Christopher Morrell

Self-selecting reliable paths for wireless sensor network routing

Routing protocols for wireless sensor networks face two challenges. One is an efficient bandwidth usage which requires minimum delay between transfers of packets. Establishing permanent routes from the source to destination addresses this challenge since the received packet can be immediately transmitted to the next node. However, any disruption on the established path either causes packet loss, lowering the delivery rate, or invokes a costly process of creating an alternative path. The second challenge is the ability to tolerate permanent and transient failures of nodes and links, especially since such failures are frequent in sensor networks. Protocols that chose the forwarding node at each hop of a packet are resilient to such failures, but incur the delay caused by selection of the forwarding node at each hop of the multi-hop path. This paper presents a novel wireless sensor routing protocol, self-selecting reliable path routing (SRP) for wireless sensor network (WSN) routing, that addresses both challenges at once. This protocol evolved from the self-selecting routing (SSR) protocol which is essentially memory-less. In the first generation of SSR protocols each packet selects the forwarding node at each hop on its path from the source to destination. The protocol takes advantage of broadcast communication commonly used in WSNs as a communication primitive. It also uses a prioritized transmission back-off delay to uniquely identify the neighbor of the forwarder that will forward the packet. As a result, the protocol is resistant to node or link failures as long as an alternative path exists from the current forwarder to the destination. The second generation of SSR protocols, called self-healing routing (SHR) added the route repair procedure, invoked when no neighbor of the forwarder closer to the destination is alive. In a series of transmissions, a packet trapped at the current forwarder by failures of its neighbors is capable of backing-off towards the source to find an alternative route, if such exists, to the destination. The main contribution of this paper is the third generation of SSR protocols, termed self-selecting reliable path routing, SRP. It preserves SHRs dynamic path selection in face of failure. Yet it also enables packets to follow established paths without selection delay if failures do not occur. The important change in the protocol is to make it memorize the successfully traversed path and attempt to reuse it for subsequent packets flowing to the same destination. The interesting behavior of SRP arising from this property is that if a path from the source to destination exists on which no transient failures occur, SRP would converge its routing to such a reliable path. In the paper, we describe novel elements of the SRP protocol that resulted in the desired properties. Using simulation, we compare SRP protocol with the representatives of the two other approaches: AODV as the route-based protocol, and GRAB and SHR as the hop-selection protocols.

Scaling IPv6 address bindings in support of a moving target defense

Moving target defense is an area of network security research in which machines are moved logically around a network in order to avoid detection. This is done by leveraging the immense size of the IPv6 address space and the statistical improbability of two machines selecting the same IPv6 address. This defensive technique forces a malicious actor to focus on the reconnaissance phase of their attack rather than focusing only on finding holes in a machines static defenses. We have a current implementation of an IPv6 moving target defense entitled MT6D, which works well although is limited to functioning in a peer to peer scenario. As we push our research forward into client server networks, we must discover what the limits are in reference to the client server ratio. In our current implementation of a simple UDP echo server that binds large numbers of IPv6 addresses to the ethernet interface, we discover limits in both the number of addresses that we can successfully bind to an interface and the speed at which UDP requests can be successfully handled across a large number of bound interfaces.

DHT Blind Rendezvous for Session Establishment in Network Layer Moving Target Defenses

This paper introduces a new method of securely exchanging information through a moving blind rendezvous by leveraging the size and distributed nature of BitTorrent Mainline Distributed Hash Table (DHT) in order to bootstrap a connection between nodes in a network layer moving target defense (MTD) system. Specifically we demonstrate an implementation of this scheme integrated with an existing MTD implemented in the IPv6 space: the Moving Target IPv6 Defense (MT6D). We show how MT6D peers can use this protocol to exchange configuration information, allowing them to locate other nodes as they move around the Internet, and how they can securely establish connections and related association parameters with no prior knowledge of the other partys network state. We require a minimal amount of pre-shared information between nodes; only that peers have access to public key information. This scheme enables mobility for peers within the MT6D protocol, allows dynamically changing configurations, and allows an MT6D server to scale to supporting many clients without a quadratic explosion in the number of secret keys which need to be maintained.

Self-Selecting Reliable Path Routing in diverse Wireless Sensor Network environments

Routing protocols for Wireless Sensor Networks (WSN) face three major performance challenges. The first one is an efficient use of bandwidth that minimizes the transfer delay of packets between nodes to ensure the shortest end-to-end delay for packet transmission from source to destination. The second challenge is the ability to maintain data flow around permanent and transient node or link failures ensuring the maximum delivery rate of packets from source to destination. The final challenge is to efficiently use energy while maximizing delivery rate and minimizing end-to-end delay. Protocols that establish a permanent route between source and destination send packets from node to node quickly, but suffer from costly route recalculation in the event of any node or link failures. Protocols that select the next hop at each node on the traversed path suffer from a delay required to make such selection. The way in which a protocol repairs routes determines the number of packets lost by each failure and ultimately affects the energy used for communication. This paper presents a novel family of wireless sensor routing protocols, the Self-Selecting Reliable Path Routing Protocol Family (SSRPF), that address all three of the afore-mentioned challenges.

Biologically Inspired Self Selective Routing with Preferred Path Selection

This paper presents a biologically inspired routing protocol called Self Selective Routing with preferred path selection (SSRP). Its operation resembles the behavior of a biological ant that finds a food source by following the strongest pheromone scent left by scout ants at each fork of a path. Likewise, at each hop of a multi-hop path, a packet using the Self Selective Routing (SSR) protocol moves to the node with the shortest hop distance to the destination. Each intermediate node on a route to the destination uses a transmission back-off delay to select a path to follow for each packet of a flow. Neither an ant nor a packet knows in advance the route that each will follow as it is decided at each step. Therefore, when a route becomes severed by a failure, they can dynamically and locally adjust their routing to traverse the shortest surviving path. Preferred path selection reduces transmission delay by essentially removing back-off delay for the node that carried the previous packet of the same flow. The results reported here for both simulation and execution of a MicaZ mote implementation, show that this is an efficient and fault-tolerant protocol with small transmission delay, high reliability and high delivery rate.

Utilizing the BitTorrent DHT for blind rendezvous and information exchange

This paper introduces a moving target blind rendezvous system leveraging the BitTorrent Distributed Hash Table (DHT) to securely locate other nodes in a distributed system and to exchange information without a single point of failure. We leverage cryptographic constructions such as Elliptic Curve Diffie-Hellman key exchange and secure hashing functions, as well as the immense size of the BitTorrent DHT swarm to build this secure system. We require a minimal amount of pre-shared information and additionally allow that pre-shared information to be publicly available in the form of public keys. Our goal in this work is to provide a means of secure information dissemination that improves the capability of privacy focused and censorship avoidance systems.

The Impact of Virtualized Technology on Undergraduate Computer Networking Education

Virtualization technology is becoming ubiquitous in the classroom, particularly in the computing fields, and could potentially make technical education more accessible by reducing cost to the student. Does this potential gain come at the costs of quality of education? To understand the drawbacks, if any, of virtualization in the classroom, a network engineering class at an undergraduate institution is taught to two separate groups of students; one group using physical labs for evaluations and lab work, and the other group using virtual networking software. The effectiveness of both classroom teaching methods are compared and evaluated based on the performance of the students and their perceived confidence in the material. Our results indicate that there is no significant difference in student performance or perceived confidence in the course material, supporting the argument that the benefits of virtualization technology in the classroom far outweigh the drawbacks.

Modeling network based moving target defense impacts through simulation in Ns-3

Network-based moving target defense systems are a valuable addition to the world of computer security and privacy. Ongoing research attempts to push the boundaries of network-based moving target defenses by adding client/server functionality to the Moving Target IPv6 Defense (MT6D) system. While this additional functionality provides a great many benefits, it is important to fully understand the impact to the network of implementing an MT6D server, which by definition greatly increases the amount of management traffic on a network segment. IPv6 relies on the Neighbor Discovery Protocol (NDP) for all network management functions, including the discovery of currently active addresses. Each address that is bound requires a number of NDP messages to be exchanged before a host can begin using said address. When an MT6D server requires the binding of a large number of IPv6 addresses to a single interface, there is likely to be some negative impact to the network due to the amount of NDP traffic that is generated. This work attempts to quantify the specific impact to the network from NDP traffic generation through the use of ns-3 simulations and live experiments.