Fazirulhisyam Hashim

Biologically Inspired Anomaly Detection and Security Control Frameworks for Complex Heterogeneous Networks

The demand for anytime, anywhere, anyhow communications in future generation networks necessitates a paradigm shift from independent network services into a more harmonized system. This vision can be accomplished by integrating the existing and emerging access networks via a common Internet Protocol (IP) based platform. Nevertheless, owing to the inter-worked infrastructure, a malicious security threat in such a heterogeneous network is no more confined to its originating network domain, but can easily be propagated to other access networks. To address these security concerns, this paper proposes a biologically inspired security framework that governs the cooperation among network entities to identify security attacks, to perform security updates, and to inhibit attacks propagation in the heterogeneous network. The proposed framework incorporates two principal security components, in the form of anomaly detection framework and security control framework. Several plausible principles from two fields of biology, in particular the human immune system (HIS) and epidemiology have been adopted into the proposed security framework. Performance evaluation demonstrates the efficiency of the proposed biologically inspired security framework in detecting malicious anomalies such as denial-of-service (DoS), distributed DoS (DDoS), and worms, as well as restricting their propagations in the heterogeneous network.

A New Super Wideband Fractal Monopole-Dielectric Resonator Antenna

The small physical size and multiband capability are significant in the design of ultrawideband (UWB) antennas. Fractal geometry provides a good method for achieving the desired miniaturization and multiband performances. Furthermore, using a dielectric resonator improves bandwidth and radiation characteristics. A combination of these methods in the UWB antenna design is presented. The proposed design is a new hybrid dielectric resonator antenna (DRA) excited by a new fractal monopole antenna. The simulation and optimization have been carried out using Ansoft HFSS. The simulation and measurement results show that the proposed structure provides a huge bandwidth ranging from 2 to 40 GHz. Radiation patterns and gains show a good agreement over the bandwidth.

Feasibility study of LTE signal as a new illuminators of opportunity for passive radar applications

Recently, there has been an evolution of mobile networks towards the fourth generation radio wireless communications (4G) as LTE (Long Term Evolution). In this paper, the feasibility of using LTE-based passive radar is investigated to take advantage of using LTE signal as illuminator of opportunity for moving object monitoring. An analysis of ambiguity function is done on a typical LTE waveform to assess the Doppler and range characteristics. The initial results and analysis show that LTE signal range and Doppler resolutions of 7.5m and 0.11m/s can be achieved, respectively.

Quality-improved and secure multicast delivery method in mobile IPv6 networks

With widespread deployment of multicast over Wireless Local Area Networks (WLANs), several issues including fixed data rate transmission, multicast key distribution security, and overlapped multicast address have to be addressed for accommodating an efficient multicast scheme for WLANs. The latter problem can be addressed by utilizing Internet Protocol version 6 (IPv6) which provides significantly more address space compare to existing IPv4. However, in multicast IPv6 over WLANs, when a mobile moves to the border of the multicast group, the data are transmitted at the lowest base rate to support more coverage area, leading to poor Quality of Service (QoS). In this paper, a novel multicast data delivery method over WLANs based on IPv6 protocol is proposed to overcome the problem of fixed base rate and security key distribution in WLANs. Specifically, the proposed method dictates a WLAN Access Point (AP) to encapsulate the multicast packets into unicast Medium Access Control (MAC) packets, and subsequently forward them to the mobile host. In addition, the AP is also responsible for updating and distributing security keys whenever a join or leave operation occurs. The results from our test-bed indicate that the proposed method significantly improve the QoS metrics (i.e., throughput and delay) compared to the existing multicast scenario, as well as able to reduce the amount of generated keys in the networks.

Lightweight decentralized multicast–unicast key management method in wireless IPv6 networks

Key management is one of the principal security issues in multicast IPv6 networks. Owing to the multicast nature of information delivery in IPv6, and the mobility of network users, whenever a new node is granted to join or leave, a new key should be generated and distributed to every node in the network. Unfortunately, this approach increases the communication and storage cost of key management. While a number of algorithms have been proposed to address this issue, most of the existing approaches have to increase their encryption/decryption cycle in order to maintain the security level of the key management, thereby suffering from high computation cost. By focusing on the aforementioned criteria, we highlight the possibility of addressing these costs without having to sacrifice one for the sake of the other. In light of this, we propose a lightweight key management scheme for wireless IPv6 networks, which is capable of reducing communication, computation, and storage costs. A performance evaluation indicates the efficiency of our proposed scheme in reducing such costs, while at the same time maintaining both forward and backward security. In addition, the results from real test-bed show the efficiency of the proposed method for reducing the communication cost.

Detecting sybil attacks in clustered wireless sensor networks based on energy trust system (ETS)

Wireless sensor networks (WSNs) are an emerging technology used in many applications in both the civilian and military domains. Typically, these networks are deployed in remote and hostile environments. They are vulnerable to various kinds of security attacks, of which sybil attacks are some of the most harmful. Thus, it is necessary to solve the problems related to sensor node constraints and the need for high WSN security. This paper proposes an energy trust system (ETS) for WSNs to effectively detect sybil attacks. It employs multi-level detection based on identity and position verification. Then, a trust algorithm is applied based on the energy of each sensor node. Data aggregation is also utilized to reduce communication overhead and save energy. We analyze the performance of the proposed system in terms of security and resource consumption using theoretical and simulation-based approaches. The simulation results show that the proposed ETS is effective and robust in detecting sybil attacks in terms of the true and false positive rates. By virtue of the application of multi-level detection, the proposed system achieves more than 70% detection at the first level, which significantly increases to 100% detection at the second level. Furthermore, this system reduces communication overhead, memory overhead, and energy consumption by eliminating the exchange of feedback and recommendation messages among sensor nodes.

Multicast-Unicast Data Delivery Method in Wireless IPv6 Networks

Multicast IPv6 is an efficient way of transmitting data simultaneously to a group of IPv6 users. It has the advantage of reducing the required bandwidth of IPv6 data delivery compared to unicast transmission. The data rate of multicast transmission over WLAN is confined by the user with the lowest rate in the multicast group, which is called the fixed base rate problem. This paper proposes a delivery method that incorporates both multicast and unicast transmissions to solve the fixed base rate problem. The proposed method divides the IPv6 network into two levels: multicast mode for the upper level of the network [IPv6 server to Access Point (AP)], and unicast mode for the lower level (AP to mobile nodes). To maintain the end-to-end multicast transmission, the AP is responsible for converting multicast packets to unicast packets. Such a combination enables the proposed method to inherit the advantages of both multicast and unicast transmissions. The performance of our proposed method is evaluated in a test-bed environment that considers the transmission of real-time video application. The proposed multicast-unicast is able to improve the throughput and video quality experienced by the end user, with low packet loss and transmission delay.

QoE-oriented cross-layer downlink scheduling for heterogeneous traffics in LTE networks

With the soaring demands for high speed data communication, as well as transmission of various types of services with different requirements over cellular networks, having a decent radio resource management is considered vital in Long Term Evolution (LTE) system. In particular, satisfying the Quality of Service (QoS) requirements of different applications is one of the key challenges of radio resource management that needs to be dealt by the LTE system. In this paper, we propose a cross-layer design scheme that jointly optimizes three different layers of wireless protocol stack, namely application, Medium Access Control (MAC), and physical layer. The cross-layer optimization framework provides efficient allocation of wireless resources across different types of applications (i.e., real-time and non real-time) run by different users to maximize network resource utilization and user-perceived quality of service, or also known as Quality of Experience (QoE). Here, Mean Opinion Score (MOS) is used as a unified QoE metric that indicates the user-perceived quality for real-time or multimedia services notably video applications. Along with multimedia services, the proposed framework also takes care of non-real-time traffic by ensuring certain level of fairness. Our simulation, applied to scenarios where users simultaneously run different types of applications, confirms that the proposed QoE-oriented cross-layer framework leads to significant improvement in terms of maximizing user-perceived quality as well as maintaining fairness among users.

Securing the next generation mobile network

Despite well-defined security models to prevent fraudulent intrusion, a number of security attacks have been reported in literature for legacy networks. While a section of these attacks are due to inherent design limitations, others stem from the pervasive introduction of Internet Protocol (IP)-based applications and external attacks. The former can be addressed by the continual evolution of the system (as is the case with existing systems) whereas the latter requires careful designing. With the advent of all-IP next generation mobile network (NGMN) inter-connecting disparate access technologies, the design process assumes paramount importance in relation to detecting/preventing/eliminating migration of attacks through infected terminals. Taking into consideration the fact that standardization bodies are responsible for individual network evolution, a cooperative NGMN security architecture is proposed in this paper that identifies and isolates/eliminates security attacks. The cooperation is encased by the network elements within the NGMN hierarchy and utilizes an anomaly-based attack detection mechanism. Several dominant security attacks are simulated to demonstrate the effectiveness of the proposed architecture. Copyright

An effective approach for managing power consumption in cloud computing infrastructure

Cloud computing offers a dynamic provisioning of server capabilities as a scalable virtualized service. Big datacenters which deliver cloud computing services consume a lot of power. This results in high operational cost and large carbon emission. One way to lower power consumption without affecting the cloud services quality is to consolidate resources for reducing power. In this paper, we introduce a DNA-based Fuzzy Genetic Algorithm (DFGA) that employs DNA-based scheduling strategies to reduce power consumption in cloud datacenters. It is a power-aware architecture for managing power consumption in the cloud computing infrastructure. We also identify the performances metrics that are needed to evaluate the proposed work performance. The experimental results show that DFGA reduced power consumption when comparing with other algorithms. Our proposed work deals with real time task which is not static, and concentrates on the dynamic users since they are involved in cloud.