Institute for Systems Research Technical Reports

Permanent URI for this collectionhttp://hdl.handle.net/1903/4376

This archive contains a collection of reports generated by the faculty and students of the Institute for Systems Research (ISR), a permanent, interdisciplinary research unit in the A. James Clark School of Engineering at the University of Maryland. ISR-based projects are conducted through partnerships with industry and government, bringing together faculty and students from multiple academic departments and colleges across the university.

Browse

Author: search.filters.author.Baras, John S.Subject: search.filters.subject.Global Communication Systems

Search Results

Now showing 1 - 10 of 69
  • Thumbnail Image
    Item
    Broadcast Scheduling for Push Broadcast Systems with Arbitrary Cost Functions
    (2007) Raissi-Dehkordi, Majid; Baras, John S.; ISR
    In this report the problem of broadcast scheduling in Push broadcast systems is studied. We introduce an optimization approach that leads to well justified policies for Push broadcast systems with generalized cost functions. In particular, we apply our results to a Push broadcast system with different deadlines associated to the files while allowing the files to have unequal demand rates and lengths. We will show that our proposed policy covers some of the previously investigated Push systems as special cases and is applicable to a wide range of cost functions assigned to the files. We also calculate the optimal average cost for our experimental settings and show, through extensive simulation studies, that our results closely match that value for each experiment.
  • Thumbnail Image
    Item
    A Robust, Distributed TGDH-based Scheme for Secure Group Communications in MANETs
    (2005) Striki, Maria; Baras, John S.; ISR; CSHCN
    Securing multicast communications in Mobile Ad Hoc Networks (MANETs) is now considered among the most challenging research directions in the areas of wireless networking and security. MANETs are emerging as the desired environment for an increasing number of commercial and military applications, addressing also a growing number of users. Security on the other hand, is now an indispensable requirement for these applications. However, the limitations of the dynamic, infrastructure-less nature of MANETs impose major difficulties in establishing a secure framework suitable for group communications.

    The design of efficient key management (KM) schemes for MANET is of paramount importance, since the performance of the KM functions (e.g. group key generation, entity authentication) imposes an upper limit on the efficiency and scalability of the whole secure group communication system. In this work, we contribute towards efficient, robust and scalable secure group communications for MANETs by extending the TGDH scheme to a novel distributed and topology aware protocol: DS-TGDH.

    Our aim is to modify TGDH so that: a) it is feasible in the most general resource-constrained flat MANET where no nodes with special capabilities may exist, b) it produces considerably lower overhead for the network nodes involved, c) it handles disruptions with low cost. To meet our objectives we consider in our design the underlying routing protocol, and we apply a distributed version of TGDH over a robust schedule, optimizing parameters of interest. We assume that members have already been authenticated and we focus on the design and analysis of the einforcedDS-TGDH. We compare our scheme with the original, w.r.t. this cross-layer consideration.

    Through our analysis and results we shed more insight on the actual feasibility of these protocols for MANETs and provide more realistic and aircomparison results that more accurately advocate the pros and cons of each protocol over the environment of interest.

  • Thumbnail Image
    Item
    Fault-Tolerant Extension of Hypercube Algorithm for Efficient, Robust Group Communications in MANETs
    (2005) Striki, Maria; Baras, John S.; ISR; CSHCN
    Securing multicast communications in Mobile Ad Hoc Networks (MANETs) has become one of the most challenging research directions in the areas of wireless networking and security. MANETs are emerging as the desired environment for an increasing number of commercial and military applications, addressing also an increasing number of users. Security on the other hand, is becoming an indispensable requirement of our modern life for all these applications. However, the limitations of the dynamic, infrastructure-less nature of MANETs impose major difficulties in establishing a secure framework suitable for group communications. The design of efficient key management (KM) schemes for MANET is of paramount importance, since the performance of the KM functions (key generation, entity authentication, key distribution/agreement) imposes an upper limit on the efficiency and scalability of the whole secure group communication system. In this work, we contribute towards efficient, robust and scalable, secure group communications for MANETs, by extending an existing key agreement (KA) scheme (where all parties contribute equally to group key generation) ypercube - to tolerate multiple member failures with low cost, through its integration with a novel adaptively proactive algorithm. We assume that the participating users have already been authenticated via some underlying mechanism and we focus on the design and analysis of a fault-tolerant Hypercube, with the aim to contribute to the robustness and efficiency of Octopus-based schemes (an efficient group of KA protocols for MANETs using Hypercube as backbone). We compare our algorithm with the existing approach, and we evaluate the results of our analysis. Through our analysis and simulation results we demonstrate how the new Hypercube algorithm enhances the robustness of the Octopus schemes maintaining their feasibility in MANETs at the same time.

    Key terms: Key Management, Key Agreement, Hypercube Protocol, Fault-Tolerance, Octopus Schemes, Elliptic Curves Cryptography

  • Thumbnail Image
    Item
    HYBRID NETWORKS WITH A SPACE SEGMENT - TOPOLOGY DESIGN AND SECURITY ISSUES
    (2005) Roy-Chowdhury, Ayan; Baras, John S.; Hadjitheodosiou, Michael H.; Rentz, Nicolas; Baras, Dr. John S.; ISR; CSHCN
    In this paper we investigate a hybrid network topology that is suitable for supporting interplanetary communications. We define an architecture comprised of a network of sensor nodes on a remote planetary surface, connected to a hybrid terrestrial network of wired and wireless LANs through a series of satellite relays. All the nodes in the network are IPaddressable and support public and symmetric key cryptography. The resulting network forms a hierarchical hybrid mesh that connects users on Earth to networks on or around a remote planetary surface. We describe the design of the network and present preliminary simulation results illustrating the network performance for various parameters. We also discuss how algorithms for user authentication, message integrity and data confidentiality can be incorporated in the network infrastructure for secure end-to-end communication.
  • Thumbnail Image
    Item
    Interactive Data Services in Wireless Access Networks: Capacity Planning and Protocols
    (2005) Zhou, Xiaoming; Raissi-Dehkordi, Majid; Baras, John S.; Baras, John S.; ISR; CSHCN
    In this paper, we study the capacity planning in wireless access network for interactive data services such as web browsing. A closed queuing model has been developed which can capture the bottleneck effects in both the forward and the reverse channels. The model can be used to calculate the average throughput, the average response time and the number of users the system can support. We evaluate the performance of several MAC protocols such as slotted Aloha, static TDMA, Aloha/periodic stream and combined free demand assignment multiple access (CFDAMA) using realistic web traffic models. Based on the performance evaluation, we propose a new MAC protocol and a new transport layer protocol. Our new MAC protocol called combined polling free demand assignment multiple access (CPFDAMA) explores the correlation between forward channel data packets and reverse channel acknowledgement packets. Our new transport layer protocol called RWBP uses per-flow queuing, round robin scheduling and receiver window backpressure for congestion management. RWBP can eliminate congestion losses inside the wireless networks. Our protocol suite outperforms the proposed protocols in term of both channel utilization and response time. Our results can be used for service providers to dimension their networks and provide quality of service to a certain number of users.
  • Thumbnail Image
    Item
    A Certificate-based Light-weight Authentication Algorithm For Resource-constrained Devices
    (2005) Roy-Chowdhury, Ayan; Baras, John S.; Baras, John S.; ISR; CSHCN
    In this work, we analyze and extend a recently proposed design of digital certificates called TESLA certificates. Certificates are a necessary tool in today's secure networks to certify the identity of nodes taking part in communication. Most prevalent certificate technologies make use of public-key cryptography. Messages generated by the user are signed using its private key, and the signature can be verified by any node who knows the user's public key via its certificate. Signature generation and verification using public-key cryptography is computationally expensive for devices with limited computation power and energy resources. In this situation TESLA certificates can be very useful to certify identity, since they rely on symmetric cryptography which is computationally much more efficient. In this paper we explain the concept of TESLA certificates and provide a preliminary description of proposed modifications to the original algorithm to strengthen its security. We extend the original proposal by combining hash chains with TESLA certificates and come up with an efficient source and message authentication protocol based on symmetric key certificates. We also propose a new type of TESLA certificates called Group Certificates for use in multicast group communication. Through analysis, we show that our protocol is secure against malicious adversaries. We also give an initial estimate of the performance of our algorithm and the related comparison to public-key signatures, and we highlight network scenarios where the TESLA certificates could be particularly useful.
  • Thumbnail Image
    Item
    Network Tomography
    (2005) Gavilanez, Franklin; Berenstein, Carlos A.; Baras, John S.; ISR
    While conventional tomography is associated to the Radon transform in Euclidean spaces, electrical impedance tomography or EIT is associated to the Radon transform in the hyperbolic plane. We discuss some recent work on network tomography that can be associated to a problem similar to EIT on graphs and indicate how in some sense it may be also associated to the Radon transform on trees.
  • Thumbnail Image
    Item
    A Framework for Scalable Hierarchical Routing in Mobile Ad Hoc Networks
    (2004) Chandrashekar, Karthikeyan; Morera, Raquel; McAuley, Anthony J.; Baras, John S.; Baras, John S.; ISR
    The theoretical performance advantages of dividing a network into independent routing domains is well known; however, the actual benefits are hard to quantify and are often not sufficient to outweigh the added complexity. Justification of domains is especially hard in mobile ad hoc networks (MANETS), because reconfiguration overhead increases and use of single interface routers. Nevertheless, we believe that with the right domain configuration and inter-domain routing protocol we can get better performance using hierarchy than flat routing, especially in heterogeneous and dynamic networks. This paper proposes a framework for scalable routing in MANETs based on auto-configured optimized routing domains and an enhanced inter-domain routing scheme. To minimize overall overhead, the inter-domain routing protocol exploits existing messages needed for domain maintenance. The framework allows different routing protocols to run in each domain. OPNET simulations show the benefits of the proposed approach using OLSR for intra-domain routing. Results show significant reduction in protocol overhead, increased route stability and increased route availability in a dynamic heterogeneous network.
  • Thumbnail Image
    Item
    A Multiple Subset Sum Formulation for Feedback Implosion Suppression over Satellite Networks
    (2004) Akkor, Gun; Baras, John S.; Hadjitheodosiou, Michael H.; Baras, John S.; ISR; CSHCN
    In this paper, we present a feedback implosion suppression (FIS) algorithm that reduces the volume of feedback information transmitted through the network without relying on any collaboration between users, or on any infrastructure other than the satellite network. Next generation satellite systems that utilize the Ka frequency band are likely to rely on various fade mitigation (compensation) techniques ranging from adaptive coding to dynamic power control, in order to guarantee a service quality that is comparable to other broadband technologies. User feedback would be a valuable input for a number of such components, however, collecting periodic feedback from a large number of users would result in the well-known feedback implosion problem. Feedback implosion is identified as a major problem when a large number of users try to transmit their feedback messages through the network, holding up a significant portion of the uplink resources and clogging the shared uplink medium. In this paper, we look at a system where uplink channel access is organized in time-slots. The goal of the FIS algorithm is to reduce the number of uplink time-slots hold up for the purpose of feedback transmission. Our analysis show that the FIS algorithm effectively suppresses the feedback messages of 95% of all active users, but still achieves acceptable performance results when the ratio of available time-slots to number of users is equal to or higher than 5%.
  • Thumbnail Image
    Item
    Security Issues in Hybrid Satellite Networks
    (2004) Roy-Chowdhury, Ayan; Hadjitheodosiou, Michael H.; Baras, John S.; Baras, John S.; ISR; CSHCN
    Satellites are expected to play an increasingly important role in providing broadband Internet services over long distances in an efficient manner. Future networks will be hybrid in nature - having terrestrial nodes interconnected by satellite links. Security is an important concern in such networks, since the satellite segment is susceptible to a host of attacks including eavesdropping, session hijacking and data corruption. In this paper we address the issue of securing communication in satellite networks. We describe the different kinds of hybrid network topologies considered for deployment. We discuss various security attacks that are possible in these networks, and survey the different solutions proposed to secure communications in the hybrid networks. We point out important drawbacks in the various proposed solutions, and suggest a hierarchical approach to add security to the hybrid networks.