CLC section - Scenarios
1. ERROR CONTROL: PACKET-SIZE OPTIMIZATION
Ch.L. Chen, S.Y.Chen, J.W.Lee, Y.H.Kuo
“ Hierarchical Cross-Layer Fuzzy Control for Compromise of Multiple Objectives in Wireless Mobile Networks ”,
"International Conference On Mobile Technology, Applications, And Systems", Article No. 26, 2008
ResiliNets Keywords: error control, fuzzy logic
Abstract: "Adapting to wireless environment is an important and challenging issue. Optimization methods could fail since a priori finding objectives and constraints requires exact identification of wireless network's behavior which is almost impossible. Rather than using optimization theory, we propose a generic hierarchical cross-layer fuzzy control (HCLFC) model where hierarchical fuzzy control algorithms are mapped into hierarchy of protocol layers. In addition to aggregation of rule implications in an individual controller at a specific layer, aggregation controllers compromise inference results from different layers. We adopt HCLFC for collaboration of physical (PHY) and application (APP) layers where physical layer modulation and application layer packet length adaptation are compromised to meet traffic requirements. Being perfectly compatible to the open systems interconnection (OSI) architecture, the HCLFC is a generic solution to emergent wireless networks. Simulation results demonstrate that HCLFC optimally compromises objectives of different layers in highly uncertain and dynamic network conditions."
Jonathan Stone, Craig Partridge
“ When the CRC and TCP checksum disagree ”,
"SIGCOMM: ACM Special Interest Group on Data Communication", 2000, pp. 309 - 319
ResiliNets Keywords: error control, buggy software, error classes,
Abstract: "Traces of Internet packets from the past two years show that between 1 packet in 1,100 and 1 packet in 32,000 fails the TCP checksum, even on links where link-level CRCs should catch all but 1 in 4 billion errors. For certain situations, the rate of checksum failures can be even higher: in one hour-long test we observed a checksum failure of 1 packet in 400. We investigate why so many errors are observed, when link-level CRCs should catch nearly all of them.We have collected nearly 500,000 packets which failed the TCP or UDP or IP checksum. This dataset shows the Internet has a wide variety of error sources which can not be detected by link-level checks. We describe analysis tools that have identified nearly 100 different error patterns. Categorizing packet errors, we can infer likely causes which explain roughly half the observed errors. The causes span the entire spectrum of a network stack, from memory errors to bugs in TCP.After an analysis we conclude that the checksum will fail to detect errors for roughly 1 in 16 million to 10 billion packets. From our analysis of the cause of errors, we propose simple changes to several protocols which will decrease the rate of undetected error. Even so, the highly non-random distribution of errors strongly suggests some applications should employ application-level checksums or equivalents."
Y. Sankarasubramaniam, I.F. Akyildiz S.W. McLaughlin
“ Energy efficiency based packet size optimization in wireless sensor networks ”,
"IEEE International Workshop on Sensor Network Protocols and Applications", 2003, pp. 1- 8
ResiliNets Keywords: error control, packet-size optimization
Abstract: "This paper addresses the question of optimal packet size for data communication in energy constrained wireless sensor networks. Unlike previous work on packet length optimization in other wired and wireless networks, energy efficiency is chosen as the optimization metric. The use of fixed size packets is proposed in light of the limited resources and management costs in sensor networks. The optimal fixed packet size is then determined for a set of radio and channel parameters by maximizing the energy efficiency metric. Further, the effect of error control on packet size optimization and energy efficiency is examined. While retransmission schemes are found to be energy inefficient, it is shown that forward error correction can improve the energy efficiency eventhough it introduces additional parity bits and encoding/decoding energy consumptions. In this regard, binary BCH codes are found to be 15% more energy efficient than the best performing convolutional codes, which have thus far been considered for error control in sensor networks."
Bert J. Dempsey, Jörg Liebeherr, Alfred C. Weaver
“ On retransmission-based error control for continuous media traffic in packet-switching networks ”,
"PhD thesis, University of Virginia", 1994
ResiliNets Keywords: error control, packet-size optimization
Ahmed Abd El Al, Tarek Saadawi, Myung Lee
“ A Cross-Layer Optimized Error Recovery Mechanism for Real-Time Video in Ad-Hoc Networks ”,
"12th International Conference on Parallel and Distributed Systems", vol.2, 2006, pp. 77 - 82
ResiliNets Keywords: error control, packet-size optimization
Abstract: "The increase in the bandwidth of wireless channels and the computing power of mobile devices increase the interest in video communications over ad-hoc wireless networks. However, the high error rate and the rapidly changing quality of the radio channels can be devastating for the transport of compressed video. In addition, the bounded playout delay for interactive video limits the effectiveness of retransmission-based error control. In this paper, we propose an error recovery mechanism for real-time video that combines forward error correction (FEC), and multi-path retransmission. Based on the sender to receiver route obtained from lower layers, as well as the video data content, the mechanism determines the allocation of error correction code, as well as the retransmission criteria. We evaluated the effectiveness of the mechanism under different network conditions. Simulation results show that the proposed hybrid error recovery mechanism maintains the video quality under different loss rates and mobility speeds, with less overhead compared to error recovery methods that depend only on fixed FEC allocation."
ARuhai Wang, Stephen Horan, Rama Chandrasekaran Su
“ An experimental investigation of cross-layer optimal packet size in space Internet ”,
"International Journal of Satellite Communications and Networking", vol.24, #6, 2006, pp. 561–577
ResiliNets Keywords: error control, packet-size optimization
Abstract: "Studies of optimal packet size determination in space communication can be found in the literature. However, they are done in an analytical manner. In this paper, we present an experimental study of the cross-layer optimal packet size for a Transmission Control Protocol (TCP) Internet Protocol (IP) enhancement, Space Communication Protocol Standards (SCPS), using a personal computer (PC)-based testbed. We study the optimal packet size at the medium access control (MAC) layer considering the cross-layer interactions at the physical layer. We investigate how the cross-layer MAC packet size needs to be adjusted for optimal throughput performance based on the feedback of the bit-error rate (BER), space-link delay and symmetric/asymmetric channel-rate configurations at the physical channel, and find the cross-layer optimal packet size for the maximum throughput over the space-Internet channels. We find that the default TCP/IP packet size of 1500 bytes for the terrestrial Internet should be chosen as the cross-layer MAC packet size for optimal throughput performance over space channels with round-trip time (RTT) around 250 ms and BER⩽10-6. As the channel BER at the physical layer increases, the optimal MAC packet size should be reduced to around 1000 bytes. We also find that it is more significant to have an optimal packet size for asymmetric channel than symmetric channel but the optimal packet size remains the same at a given BER for both channel ratios in our experiment. To our knowledge, this is the first paper to investigate the cross-layer optimal MAC packet size over space-Internet channel in the proposed approach. Copyright © 2006 John Wiley & Sons, Ltd."
“ Optimal MAC packet size in networks without cut-through routing ”,
"International Journal of Satellite Communications and Networking", vol.2, #5, 2003, pp. 901- 910
ResiliNets Keywords: error control, packet-size optimization
Abstract: "This paper presents an analytical method of optimal breaking of a transmission control protocol (TCP)/Internet protocol (IP) message into medium access control (MAC) packets in networks without cut-through routing (such as networks compliant with the IEEE 802.11 wireless local area network standard). The method accounts for the transmission delay of acknowledgement frames, the sliding window flow control in TCP/IP protocol, error control via retransmissions, and heterogeneity of transport parameters (link-to-link and upstream-downstream) along a multihop network path. Mathematically, the problem consists in minimizing the TCP/IP message transaction time, a nonlinear function of the MAC packet size, in the presence of a set of linear restrictions. Throughput calculations illustrating this method are performed using IEEE 802.11 data."
M.C.Vuran, I.F. Akyildiz
“ Cross-layer Packet Size Optimization for Wireless Terrestrial, Underwater, and Underground Sensor Networks ”,
"INFOCOM 2008. The 27th Conference on Computer Communications", 2008, pp. 226-230
ResiliNets Keywords: error control, packet-size optimization
Abstract: "In this paper, a cross-layer solution for packet size optimization in wireless sensor networks (WSN) is introduced such that the effects of multi-hop routing, the broadcast nature of the physical wireless channel, and the effects of error control techniques are captured. A key result of this paper is that contrary to the conventional wireless networks, in wireless sensor networks, longer packets reduce the collision probability. Consequently, an optimization solution is formalized by using three different objective functions, i.e., packet throughput, energy consumption, and resource utilization. Furthermore, the effects of end-to-end latency and reliability constraints are investigated that may be required by a particular application. As a result, a generic, cross-layer optimization framework is developed to determine the optimal packet size in WSN. This framework is further extended to determine the optimal packet size in underwater and underground sensor networks. From this framework, the optimal packet sizes under various network parameters are determined."
M.C. Vuran, I.F. Akyildiz
“ Cross-Layer Analysis of Error Control in Wireless Sensor Networks ”,
"3rd Annual IEEE Communications Society on Sensor and Ad Hoc Communications and Networks", vol. 2, September 2006, pp. 585-594
ResiliNets Keywords: error control, FEC, ARQ
Abstract: "Severe energy constraints and hence the low power communication requirements amplify the significance of the energy efficient and preferably cross-layer error control mechanisms in wireless sensor networks (WSN). In this paper, a cross-layer methodology for the analysis of error control schemes in WSNs is presented such that the effects of multi-hop routing and the broadcast nature of the wireless channel are investigated. More specifically, the cross-layer effects of routing, medium access and physical layers are considered. This analysis enables a comprehensive comparison of forward error correction (FEC) and automatic repeat request (ARQ) in WSNs. FEC schemes improve the error resiliency compared to ARQ. In a multi-hop network, this improvement can be exploited by reducing the transmit power (transmit power control) or by constructing longer hops (hop length extension), which can be achieved through channel-aware routing protocols. The results of our analysis reveal that for certain FEC codes, the hop length extension decreases both the energy consumption and the end-to-end latency subject to a target PER compared to ARQ. Thus, FEC codes can be regarded as an important candidate for delay sensitive traffic in WSNs. On the other hand, transmit power control results in significant savings in energy consumption at the cost of increased latency. Moreover, the cases where ARQ outperforms FEC codes are indicated for various end-to-end distance and target PER values"
R.Takano, Y.Kodama, T.Kudoh, M.Matsuda, Y.Ishikawa, F.Okazaki
“ Realtime Burstiness Measurements ”,
"4th Intl. Workshop on Protocols for Fast Long-Distance Networks", 2006
ResiliNets Keywords: burstiness
Abstract: "Bursty trafﬁc causes excessive queuing delay and packet losses. Many researchers have proposed the modeling of burstiness and burstiness mitigation schemes. However, there is no consensus on a quantitative deﬁnition of bursti- ness. In this paper, burstiness is deﬁned as the queue size of a virtual bottleneck buffer. This deﬁnition is based on the fact that packets are queued when there is a bottleneck, and then the difference between target and service rates is reﬂected in queue length, i.e. the amount of data stored at the buffer before the bottleneck. We design and imple- ment a realtime burstiness measurement method on a fully programmable network testbed, GtrcNET-1. Furthermore, we measure actual trafﬁc on two networks, and we present the relationship between burstiness and the packet loss rate, and the behavior of ﬂow aggregation. The results show the effectiveness of both the deﬁnition and our measurement method. "
2. CONGESTION CONTROL:
3. FLOW CONTROL:
1. UNIT CHALLENGED: SINGLE LINK FAILURE, DUAL LINK FAILURE
2. REGION CHALLENGED: WORMHOLE ATTACKS (blackhole, jellyfish, rush, dos attacks)
Vertical and horizontal approach
1. REGION CHALLENGED: JAMMING, WORMHOLE ATTACKS
DIVERSE MULTI-PATH ROUTING
2. XSS BOOTNET in the application layer, consequence is a HTML flood or another type of flood in the network layer (syn, icm, ping flood)
In-bound versus out-bound
End-to-end versus hop-by-hop
S. S. Kunniyur and R. Srikant
“ End-To-End Congestion Control: Utility Functions, Random Losses and ECN Marks ”,
"IEEE/ACM Transactions on Networking", vol.11, #5: October 2003, pp. 689- 702
ResiliNets Keywords: ' end-to-end, congestion control
Abstract: "We present a framework for designing end-to-end congestion control schemes in a network where each user may have a diﬀerent utility function and may experience non-congestion-related losses. We ﬁrst show that there exists an additive increase-multiplicative decrease scheme using only end-to-end measurable losses such that a socially-optimal solution can be reached. We incorporate round-trip delay in this model, and show that one can generalize observations regarding TCP-type congestion avoidance to more general window ﬂow control schemes. We then consider explicit congestion notiﬁcation (ECN) as an alternate mechanism (instead of losses) for signaling congestion and show that ECN marking levels can be designed to nearly eliminate losses in the network by choosing the marking level independently for each node in the network. While the ECN marking level at each node may depend on the number of ﬂows through the node, the appropriate marking level can be estimated using only aggregate ﬂow measurements, i.e., per-ﬂow measurements are not required. "
Y. Yi and S. Shakkottai
“ Hop-by-hop Congestion Control over a Wireless Multi-hop Network ”,
"IEEE/ACM Transactions on Networking", vol.15, February 2007, pp. 133 – 144
ResiliNets Keywords: ' hop-by-hop, congestion control
Abstract: "This paper focuses on congestion control over multihop, wireless networks. In a wireless network, an important constraint that arises is that due to the MAC (Media Access Control) layer. Many wireless MACs use a time-division strategy for channel access, where, at any point in space, the physical channel can be accessed by a single user at each instant of time. In this paper, we develop a fair hop-by-hop congestion control algorithm with the MAC constraint being imposed in the form of a channel access time constraint, using an optimization based framework. In the absence of delay, we show that this algorithm are globally stable using a Lyapunov function based approach. Next, in the presence of delay, we show that the hop-by-hop control algorithm has the property of spatial spreading. In other words, focused loads at a particular spatial location in the network get “smoothed ” over space. We derive bounds on the “peak load ” at a node, both with hop-by-hop control, as well as with end-to-end control, show that significant gains are to be had with the hop-by-hop scheme, and validate the analytical results with simulation."
J. He, X. Fu, Z. Tang, H.H. Chen
“ End-to-End versus Hop-by-Hop State Refresh in Soft State Signaling Protocols ”,
"IEEE Communications Letters", vol.13, #4: April 2009, pp. 268-270
ResiliNets Keywords: ' end-to-end, hop-by-hop, siganling
Abstract: "The concept of soft state (i.e., the state that will expire unless been refreshed) has been widely used in the design of network signaling protocols. The approaches of refreshing state in multi-hop networks can be classiﬁed to end-to-end (E2E) and hop-by-hop (HbH) refreshes. In this article we propose an effective Markov chain based analytical model for both E2E and HbH refresh approaches. Simulations verify the analytical models, which can be used to study the impacts of link char- acteristics on the performance (e.g., state synchronization and message overhead), as a guide on conﬁgurationandoptimizationof soft state signaling protocols. heterogeneous network environments. The analytical model can be used to guide the design and optimization of soft state signaling protocols."
Open versus close control loop
Baruch Awerbuch , Reza Curtmola , David Holmer , Cristina Nita-Rotaru , Herbert Rubens
“ Mitigating Byzantine Attacks in Ad Hoc Wireless Networks ”,
"Department of Computer Science, Johns Hopkins University, Technical report", 2004
ResiliNets Keywords: ' routing, byzantine attacks, adhoc
Abstract: "Attacks where adversaries have full control of a number of authenticated devices and behave arbitrarily to disrupt the network are referred to as Byzantine attacks. Traditional secure routing protocols are vulnerable to this class of attacks since they usually assume that once authenticated, a node can be trusted to execute the protocol correctly. We present a detailed description of several Byzantine attacks (black hole, flood rushing, wormhole and overlay network wormhole), analyze their mechanisms and describe the major mitigation techniques. Through simulation, we perform a quantitative evaluation of the impact of these attacks on an insecure on-demand routing protocol. The relative strength of the attacks is analyzed in terms of the magnitude of disruption caused per adversary. An implementation of the On-Demand Secure Byzantine Routing protocol (ODSBR) was created in order to quantify its ability to mitigate the considered attacks. ODSBR was chosen because its design addresses a wide range of Byzantine attacks."
Baruch Awerbuch , David Holmer, Cristina Nita-Rotaru, Herbert Rubens
“ An on-demand secure routing protocol resilient to byzantine failures ”,
"Workshop on Wireless Security", 2002, pp. 21 - 30
ResiliNets Keywords: ' scenario
Abstract: "An ad hoc wireless network is an autonomous self-organizing system ofmobile nodes connected by wireless links where nodes not in directrange can communicate via intermediate nodes. A common technique usedin routing protocols for ad hoc wireless networks is to establish therouting paths on-demand, as opposed to continually maintaining acomplete routing table. A significant concern in routing is theability to function in the presence of byzantine failures whichinclude nodes that drop, modify, or mis-route packets in an attempt todisrupt the routing service.We propose an on-demand routing protocol for ad hoc wireless networks that provides resilience to byzantine failures caused by individual or colluding nodes. Our adaptive probing technique detects a malicious link after log n faults have occurred, where n is the length of the path. These links are then avoided by multiplicatively increasing their weights and by using an on-demand route discovery protocol that finds a least weight path to the destination."
Kvalbein, A. Hansen, A. F. Cicic, T. Gjessing, S. Lysne, O.
“ Fast IP Network Recovery Using Multiple Routing Configurations ”,
" IEEE International Conference on Computer Communications", April 2006, pp. 1-11
ResiliNets Keywords: ' scenario
Abstract: " As the Internet takes an increasingly central role in our communications infrastructure, the slow convergence of routing protocols after a network failure becomes a growing problem. To assure fast recovery from link and node failures in IP networks, we present a new recovery scheme called Multiple Routing Conﬁgurations (MRC). MRC is based on keeping additional routing information in the routers, and allows packet forwarding to continue on an alternative output link immediately after the detection of a failure. Our proposed scheme guarantees recovery in all single failure scenarios, using a single mechanism to handle both link and node failures, and without knowing the root cause of the failure. MRC is strictly connectionless, and assumes only destination based hop-by-hop forwarding. It can be implemented with only minor changes to existing solutions. In this paper we present MRC, and analyze its performance with respect to scalability, backup path lengths, and load distribution after a failure."
Imad Aad , Jean-Pierre Hubaux , Edward W. Knightly
“ Denial of Service Resilience in Ad Hoc Networks ”,
"International Conference on Mobile Computing and Networking",2004 , pp. 202 - 215
ResiliNets Keywords: ' vertical and horizontal approach, jellyfish attack, balckhole attack, resilience, ad-hoc networks
Abstract: "Significant progress has been made towards making ad hoc networks secure and DoS resilient. However, little attention has been focused on quantifying DoS resilience: Do ad hoc networks have sufficiently redundant paths and counter-DoS mechanisms to make DoS attacks largely ineffective? Or are there attack and system factors that can lead to devastating effects? In this paper, we design and study DoS attacks in order to assess the damage that difficultto -detect attackers can cause. The first attack we study, called the JellyFish attack, is targeted against closed-loop flows such as TCP; although protocol compliant, it has devastating effects. The second is the Black Hole attack, which has effects similar to the JellyFish, but on open-loop flows. We quantify via simulations and analytical modeling the scalability of DoS attacks as a function of key performance parameters such as mobility, system size, node density, and counter-DoS strategy. One perhaps surprising result is that such DoS attacks can increase the capacity of ad hoc networks, as they starve multi-hop flows and only allow one-hop communication, a capacity-maximizing, yet clearly undesirable situation."
A. Wood, J. A. Stankovic
“ Denial of Service in Sensor Networks ”,
"IEEE Computer", vol. 35, #10, October 2002, pp. 54-62
ResiliNets Keywords: ' cross-layer control, dos attacks, taxonomy, scenarios
Abstract: "Sensor networks hold the promise off acilitating large-scale, real-time data processing in complex environments, environments, helping to protect and monitor military, environmental, safety-critical, or domestic infrastructures and resources. Denial-of-service attacks against such networks, however, may permit real world damage to public health and safety. Without proper security mechanisms, networks will be confined to limited, controlled environments, negating much of the promise they hold. The limited ability ofindividual sensor nodes to thwart failure or attack makes ensuring network availability more difficult.To identify denial-of-service vulnerabilities, the authors analyzed two effective sensor network protocols that did not initially consider security. These examples demonstrate that consideration of security at design time is the best way to ensure successful network deployment."
Yih-Chun Hu , Adrian Perrig
“ A Survey of Secure Wireless Ad Hoc Routing ”,
"IEEE Security and Privacy", May 2004, vol. 2, #3, pp. 28 - 39
ResiliNets Keywords: ' survey, malicious attacks (blackhole, jellyfish, wormhole, rushing, sybil stealth attacks), adhoc
Abstract: "Ad hoc networks use mobile nodes to enable communication outside wireless transmission range. Attacks on ad hoc network routing protocols disrupt network performance and reliability. The authors survey the state of research and its challenges in this field. "
T. Peng, C. Leckie and R. Kotagiri
“ Survey of network-based defense mechanisms countering the DoS and DDoS problems ”,
"ACM Comput. Surv. 39", April 2007, pp. 1-10
ResiliNets Keywords: ' ddos/dos attacks, survey
Abstract: " This article presents a survey of denial of service attacks and the methods that have been proposed for defense against these attacks. In this survey, we analyze the design decisions in the Internet that have created the potential for denial of service attacks. We review the state-of-art mechanisms for defending against denial of service attacks, compare the strengths and weaknesses of each proposal, and discuss potential countermea- sures against each defense mechanism. We conclude by highlighting opportunities for an integrated solution to solve the problem of distributed denial of service attacks. "
Sid Stamm, Zulfikar Ramzan, and Markus Jakobsson
“ Drive-by Pharming ”,
" Information and Communications Security, 9th International Conference", December 2007, pp. 495-506
ResiliNets Keywords: ' xss vulnerabilities
Note: ' malicious attacks in application layer which can affect lower protocol layers
Qing Zhang, Ting Yu, Peng Ning
“ A Framework for Identifying Compromised Nodes in Sensor Networks ”,
"Securecomm and Workshops", August 2006, pp. 1-10
ResiliNets Keywords: ' case study
Abstract: "Sensor networks are often subject to physical attacks. Once a node's cryptographic key is compromised, an attacker may completely impersonate it, and introduce arbitrary false information into the network. Basic cryptographic security mechanisms are often not effective in this situation. Most techniques to address this problem focus on detecting and tolerating false information introduced by compromised nodes. They cannot pinpoint exactly where the false information is introduced and who is responsible for it. We still lack effective techniques to accurately identify compromised nodes so that they can be excluded from a sensor network once and for all. In this paper, we propose an application-independent framework for identifying compromised sensor nodes. The framework provides an appropriate abstraction of application-specific detection mechanisms, and models the unique properties of sensor networks. Based on the framework, we develop alert reasoning algorithms to identify compromised nodes. The algorithm assumes that compromised nodes may collude at will. We show that our algorithm is optimal in the sense that it identifies the largest number of compromised nodes without introducing false positives. We evaluate the effectiveness of the designed algorithm through comprehensive experiments "
Pietro Michiardi , Refik Molva
“ CORE: A Collaborative Reputation Mechanism to enforce node cooperation in Mobile Ad hoc Networks ”,
"Institut Eurécom, France, Research Report NRR-02-062", 2001
ResiliNets Keywords: ' support mechanisms
Abstract: "Countermeasures for node misbehavior and selfishness are mandatory requirements in MANET. Selfishness that causes lack of node activity cannot be solved by classical security means that aim at verifying the correctness and integrity of an operation. We suggest a generic mechanism based on reputation to enforce cooperation among the nodes of a MANET to prevent selfish behavior. Each network entity keeps track of other entities' collaboration using a technique called reputation. The reputation is calculated based on various types of information on each entity's rate of collaboration. Since there is no incentive for a node to maliciously spread negative information about other nodes, simple denial of service attacks using the collaboration technique itself are prevented. The generic mechanism can be smoothly extended to basic network functions with little impact on existing protocols."
Jiejun Kong, Xiaoyan Hong , Mario Gerla
“ Modeling Ad-hoc rushing attack in a negligibility-based security framework ”,
" 5th ACM workshop on Wireless security", 2006, pp. 55 - 64
ResiliNets Keywords: ' routing, formalizing rushing attack, formal notion, scenario
Abstract: "In this paper, we propose a formal notion of network security for ad hoc networks. We adopt a probabilistic security framework, that is, security is defined by a polynomially bounded adversary model, the cost of attack and the cost of defense. In a complex and probabilistic system, we speak of the "infeasibility" of breaking the security system rather than the "impossibility" of breaking the same system. Security is defined on the concept of "negligible", which is asymptotically sub-polynomial with respect to a pre-defined system parameter x. Intuitively, the parameter x in cryptography is the key length n. We apply the same bounds in ad hoc network security research, but in regard to scalability from now on. We propose an RP (n-runs) complexity class with a global virtual god oracle (GVG) to model a general class of network protocols. In GVG-RP (n-runs) class, the network scale (i.e., number of network members) N replaces the role of key length n in cryptography. From our formal rigorous treatment, we show that "rushing attack" is a severe attack that can reduce the success probability of common ad hoc routing schemes to negligible.Fortunately, countermeasures can be devised to answer this challenge. (1) Common network protocols are not designed to ensure that probability of security failure is negligible. In such designs, the system's security is not related to scalability. There is no asymptotic security guarantee in the network design; (2) We seek to devise security schemes to ensure that the probability of security failure is negligible in regard to network scale. In Theorem 2, we present an asymptotic invariant for scalable networks: "a polynomial-time network algorithm that ensures negligible probability of security failure at each step would stay in the state of ensuring negligible probability of security failure globally". This invariant demonstrates the existence of asymptotic security guarantee in ad hoc networks. It leads to the design of community-based secure routing to defend against rushing attacks. Nevertheless, it is unknown to us whether the ideal invariant can be practically implemented. "
K. Bian, Jung-Min Park Ruiliang Chen
“ Stasis Trap: Cross-Layer Stealthy Attacks in Wireless Ad Hoc Networks ”,
"IEEE Global Telecommunications Conference", December 2006, pp. 1-5
ResiliNets Keywords: ' cross-layer control, malicious attack, scenario
Abstract: "Denial-of-Service (DoS) attacks pose a major threat to the availability of wireless ad hoc networks. Fault tolerant operation of wireless ad hoc networks will depend on the placement of DoS countermeasures in sufficiently robust form. In this paper, we describe a novel type of DoS attack called the Stasis Trap attack, and propose a technique for detecting such an attack. Stasis Trap attack has two distinguishing characteristics-it has a cross-layer design, and is stealthy. The Stasis Trap attack has a cross-layer design in that it is launched from the MAC layer but its aim is to degrade the end-to-end throughput of flows at the transport layer by exploiting TCP's congestion-control mechanism. Specifically, an adversary launches a Stasis Trap attack against neighboring nodes by periodically preempting the wireless channel in order to cause large variations in the round trip time (RTT) of TCP flows. Channel preemptions are carried out by manipulating the back-off mechanism of the Distributed Coordinating Function of the 802.11 MAC protocol. The periodic preemptions induce large RTT variations in the TCP flows that are within the transmission range of the adversary. This in turn causes a significant drop in the throughput of those flows, thereby creating a "stasis trap" around the adversary that entangles TCP flows. The aforementioned attack severely degrades end-to-end throughput but has very little effect on MAC-layer throughput, and hence it is very hard to detect at the MAC layer, which is its point of attack. In this sense, this attack is stealthy. To detect the Stasis Trap attack, we propose a minimax robust decentralized detection framework with robust hypothesis testing."
Amund Kvalbein, Audun Fosselie Hansen, Tarik Čičic, Stein Gjessing, Olav Lysne
“ Multiple routing configurations for fast IP network recovery ”,
" IEEE/ACM Transactions on Networking" , vol.7, #2, April 2009, pp. 473-486
ResiliNets Keywords: ' scenario
Abstract: "As the Internet takes an increasingly central role in our communications infrastructure, the slow convergence of routing protocols after a network failure becomes a growing problem. To assure fast recovery from link and node failures in IP networks, we present a new recovery scheme called Multiple Routing Configurations (MRC). Our proposed scheme guarantees recovery in all single failure scenarios, using a single mechanism to handle both link and node failures, and without knowing the root cause of the failure. MRC is strictly connectionless, and assumes only destination based hop-by-hop forwarding. MRC is based on keeping additional routing information in the routers, and allows packet forwarding to continue on an alternative output link immediately after the detection of a failure. It can be implemented with only minor changes to existing solutions. In this paper we present MRC, and analyze its performance with respect to scalability, backup path lengths, and load distribution after a failure. We also show how an estimate of the traffic demands in the network can be used to improve the distribution of the recovered traffic, and thus reduce the chances of congestion when MRC is used. "
S. Kini, S. Ramasubramanian, A. Kvalbein, A. F. Hansen
“ Fast Recovery from Dual Link Failures in IP Networks ”,
" In Proceedings of IEEE INFOCOM, Brasil" , April 2009, pp. 1368-1376
ResiliNets Keywords: ' scenario
Abstract: "This paper develops a novel mechanism for recover- ing from dual link failures in IP networks. The highlight of the developed routing approach is that a node re-routes a packet around the failed link without the knowledge of the second link failure. The proposed technique requires three protection addresses for every node, in addition to the normal address. Associated with every protection address of a node is a protection graph. Each link connected to the node is removed in at least one of protection graphs and every protection graph is guaranteed to be two-edge connected. The network recovers from the ﬁrst failure by tunneling the packet to the next-hop node using one of the protection addresses of the next-hop node; and the packet is routed over the protection graph corresponding to that protection address. We prove that it is sufﬁcient to provide up to three protection addresses per node to tolerate any arbitrary two link failures in a three-edge connected graph. We evaluate the effectiveness of the proposed technique over several network topologies. "
Steven M. Bellovin and Emden R. Gansner
“ Using Link Cuts to Attack Internet Routing ”,
"Tech. Rep., ATT Research", 2004
ResiliNets Keywords: ' malicious attacks
Abstract: "traffic past an enemy-controlled point for purposes of eavesdropping or connection-hijacking, have long been known. In principle, at least, these attacks can be countered by use of appropriate authentication techniques. We demonstrate a new attack, based on link-cutting, that cannot be countered in this fashion. Armed with a topology map and a list of already-compromised links and routers, an attacker can calculate which links to disable, in order to force selected traffic to pass the compromised elements. The calculations necessary to launch this attack are quite efficient; in our implementation, most runs took less than half a second, on databases of several hundred nodes. We also suggest a number of work-arounds, including one based on using intrusion detection systems to modify routing metrics."
G.Thamilarasu, R. Sridhar
“ Toward Building a Multi-level Robust Intrusion Detection Architecture for Distributed Mobile Networks ”,
"Proceedings of the 27th International Conference on Distributed Computing Systems Workshops", 2007, p. 7
ResiliNets Keywords: cross-layer control, security, scenarios
Abstract: "A robust intrusion detection architecture for a distributed wireless mobile network is of significant importance as it is necessary to secure these networks against malicious attacks and sustain availability of services to various applications. In this paper, we examine the limitations of a layered approach to security in mobile networks. We consider a detection framework that encompasses multiple layers of the node's protocol stack using cross-layer communications. We discuss the functional advantages of the parameter interactions in intrusion detection, with regard to a few parameters. We present the metrics that characterize an efficient detection system and analyze the benefits of a multi-level intrusion detection architecture."
A. Kvalbein, C. Dovrolis, C. Muthus
“Multipath load-adaptive routing: putting the emphasis on robustness and simplicity”,
"In Proceedings ICNP 2009"
ResiliNets Keywords: congestion control, resilience
Abstract: "We propose a routing and load-balancing approach with the primary goal of being robust to sudden topological changes and significant traffic matrix variations. The proposed method load-balances traffic over several routes in an adaptive way based on its local view of the load in the network. The focus is on robustness and simplicity, rather than optimality, and so it does not rely on a given traffic matrix, nor it is tuned to a specific topology. Instead, we aim to achieve a satisfactory routing under a wide range of traffic and topology scenarios based on each node's independent operation. The scheme avoids the instability risks of previous load-responsive routing schemes, it does not load the control plane with congestion-related signaling, and it can be implemented on top of existing routing protocols. In this paper, we present the proposed scheme, discuss how it aims to meet the objectives of robustness and load-responsiveness, and evaluate its performance under diverse traffic loads and topological changes with flow-level simulations."
Methfessel, M. Dombrowski, K.F. Langendorfer, P. Frankenfeldt, H. Babanskaja, I. Matthaei, I. Kraemer, R.
“ Vertical optimization of data transmission for mobile wireless terminals ”,
"IEEE Wireless Communications", vol.9, #6, Dec. 2002, pp. 36- 43
ResiliNets Keywords: ' vertical approach, mac level retransmission, tcp retransmission, cross-layer control
Abstract: "A major problem for TCP connections over wireless links is that errors introduced by the wireless channel interfere with the TCP protocol, leading to reduced data rates and power wastage. Based on accurate simulations for the TCP and IEEE 802.11 MAC protocols, we discuss recipes to optimize transmission. It is argued that the best approach is to restrict modifications to the mobile device. While this requires separate solutions for the uplink and downlink, the results of optimization are then available when roaming into any WLAN obeying the relevant MAC protocol. Simulation results show that the combination of specific strategies with a vertical interaction between the protocol layers can lead to the required improvements, giving a promising approach to enhance the performance of wireless mobile terminals."
J. Xia, L. Gao, T. Fei
“ Flooding Attacks by Exploiting Persistent Forwarding Loops ”,
"Internet Measurement Conference 2005", 2005, pp. 385–390
ResiliNets Keywords: ' dos attacks
Abstract: "In this paper, we present flooding attacks that exploit routing anomalies in the Internet. In particular, we focus on routing anomalies introduced by persistent forwarding loops. Persistent forwarding loops may share one or more links with forwarding paths to reachable addresses. An attacker can exploit persistent forwarding loops to overload the shared links to disrupt the Internet connectivity to those reachable addresses. To understand the extent of this vulnerability, we perform extensive measurements to systematically study persistent forwarding loops and the number of network addresses that can be affected. We find that persistent forwarding loops do exist in the current Internet. About .2% of routable addresses experience persistent forwarding loops and .21% of routable addresses can be attacked by exploiting persistent forwarding loops. In addition, 85.16% of the persistent forwarding loops appear within destination domains and they can be observed from various locations, which makes it possible to launch attacks from many vantage points. We also find that most persistent forwarding loops are just two hops long, which enables an attacker to amplify traffic to persistent forwarding loops significantly. To the best of our knowledge, this is the first study of exploiting the vulnerability of persistent forwarding loops to launch DDoS attacks. "
M. Shao, S. Zhu, G. Cao, T.L. Porta, P. Mohapatra
“ A Cross-layer Dropping Attack in Video Streaming over Ad Hoc Networks ”,
"Proceedings of the 4th international conference on Security and privacy in communication networks", Article n. 28, 2008
ResiliNets Keywords: ' horizontal approach, dos attack, cross-layer control
Abstract: "Significant progress has been made to achieve video streaming over wireless ad hoc networks. However, there is not much work on providing security. Is existing security solution good enough for securing video streaming over ad hoc networks? In this paper, we discover a cross-layer dropping attack against video streaming. We first identify a general IP layer dropping attack and then reveal its destructive impact by leveraging the application layer information (e.g., video streaming). Through simulations, we quantify the impact of this attack as a function of several performance parameters such as delivery ratio, hop number and the number of attackers. The surprising result with this attack is that with a 94% delivery ratio, the receiver still cannot watch the video! We also propose several possible solutions to address the dropping attacks. Due to the unique characteristics of this attack, as long as malicious nodes exist, the network will suffer from this dropping attack. "
G.Thamilarasu, S. Mishra R. Sridhar
“ A Cross-layer Approach to Detect Jamming Attacks in Wireless Ad hoc Networks ”,
"IEEE Military Communications Conference, 2006", October 2006, pp. 1-7
ResiliNets Keywords: ' vertical and horizontal approach, dos attack, cross-layer control
Abstract: "Building an efficient intrusion detection system (IDS) is a challenging task in wireless ad hoc networks due to the resource constraints and lack of a centralized control. In this work, we present a decentralized monitor-based IDS for detecting jamming type denial of service (DoS) attacks at the lower layers of the protocol stack. The varying channel and network dynamics in ad hoc networks can impair service similar to a jamming scenario, resulting in false positives on intrusion detections. To this end, we incorporate a cross-layer design in our IDS to differentiate the malicious jamming behavior from genuine network failures. We validate our design through simulation, and establish the effectiveness of the model. From the simulation results, we observe a significant improvement in the accuracy of detection and lower false positives"
Jing Deng, Zhiguo Zhang S. Pagadala, P.K. Varshney
“ Protecting MANETs from Spurious CTS Attacks with Randomized Carrier Sensing ”,
"IEEE Sarnoff Symposium", April 2008, pp. 1-5
ResiliNets Keywords: ' horizontal approach, mac layer, malicious attacks, cross-layer control
Abstract: "The request-to-send and clear-to-send (RTS/CTS) exchange has been used in mobile ad-hoc networks (MANETs) to alleviate the hidden and exposed terminal problems. In such an exchange, the so-called network allocation vector (NAV) indicates the current and future state of the channel. Unfortunately, this technique may suffer from virtual jamming by malicious nodes in the network. For example, malicious nodes may send periodic Spurious CTS (SCTS) packets with the sole purpose of forcing other nodes to update their NAV values and preventing them from using the channel. In this paper, we investigate the effect of such SCTS attacks and propose a solution, termed carrier sensing based discarding (CSD). The CSD scheme serves as an add-on to the original RTS/CTS-based medium access control schemes such as IEEE 802.11 DCF MAC. We further demonstrate the performance of our proposed scheme through analysis and the ns2 simulator."
J. Eriksson, S. V. Krishnamurthy, M. Faloutsos
“ TrueLink: A Practical Countermeasure to the Wormhole Attack in Wireless Networks ”,
"ICNP '06. Proceedings of the 2006 14th IEEE International Conference", 2006, pp. 75-84
ResiliNets Keywords: ' horizontal approach, routing, hop-by-hop, wormhole attack, cross-layer control
Abstract: "In a wormhole attack, wireless transmissions are recorded at one location and replayed at another, creating a virtual link under attacker control. Proposed countermeasures to this attack use tight clock synchronization, specialized hardware, or overhearing, making them difficult to realize in practice. TrueLink is a timing based countermeasure to the wormhole attack. Using TrueLink, a node i can verify the existence of a direct link to an apparent neighbor, j. Verification of a link i ¿ j operates in two phases. In the rendezvous phase, the nodes exchange nonces ¿j and ßi. This is done with tight timing constraints, within which it is impossible for attackers to forward the exchange between distant nodes. In the authentication phase, i and j transmit a signed message (¿j, ßi), mutually authenticating themselves as the originator of their respective nonce. TrueLink does not rely on precise clock synchronization, GPS coordinates, overhearing, geometric inconsistencies, or statistical methods. It can be implemented using only standard IEEE 802.11 hardware with a minor backwards compatible firmware update. TrueLink is meant to be used together with a secure routing protocol. Such protocols require an authentication mechanism, which will also be used by TrueLink. TrueLink is virtually independent of the routing protocol used. Our performance evaluation shows that TrueLink provides effective protection against potentially devastating wormhole attacks."
“ Increasing the DoS attack resiliency in military ad hoc networks ”,
"ICNP '06. Proceedings of the 2006 14th IEEE International Conference", vol. 4, October 2005, pp. 2282-2288
ResiliNets Keywords: ' vertical approach,routing, range attacks, cross-layer control
Abstract: "This paper investigates resiliency of three ad hoc routing protocols against the range attack. This denial of service (DoS) attack has not been described in the literature before. It is based on modifying the transmission range of a wireless node periodically which causes continuous changes in the topology of an ad hoc network. The range attack does not require a node to be compromised. An enemy only has to get close enough to a node to attenuate or amplify radio signal. The research methodology is based on using the ns-2 network simulator to analyze the transmission delay in a small ad hoc network. An enemy uses one of the nodes to carry out the range attack. The following ad hoc routing protocols were compared: the destination-sequenced distance-vector (DSDV), the ad hoc on-demand distance-vector (AODV), and the dynamic source routing (DSR) protocols. According to the simulation results, DSDV provides the best resiliency against the range attack when the primary application requires a very short transmission delay less or equal to 0.1 seconds. When the primary application tolerates delays up to 2 seconds, AODV provides the best resiliency against the range attack. Defense mechanisms are thus situation dependent. A control system is required to change defense mechanisms, if application requirements change"
E. Kissel and J. Mirkovic
“ Comparative Evaluation of Spoofing Defenses ”,
"USC/ISI technical report number ISI-TR-655", January 2009
ResiliNets Keywords: ' horizontal approach, ip spoofing,
Abstract: "IP spooﬁng exacerbates many security threats. While many contemporary attacks do not exploit spooﬁng, a large num- ber still do — thus eliminating or reducing spooﬁng would greatly enhance Internet security. Seven spooﬁng defenses have been proposed to date; three defenses are designed for end-network deployment, while four assume some collabo- ration with core routers for packet marking or ﬁltering. Be- cause each defense has been evaluated in a unique setting, the following important questions remain unanswered: (1) can end networks eﬀectively protect themselves or is core support necessary, (2) which defense performs best assum- ing sparse deployment, (3) how to select core deployment points to achieve best protection at lowest cost. This paper answers the above questions by: (1) formaliz- ing the problem of spoofed traﬃc ﬁltering and deﬁning novel eﬀectiveness measures, (2) observing each defense as selﬁsh (it helps its participants) or altruistic (it helps everyone) and specifying diﬀerent performance goals for each type, (3) deﬁning optimal core deployment points for defenses that need core support, and (4) evaluating all defenses in a com- mon and realistic setting. Our results oﬀer valuable insights into advantages and limitations of the proposed defenses, and uncover the relationship between any spooﬁng defense’s performance and the Internet topology features. "
Xin Hu, Z.M. Mao
“ Accurate Real-time Identification of IP Prefix Hijacking ”,
"IEEE Symposium on Security and Privacy", 2007, pp. 3-17
ResiliNets Keywords: ' horizontal approach, ip spoofing
Abstract: "We present novel and practical techniques to accurately detect IP prefix hijacking attacks in real time to facilitate mitigation. Attacks may hijack victim's address space to disrupt network services or perpetrate malicious activities such as spamming and DoS attacks without disclosing identity. We propose novel ways to significantly improve the detection accuracy by combining analysis of passively collected BGP routing updates with data plane ingerprints of suspicious prefixes. The key insight is to use data plane information in the form of edge network ingerprinting to disambiguate suspect IP hijacking incidences based on routing anomaly detection. Conflicts in data plane ingerprints provide much more definitive evidence of successful IP pre- fix hijacking. Utilizing multiple real-time BGP feeds, we demonstrate the ability of our system to distinguish between legitimate routing changes and actual attacks. Strong correlation with addresses that originate spam emails from a spam honeypot confirms the accuracy of our techniques."
Ch.H. Wang, Y.Ch. Chiang
“ Multi-layer traceback under the hierarchical tracers development ”,
"Proceedings of the 22nd International Conference on Advanced Information Networking and Applications - workshop", March 2008, pp. 590-595
ResiliNets Keywords: ' horizontal approach, cross-layer cluster control
Abstract: "The enhanced routers which can provide tracing service are referred to as tracers. In this paper, we propose a new hierarchical tracers deployment which can guarantee that the distance between any attack origin and its first met tracer be within an assigned hop distance. Networks are partitioned into hierarchical areas which are surrounded by tracers. Based on hierarchical tracers deployment, we design a multi-layer traceback method which can guarantee to find all of attack origins. Packets are marked only by their first met tracer in low probability. A single marked packet can be used to locate where the area attack origin is from. If the number of nodes in the found area is more than a threshold, the proposed multi-layer traceback will be recursively executed till attack origins are found. Extended simulation shows that the searching cost of finding attack origins can be bounded."
Jae-Hyun Kim,Seog-Gyu Kim, Jai-Yong Lee
“ A Fast Resilient Routing Protocol with Energy Efficiency for Wireless Sensor Networks ”,
"The Joint International Conference on Optical Internet and Next Generation Network", July 2006, pp. 291-294
ResiliNets Keywords: ' horizontal approach, cross-layer control
Abstract: "Generally, single path routing is simple and consumes less energy than multi-path routing, but it will cost a lot to re-delivery when the data delivery fails. However, multi-path routing supports high delivery ratio and load balancing, but its traffic is very high and the redundant traffic is burden to the whole networks. In this paper, we introduce a novel routing scheme for wireless sensor networks, so called, the highly energy aware resilient routing scheme (HEAR). Our scheme establishes partial disjoint multi-paths to support high robustness and energy efficiency."
Sergio Marti,T. J. Giuli,Kevin Lai,Mary Baker
“ Mitigating routing misbehavior in mobile ad hoc networks ”,
"International Conference on Mobile Computing and Networking", 2000, pp. 255-265
ResiliNets Keywords: ' misbehavior, cross-layer control
Abstract: "This paper describes two techniques that improve throughput in an ad hoc network in the presence of nodes that agree to forward packets but fail to do so. To mitigate this problem, we propose categorizing nodes based upon their dynamically measured behavior. We use a watchdog that identifies misbehaving nodes and a pathrater that helps routing protocols avoid these nodes. Through simulation we evaluate watchdog and pathrater using packet throughput, percentage of overhead (routing) transmissions, and the accuracy of misbehaving node detection. When used together in a network with moderate mobility, the two techniques increase throughput by 17% in the presence of 40% misbehaving nodes, while increasing the percentage of overhead transmissions from the standard routing protocol's 9% to 17%. During extreme mobility, watchdog and pathrater can increase network throughput by 27%, while increasing the overhead transmissions from the standard routing protocol's 12% to 24%."
R.A. Raja Mahmood, A.I. Khan
“ A survey on detecting black hole attack in AODV-based mobile ad hoc networks ”,
"International Symposium on High Capacity Optical Networks and Enabling Technologies", November 2007, pp. 1-6
ResiliNets Keywords: ' blockhole attack, cross-layer control
Abstract: "This paper presents a survey of current methods of detecting black hole attack against ad hoc on-demand distance vector routing protocol in mobile ad hoc networks. In a black hole attack, a malicious node answers each route request with a fake reply claiming to have the shortest and freshest route to the destination. However, when the data packets arrive, the malicious node discards them. Seven detection methods are described in this paper, and their strengths and weaknesses discussed."
[ Hamadani-Rakocevic-2007 .]
Ehsan Hamadani, Veselin Rakocevic
“ A Cross layer Analysis of TCP Instability in Multihop Ad hoc Networks ”,
"European Wireless Conference", April 2007
ResiliNets Keywords: ' cross-layer control, stability
Abstract: "It is well-known that due to the nature of some ad hoc network applications (e.g. emergency operation, battlefield communication), TCP instability can have a devastating impact on the Quality of Service requirements. As this paper shows, TCP instability is truly a cross layer problem which needs to be addressed by considering the interaction of multiple layers with each other. The paper first divides the TCP instability problem into intra-flow and inter-flow instability and then propose a set of simple but effective solutions and show through extensive simulations the improvements achieved using the proposed algorithms."