Farooq Anjum

Voice performance in WLAN networks - an experimental study

In this work, we measure wireless local area network (WLAN) voice performance and capacity. While most WLAN applications today are data centric, the growing popularity of Voice over IP (VoIP) applications and the escalating trend towards convergence with cellular networks will catalyze an increased mix of voice traffic. Since voice applications must compete with each other and with simultaneous data applications for WLAN bandwidth, quantifying voice performance and capacity in the presence of background data traffic is an important issue. We offer a practical investigation into the ability of 802.11b MAC layer to support simultaneous voice and data. We quantify VoIP capacity for standard WLAN networks, indicative of those already in the field, as well as evaluate the practical benefits of implementing backoff control and priority queuing at the access point. Conclusions are drawn based on an extensive set of real-world measurements conducted using off-the-shelf equipment in a commercial testbed.

Signature based intrusion detection for wireless ad-hoc networks: a comparative study of various routing protocols

In this paper we focus on intrusion detection in wireless networks. The intrusion detection community has been concentrating mainly on wired networks. Techniques geared towards wireline networks would not suffice for an environment consisting of multihop wireless links because of the various differences such as lack of fixed infrastructure, mobility, the ease of listening to wireless transmissions, lack of clear separation between normal and abnormal behavior in ad hoc networks. In this paper we consider the signature detection technique and investigate the ability of various routing protocols to facilitate intrusion detection when the attack signatures are completely known. We show that reactive ad-hoc routing protocols suffer from a serious problem due to which it might be difficult to detect intrusions even in the absence of mobility. Mobility makes the problem of detecting intruders harder. We also investigate a relationship between the probability of detecting an intrusion and the number of nodes that must participate in the process of detecting intrusions.

A framework for misuse detection in ad hoc networks- part II

We consider ad hoc networks with multiple, mobile intruders. We investigate the placement of the intrusion detection modules for misuse-based detection strategy. Our goal is to maximize the detection rate subject to limited availability of communication and computational resources. We mathematically formulate this problem, and show that computing the optimal solution is NP-hard. Thereafter, we propose two approximation algorithms that approximate the optimal solution within a constant factor, and prove that they attain the best possible approximation ratios. The approximation algorithms though require recomputation every time the topology changes. Thereafter, we modify these algorithms to adapt seamlessly to topological changes. We obtain analytical expressions to quantify the resource consumption versus detection rate tradeoffs for different algorithms. Using analysis and simulation, we evaluate these algorithms, and identify the appropriate algorithms for different detection rate and resource consumption tradeoffs.

Secure localization in sensor networks using transmission range variation

In a wireless sensor network, sensors can be randomly distributed in order to collect data from a site. In many cases the location of the wireless sensor nodes is required in order to map the collected data to a particular location. Various schemes have been proposed earlier to estimate the location of sensor nodes in a sensor network. However most of these schemes assume the absence of a malicious user in the system which might not always be true. This paper presents a secure localization algorithm (SLA) that can be implemented with the capabilities of current sensor nodes without the need for any additional specialized hardware. The scheme is based on the transmission of nonces at different power levels from the anchor nodes. A sensor node receives a certain set of nonces which it will have to transmit back to the sink via the anchor nodes. The location of the sensor node can be estimated securely based on this set of nonces. We have investigated the properties of SLA using simulations

Location dependent key management using random key-predistribution in sensor networks

In this paper we propose a location aware approach for key management in sensor networks. As a result, this approach not only provides for better connectivity of sensor nodes in the network but also provides for containment of node compromise. This approach which we call as location dependent key (LDK) management does not require any knowledge about the deployment of sensor nodes. LDK starts off with loading a random set of keys on each sensor node prior to deployment. The actual keys are then derived from this set after the sensor nodes are deployed. LDK also allows for additions of sensor nodes to the network at any point in time. We study the proposed scheme in detail using simulations. The proposed scheme is also compared with some existing key management schemes designed for sensor networks.

Efficacy of misuse detection in ad hoc networks

We consider ad hoc networks with multiple, mobile colluding intruders. We investigate the placement of the intrusion detection modules for misuse intrusion detection. Our goal is to maximize the detection performance subject to limitation in the computational resources. We mathematically formulate different detection objectives, and show that computing the optimal solution is NP-hard in each case. Thereafter, we propose a family of algorithms that approximate the optimal solution, and prove that some of these algorithms have guaranteeable approximation ratios. The algorithms that have analytically guaranteeable performance require re-computation every time the topology changes due to mobility. We next modify the computation strategy so as to seamlessly adapt to topological changes due to mobility. Using simulation we evaluate these algorithms, and identify the appropriate algorithms for different detection performance and resource consumption tradeoffs.

On optimal placement of intrusion detection modules in sensor networks

Sensor networks have increasingly become the subject of intense scientific interest over the past few years. In this work, we focus on intrusion detection in sensor networks. The intrusion detection community has been focusing mainly on wired networks. But techniques geared towards wire line networks would not suffice for a sensor environment because of the constraints associated with such networks. In this paper, we consider the arbitrary sized sensor networks and propose algorithms to improve the detection rates by intelligently enabling the intrusion detection functionality on particular sensor nodes. The proposed algorithms, based on the concepts of minimum cut-set and minimum dominating set, allow for a distributed implementation. The performance of the algorithms in identifying intrusions using signature based detection techniques is studied via simulations.

Last hop topology sensitive multicasting key managment

In this paper we study multicast key management. We illustrate the important role that the features of the last hop play in the context of multicast key management. We then propose several schemes to distribute the keys while focusing on the topology of the last hop. We also show the importance of these schemes when considering last hop wireless networks such as 3G networks. Towards this we have also considered the current proposal for multicasting in 3G networks and shown the advantages that would ensue by considering the proposed last hop sensitive key management schemes in such bandwidth constrained networks.

Comparative study of various TCP versions over a wireless link with correlated losses

In this paper, we investigate the behavior of the various Transmission Control Protocol (TCP) algorithms over wireless links with correlated packet losses. For such a scenario, we show that the performance of NewReno is worse than the performance of Tahoe in many situations and even OldTahoe in a few situations because of the inefficient fast recovery method of NewReno. We also show that random loss leads to significant throughput deterioration when either the product of the square of the bandwidth-delay ratio and the loss probability when in the good state exceeds one, or the product of the bandwidth-delay ratio and the packet success probability when in the bad state is less than two. The performance of Sack is always seen to be the best and the most robust, thereby arguing for the implementation of TCP Sack over the wireless channel. We also show that under certain conditions the performance depends not only on the bandwidth-delay product but also on the nature of timeout, coarse or fine. We have also investigated the effects of reducing the fast retransmit threshold.

Java call control, coordination, and transactions

Future telecommunications networks will consist of integrated packet-switched (IP and/or ATM), circuit-switched (PSTN), and wireless networks. Service providers will offer a wide portfolio of innovative applications over these integrated networks. Doing so rapidly and efficiently requires open network APIs, with a key API being that for call control, as well as for coordination and transactions. The JAIN community is defining an API for Java call control and Java coordination and transactions. The JCC API defines the interface for applications to initiate and manipulate calls, while JCAT defines the facilities for applications to be invoked and return results before or during calls. Note that in this context a call refers to a multimedia, multiparty, multiprotocol communications session. The JCC/JCAT Edit Group of JAIN is in the process of defining the first version of the JCC/JCAT API specification, which is expected to be released in early 2000. This article describes the background of and motivation for the design of the JCC/JCAT API. We describe the AIN and JTAPI call models on which the JCC/JCAT API is based. We then describe the scope of JCC/JCAT and its relationship to other JAIN Edit Groups defining facilities for enabling service creation. Finally, we describe the requirements and example service drivers for JCC/JCAT, as well as the initial proposed design and structure for JCC and JCAT.