440 likes | 531 Views
PRIN2005 – Women 3rd Meeting. University of Florence Research Unit. Research Activity. WP3 Space division multiple access for QoS guaranteed wide-band connection T3.1 Link adaptation T3.2 Hybrid ARQ Techniques T3.3 Optimized scheduling procedures
E N D
PRIN2005 – Women3rd Meeting University of Florence Research Unit PRIN Women - 3rd Meeting
Research Activity • WP3 Space division multiple access for QoS guaranteed wide-band connection • T3.1 Link adaptation • T3.2 Hybrid ARQ Techniques • T3.3 Optimized scheduling procedures • WP5 Secure applications, development and trials • T5.1 Security protocols for multi-hop wireless networks • T5.2 Authentication and identity management PRIN Women - 3rd Meeting
T3.1Link adaptation • Link Adaptation strategy in a wireless multipath-fading affected environment • OFDMA TDD Scenario • Adaptive modulation based on: • Received power • Error rate • Target functions: • Target SER • Minimize SER • Maximize Throughput PRIN Women - 3rd Meeting
Adaptive Modulation • It select automatically the modulation order for: • minimize the error probability; • maximize the transmitting rate; Channel state adaptativity PRIN Women - 3rd Meeting
Adaptive management Channel state adaptivity Three state Moore machine PRIN Women - 3rd Meeting
Minimum SER Technique • For each fixed SNR at the BS two thresholds are selected [αA, αB]: SER(SNR, αA, M=16) = SER(SNR, M=4) SER(SNR, αB, M=64) = SER(SNR, M=4) where, supposing, we have: SER(SNR, M=4) PRIN Women - 3rd Meeting
Maximum Throughput Technique • Throughput: Thr(SNR, α, M) = log2(M)[1-SER(SNR, α, M)] • For each fixed SNR we select two thresholds [αA, αB] by solving: Thr(SNR, αA, M=16) = Thr(SNR, αA, M= 4) Thr(SNR, αB, M=64) = Thr(SNR, αB, M=16) 64QAM 16QAM QPSK PRIN Women - 3rd Meeting
Target SER Technique • We can define a target SER value (TSER) based on the Quality of Service requested • For each SNR we search two thresholds [αA, αB]: SER(SNR, αA, M=16) = TSER SER(SNR, αB, M=64) = TSER TSER = constant SNR Example with SNR=15dB PRIN Women - 3rd Meeting
System Parameters • Channel model ITU-R M.1225 (vehicular A) with 6 Rayleigh distributed main paths and Jake Doppler • Bandwidth equal to 10MHz • NFFT = 1024 portanti • Carrier at 3.5 GHz • Maximum speed equal to 125Km/h • Frame duration TDD: • TF = 8ms; • TDL=TUL=3,995ms; • (TTG=RTG=5μs) • OFDMA symbols in each frame: • 40 in DL + 39 in UL • Distributed subcarriers allocations PRIN Women - 3rd Meeting
Minimum SER and Maximum Throughput Maximum throughput allows higher rate but higher SER For SNR=8 dB 16QAM is the most used modulation order 2dB For SNR=16 dB 16QAM is the most used modulation order For SNR=16 dB 64QAM is the most used modulation order PRIN Women - 3rd Meeting
Target SER TSER is imposed based on the requested QoS level PRIN Women - 3rd Meeting
T3.3 Optimized scheduling procedures • IEEE 802.16d Centralized Scheduling in for mesh networks • Data & VoIP traffic • Heterogeneous Scenario with IEEE 802.11 hot-spots PRIN Women - 3rd Meeting
Sch. Ctrl Net. Ctrl Sch. Ctrl Sch. Ctrl Net. Ctrl Sch. Ctrl ScheduleFrames Mesh frame structure • The IEEE 802.16-2004 Mesh frame is devided in two parts: • Control Sub-frame rezserved to management messages • Data Sub-frame reserved to data traffic • Does not exist an uplink/downlink divsion as in PMP frame • Centralized Scheduling Configuration • Message - CSCF: • contains the information on the actual network configuration • Network Configuration Message - NCFG: • are sent in broadcast to all the terminals within the network • allow the communication between nodes, also belonging to different networks and different operators • Centralized Scheduling Message - CSCH: • used for bandwidth request/grant • Distributed Scheduling Message - DSCH: • are used in the distibuted scheduling • are transmitted by each node for informing the neighbors about the resource scheduling defined by the controller • carry bandwidth request/grant • Network Entry Message - NENT: • is used by a new enetering node for enetring in the network and obtain the synchronization The frames having the Network Control Subframe will repeat with a certain periodicity extabilished by the controller and notified to the other nodes exploiting the SchedulesFrames parameter in the CSCF message. There will be one Network Control Subframe for each [SchedulesFrames+1] Schedule Control Subframe PRIN Women - 3rd Meeting
Distributed Scheduling coordinated non-coordinated Centrilized Scheduling Scheduling types • the scheduling is decided based on the request/grant between two nodes • it is not collision-free: each station has to verify that its transmission does not collide with other data or control traffic • the connection is established through a three way handshaking • every node coordinates the transmissions in their 2-hop neighborhood • every node use partially or totally the control part of each frame reserved to them for transmitting their scheduling • it is collision free • the scheduling is established through request/grant sent by each node to the previous/successive node in the routing tree • the resource scheduling is done by the controller for the 1-hope nodes; • each node schedules the resource for its son in the routing tree PRIN Women - 3rd Meeting
Mechanism for entrance/exit from the network Bandwidth requests propagation Resource allocation mechanism Analyzed centralized scheduling policy PRIN Women - 3rd Meeting
System parameters • Management of a 802.16d TDMA Mesh network • Centralized scheduling with Best Effort traffic nodes • Physical parameters • TDMA/OFDM • 16QAM with Rc=1/2 PRIN Women - 3rd Meeting
Schedule Frames Single Hop Multi Hop Variable 1000 20 SS 20 SS 30 SS 30 SS 40 SS 40 SS 2000 20 SS 20 SS 30 SS 30 SS Variable 40 SS 40 SS Sch. Ctrl Net. Ctrl MultiHop Sch. Ctrl SingleHop Sch. Ctrl Net. Ctrl Sch. Ctrl 3000 Variable: 3000 for 300000 frames 10000 in the following 20 SS 20 SS 20 SS Net Ctrl Sch Ctrl Sch Ctrl Net Ctrl Sch Ctrl Sch Ctrl Net Ctrl Sch Ctrl Sch Ctrl Net Ctrl Sch Ctrl 30 SS 30 SS 30 SS 40 SS 40 SS 40 SS ScheduleFrames 1000 – 2000 - 3000 300000 3000 10000 Simulated scenarios PRIN Women - 3rd Meeting
Multihop vs Singlehop SingleHop MultiHop • A multihop scenario is better when the number of nodes is higher • For lower number the singlehop may have equal performance PRIN Women - 3rd Meeting
Bandwidth usage Used Bandwidth - Available Bandwidth ratio 20 stazioni 40 stazioni 30 stazioni The system with a higher ScheduleFrames allow to use more bandwidth due to a slower varying scenario PRIN Women - 3rd Meeting
T5.1 Security protocols for multi-hop wireless networks • Firewalling in mesh networks • Bloom filters • Bloom filtering applied in mesh environments PRIN Women - 3rd Meeting
Security in computer networks • A firewall is a device that filters packets between two networks • It can be implemented in almost every device Router Packet filtering Parameters: IP address and socket number Distributed firewall: each device has all the rules PRIN Women - 3rd Meeting
router B A internet C D IC Int. Client Rete mesh IS Int. Server EC Est. Client ES Est. Server Firewall design • Class C network, composed by 256 terminals • If we don’t do any hypotheses on their functions the IPtable rules increase quadratically with the number of users • High resource wastage for filter trnsmission • High esecution times for filtering Classification of the pc in the network based on their functions PRIN Women - 3rd Meeting
Identification/definition of traffic flows • Aim of the firewall: optimize the resource utilization, defend the network from DoS or spamming attacks • For reducing the filter dimension we can classify the traffic in the Prerouting chian • IPTables run the commands in order in the lists • More specific rules on the top of chain • Prevent an erroneous classification of a good packet PRIN Women - 3rd Meeting
INTERNET Interfacce di rete kernel space prerouting postrouting Forward Routing decison Netfilter and IPTables A deny policy is applied: it is not important the rules order The rules order is important for preventing erroneous classifications PRIN Women - 3rd Meeting
IPTables and filtering effects Prerouting rule After Prerouting Forward rule • PREROUTING Chain • After PREROUTING • FORWARD CHAIN • OUTPUT PRIN Women - 3rd Meeting
A Bloom filter is an abstract structure for representing a set of elements in a compact way in order to do queries exploiting hash tables principles A Bloom filter is represented in the memory with a m bit array At each elements of the generating set k independent hash functions (h1,h2,..., hk) are applied For each element x S (with dim{S}=n), the resulting bit from the hash application are set to 1 The query are done by applying the same hash functions to the element to be analyzed and verifying that bit are set to 1 also in the filter 0 0 1 0 1 0 1 0 1 0 0 1 1 1 0 0 0 0 0 1 0 0 0 0 0 0 0 0 1 0 0 1 1 1 1 h1(x1),h2(x1) h1(x2),h2(x2) h1(y2),h2(y2) h1(y1),h2(y1) Bloom filters Disadvantage: possible positive false • Bloom filters in Forward chain • The rules define how t generate the filter; they are not inserted in the filter • Higher security: the security policy is hidden inside the filter • The filtere generator set is designed from the filtering parameters Design a filter from two elements x1≠x2 Verify if the elements y1 ≠ y2 ≠ x1≠ x2 belong to the filter Negative false are not possible Positive false PRIN Women - 3rd Meeting
Classe Parametro1 Parametro2 D IPs{ ES } E IPd{ ES } C IPs{ EC } Pd[0:1024] F IPd{ EC } Ps[0:1024] A IPs{ IC } IPd{ IS } B IPd{ IC } IPs{ IS } Firewall with Bloom filters • Decide the set from whcih generate the filters • The parameters that form the filter are five: the IP addresses of the pc of type IS, IC, EC, ES eand the lower sockets • The use of Bloom filters allows to not respect a rigif chain compilation • The filtering parametrs are coupled • The filters become three from six PRIN Women - 3rd Meeting
n {n1, n2, n3} dove ni = dim {Si} • ki = number of hash function • mi = filter dimension • (1-pi)k = positive false probability Firewall with Bloom fliters The expression of optimal k is obtained minimizing Eb, that is imposing the derivative of Eb in k is null. • Setting p, is possible ti have m and k PRIN Women - 3rd Meeting
Firewall with Bloom fliters • Base on the tolerated positive false probability we can find the Bloom filters dimension. • The calculated k are optimal. • The figure shows the Eb behavior for different m/n values beginning from the optimal k • The value m/n corresponds to the filter density dimension PRIN Women - 3rd Meeting
T5.2 Authentication and identity management • Security analysis of IEEE 802.16 • Mesh authentication • PMP authentication PRIN Women - 3rd Meeting
Security analysis of IEEE 802.16 • The authentication scheme used in Wimax, Privacy Key Management (PKM) has already been criticized for insecurities revealed in the authentication protocol. • Some of them have been addressed in the e amendment that become IEEE 802.16-2005. • Some insecurities have not been addressed and deal with: • authentication in mesh mode • management frames
Mesh mode authentication • In mesh mode node A that is entering the network performs a full PMP mode authentication with the first node it encounters and selects as a sponsor node • The sponsor node tunnels the authentication messages over a multi-hop path to the real Base Station, a node that contains the database of credentials for all the clients • During authentication A receives a symmetric key named Operator Shared Secret (OSS). Each node already authenticated possess the OSS. • If node A wants to communicate with node B it can use the Neighbor link establishment (NLE), an handshake based on the possession of the OSS.
Mesh authentication • NLE is used to avoid another multi-hop authentication, note that PMP authentication is a time consuming, certificate based authentication. • A→B: HMAC{OSS, frame number, A Node_ID, B Node_ID} • B→A: HMAC{OSS, frame number, B Node_ID, A Node_ID} • A→B: Accept, Random unused link ID
Mesh security problems • The channel between the sponsor node and the base station is unsecured • The standard doesn't specify any mean to make it secure, neither protocols to be used for this aim (such as RADIUS) • Nodes in the path could intercept or modify the frames making the authentication • NLE is unsecure: • No public keys are ever used, so it makes the initial certificate-based authentication useless • There is no way of refreshing the OSS, it might be lost, stolen etc...
PMP security problems • Certain Management frames are sent in clear: • RNG-RSP packets can be spoofed causing a re-entrance in the network (denial of service) • Spoofing of aggregate Bandwidth requests: • these messages are sent in an unscheduled contention period at the beginning of each time slot • a client can pretend to be someone else and send fake requests with little bandwidth requests, to have more resources allocated for himself
Software & Tools • Development of a Cross-layer simulator based on IEEE 802.15e (OFDMA/TDD) scenario • MAC Layer • NS2 CMU Monarch Project • Scheduled access vs random access • PHY Layer (Outside this scope) • Channel variation & BER analysis (& other PHY layer characteristics…) • Based on C++ libraries developed by own • MuDiSP simulation tool PRIN Women - 3rd Meeting
NS-2 Network Simulator • Network simulator based on Discrete Events • Written in C++ • OTcl User Interface • The state variables vary only at certain instants • The state change is called event • The activity in time have a begin and an end Events Scheduler NS2 • manages the events during the simulation • optimize the computational time • not user-friendly tclcl Network Components OTcl • manages the control flow of the simulation • user-friendly Tcl PRIN Women - 3rd Meeting
Mobile Networking in NS-2 • NS-2 has some extensions that allow to simulate wireless network with mobility. The main are: • CMU’s Monarch group’s mobility extension to ns • Mobility Model • Mobile Node • Wireless LAN (IEEE 802.11) • Mobile IP extension • Wired cum Wireless extension PRIN Women - 3rd Meeting
The implemented simulator • Goal: • Implement a software architecture for emulating the Mobile WiMAX, based on IEEE802.16° OFDMA standard Mobile Node was designed for IEEE 802.11 standard PRIN Women - 3rd Meeting
Model implementation • Redefine MAC and PHY layers of MobileNode • MAC layer: • SSMAC and BSMAC classes • PHY layer: • SSPHY and BSPHY classes • Channel: • Define a suitable radio channel • Timer management PRIN Women - 3rd Meeting
ULMap DLMap FrameRect Used Structures RadioFrame ULRadioFrame DLRadioFrame PRIN Women - 3rd Meeting
BSMac SSMac ULMap DLMap ULMap DLMap BSPhy SSPhy DLMap ULMap ULMap DLMap ULMap ULMap DLMap DLMap DLEnd DLBegin DownLink Uptarget() Framepoll() Framepoll() Uptarget() Framed Radio Channel PRIN Women - 3rd Meeting
BSMac SSMac BSPhy SSPhy ULBegin ULEnd UpLink ULMap DLMap Framepoll() Uptarget() ULMap DLMap Uptarget() Framepoll() Framed Radio Channel PRIN Women - 3rd Meeting
Publications • R. Fantacci and D. Tarchi, “Bridging Solutions for a Heterogeneous WiMAX-WiFi Scenario”, Journal of Communications and Networks, vol. 8, no. 4, pp. 369-377, Dec. 2006. • R. Fantacci, D. Tarchi, and M. Bardazzi, “Quality of Service Management in IEEE 802.16 Wireless Metropolitan Area Networks”, in Proc. of IEEE ICC 2006, Istanbul, June 2006 • L. Maccari, R. Fantacci, T. Pecorella, and F. Frosali, “Secure, fast handhoff techniques for 802.1X based wireless network”, in Proc. of IEEE ICC 2006, Istanbul, June 2006 • L. Maccari, M. Paoli, and R. Fantacci, “Security analysys of IEEE 802.16”, in Proc. of IEEE ICC 2007, accepted • L. Maccari, R. Fantacci, P. Neira, and R. M. Gasca, “Mesh network firewalling with Bloom Filters”, in Proc. of IEEE ICC 2007, accepted PRIN Women - 3rd Meeting