Yujun Zhang

Access Points Planning in Urban Area for Data Dissemination to Drivers

Roadside infrastructure can greatly help disseminate data to drivers. In this paper, we study a fundamental problem, i.e., roadside infrastructure planning. We propose a class of algorithms named Tailor to select a minimum number of intersections to install the infrastructure. In the case when the traffic information is not available, we formulate the intersection selection problem, which formally proves its np-completeness, and provide novel heuristics, i.e., the adapted-bipartite-based heuristics (ABS), to solve it, whose worst-case approximation ratio is 4/3. ABS bridges the planar graph and the bipartite graph through topology transformation. With ABS, the approximate solution to all the problems that are NP-hard in a general planar graph but polynomially solvable in a bipartite graph can be efficiently obtained in the planar graph. We also prove that, even with traffic information, the intersection selection problem remains NP-hard. Greedy heuristics is employed to balance the tradeoff between the number of selected intersections and the percentage of reached vehicles.

2FLIP: A Two-Factor Lightweight Privacy-Preserving Authentication Scheme for VANET

Authentication in a vehicular ad-hoc network (VANET) requires not only secure and efficient authentication with privacy preservation but applicable flexibility to handle complicated transportation circumstances as well. In this paper, we proposed a Two-Factor LIghtweight Privacy-preserving authentication scheme (2FLIP) to enhance the security of VANET communication. 2FLIP employs the decentralized certificate authority (CA) and the biological-password-based two-factor authentication (2FA) to achieve the goals. Based on the decentralized CA, 2FLIP only requires several extremely lightweight hashing processes and a fast message-authentication-code operation for message signing and verification between vehicles. Compared with previous schemes, 2FLIP significantly reduces computation cost by 100-1000 times and decreases communication overhead by 55.24%-77.52%. Furthermore, any certificate revocation list (CRL)-related overhead on vehicles is avoided. 2FLIP makes the scheme resilient to denial-of-service attack in both computation and memory, which is caused by either deliberate invading behaviors or jammed traffic scenes. The proposed scheme provides strong privacy preservation that the adversaries can never succeed in tracing any vehicles, even with all RSUs compromised. Moreover, it achieves strong nonrepudiation that any biological anonym driver could be conditionally traced, even if he is not the only driver of the vehicle. Extensive simulations reveal that 2FLIP is feasible and has an outstanding performance of nearly 0-ms network delay and 0% packet-loss ratio, which are particularly appropriate for real-time emergency reporting applications.

GOT: Grid-Based On-Road Localization through Inter-Vehicle Collaboration

GPS navigators have been widely adopted by drivers. However, due to the sensibility of GPS signals to terrain, vehicles cannot get their locations when they are inside a tunnel or on a road surrounded by high-rises where the satellite signal is blocked. This incurs the safety and convenience problems. To address the issue, we propose a novel Grid-based On-road localizaTion system (GOT), where vehicles with or without accurate GPS signals self-organize into a vehicular ad hoc network (VANET), exchange location and distance information and help each other to calculate an accurate position for all the vehicles inside the network. GOT uniquely evaluates some fuzzy geometric relationship among vehicles and employs a grid-based approach to calculate vehicles locations, by which GOT solves the issues of lack of beacon nodes and error propagation that are the two major challenges in on-road localization. Simulation shows our GOT system is very effective and efficient in calculating the vehicular positions.

Evaluation of Fast PMIPv6 and Transient Binding PMIPv6 in Vertical Handover Environment

Recently, the IETF MIPSHOP working group proposes Fast PMIPv6 (FPMIPv6) and Transient Binding PMIPv6 (TPMIPv6) to reduce the handover latency and packets loss of PMIPv6. The research and standardization of FPMIPv6 and TPMIPv6 are just in the initial stage. The system performance analysis of them is benefit to the protocol design and deployment. In this paper, through the theoretical analysis and system simulation, we evaluate the handover latency of PMIPv6, FPMIPv6 and TPMIPv6 in vertical handover environment. Furthermore, in order to reflect handover performance more comprehensively, in system simulation, we also evaluate the UDP packets loss rate and the TCP throughput declining degree of such protocols. The results of theoretical analysis and simulation show that: (1) in vertical handover, the handover latency of FPMIPv6 is much larger than TPMIPv6 and PMIPv6. But the UDP packet loss rate of FPMIPv6 is smaller than TPMIPv6 and PMIPv6; (2) the handover performance of FPMIPv6-pre and TPMIPv6 much depend on MNs residence time in signal overlapped area.

IPv6 conformance testing: theory and practice

IPv6 is in its growing stage in which new protocols are being proposed and more and more IPv6 devices are being produced. Conformance testing is the most important method to improve the reliability of IPv6 implementations. With a view to provide test ability for IPv6, the features and the test requirements of IPv6 are analyzed. Two difficulties of the standard test framework applying to IPv6 conformance testing, test packets description and complicated algorithm implementation, are pointed out. IPv6 test framework is proposed to solve the two difficulties, in which a new IPv6 test suite specification language is defined. Two test methods, called the virtual test method and the low-layer congregating test method, are adopted to enhance single physical testers test ability. IPv6 test suite is designed and four IPv6 implementations are tested. An example of test case is given to explain IPv6 test framework and IPv6 test suite specification language.

An Adaptive and Robust Reputation Mechanism for P2P Network

Current trust mechanisms employed by the existing P2P systems are faced with various threats from malicious nodes, which have seriously affected the performance of whole system. To protect P2P network, an adaptive and robust reputation mechanism (ARRep) is proposed. ARRep balances direct trust and recommended trust according to the experience of the requester. Our contribution lies in three aspects. Firstly, a transaction decay function is adopted to distinguish the importance of direct experience. Secondly, ARRep utilizes the transaction numbers and the size of common set to gain the higher accuracy of the recommended trust value. Finally, to verify the transaction information, we develop a simple transaction validation protocol. Simulation experimental results show that ARRep is highly effective in front of on-off, bad mouthing and collusive cheating attacks.

TOHIP: A topology-hiding multipath routing protocol in mobile ad hoc networks

Existing multipath routing protocols in MANETs ignore the topology-exposure problem. This paper analyzes the threats of topology-exposure and propose a TOpology-HIding multipath Protocol (TOHIP). TOHIP does not allow packets to carry routing information, so the malicious nodes cannot deduce network topology and launch various attacks based on that. The protocol can also establish multiple node-disjoint routes in a route discovery attempt and exclude unreliable routes before transmitting packets. We formally prove that TOHIP is loop-free and does not expose network topology. Security analysis shows that TOHIP can resist various kinds of attacks efficiently and effectively. Simulation results demonstrate that TOHIP has better capability of finding routes and can greatly increase the capability of delivering packets in the scenarios where there are malicious nodes at the cost of low routing overhead.

Identity-based Hierarchical Access Authentication in Mobile IPv6 Networks

Access authentication is very important for deploying mobile IPv6 networks. In this paper, we design a two-level hierarchical identity-based signature scheme, based on which we propose a new hierarchical authentication scheme for mobile IPv6 networks. Our solution adopts multi-level network access identifier (NAI) as public key, which simplifies key management in wireless mobile environment. The handover procedure integrating authentication is also cut down by our hierarchical solution. And our solution accomplishes mutual authentication between terminal and network. We propose the handover latency analytical model to evaluate handover latency. The results show that our solution is more efficient than others, especially when a terminal is far away from its home domain and moves frequently. Security analysis shows that the proposed scheme is sufficient for privacy and unforgeability. An extended version for access authentication in multi-hierarchical mobile IPv6 networks is discussed.

An Accurate and Multi-faceted Reputation Scheme for Cloud Computing

Abstract With the rapid growth of cloud computing, the importance of a reputation system for cloud computing services has attracted a lot of attention. Building an objective and reliable reputation scheme has been crucial to promote the development of cloud computing. To address the challenges of reputation evaluation in cloud computing, including the diverse nature of cloud services and intricacy of malicious ratings, an Accurate and Multi-faceted Reputation scheme for cloud computing (AMRep) is proposed. As the reputation systems of cloud computing are exposed to new vulnerabilities, AMRep introduces a couple of malicious rating detection approaches to improve the accuracy of reputation calculation. Additionally, we establish a multi-faceted reputation evaluation method, which can help user assess and choose cloud services from different angles. Experiments reveal that our AMRep scheme can effectively defend against malicious ratings, and accurately calculate the reputation values of cloud services.

A reputation based incentive mechanism for selfish BitTorrent system

The current BitTorrent-like file sharing systems suffer from peer selfish behaviors. The uncooperative peers can freeload compliant users by free-riding and exploiting. To study the performance of BitTorrents embedded incentive mechanism against selfishness, a fluid model with three different classes of peers, namely normal peers, exploiters and free-riders, is established. We point out that the current BitTorrent system can not provide an effectively differentiated service in accordance with contribution of peers. Therefore, a reputation based incentive (RBI) mechanism for selfish BitTorrent system is proposed. RBI defines a trust value for each peer associative to its historical performance to the whole system. With the trust value, the choking mechanism is modified to ensure the more trustworthy peers will have more chances to get served. Our simulation study indicates that RBI mechanism can remarkably prevent exploiting behaviors, severely penalize free-riders, and thus result in a fairer allocation of bandwidth among peers.