Dynamic Server Selection using Bandwidth Probing in Wide-Area Networks

Replication is a commonly proposed solution to problems of scale associated with distributed services. However, when a service is replicated, each client must be assigned a server. Prior work has generally assumed that assignment to be static. In contrast, we propose dynamic server selection, and show that it enables application-level congestion avoidance. To make dynamic server selection practical, we demonstrate the use of three tools. In addition to direct measurements of round-trip latency, we introduce and validate two new tools: bprobe, which estimates the maximum possible bandwidth along a given path; and cprobe, which estimates the current congestion along a path. Using these tools we demonstrate dynamic server selection and compare it to previous static approaches. We show that dynamic server selection consistently outperforms static policies by as much as 50%. Furthermore, we demonstrate the importance of each of our tools in performing dynamic server selection.

Packet switching in wide area broadband private networks

B-ISDN is a universal network which supports diverse mixes of service, applications and traffic. ATM has been accepted world-wide as the transport technique for future use in B-ISDN. ATM, being a simple packet oriented transfer technique, provides a flexible means for supporting a continuum of transport rates and is efficient due to possible statistical sharing of network resources by multiple users. In order to fully exploit the potential statistical gain, while at the same time provide diverse service and traffic mixes, an efficient traffic control must be designed. Traffic controls which include congestion and flow control are a fundamental necessity to the success and viability of future B-ISDN. Congestion and flow control is difficult in the broadband environment due to the high speed link, the wide area distance, diverse service requirements and diverse traffic characteristics. Most congestion and flow control approaches in conventional packet switched networks are reactive in nature and are not applicable in the B-ISDN environment. In this research, traffic control procedures mainly based on preventive measures for a private ATM-based network are proposed and their performance evaluated. The various traffic controls include CAC, traffic flow enforcement, priority control and an explicit feedback mechanism. These functions operate at call level and cell level. They are carried out distributively by the end terminals, the network access points and the internal elements of the network. During the connection set-up phase, the CAC decides the acceptance or denial of a connection request and allocates bandwidth to the new connection according to three schemes; peak bit rate, statistical rate and average bit rate. The statistical multiplexing rate is based on a `bufferless fluid flow model' which is simple and robust. The allocation of an average bit rate to data traffic at the expense of delay obviously improves the network bandwidth utilisation.

QoS differentiation in IEEE 802.11 wireless local area networks for real-time control

IEEE 802.11 based wireless local area networks (WLANs) are being increasingly deployed for soft real-time control applications. However, they do not provide quality-ofservice (QoS) differentiation to meet the requirements of periodic real-time traffic flows, a unique feature of real-time control systems. This problem becomes evident particularly when the network is under congested conditions. Addressing this problem, a media access control (MAC) scheme, QoS-dif, is proposed in this paper to enable QoS differentiation in IEEE 802.11 networks for different types of periodic real-time traffic flows. It extends the IEEE 802.11e Enhanced Distributed Channel Access (EDCA) by introducing a QoS differentiation method to deal with different types of periodic traffic that have different QoS requirements for real-time control applications. The effectiveness of the proposed QoS-dif scheme is demonstrated through comparisons with the IEEE 802.11e EDCA mechanism.

Understanding data flow and security requirements in wireless Body Area Networks for healthcare

The Body Area Network (BAN) is an emerging technology that focuses on monitoring physiological data in, on and around the human body. BAN technology permits wearable and implanted sensors to collect vital data about the human body and transmit it to other nodes via low-energy communication. In this paper, we investigate interactions in terms of data flows between parties involved in BANs under four different scenarios targeting outdoor and indoor medical environments: hospital, home, emergency and open areas. Based on these scenarios, we identify data flow requirements between BAN elements such as sensors and control units (CUs) and parties involved in BANs such as the patient, doctors, nurses and relatives. Identified requirements are used to generate BAN data flow models. Petri Nets (PNs) are used as the formal modelling language. We check the validity of the models and compare them with the existing related work. Finally, using the models, we identify communication and security requirements based on the most common active and passive attack scenarios.

Medium access control schemes for local area networks with multiple priority function

This paper deals with the development and performance evaluation of three modified versions of a scheme proposed for medium access control in local area networks. The original scheme implements a collision-free and fair medium arbitration by using a control wire in conjunction with a data bus. The modifications suggested in this paper are intended to realize the multiple priority function in local area networks.

An experimental investigation into the influence of user state and environment on fading characteristics in wireless body area networks at 2.45 GHz

Using seven strategically placed, time-synchronized bodyworn receivers covering the head, upper front and back torso, and the limbs, we have investigated the effect of user state: stationary or mobile and local environment: anechoic chamber, open office area and hallway upon first and second order statistics for on-body fading channels. Three candidate models were considered: Nakagami, Rice and lognormal. Using maximum likelihood estimation and the Akaike information criterion it was established that the Nakagami-m distribution best described small-scale fading for the majority of on-body channels over all the measurement scenarios. When the user was stationary, Nakagami-m parameters were found to be much greater than 1, irrespective of local surroundings. For mobile channels, Nakagami-m parameters significantly decreased, with channels in the open office area and hallway experiencing the worst fading conditions.

An Antennas and Propagation Approach to Improving Physical Layer Performance in Wireless Body Area Networks

A combined antennas and propagation study has been undertaken with a view to directly improving link conditions for wireless body area networks. Using tissue-equivalent numerical and experimental phantoms representative of muscle tissue at 2.45 GHz, we show that the node to node [S-21] path gain performance of a new wearable integrated antenna (WIA) is up to 9 dB better than a conventional compact Printed-F antenna, both of which are suitable for integration with wireless node circuitry. Overall, the WIA performed extremely well with a measured radiation efficiency of 38% and an impedance bandwidth of 24%. Further benefits were also obtained using spatial diversity, with the WIA providing up to 7.7 dB of diversity gain for maximal ratio combining. The results also show that correlation was lower for a multipath environment leading to higher diversity gain. Furthermore, a diversity implementation with the new antenna gave up to 18 dB better performance in terms of mean power level and there was a significant improvement in level crossing rates and average fade durations when moving from a single-branch to a two-branch diversity system.

On the Distribution of Signal Phase in Body Area Networks

In this letter, we investigate the distribution of the phase component of the complex received signal observed in practical experiments using body area networks. Two phase distributions, the recently proposed kappa-mu and eta-mu probability densities, which together encompass the most widely used fading models, namely Semi-Gaussian, Rayleigh, Hoyt, Rice, and Nakagami-m, have been compared with measurement data. The kappa-mu distribution has been found to provide the best fit over a range of on-body links, while the user was mobile. The experiments were carried out in two dissimilar indoor environments at opposite ends of the multipath spectrum. It has also been found that the uniform phase distribution has not arisen in anyone of the experiments.

The utilization bound of non-preemptive rate-monotonic scheduling in controller area networks is 25%

Consider a distributed computer system comprising many computer nodes, each interconnected with a controller area network (CAN) bus. We prove that if priorities to message streams are assigned using rate-monotonic (RM) and if the requested capacity of the CAN bus does not exceed 25% then all deadlines are met.

Emerging wireless personal area networks(WPANs) : - An analysis of techniques, tools and threats

Wireless Personal Area Networks provide a pivotal role in local area network technology complementing traditional Wireless Local Area Network technologies. Bluetooth, ZigBee and NFC (Near Field Communications) have emerged as key WPAN technologies with UWB (Ultra Wide Band) standards currently evolving. They are however subject to the usual range of security vulnerabilities found in wireless LANs such as spoofing, snooping, man-in-the-middle, denial of service and other attacks. However security in WPANs is not as mature as it is in Wireless LANs and further work is needed in order to provide comparable protection. This paper examines a range of WPAN technologies and security issues and proposes protection mechanisms that can mitigate risk in each case. © 2012 IEEE.

DDoS attack detection at local area networks using information theoretical metrics

DDoS attacks are one of the major threats to Internet services. Sophisticated hackers are mimicking the features of legitimate network events, such as flash crowds, to fly under the radar. This poses great challenges to detect DDoS attacks. In this paper, we propose an attack feature independent DDoS flooding attack detection method at local area networks. We employ flow entropy on local area network routers to supervise the network traffic and raise potential DDoS flooding attack alarms when the flow entropy drops significantly in a short period of time. Furthermore, information distance is employed to differentiate DDoS attacks from flash crowds. In general, the attack traffic of one DDoS flooding attack session is generated by many bots from one botnet, and all of these bots are executing the same attack program. As a result, the similarity among attack traffic should higher than that among flash crowds, which are generated by many random users. Mathematical models have been established for the proposed detection strategies. Analysis based on the models indicates that the proposed methods can raise the alarm for potential DDoS flooding attacks and can differentiate DDoS flooding attacks from flash crowds with conditions. The extensive experiments and simulations confirmed the effectiveness of our proposed detection strategies.

Superstring: A scalable service discovery protocol for the wide-area pervasive environment

Arguably, the world has become one large pervasive computing environment. Our planet is growing a digital skin of a wide array of sensors, hand-held computers, mobile phones, laptops, web services and publicly accessible web-cams. Often, these devices and services are deployed in groups, forming small communities of interacting devices. Service discovery protocols allow processes executing on each device to discover services offered by other devices within the community. These communities can be linked together to form a wide-area pervasive environment, allowing processes in one p u p tu interact with services in another. However, the costs of communication and the protocols by which this communication is mediated in the wide-area differ from those of intra-group, or local-area, communication. Communication is an expensive operation for small, battery powered devices, but it is less expensive for servem and workstations, which have a constant power supply and 81'e connected to high bandwidth networks. This paper introduces Superstring, a peer to-peer service discovery protocol optimised fur use in the wide-area. Its goals are to minimise computation and memory overhead in the face of large numbers of resources. It achieves this memory and computation scalability by distributing the storage cost of service descriptions and the computation cost of queries over multiple resolvers.

Intrusion detection techniques in wireless local area networks

This research investigates wireless intrusion detection techniques for detecting attacks on IEEE 802.11i Robust Secure Networks (RSNs). Despite using a variety of comprehensive preventative security measures, the RSNs remain vulnerable to a number of attacks. Failure of preventative measures to address all RSN vulnerabilities dictates the need for a comprehensive monitoring capability to detect all attacks on RSNs and also to proactively address potential security vulnerabilities by detecting security policy violations in the WLAN. This research proposes novel wireless intrusion detection techniques to address these monitoring requirements and also studies correlation of the generated alarms across wireless intrusion detection system (WIDS) sensors and the detection techniques themselves for greater reliability and robustness. The specific outcomes of this research are: A comprehensive review of the outstanding vulnerabilities and attacks in IEEE 802.11i RSNs. A comprehensive review of the wireless intrusion detection techniques currently available for detecting attacks on RSNs. Identification of the drawbacks and limitations of the currently available wireless intrusion detection techniques in detecting attacks on RSNs. Development of three novel wireless intrusion detection techniques for detecting RSN attacks and security policy violations in RSNs. Development of algorithms for each novel intrusion detection technique to correlate alarms across distributed sensors of a WIDS. Development of an algorithm for automatic attack scenario detection using cross detection technique correlation. Development of an algorithm to automatically assign priority to the detected attack scenario using cross detection technique correlation.