Gregory Hadynski

Reliable User Datagram Protocol for airborne network

Applications operating over airborne networks are known to perform quite sub-optimally. Transmission Control Protocol (TCP) based applications often experience very low data throughput [1], while the User Datagram Protocol (UDP) based applications suffer high packet loss as well as out-of-order delivery [2]. This is due to the high Bit Error Rate (BER) nature of the wireless links and the high mobility of airborne nodes. Though TCP and UDP have performed well in wired networks, their original design did not take into consideration the characteristics seen in airborne networks thus resulting in their relatively poor performance. In this research, we implemented an OPNET model of the Reliable User Datagram Protocol (RUDP) as proposed in the IETF Internet-Draft in 1999 [3] with extensions to take into consideration the nature of airborne network characteristics. We then analyzed the performance and its applicability to airborne network scenarios. We also provide performance comparison of the enhanced RUDP against the TCP, UDP, and the standard RUDP counterparts.

BGP-MX: Border Gateway Protocol with Mobility Extensions

The inter-domain routing protocol for the Internet, i.e., BGP (Border Gateway Protocol), was designed for statically configured land-based networks, which experience infrequent topology changes. As a result, BGP is not suited for an airborne network environment, where the topology of the network is constantly changing because of domain mobility. This paper presents an innovative approach called Border Gateway Protocol with Mobility Extensions (BGP-MX) that enables inter-domain communication for mobile domains that are part of the Airborne Network (AN) environment. BGP-MX allows high-mobility networking systems to stay connected to each other and to the global Internet without adversely impacting the scalability of the global network. The paper presents the design of a prototype implementation of BGP-MX as well as the results of laboratory based experiments for characterizing the performance of BGP-MX.

Managing network security policies in tactical MANETs using DRAMA

Military networks are required to adapt their access control policies to the Information Operations Condition (INFOCON) levels to minimize the impact of potential malicious activities. Such adaptations must be automated to the extent possible, consistent with mission requirements, and applied network-wide. In this paper, we present a Policy-Based Network Security (PBNS) management approach for tactical MANETs. This approach leverages the DRAMA policy based network management system and the Smart Firewall system to meet the above requirement. It allows administrators to specify low-level network access control policies for each INFOCON level using high-level policies (adapted from the Smart Firewalls approach). The high-level policies are securely distributed to all the policy decision points in the network, which evaluate and enforce policies in a distributed manner. As a consequence of enforcing policies in response to INFOCON level changes, appropriate access control policies will be derived and applied to local firewall devices without human intervention. Thus, operator burden can be significantly reduced and inadvertent errors can be avoided.

Topology control for future Airborne Networks

Active topology management in the future Airborne Networks (AN) can provide improved overall network throughput, efficiency, and scalability and is critical due to the high degree of platform dynamics involved. The RF links that form an airborne network must be established and reconfigured rapidly in response to aircraft joining and leaving the network, aircraft changing flight paths, and to changes in mission information flows, among other things. Additional technical challenges stem from the fact that the airborne nodes will use multiple directional and omni-directional antennas with differing antenna patterns. In this paper we present a Mobility Aware Topology Control (MAToC) solution for the Airborne Network. MAToC is comprised of deliberative and reactive topology planning components. MAToC utilizes a distributed protocol for airborne nodes for ad-hoc exchange of respective flight plan. Deliberative mode planning uses the collected flight plan information to assign optimal power, channel and boresight direction to the airborne antennas. Deliberative MAToC uses graph coloring algorithms for channel and timeslot assignment and uses geometric optimization methodology to assign antenna powers to maximize Signal to Interference and Noise Ratio (SINR). In the reactive mode, MAToC is responsible for link monitoring and link repair for fault-tolerance.

Performance analysis for SIP based VoIP services over airborne tactical networks

In recent years the Department of Defense has aggressively invested in development of an Internet Protocol (IP) based network that interconnects mobile air platforms and ultimately will also connect to the Global Information Grid (GIG) as part of its Net-Centric Warfare initiatives. One of the major visions for the IP based networks is to support interoperable voice communication amongst heterogeneous airborne platforms using Voice over IP (VoIP) technology. In this study, we investigate the performance of the ubiquitous Session Initiation Protocol (SIP), a signaling protocol used by VoIP, in the context of the high loss, high latency, bandwidth constrained Airborne Network environments, and perform an in-depth analysis on various deployment scenarios for SIP-based VoIP services using OPNET System in the Loop (SITL) capability.12

Enabling Distributed Management for Dynamic Airborne Networks

In this paper we describe our experience with integrating a distributed policy-based management system (DRAMA) with an open-source network management system (OpenNMS) 1 . Network operations seeking the benefits of policy-based network management often have pre-existing network monitoring systems. While these pre-existing systems are capable of monitoring the network, they are limited in their: 1) ability to provide distributed network management, 2)support for automatically reconfiguring the network in response to network events, and 3) ability to adjust management traffic bandwidth consumption based on network conditions. For dynamic networks such as those consisting of airborne platforms, there is a need to provide the above capabilities in any management solution while preserving any underlying management systems. As a result, we integrated DRAMA with OpenNMS to add distributed policy management capability to a commonly used network management system. In this paper, we describe the background for this effort, our approach for integrating OpenNMS with DRAMA, and the design of a distributed resource indirection framework that allows the use of the same policies across different distributed policy decision points managing network devices with different attribute values.

Optimization of directional antenna network topology in Airborne Networks

Future IP-based Airborne Networks, important components in net-centric military communications, are envisioned to consist of a persistent backbone core network and dynamic tactical edge networks. The backbone would consist of quasi-stable platforms equipped with multiple high-capacity directional wireless links. The tactical edge networks would consist of highly dynamic platforms such as fighter jets equipped with omni-directional wireless links, and these would be interconnected by the backbone core network. Maintaining optimal backbone topology is an important problem with significant operational impact. Factors such as non-uniform link capacities, the number of traffic sources and sinks, and connectivity complicate the problem. The solution consists of making optimal selection of the link directionality and the possible insertion of communication relay nodes. We approach the solution by abstracting the network as a template from which to select the optimal combination of edges (transmitter-receiver pairs) and nodes (relays). Through innovative graph and flow-theoretic reductions we show that the single sink (or alternatively single source) case can be solved in polynomial time for uniform backbone link capacities. In contrast, we prove not only that the problem is NP-complete for non-uniform backbone link capacities but that the non-uniform case of the problem is hard to approximate to within even a logarithmic factor. Nevertheless we present a scheme based on iterative rounding that scales well in practice. Simulations demonstrate that our algorithm achieves a performance within a factor 2 of the theoretical best. This allows us to conclude that the use of algorithmic techniques in configuring backbone networks can contribute significantly in improving network performance.

Reservation-based quality of service (QoS) in an Airborne Network

This paper addresses the use of Resource ReSerVation Protocol-Aggregate (RSVP-AGG) at the tactical edge of the Air Forces Airborne Network (AN). Since the AN tactical edge can have different types of stub-networks accessing the AN (i.e., non-IP based legacy networks like Link 16, DiffServ based networks and IntServ based net-works), RSVP-AGG offers a common access approach regardless of the differences in the networks using the AN. The paper presents a novel RSVP-AGG approach that has the advantage of decreasing the burden on the AN core links with limited bandwidth by reducing RSVP control traffic over the encrypted core. Also, the paper shows that RSVP-AGG (being a single reservation instead of multiple reservations) could be more resilient to link errors. Moreover, using RSVP-AGG over the AN core could open the door to consider the advantages of statistical multiplexing.

Using an adaptive management plane for policy-based network management traffic in MANETs

Network management for Mobile Ad Hoc Networks (MANETs) is a challenging management problem given the intermittent connectivity of the nodes and the low bandwidth constraints associated with these networks. Further, MANET management mandates a distributed management paradigm, which gives rise to specific information dissemination challenges. In order to manage these networks, the Network Management System (NMS) needs to send critical network management alerts and data to network operation centers (NOCs) and the NOCs need to send changes to policies and configuration files to the distributed nodes. The need to keep the overhead of management traffic to a minimum and yet reliably deliver this data is a requirement for any NMS in this environment. This paper examines these challenges and proposes an Adaptive Management Plane approach that overcomes these challenges. This approach provides support for Disruption Tolerant Networking (DTN), allowing messages to reach intermittently connected nodes. It also provides a service to deliver management data to the remote nodes according to the information dissemination requirements that regulate the expiration, revision and confirmation of the data. In addition, the approach provides support for above Multi-Topology Routing (MTR), allowing the NMS to deliver data of different priorities over multiple networks that exhibit different traffic delivery characteristics. This solution is described in terms of an implementation in the Dynamic Re-Addressing and Management for the Army (DRAMA) policy-based network management system.

Insider attack detection using weak indicators over network flow data

Insider attack detection in an enterprise network environment is a critical problem that currently has no promising solution. It represents a significant challenge since host availability and performance requirements cannot be ignored. A network based approach allows these requirements to be met but is limited by the granularity of data available and the near impossibility of defining exact signatures for known attack types. Anomaly detection approaches suffer from the well known problem of false positives making them hard to apply in enterprise environments where even a moderate false positive rate is not acceptable. Sophisticated attacks and complex network topologies make it hard to apply simplistic approaches to anomaly detection. This paper presents an approach that applies the unsupervised learning techniques of bi-clustering and one-class SVM to so-called weak indicators of network attacks. This approach is well suited for network flow data that is coarse grained and not amenable to simplistic anomaly detection or signature-based techniques. Further, our approach allows a security analyst to determine the cause of the anomaly, a capability that is typically not supportable by simplistic applications of unsupervised learning.