Jiejun Kong

The challenges of building mobile underwater wireless networks for aquatic applications

The large-scale mobile underwater wireless sensor network (UWSN) is a novel networking paradigm to explore aqueous environments. However, the characteristics of mobile UWSNs, such as low communication bandwidth, large propagation delay, floating node mobility, and high error probability, are significantly different from ground-based wireless sensor networks. The novel networking paradigm poses interdisciplinary challenges that will require new technological solutions. In particular, in this article we adopt a top-down approach to explore the research challenges in mobile UWSN design. Along the layered protocol stack, we proceed roughly from the top application layer to the bottom physical layer. At each layer, a set of new design intricacies is studied. The conclusion is that building scalable mobile UWSNs is a challenge that must be answered by interdisciplinary efforts of acoustic communications, signal processing, and mobile acoustic network protocol design.

Self-securing ad hoc wireless networks

Mobile ad hoc networking offers convenient infrastructureless communication over the shared wireless channel. However, the nature of ad hoc networks makes them vulnerable to security attacks. Examples of such attacks include passive eavesdropping over the wireless channel, denial of service attacks by malicious nodes and attacks from compromised nodes or stolen devices. Unlike their wired counterpart, infrastructureless ad hoc networks do not have a clear line of defense, and every node must be prepared for encounters with an adversary. Therefore, a centralized or hierarchical network security solution does not work well.This work provides scalable, distributed authentication services in ad hoc networks. Our design takes a self-securing approach, in which multiple nodes (say, k) collaboratively provide authentication services for other nodes in the network. We first formalize a localized trust model that lays the foundation for the design. We further propose refined localized certification services based on our previous work, and develop a new scalable share update to resist more powerful adversaries. Finally, we evaluate the solution through simulation and implementation.

URSA: ubiquitous and robust access control for mobile ad hoc networks

Restricting network access of routing and packet forwarding to well-behaving nodes and denying access from misbehaving nodes are critical for the proper functioning of a mobile ad-hoc network where cooperation among all networking nodes is usually assumed. However, the lack of a network infrastructure, the dynamics of the network topology and node membership, and the potential attacks from inside the network by malicious and/or noncooperative selfish nodes make the conventional network access control mechanisms not applicable. We present URSA, a ubiquitous and robust access control solution for mobile ad hoc networks. URSA implements ticket certification services through multiple-node consensus and fully localized instantiation. It uses tickets to identify and grant network access to well-behaving nodes. In URSA, no single node monopolizes the access decision or is completely trusted. Instead, multiple nodes jointly monitor a local node and certify/revoke its ticket. Furthermore, URSA ticket certification services are fully localized into each nodes neighborhood to ensure service ubiquity and resilience. Through analysis, simulations, and experiments, we show that our design effectively enforces access control in the highly dynamic, mobile ad hoc network.

Building underwater ad-hoc networks and sensor networks for large scale real-time aquatic applications

Large-scale underwater ad-hoc networks (UANET) and underwater sensor networks (UWSN) are novel networking paradigms to explore the uninhabited oceans. However, the characteristics of these new networks, such as huge propagation delay, floating node mobility, and limited acoustic link capacity, are significantly different from ground-based mobile ad-hoc networks (MANET) and wireless sensor networks (WSN). In this paper we adopt a top-down approach to explore the new research subject. We at first show a new practical application scenario that cannot be addressed by existing technology and hence demands the advent of the UANET and UWSN. Then along the layered protocol stack, we go down from the top application layer to the bottom physical layer. At each layer we show a set of new design challenges. We conclude that UANET and UWSN are challenges that must be answered by inter-disciplinary efforts of acoustic communication, signal processing and mobile acoustic network protocol design

Adaptive security for multilevel ad hoc networks

Secure communication is critical in military environments in which the network infrastructure is vulnerable to various attacks and compromises. A conventional centralized solution breaks down when the security servers are destroyed by the enemies. In this paper we design and evaluate a security framework for multilevel ad hoc wireless networks with unmanned aerial vehicles (UAVs). In battlefields, the framework adapts to the contingent damages on the network infrastructure. Depending on the availability of the network infrastructure, our design is composed of two modes. In infrastructure mode, security services, specifically the authentication services, are implemented on UAVs that feature low overhead and flexible managements. When the UAVs fail or are destroyed, our system seamlessly switches to infrastructureless mode, a backup mechanism that maintains comparable security services among the surviving units. In the infrastructureless mode, the security services are localized to each nodes vicinity to comply with the ad hoc communication mechanism in the scenario. We study the instantiation of these two modes and the transitions between them. Our implementation and simulation measurements confirm the effectiveness of our design. Copyright

A new set of passive routing attacks in mobile ad hoc networks

In hostile environments, adversaries can launch passive attacks against interceptable routing information embedded in routing messages and data packets. Allowing adversaries to trace network routes and infer the motion pattern of nodes at the end of those routes may pose a serious threat to covert operations. In this paper we propose a feasible adversary model of such attacks, then present several instantiations and study the principles of designing corresponding countermeasures. We demonstrate that existing ad hoc routing protocols are vulnerable to passive attacks: in the feasible adversary model, (a) the location and motion patterns of mobile nodes can be traced, while (b) proactive and reactive/on-demand ad hoc routes across multiple mobile nodes can be visualized by the adversary. We conclude that ad hoc networks deployed in hostile environments need new countermeasures to resist such passive attacks.

Visualisation of wormholes in underwater sensor networks: a distributed approach

We propose a distributed mechanism, Dis-VoW, to detect wormhole attacks in underwater sensor networks. In Dis-VoW, every sensor reconstructs local network layout using multi-dimensional scaling. It detects the wormholes by visualising the distortions in edge lengths and angles among neighbouring sensors. The contributions include: Dis-VoW does not depend on any special hardware; it provides a localised wormhole detection mechanism adapting to network topology changes; it integrates techniques from social science and scientific visualisation to attack network security problems. The simulation results show that Dis-VoW can detect most of the fake neighbour connections without introducing many false alarms.

Effective probabilistic approach protecting sensor traffic

Sensor networks are often deployed in environments where malicious nodes present. Among all possible forms of the attacks threatening the sensor networks, in this work, we focus on traffic analysis attacks. Typically, in performing traffic analysis, an attacker will eavesdrop on-going wireless transmission and analyze contents and timing instances of the transmissions so to infer critical events or to trace valuable assets in the network (e.g. data sources or sinks). The paper presents a probabilistic approach to shape the sensor network traffic to decorrelate time instances in transmissions. The security properties of the approach are studied both analytically and empirically, showing strong protection in high probability

A Mobile Delay-Tolerant Approach to Long-Term Energy-Efficient Underwater Sensor Networking

Underwater environment represents a challenging and promising application scenario for sensor networks. Due to hard constraints imposed by acoustic communications and to high power consumption of acoustic modems, in underwater sensor networks (USN) energy saving becomes even more critical than in traditional sensor networks. In this paper the authors propose delay-tolerant data dolphin (DDD), an approach to apply delay-tolerant networking in the resource-constrained underwater environment. DDD exploits the mobility of a small number of capable collector nodes (namely dolphins) to harvest information sensed by low power sensor devices, while saving sensor battery power. DDD avoids energy-expensive multi-hop relaying by requiring sensors to perform only one-hop transmissions when a dolphin is within their transmission range. The paper presents simulation results to evaluate the effectiveness of randomly moving dolphins for data collection.

Low-cost attacks against packet delivery, localization and time synchronization services in under-water sensor networks

Under-Water Sensor Networking (UWSN) is a novel network paradigm that is being proposed to explore, monitor and protect the oceans. The unique characteristics of the aquatic environment, namely huge propagation delay, absence of GPS signaling, floating node mobility, and limited (acoustic) link capacity, are very different from those of ground sensor networks. Since underwater networks are mostly autonomous and very difficult to directly monitor by humans, a very important requirement is the built-in protection from automated malicious attacks. In this paper we show that the aquatic environment is particularly vulnerable to attacks and security must be integrated into the UWSN architecture to protect its localization, synchronization and packet delivery services.