Daniel T. Fokum

A Survey on Methods for Broadband Internet Access on Trains

We present a survey of approaches for providing broadband Internet access to trains. We examine some of the barriers that hinder the use of broadband Internet on trains and then discuss some of the opportunities for broadband deployment to trains. This survey considers some of the basic concepts for providing broadband Internet access and then reviews associated network architectures. The review of network architectures shows that we can subdivide networks for providing broadband Internet access to trains into the train-based network, the access network-for connecting the train to the service provider(s)-and the aggregation network-for collecting user packets generated in the access network for transmission to the Internet. Furthermore, our review shows that the current trend is to provide Internet access to passengers on trains using IEEE 802.11; however, a clear method for connecting trains to the global Internet has yet to emerge. A summary of implementation efforts in Europe and North America serves to highlight some of the schemes that have been used thus far to connect trains to the Internet. We conclude by discussing some of the models developed, from a technical perspective, for testing the viability of deploying Internet access to trains.

Experiences from a Transportation Security Sensor Network Field Trial

Cargo shipments are subject to hijack, theft, or tampering. Furthermore, cargo shipments are at risk of being used to transport contraband, potentially resulting in fines to shippers. The Transportation Security Sensor Network (TSSN), which is based on open software systems and Service Oriented Architecture (SOA) principles, has been developed to mitigate these risks. Using commercial off-the-shelf (COTS) hardware, the TSSN is able to detect events and report those relevant to appropriate decision makers. Prior to deploying the TSSN it should be determined if the system can provide timely event notification. A field experiment was conducted to assess the TSSNs suitability for monitoring rail-borne cargo. Log files were collected from this experiment and postprocessed. In this paper we present empirical results on the time taken to report events using the TSSN. These results show that the TSSN can be used to monitor rail-borne cargo. Index Terms—Service oriented architecture, Mobile Rail Net- work, Trade Data Exchange, Virtual Network Operations Center

Mitigating black hole attacks in wireless sensor networks using node-resident expert systems

Wireless sensor networks consist of autonomous, self-organizing, low-power nodes which collaboratively measure data in an environment and cooperate to route this data to its intended destination. Black hole attacks are potentially devastating attacks on wireless sensor networks in which a malicious node uses spurious route updates to attract network traffic that it then drops. We propose a robust and flexible attack detection scheme that uses a watchdog mechanism and lightweight expert system on each node to detect anomalies in the behaviour of neighbouring nodes. Using this scheme, even if malicious nodes are inserted into the network, good nodes will be able to identify them based on their behaviour as inferred from their network traffic. We examine the resource-preserving mechanisms of our system using simulations and demonstrate that we can allow groups of nodes to collectively evaluate network traffic and identify attacks while respecting the limited hardware resources (processing, memory and storage) that are typically available on wireless sensor network nodes.

An Open-System Transportation Security Sensor Network: Field-Trial Experiences

Cargo shipments are subject to hijack, theft, or tampering. Furthermore, cargo shipments are at risk of being used to transport contraband, potentially resulting in fines to shippers. The Transportation Security Sensor Network (TSSN), which is based on open software systems and service-oriented architecture principles, has been developed to mitigate these risks. Using commercial off-the-shelf hardware, the TSSN can detect and report events that are relevant to appropriate decision makers. However, field testing is required to validate the system architecture and to determine if the system can provide timely event notification. Field experiments were conducted to assess the TSSNs suitability to monitor rail-borne cargo. Log files were collected from these experiments and were postprocessed. We present the TSSN architecture and results of field experiments, including the time taken to report events using the TSSN and the interaction between various components of the TSSN. These results show that the TSSN architecture can be used to monitor rail-borne cargo.

Anomaly Detection with Sensor Data for Distributed Security

There has been increasing interest in incorporating sensing systems into objects or the environment for monitoring purposes. In this work we compare approaches to performing fully-distributed anomaly detection as a means of detecting secu- rity threats for objects equipped with sensing and communication abilities. With the desirability of increased visibility into the cargo in the transport chain and the goal of improving security, we consider the approach of equipping cargo with sensing and communication capabilities as a means of ensuring the security of the cargo as a key application. We have gathered real sensor test data from a rail trial and used the collected data to test the feasibility of the anomaly detection approach. The results demonstrate the effectiveness of our approach. I. INTRODUCTION

Coping with denial-of-service attacks on the IP telephony system

IP Telephony or simply Voice over IP (VoIP) is technology that enables real time voice communications over packet switched networks using TCP/IP. This technology is booming and its deployment is very complex. VoIP is often deployed in an open environment; therefore, it is subject to the same threats, e.g., denial-of-service attacks (DoS), frequently seen on the Internet. Given this, our first objective is to analyze and evaluate the countermeasures used to cope with DoS attacks against VoIP. We assess DoS detection and prevention schemes and simulate a SIP-based flooding attack against a widely used SIP server. An emulated test-bed environment was set up and the results of our experiment provided motivation for proposing a new mitigation scheme. This scheme consists of implementing Snort in inline mode as an Intrusion Protection System (IPS). Snort is used in conjunction with Iptables to provide security protection to the SIP server. Experimental evaluations of this scheme were conducted. The results then assisted us in assessing the proposed defense scheme, which is simple, lightweight, and can be easily deployed.

Securing wireless sensor networks from denial-of-service attacks using artificial intelligence and the CLIPS expert system tool

Wireless sensor networks consist of a number of autonomous sensor nodes which are deployed in various areas of interest to collect data and cooperatively transmit that data back to a base station. Wireless sensor networks have been used in military applications, environmental monitoring applications, healthcare applications, and even home applications. An adversary may want to disrupt these sensor networks for various reasons. Adversaries range from a hacker with a laptop to corporations and governments who have a vested interest in compromising the proper operation of an unwelcome sensor network. Since sensor nodes are small and usually placed in uncontrolled environments, they are susceptible to capture and reprogramming by an adversary. The low-power nature of sensor nodes make traditional strong encryption approaches to network security infeasible as nodes have limited processing power and sometimes significant energy constraints. This paper presents work in progress on developing a system which would protect a wireless sensor network from denial-of-service attacks after one or more nodes on the network have been captured and reprogrammed by an adversary. This system removes the need to rely on tamper proof packaging to protect the cryptographic keys and other sensitive data which is stored on nodes. With the proposed system, even if cryptographic keys are obtained by an attacker and are used to send false routing information or other spurious control information, the network will be able to identify such malicious nodes by using artificial intelligence and an expert system developed using the C Language Integrated Production System tool.

Towards analysing the effects of node mobility on the accuracy of Wi-Fi triangulation

The increased popularity of wireless networks has enabled the development of Location Based Service (LBS) techniques that rely on wireless signal strength. These techniques are being used extensively in military, healthcare, industrial and other environments in Wireless Sensor Networks (WSNs) and Mobile Ad hoc Networks (MANETs). In some networks, it is important to keep track of units/nodes that are mobile. However, the overall accuracy of Wi-Fi triangulation in any network is affected by mobile nodes. Such effects are dependent on link failure, the relative speed of the node(s), signal strength, node density and the mobility pattern of the node(s). This article analyzes the effects of node mobility on Wi-Fi triangulation. Furthermore, recommendations are provided for developing methods to mitigate their negative effects on the accuracy of Wi-Fi triangulation. Our goal is to develop more accurate Wi-Fi triangulation techniques that are not affected by node mobility.

A robust “Plug-and-Play” application for executing virtualized indoor Wi-Fi localization

Wi-Fi localization is a growing technology that spans many fields and industries and has attracted great attention in the research community. Naturally, to gather the equipment and tools necessary to perform successful localization is not cost effective and time efficient. In order to alleviate such gruesome issues we have developed a localization software system that is able to virtualize real-world indoor localization. The system features its Plug-and-Play ability by being able to accept different inputs within the different components and still function effectively without external intervention. In this paper we present our software and describe the different components that work together. Our goal is to develop a robust and extensible software system that is able to virtualize localization strategies and provide accurate results without the need for real-world testing.

The Performance of Female Computer Science Students across Three Caribbean Islands

We examine the gender balance of students in the Computer Science programme at a prominent Caribbean university---with campuses in Jamaica, Barbados, and Trinidad---from three perspectives: enrollment, retention and completion. In the US, in 2011, females accounted for approximately 17.7% of all graduands with a computing degree. These numbers are considered low, especially since when all subjects are taken into account, women account for more than 50% of American college graduates. On one campus of the Caribbean University, for the same year, the proportion of females graduating in Computer Science was 44.2%. These numbers are higher than the US national averages, even after normalizing them for the high female student population on the campus (approximately 70%). We introduce the notion of gender neutrality to represent these normalized ratios. Notably, we did not observe any statistically significant difference in the average performance of males and that of females, which is similar to the result found in the US. We discuss the methods that we used to make these comparisons.