Göran Pulkkis

Routing Security in Mobile Ad-hoc Networks

The role of infrastructure-less mobile ad hoc networks (MANETs) in ubiquitous networks is outlined. In a MANET there are no dedicated routers and all network nodes must contribute to routing. Classification of routing protocols for MANET is based on how routing information is acquired and maintained by mobile nodes and/or on roles of network nodes in a routing. According to the first classification base, MANET routing protocols are proactive, reactive, or hybrid combinations of proactive and reactive protocols. According to the role-based classification, MANET routing protocols are either uniform when all network nodes have the same role or non-uniform when the roles are different and dedicated. A contemporary review of MANET routing protocols is briefly presented. Security attacks against MANET routing can be passive and or active. The purpose of the former is information retrieval, for example network traffic monitoring, while the latter is performed by malicious nodes with the express intention of disturbing, modifying or interrupting MANET routing. An overview of active attacks based on modification, impersonation/ spoofing, fabrication, wormhole, and selfish behavior is presented. The importance of cryptography and trust in secure MANET routing is also outlined, with relevant security extensions of existing routing protocols for MANETs described and assessed. A comparison of existing secure routing protocols form the main contribution in this paper, while some future research challenges in secure MANET routing are discussed.

Using extreme learning machine for intrusion detection in a big data environment

Extending state-of-the-art machine learning algorithms to highly scalable (big data) analysis environments is crucial for the handling of authentic datasets in Intrusion Detection Systems (IDS). Traditional supervised learning methods are considered to be too slow for use in these environments. Therefore, we propose the use of Extreme Learning Machine (ELM) for detecting network intrusion attempts. We show they hold great promise for the field by employing a MapReduce based variant evaluated on the open source tool Hadoop.

Securing Control Signaling in Mobile IPv6 with Identity-Based Encryption

Control signaling messages in Mobile IPv6 are mainly used to inform the home agent (HA) and the correspondent node (CN) about the mobile node’s (MN’s) new address when its network attachment point is changed. In order to prevent various security attacks, these messages must be protected. In the current standard, the control sig naling messages between a HA and a MN are authenticated using IPSec, often with IKEv2 and X.509 certificates. Control signaling messages between a MN and a CN are currently protected by an effective but insecure protocol, known as Return Routability. Using IBE (Identity-Based Encryption) for authenticating control signaling messages requires more processing power but significant security enhancements are achieved. The current protocols for protecting control signal ing messages are outlined in this paper. Proposed approaches for implementing IBE-authentication between a MN and a HA as well as between a MN and a CN are presented. Environments where the MN and the CN use the same Public Key Generator (PKG) as well as environments where they use different PKGs are taken into account. Finally, the performance of some proposed signaling protocols is estimated. An overview of IBE is given and the elements and operations needed to set up an IBE infrastructure are described in an appendix.

Identifying time measurement tampering in the traversal time and hop count analysis (TTHCA) wormhole detection algorithm.

Traversal time and hop count analysis (TTHCA) is a recent wormhole detection algorithm for mobile ad hoc networks (MANET) which provides enhanced detection performance against all wormhole attack variants and network types. TTHCA involves each node measuring the processing time of routing packets during the route discovery process and then delivering the measurements to the source node. In a participation mode (PM) wormhole where malicious nodes appear in the routing tables as legitimate nodes, the time measurements can potentially be altered so preventing TTHCA from successfully detecting the wormhole. This paper analyses the prevailing conditions for time tampering attacks to succeed for PM wormholes, before introducing an extension to the TTHCA detection algorithm called ΔT Vector which is designed to identify time tampering, while preserving low false positive rates. Simulation results confirm that the ΔT Vector extension is able to effectively detect time tampering attacks, thereby providing an important security enhancement to the TTHCA algorithm.

Security and Trust of Public Key Cryptography Options for HIP

Host Identity Protocol (HIP) gives cryptographically veriable identities to hosts. These identities are based on public key cryptography and consist of public and private keys. Public keys can be stored, together with corresponding IP addresses, in DNS servers. When entities are negotiating on a HIP connection, messages are signed with private keys and verified with public keys. Even if this system is quite secure, there are some vulnerabilities concerning the authenticity of public keys. We examine various possibilities to derive trust in public parameters. These are DNSSEC, public key certificates (PKI), identity based cryptography (IBE) and certificate-less public key cryptography (CL-PKC). Both IBE and CL-PKC seem to offer better properties than DNSSEC and PKI, but experimental evaluation is needed, before we can make final conclusions.

A Generalized Scalable Software Architecture for Analyzing Temporally Structured Big Data in the Cloud

Software architectures that allow researchers to explore advanced modeling by scaling horizontally in the cloud can lead to new insights and improved accuracy of modeling results. We propose a generalized highly scalable information system architecture that researchers can employ in predictive analytics research for working with both historical data and real-time temporally structured big data. The proposed architecture is fully automated and uses the same analytical software for both training and live predictions.

Anonymous Communication on the Internet

There are many kinds of systems developed for anonymous communication on the internet. We survey a number of systems and evaluate their security. Among these systems we compare functionalities like Onion Routing, anonymous VPN services, probabilistic anonymity, and deterministic anonymity. Other types of anonymous communication such as messaging, peer-to-peer communication, web use, emailing, and use of other Internet applications are also presented. We follow up by presenting different types of attacks with the purpose of identifying anonymously communicating users. These attacks fall into the following categories: internal/external attacks, passive/active attacks, and static/adaptive attacks. We describe the following attacks as well as known protections against these attacks: predecessor attacks, intersection attacks, timing attacks, and Sybil attacks. Lastly we discuss design choices, operation, and security of the current TOR network – The 2G Onion Router. Access control methods to restrict malicious use of TOR are also proposed. In conclusions the significance of anonymous communication is outlined.

Analytics for Network Security: A Survey and Taxonomy

IT operations produce data such as log files, events, packets, configuration data, etc. Security attacks, for example, an intrusion, can be detected and mitigated by analyzing and finding abnormal patterns from collected data. Intelligent and effective algorithms are needed for analyzing the massive amount of unstructured data created within computing networks. This has motivated research on and development of information analytics like tools, solutions, and services for network security.

Teaching Mobile Communication in an e-Learning Environment

Introduction Wireless communication technologies provide significant advantages compared to wired technologies. A wireless networks eliminate the need for network cables since wireless radio interfaces are accessed over the air. Wireless networks also provide support for mobility, which means that a moving device can remain network connected also while the network access point changes and even when the access network type changes. The evolution of wireless technologies and mobility management schemes is currently advancing rapidly. Existing networking services can be offered on mobile communication platforms and the availability of mobile communication platforms also makes new network service types possible. (Pagani, 2005) Wireless and mobile networking is thus an important and highly relevant topic for IT education in universities and polytechnics. Arcada Polytechnic offers IT engineering education on Mobile and Wireless Communication Systems also in an e-learning environment. Course Content The course content consists of three structured sections: Generic Wireless Technology, Wireless Technology Types, and Mobility Management. These sections can be found from a navigational menu on the course portal. In the menu there are also links to the course index, all the exercises and the weekly topics. Generic Wireless Technology Section The general protocol architecture for mobile networking is outlined. Radio interfaces in wireless networking are described. Quality of Service (QoS) of a network and QoS management are characterized. Modulation and access methods are described. Wireless Technology Type Section Wireless communication technologies are described according to the following taxonomy (See Appendix for list of abbreviations): * Wireless Cellular Network Technologies * GSM evolution based technologies * 2G (GSM, HSCSD, GPRS, EDGE, EDGE Evolution) * 3G (UMTS, HSDPA, HSUPA, HSPA+, SAE/LTE) * 4G * other wireless cellular network technologies * MBWA * Flash OFDM * Wireless Network Technologies Classified By Coverage Range * Wireless PAN Technologies * IrDA * UWB * RFID * Bluetooth * Wibree * Zigbee * Wireless LAN Technologies * WLAN * Wireless MAN Technologies * WiMAX * Wireless ATM * Wireless WAN Technologies * Satellite Communication * GPS Each wireless communication technology is described by * An Introduction * Underlying Standards * System Architecture * Radio Interface and Modulation * Protocol Architecture * Quality of Service (QoS) Issues * Security Mobility Management Section Networking mobility types are terminal mobility, application mobility, and identity mobility. Terminal mobility or node mobility means that a terminal or network node moves to another location or to another network domain with preserved network connectivity. Application mobility means that a software process moves to another host node. Software agent technologies are typical implementations of application mobility. Identity mobility means that an identity defined as a name, a number, or cryptographic key moves to another location or to another computer. (Candolin, 2005) In this section only the case of terminal mobility or node mobility will be considered. A mobility management scheme for node mobility must solve the following problems: * the node location problem, to find the current point of network attachment * data transfer to and from the current node location * continuation of data transfer after the node or the network has moved * controlled disconnection of a node from the network * performance optimization, for example minimization of the network load of a mobility management scheme. …

A Virtual Learning Environment for Mobile IP

This paper presents a virtual learning environment for Mobile IP (Internet Protocol). The learning environment has been produced in a production circle of Virtual Polytechnic of Finland. Protocols and mechanisms for secure mobility in the Internet are surveyed. A detailed description of the development of the learning environment and the content of the Mobile IP animation is given. The chosen didactical approach and the graphical design of the learning platform are presented and motivated. The IT technology and the IT infrastructure needed to implement and use the learning platform are also described and assessed.