Ahmed Refaey

Physical Layer Authentication for Mobile Systems with Time-Varying Carrier Frequency Offsets

A novel physical layer authentication scheme is proposed in this paper by exploiting the time-varying carrier frequency offset (CFO) associated with each pair of wireless communications devices. In realistic scenarios, radio frequency oscillators in each transmitter-and-receiver pair always present device-dependent biases to the nominal oscillating frequency. The combination of these biases and mobility-induced Doppler shift, characterized as a time-varying CFO, can be used as a radiometric signature for wireless device authentication. In the proposed authentication scheme, the variable CFO values at different communication times are first estimated. Kalman filtering is then employed to predict the current value by tracking the past CFO variation, which is modeled as an autoregressive random process. To achieve the proposed authentication, the current CFO estimate is compared with the Kalman predicted CFO using hypothesis testing to determine whether the signal has followed a consistent CFO pattern. An adaptive CFO variation threshold is derived for device discrimination according to the signal-to-noise ratio and the Kalman prediction error. In addition, a software-defined radio (SDR) based prototype platform has been developed to validate the feasibility of using CFO for authentication. Simulation results further confirm the effectiveness of the proposed scheme in multipath fading channels.

Hailing cloud empowered radio access networks

Radio access networks empowered by CRAN is a new design paradigm that is drawing the attention of many researchers today to tackle the growing complexity of provisioning broadband wireless services. Because of the need to provide high data rates and better coverage simultaneously, operators are maintaining heterogeneous networks with cells of various sizes, ranging from femtocells to macrocells. Moving the provisioning of wireless network services for all users in collective cells to a central cloud can reduce the otherwise embedded costs and improve processing power performance by dynamically scaling up and down . For interference mitigation, cognitive radio technology can be used to dynamically provide information on spectrum availability over time and space to central processing base station units located in the cloud. In this article, we delve into all these aspects including mobile cloud computing to leverage the concept of cloud empowered radio access networks for future wireless communication needs of 5G networks. We provide an architecture for CRAN. In particular, we discuss in detail the cognitive-radio-based interference mitigation strategy and provide a media access control protocol for the proposed framework that uses this overlay interference mitigation strategy.

An enhanced cross-layer authentication mechanism for wireless communications based on PER and RSSI

Recently physical layer attributes and statistics have been exploited in securing wireless communications. However, one major obstacle of physical layer security techniques is that not all of these attributes are accessible in practical wireless communication platforms. More precisely, once the hardware of a physical transceiver is implemented, most of the physical layer attributes are not accessible due to the highly integrated circuits. Consequently, it becomes essential to develop implementable security enhancement techniques by utilizing all available attributes and statistics at different layers of wireless communication networks. In this paper, we consider the packet error rate (PER) and the received signal strength indicator (RSSI) in IEEE 802.11 networks to improve the wireless communication security. These two unique user and environment dependent attributes are readily available in most of the currently deployed IEEE 802.11 platforms. To enhance the spoofing attack detection capability, we propose a practical authentication scheme by monitoring and analyzing the PER and RSSI at the same time. The hypothesis testing model for the proposed authentication using PER and RSSI as two testing variables is presented. In addition, a decision rule for authentication, which is able to differentiate between a legitimate transmitter and a potential attacker by combining both attributes together, is developed. To evaluate the feasibility of our proposed scheme, lab experiments have been conducted using an IEEE 802.11g Atheros platform. The proposed authentication technique is validated by the experimental and simulation data. Our final authentication results confirm the improved spoofing detecting capability of the proposed technique over the single-variable based authentication.

Misbehavior detection in amplify-and-forward cooperative OFDM systems

The success of cooperative communications hinges on the reliability of cooperating nodes between the communicating parties, which may not be guaranteed in realistic scenarios. To protect cooperative networks from selfish misbehaviors and malicious forwarding, a security mechanism monitoring various abnormal behaviors during cooperation is necessary because of the constantly changing network topology and variability of cooperating nodes. In this paper, based on the orthogonal time division protocol commonly used in cooperation, a misbehavior detection scheme is proposed for amplify-and-forward (AF) cooperative orthogonal frequency division multiplexing (OFDM) systems by introducing the time division duplexing (TDD) feature into the source node and exploiting the correlation properties between the transmitted and received signals. With the estimated amplification gain and noise power, two binary hypothesis tests are employed to detect power-reducing selfish behaviors and malicious jamming attacks respectively. Simulation results demonstrate the effectiveness of the proposed scheme in detecting different misbehaviors of cooperating nodes.

A new approach for FEC decoding based on the BP algorithm in LTE and WiMAX systems

Many wireless communication systems such as IS-54, enhanced data rates for the GSM evolution (EDGE), worldwide interoperability for microwave access (WiMAX) and long term evolution (LTE) have adopted low-density parity-check (LDPC), tail-biting convolutional, and turbo codes as the forward error correcting codes (FEC) scheme for data and overhead channels. Therefore, many efficient algorithms have been proposed for decoding these codes. However, the different decoding approaches for these two families of codes usually lead to different hardware architectures. Since these codes work side by side in these new wireless systems, it is a good idea to introduce a universal decoder to handle these two families of codes. The present work exploits the parity-check matrix (H) representation of tail-biting convolutional and turbo codes, thus enabling decoding via a unified belief propagation (BP) algorithm. Indeed, the BP algorithm provides a highly effective general methodology for devising low-complexity iterative decoding algorithms for all convolutional code classes as well as turbo codes. While a small performance loss is observed when decoding turbo codes with BP instead of MAP, this is offset by the lower complexity of the BP algorithm and the inherent advantage of a unified decoding architecture.

Secure OFDM transmission based on multiple relay selection and cooperation

In cooperative communications, spatial channel diversity introduced by scattered locations of cooperating nodes can be exploited to enhance transmission security. In this paper, we propose a secure cooperative orthogonal frequency division multiplexing (OFDM) transmission scheme with the help of multiple relay nodes. For each relay, the wireless channels related to the destination and the eavesdropper are independent of each other, leading to different achievable rates over each subcarrier. In the proposed scheme, relay nodes with high rate differences between the intended receiver and the eavesdropper are selected for transmission. Different cooperation strategies ranging from single-relay selection to per-subcarrier-based multiple-relay selection are studied and compared. As a result of relay selection, each cooperative relay node only forwards a subset of subcarriers that exhibits high capacity differences, thereby enhancing transmission security of the whole system. Secrecy outage probabilities for the proposed scheme with different relay selection strategies are formulated. Numerical simulation results demonstrate the validity of the scheme for security enhancement.

Reliability enhancement for CIR-based physical layer authentication

The inherent properties of channel impulse response CIR, which are considered as location-specific characteristics of the physical link, have been exploited for the authentication purpose at the physical layer in the wireless communications. Unfortunately, the reliability of CIR-based physical layer authentication is challenged by the noise present in the CIR estimates, the rapid channel variation induced by the mobility of terminals, and the weak authentication decision by exploiting single CIR difference under the hypothesis testing. In this paper, three CIR-based authentication schemes are proposed to enhance the authentication reliability. Specifically, the noise components of the CIR estimates are mitigated in order to derive an adaptive threshold to form the authentication decision. Additionally, because of the rapid variation of the fading channel, channel prediction technique is employed to predict future CIR, and which is exploited to derive the CIR difference for the authentication analysis. Furthermore, to form the final decision in the authentication process, multiple CIR differences are observed by the receiver in a long range based on the channel predictor. In order to optimize the number of CIR differences, an optimization algorithm is developed by minimizing the total error rate under a false alarm constraint. Finally, the false alarm rate and the probability of detection are theoretically derived for performance evaluation, and the performance of proposed schemes is compared with that of a traditional channel-based authentication method using computer simulation. Copyright

On the application of BP decoding to convolutional and turbo codes

We investigate a new approach to decode convolutional and turbo codes by means of the belief propagation (BP) decoder used for low-density parity-check (LDPC) codes. In addition, we introduce a general representation scheme for convolutional codes through parity check matrices. Also, the parity check matrices of turbo codes are derived by treating turbo codes as parallel concatenated convolutional codes. Indeed, the BP algorithm provides a very attractive general methodology for devising low complexity iterative decoding algorithms for all convolutional code classes as well as turbo codes. However, preliminary results show that BP decoding of turbo codes performs slightly worse than conventional maximum a posteriori (MAP) and soft output Viterbi algorithm (SOVA) algorithms which already are in use in turbo code decoders. Since these traditional turbo decoders have a higher complexity, the observed loss in performance with BP is more than compensated by a drastically lower implementation complexity. Moreover, given the encoding simplicity of turbo codes with respect to generic LDPC codes, the low decoding complexity brings about end-to-end efficiency.

Optimized provisioning of SDN-enabled virtual networks in geo-distributed cloud computing datacenters

Cloud computing provides on-demand IT services via large distributed datacenters over high-speed networks. Virtualization, a key cloud computing technology, allows service providers to offer computing services in cloud environments without platform compatibility discrepancies. The recent proliferation of cloud computing has rekindled interest in network virtualization. Thus, network virtualization is emerging as a polymorphic approach for the future Internet that will facilitate the use of shared resources. Virtual network provisioning is considered to be a main resource allocation challenge in any virtualized network environment. Software-defined networking (SDN) imparts flexibility to a network by removing the control layer from the data transfer layer of the network and moving it to the control plane. Network virtualization is further employed to share physical infrastructure to enable multiple service providers to access the network. Flexible access requires efficient management of network resources; the SDN control plane can be used for efficient management of virtual networks. In this study, we formulate virtual network provisioning in SDN-enabled, geographically distributed cloud computing datacenters as a mixed integer linear programming (MILP) problem. The formulation of the proposed optimized virtual network provisioning (OVNP) model is studied by means of simulations. The performance of the proposed approach is measured against enhanced network cloud provisioning (ENCP), our previous research, and other recognized research focused on the ratio of successfully provisioned requests and the efficiency of resource utilization The results verify the effectiveness of the proposed approach.

Virtualization of Wireless Sensor Networks Through MAC Layer Resource Scheduling

In this paper, we propose a joint throughput and time-resource allocation scheme for the virtualization of IEEE 802.15.4-based wireless sensor networks (WSNs). Virtualization is realized through utilization of the guaranteed time slot (GTS) mechanism of cluster-tree topology to schedule resources on a media access control (MAC) layer. We develop a scheduler that is located in the personal area network (PAN) coordinator and that virtualizes the network into an aggregate of independent profiles, assigning the available resources to each profile with end-to-end (ETE) delay guarantees. The scheduler solves the problem of managing resources available in the network in an optimization framework, taking into consideration the individual profile and sensor requirements. Moreover, it uses the proposed heuristic fair resource allocation (FRA) algorithm to derive the solution in polynomial time. We validate the scheduling performance via discrete event simulation (DES) and compare the proposed FRA algorithm with round robin (RR) and proportionally fair (PF) scheduling algorithms in several scenarios. The proposed scheme demonstrates efficient resource management while maintaining profile isolation in all cases, whereas other algorithms lead to increased latency and lower throughput in the network.