Frank A. Zdarsky

The DISCO network calculator: a toolbox for worst case analysis

In this paper we describe the design, implementation, and analytical background of the DISCO Network Calculator. The DISCO Network Calculator is an open-source toolbox written in Java™ which we developed for worst-case analyses based on network calculus. To our knowledge it is the first of its kind. It allows to do network analyses regarding performance characteristics such as delay and backlog bounds for piecewise linear arrival and service curves. We illustrate the tools usefulness by two comprehensive example applications.

A Comprehensive Worst-Case Calculus for Wireless Sensor Networks with In-Network Processing

Todays wireless sensor networks (WSN) focus on energy-efficiency as the main metric to optimize. However, an increasing number of scenarios where sensor networks are considered for time-critical purposes in application scenarios like intrusion detection, industrial monitoring, or health care systems demands for an explicit support of performance guarantees in WSNs and, thus, in turn for a respective mathematical framework. In (J. Schmitt and U. Roedig, 2005) , a sensor network calculus was introduced in order to accommodate a worst-case analysis of WSNs. This sensor network calculus focused on the communication aspect in WSNs, but had not yet a possibility to treat in-network processing in WSNs. In this work, we now incorporate in-network processing features as they are typical for WSNs by taking into account computational resources on the sensor nodes. Furthermore, we propose a simple, yet effective priority queue management discipline which achieves a good balance of response times across sensor nodes in the field.

Handover in mobile communication networks: who is in control anyway?

The migration from 3rd generation mobile communication networks to 4th generation, purely IP-based networks leads to new chances, but also great risks for the traditional mobile network operators, as competition increases dramatically. While this competition potentially improves the cost-value ratio for mobile users, they might well find their freedom of seamless session mobility abruptly end at the administrative borders of wireless Internet service providers. We describe a possible and in our opinion likely scenario for future mobile wireless access, point out the inherent problem of current IP mobility management schemes when it comes to inter-provider handovers, have a look at why control over this process is currently shared between the network and the mobile end-devices, and describe approaches to shift the major part of control back to the user.

CARMEN: Delivering carrier grade services over wireless mesh networks

Current Internet use is evolving, users are becoming mobile and are expecting data services on the go. This fact presents big challenges and opportunities to operators, which see the increase in data services as a big market still to be exploited. However, current cellular technologies cannot accommodate the demand that will arise when the true mobile Internet evolves. Addressing these challenges, we present the CARMEN project, the vision of which is to extend operatorspsila infrastructure by providing carrier grade services through a heterogeneous wireless mesh. The CARMEN architecture will provide enough bandwidth to cope with userspsila expectations at a reduced cost, thereby generating major benefits to operators and users.

Wireless client puzzles in IEEE 802.11 networks: security by wireless

Resource-depletion attacks against IEEE 802.11 access points (APs) are commonly executed by flooding APs with fake authentication requests. Such attacks may exhaust an APs memory resources and result in denied association service, thus enabling more sophisticated impersonation attacks accomplished by rogue APs. This work introduces the concept of wireless client puzzles, a protection method which assists an AP to preserve its resources by discarding fake requests, while allowing legitimate clients to successfully join the network. Rather than conditioning a puzzles solution on computational resources of highly heterogeneous clients, the puzzles utilize peculiarities of a wireless environment such as broadcast communication and signal propagation which provide more invariant properties. Using an implementation of the proposed scheme, we demonstrate its effectiveness within a realistic scenario. Based on the insights from the implementation a simulation is used to extend the threat model and to scale up the scenario. Simulations verify our implementation results and show that the impact of flooding rate is decreased by 75% even if an attacker changes its position or manipulates its signal strength, while ≈ 90% of the legitimate stations are still able to successfully associate during an attack.

Phishing in the Wireless: Implementation and Analysis

Web-based authentication is a popular mechanism implemented by Wireless Internet Service Providers (WISPs) because it allows a simple registration and authentication of customers, while avoiding high resource requirements of the new IEEE 802.11 i security standard and backward compatibility issues of legacy devices. In this work we demonstrate two different and novel attacks against web-based authentication. One attack exploits operational anomalies of low- and middle-priced devices in order to hijack wireless clients, while the other exploits an already known vulnerability within wired networks which, in dynamic wireless environments, turns out to be even harder to detect and protect against.

Supporting carrier grade services over wireless mesh networks: The approach of the European FP-7 STREP CARMEN [Very Large Projects]

CARMEN is a three-year Specific Targeted Research Project (STREP) funded by the European Commission within the 7th Framework Program. The CARMEN access network will complement existing access technologies by exploiting low cost mesh networking techniques, thus minimizing deployment and maintenance costs. The CARMEN architecture introduces an abstraction layer that hides the specifics of the underlying access technology providing an abstract interface on top of which higher layers can be easily developed. This allows for the integration of current and future heterogeneous wireless technologies to provide scalable and efficient mobile ubiquitous Internet access, able to adapt to different environments and user requirements. Following these goals, CARMEN aims to define, study and implement link and technology abstractions, mobility support, and quality of service. The architecture also includes advanced monitoring features that allow for dynamic self-configuration, thereby reducing the installation and operational costs.

Rope ladder routing: Position-based multipath routing for wireless mesh networks

In this paper, we present a novel multipath structure called rope-ladder which combines the advantages of path, node and link protection schemes. We also propose a position-based multipath routing protocol in order to efficiently construct rope-ladders in wireless networks. By design, the paths which are constructed by our protocol are closely together which allows to quickly switch back and forth between them in cases of node or link failures. Hence, the size of loss gaps (i.e. the number of consecutively lost packets) can be minimized. Previous works mostly confine themselves to overall packet loss comparisons. However, the loss gap size is crucial to ensure high quality for gap-sensitive traffic like voice flows. Our multipath structure can also tolerate failures of multiple consecutive nodes on the primary path, and has a superior path diversity and path lifetime compared to even perfect braids. We evaluate the performance of our protocol using analysis and simulations1.

Security analysis of wireless mesh backhauls for mobile networks

Radio links are used to provide backhaul connectivity for base stations of mobile networks, in cases in which cable-based alternatives are not available and cannot be deployed in an economic or timely manner. While such wireless backhauls have been predominantly used in redundant tree and ring topologies in the past, mobile network operators have become increasingly interested in meshed topologies for carrier-grade wireless backhauls. However, wireless mesh backhauls are potentially more susceptible to security vulnerabilities, given that radio links are more exposed to tampering and given their higher system complexity. This article extends prior security threat analyses of 3rd generation mobile network architectures for the case of wireless mesh backhauls. It presents a description of the security model for the considered architecture and provides a list of the basic assumptions, security objectives, assets to be protected and actors of the analysis. On this foundation, potential security threats are analyzed and discussed and then assessed for their corresponding risk. The result of this risk assessment is then used to define a set of security requirements. Finally, we give some recommendations for wireless mesh backhaul designs and implementations following these requirements.

Cost-Efficient Wireless Mobile Backhaul Topologies: An Analytical Study

Wireless communication technologies such as microwave radios are used to provide high-speed mobile backhaul connectivity for radio access networks in cases in which wire-based alternatives, e.g. cable or fiber, are not readily available and cannot be deployed in an economic or timely manner. Current mobile backhauls are predominantly deployed in tree or ring topologies, which simplify traffic management. Yet, with the increasing demand on backhaul capacity and the immense cost pressure on mobile backhaul solutions, meshed wireless mobile backhauls have been identified as a promising evolution. While traffic management in wireless mesh networks have been studied extensively in the literature, so far there is no quantitative analysis comparing the different topology options, i.e. mesh, ring and tree, regarding network performance and deployment cost. This paper fills this gap by studying the minimum cost problem of connecting a set of base station/gateway sites using different topologies while supporting both time- and space-varying traffic demands. Furthermore, we consider the additional constraint of resilience to single link failures. The evaluation results show that meshed wireless backhaul topologies are a cost-effective alternative to trees and rings, in particular in the face of spatial and temporal fluctuation of traffic demand and protection against link failures.