A defense system against DDoS attacks by large-scale IP traceback

In this paper, we present a new approach, called Flexible Deterministic Packet Marking (FDPM), to perform a large-scale IP traceback to defend against Distributed Denial of Service (DDoS) attacks. In a DDoS attack the victim host or network is usually attacked by a large number of spoofed IP packets coming from multiple sources. IP traceback is the ability to trace the IP packets to their sources without relying on the source address field of the IP header. FDPM provides many flexible features to trace the IP packets and can obtain better tracing capability than current IP traceback mechanisms, such as Probabilistic Packet Marking (PPM), and Deterministic Packet Marking (DPM). The flexibilities of FDPM are in two ways, one is that it can adjust the length of marking field according to the network protocols deployed; the other is that it can adjust the marking rate according to the load of participating routers. The implementation and evaluation demonstrates that the FDPM needs moderately only a small number of packets to complete the traceback process; and can successfully perform a large-scale IP traceback, for example, trace up to 110,000 sources in a single incident response. It has a built-in overload prevention mechanism, therefore this scheme can perform a good traceback process even it is heavily loaded.

Service-oriented wireless sensor networks and an energy-aware mesh routing algorithm

Service-oriented wireless sensor networks (WSNs) are being paid more and more attention because service computing can hide complexity of WSNs and enables simple and transparent access to individual sensor nodes. Existing WSNs mainly use IEEE 802.15.4 as their communication specification, however, this protocol suite cannot support IP-based routing and service-oriented access because it only specifies a set of physical- and MAC-layer protocols. For inosculating WSNs with IP networks, IEEE proposed a 6LoWPAN (IPv6 over LoW Power wireless Area Networks) as the adaptation layer between IP and MAC layers. However, it is still a challenging task how to discover and manage sensor resources, guarantee the security of WSNs and route messages over resource-restricted sensor nodes. This paper is set to address such three key issues. Firstly, we propose a service-oriented WSN architectural model based on 6LoWPAN and design a lightweight service middleware SOWAM (service-oriented WSN architecture middleware), where each sensor node provides a collection of services and is managed by our SOWAM. Secondly, we develop a security mechanism for the authentication and secure connection among users and sensor nodes. Finally, we propose an energyaware mesh routing protocol (EAMR) for message transmission in a WSN with multiple mobile sinks, aiming at prolonging the lifetime of WSNs as long as possible. In our EAMR, sensor nodes with the residual energy lower than a threshold do not forward messages for other nodes until the threshold is leveled down. As a result, the energy consumption is evened over sensor nodes significantly. The experimental results demonstrate the feasibility of our service-oriented approach and lightweight middleware SOWAM, as well as the effectiveness of our routing algorithm EAMR.

Traffic matrix prediction and estimation based on deep learning in large-scale IP backbone networks

Network traffic analysis has been one of the most crucial techniques for preserving a large-scale IP backbone network. Despite its importance, large-scale network traffic monitoring techniques suffer from some technical and mercantile issues to obtain precise network traffic data. Though the network traffic estimation method has been the most prevalent technique for acquiring network traffic, it still has a great number of problems that need solving. With the development of the scale of our networks, the level of the ill-posed property of the network traffic estimation problem is more deteriorated. Besides, the statistical features of network traffic have changed greatly in terms of current network architectures and applications. Motivated by that, in this paper, we propose a network traffic prediction and estimation method respectively. We first use a deep learning architecture to explore the dynamic properties of network traffic, and then propose a novel network traffic prediction approach based on a deep belief network. We further propose a network traffic estimation method utilizing the deep belief network via link counts and routing information. We validate the effectiveness of our methodologies by real data sets from the Abilene and GÉANT backbone networks.

A mesh based anycast routing protocol for ad hoc networks

Ad hoc networks became a hot topic recently, but the routing algorithm of anycast in the ad hoc networks has not yet been much explored. In this paper, we propose a mesh-based anycast routing algorithm (MARP) for ad hoc networks. The proposed routing model is robust and reliable, which can solve the unsteady topology problem in ad hoc networks. The future work is discussed at the end of this paper.

Prediction based location aided routing for mobile ad hoc networks

Routing in ad hoc networks faces significant challenges due to node mobility and dynamic network topology. In this work we propose the use of mobility prediction to reduce the search space required for route discovery. A method of mobility prediction making use of a sectorized cluster structure is described with the proposal of the Prediction based Location Aided Routing (P-LAR) protocol. Simulation study and analytical results of P-LAR find it to offer considerable saving in the amount of routing traffic generated during the route discovery phase.

A simulation model for video traffic performance via ATM over TCP/IP

Although TCP has emerged as the standard in data communication, the introduction of ATM technology has raised numerous problems regarding the effectiveness of using TCP over A TM networks, especially when video traffic performance is considered. This paper presents a simulation model for transmission performance of video traffic via ATM over TCP/IP. The interactivity between TCP/IP and ATM, generation of MPEG traffic and evaluation of traffic performance are implemented in the model. The design and implementation details of the model are carefully described. The experiments conducted using the model and experimental results are briefly introduced, revealing the capability of our model in simulating network events and in evaluating potential solutions to performance issues.

Quality-of-service routing for web-based multimedia servers

Quality-of-Service is an important issue in multimedia applications; so far most of the research focuses on bandwidth guarantee, few pays attention to the server performance guarantee. In this paper we pay more attention to the server performance guarantee under the prerequisite of guaranteed bandwidth quality. We take advantage of anycast to find the "best" multimedia server among a distributed server group in terms of bandwidth, the request will be submitted to the selected server, moreover, the selected server's neighbours' (all the servers with feasible paths) addresses are delivered to the selected server simultaneously. If the selected server can not guarantee the QoS for the request in terms of server performance, then a proposed QoS-Aware Server Load Deviation (QASLD) mechanism wiII be employed, which will deliver the request to one of its neighbours until there exists a suitable server that can guarantee the server performance for the request. Our experiments show that the proposed QASLD algorithm works well.

Mobility prediction based routing for minimizing control overhead in mobile ad hoc networks

Routing in ad hoc networks faces significant challenges due to node mobility and dynamic network topology. In this work we propose the use of mobility prediction to reduce the search space required for route discovery. A method of mobility prediction making use of a sectorized cluster structure is described with the proposal of the Prediction based Location Aided routing (P-LAR) protocol. Simulation study and analytical results of the of P-LAR find it to offer considerable saving in the amount of routing traffic generated during the route discovery phase.

A performance comparison of three wireless multi hop ad-hoc network routing protocols when streaming MPEG4 traffic

Mobile ad-hoc networks are characterised by constant topology changes, the absence of fixed infrastructure and lack of any centralised control. Traditional routing algorithms prove to be inefficient in such a changing environment. Ad-hoc routing protocols such as dynamic source routing (DSR), ad-hoc on-demand distance vector routing (AODV) and destination-sequence distance vector (DSDV) have been proposed to solve the multi hop routing problem in ad-hoc networks. Performance studies of these routing protocols have assumed constant bit rate (CBR) traffic. Real-time multimedia traffic generated by video-on demand and teleconferencing services are mostly variable bit rate (VBR) traffic. Most of these multimedia traffic is encoded using the MPEG standard. (ISO moving picture expert group). When video traffic is transferred over MANETs a series of performance issues arise. In this paper we present a performance comparison of three ad-hoc routing protocols - DSR, AODV and DSDV when streaming MPEG4 traffic. Simulation studies show that DSDV performs better than AODV and DSR. However all three protocols fail to provide good performance in large, highly mobile network environments. Further study is required to improve the performance of these protocols in mobile ad-hoc networks offering VBR services.

IP spoofing attack and its countermeasures

IP spoofing is a technique used to gain unauthorized access to computers, whereby the intruder sends messages to a computer with an IP address indicating that the message is coming from a trusted host. It causes serious security problem in the cyber world, and is currently exploited widely in the information warfare. This paper at first introduces the IP spoofing attack through examples, technical issues and attacking types. Later its countermeasures are analysed in detail, which include authentication and encription, filtering and IP traceback. In particular, an IP traceback mechanism, Flexible Deterministic Packet Marking (FDPM) is presented. Since the IP spoofing problem can not be solved only by technology, but it also needs social regulation, the legal issues and economic impact are discussed in the later part.

Topology based packet marking for IP traceback

IP source address spoofing exploits a fundamental weakness in the Internet Protocol. It is exploited in many types of network-based attacks such as session hijacking and Denial of Service (DoS). Ingress and egress filtering is aimed at preventing IP spoofing. Techniques such as History based filtering are being used during DoS attacks to filter out attack packets. Packet marking techniques are being used to trace IP packets to a point that is close as possible to their actual source. Present IP spoofing  countermeasures are hindered by compatibility issues between IPv4 and IPv6, implementation issues and their effectiveness under different types of attacks. We propose a topology based packet marking method that builds on the flexibility of packet marking as an IP trace back method while overcoming most of the shortcomings of present packet marking techniques.

A case for cross layer design: the impact of physical layer properties on routing protocol performance in MANETs

In this work we evaluate the performance of routing protocols for mobile ad hoc networks using different physical layer models. The results obtained show that the performance results obtained using idealized models such as the free space propagation model vary significantly when propagation effects such as path loss and shadowing are considered. This difference in performance indicates that optimization is required in the protocol development space that takes into account channel state information (CSI). Such an optimization requires a cross layer approach to be adopted and a framework for protocol performance evaluation to be established. We believe that this work would serve as a first step in this direction. We provide comparative performance results through network simulations.

Iterative variable aggregation and disaggregation in IP : an application

This paper, using the Unconstrained Shape Matrix Optimization Problem as a test bed, we investigate various aspects of variable aggregation and disaggregation for a class of integer programs that contains binary expansion. We present theoretical and numerical results, and propose an iterative algorithm for exact solutions.

Geographic routing with cooperative relaying and leapfrogging in wireless sensor networks

A novel geographic routing protocol for multi-hop wireless sensor networks is presented. It exploits the broadcast nature of the wireless channel to enable on-demand cooperative relaying and leapfrogging for circumventing weak radio links. In order to achieve energy efficiency, a metric is introduced for next-hop selection that takes into account information on the residual battery energy, the geographical position of the sensor nodes, and the channel quality of the involved radio links when available. Performance results show that the completely decentralized protocol offers significant benefits by reducing the number of (re)transmissions required to reach the destination. This translates into network-wide energy savings that extend the network lifetime.

A resource-search and routing algorithm within PCDN autonomy area

This paper studied a new type of network model; it is formed by the dynamic autonomy area, the structured source servers and the proxy servers. The new network model satisfies the dynamics within the autonomy area, where each node undertakes different tasks according to their different abilities, to ensure that each node has the load ability fit its own; it does not need to exchange information via the central servers, so it can carry out the efficient data transmission and routing search. According to the highly dynamics of the autonomy area, we established dynamic tree structure-proliferation system routing and resource-search algorithms and simulated these algorithms. Test results show the performance of the proposed network model and the algorithms are very stable.