work carried out on various issues like design, performance, security etc. in WMN. Due to increasing interest in WMN and use of smart devices with bandwidth hungry applications, WMN must be designed with objective of energy efficient communication. Goal of this paper is to summarize importance of energy efficiency in WMN. Various techniques to bring energy efficient solutions have also been reviewed.
This paper presents the relative merits of IR and microwave sensor technology and their combination with wireless camera for the development of a wall mounted wireless intrusion detection system and explain the phases by which the intrusion information are collected and sent to the central control station using wireless mesh network for analysis and processing the collected data. These days every protected zone is facing numerous security threats like trespassing or damaging of important equipments and a lot more. Unwanted intrusion has turned out to be a growing problem which has paved the way for a newer technology which detects intrusion accurately. Almost all organizations have their own conventional arrangement of protecting their zones by constructing high wall, wire fencing, power fencing or employing guard for manual observation. In case of large areas, manually observing the perimeter is not a viable option. To solve this type of problem we have developed a wall-mounted wireless fencing system. In this project I took the responsibility of studying how the different units could be collaborated and how the data collected from them could be further processed with the help of software, which was developed by me. The Intrusion detection system constitutes an important field of application for IR and microwave based wireless sensor network. A state of the art wall-mounted wireless intrusion detection system will detect intrusion automatically, through multi-level detection mechanism (IR, microwave, active RFID & camera) and will generate multi-level alert (buzzer, images, segment illumination, SMS, E-Mail) to notify security officers, owners and also illuminate the particular segment where the intrusion has happened. This system will enable the authority to quickly handle the emergency through identification of the area of incident at once and to take action quickly. IR based perimeter protection is a proven technology. However IR-based intrusion detection system is not a full-proof solution since (1) IR may fail in foggy or dusty weather condition & hence it may generate false alarm. Therefore we amalgamate this technology with Microwave based intrusion detection which can work satisfactorily in foggy weather. Also another significant arena of our proposed system is the Camera-based intrusion detection. Some industries require this feature to capture the snap-shots of the affected location instantly as the intrusion happens. The Intrusion information data are transmitted wirelessly to the control station via multi hop routing (using active RFID or IEEE 802.15.4 protocol). The Control station will receive intrusion information at real time and analyze the data with the help of the Intrusion software. It then sends SMS to the predefined numbers of the respective authority through GSM modem attached with the control station engine.