Traffic distribution over equal-cost-multi-paths Chim, Tat Wing; Yeung, Kwan L.; Lui, King-Shan
Computer networks (Amsterdam, Netherlands : 1999),
11/2005, Letnik:
49, Številka:
4
Journal Article
Recenzirano
Odprti dostop
To effectively manage the traffic distribution inside a network, traffic splitting is needed for load sharing over a set of equal-cost-multi-paths (ECMPs). In this paper, a new traffic splitting ...algorithm, called Table-based Hashing with Reassignments (THR), is proposed. Based on the load sharing statistics collected, THR selectively reassigns some active flows from the over-utilized paths to under-utilized paths. The reassignment process takes place in such a way that the packet out-of-order problem is less severe. Simulations show that THR provides close-to-optimal load balancing performance but suffers about 5% of packets arrived out-of-order. Although additional traffic monitoring function is needed by THR, we show that the extra complexity incurred is marginal.
This book constitutes the refereed proceedings of the 14th International Conference on Information and Communications Security, ICICS 2012, held in Hong Kong, China, in October 2012. The 23 regular ...papers and 26 short papers were carefully reviewed and selected from 101 submissions. The papers cover many important areas in information security such as privacy, security in mobile systems, software and network security, cryptanalysis, applied cryptography as well as GPU-enabled computation.
Smart grid network facilitates reliable and efficient power generation and transmission. The power system can adjust the amount of electricity generated based on power usage information submitted by ...end users. Sender authentication and user privacy preservation are two important security issues on this information flow. In this paper, we propose a scheme such that even the control center (power operator) does not know which user makes the requests of using more power or agreements of using less power until the power is actually used. At the end of each billing period (i.e., after electricity usage), the end user can prove to the power operator that it has really requested to use more power or agreed to use less power earlier. To reduce the total traffic volume in the communications network, our scheme allows gateway smart meters to help aggregate power usage information, and the power generators to determine the total amount of power that needs to be generated at different times. To reduce the impact of attacking traffic, our scheme allows gateway smart meters to help filter messages before they reach the control center. Through analysis and experiments, we show that our scheme is both effective and efficient.
Using vehicular ad-hoc network, smart vehicles can detect dangerous events on the road and announce warnings to other vehicles to ensure road safety. The other vehicles nearby may receive the warning ...messages and accordingly choose a different route. But, because of the presence of malicious users on the road and errors in the detection system, some warning messages may prove dubious. Therefore, to distinguish between genuine and dubious messages, an element of trust has to be infused into the warning system. One common approach for this is to enable the receivers count the popularity of the reports of a warning event, i.e., the trust level. Once the trust level meets a predefined threshold, the vehicle's on-board unit will trust the warning event and warn the driver. Yet, owing to security and privacy concerns, anonymous counting problem does exist, because it is hard to fulfill both anonymity and counting requirements. In this paper, the authors define the anonymous counting problem and then propose a conditional distinguishable pseudo identities scheme that achieves conditional anonymity to overcome the counting problem. To achieve this feature of pseudo identities, time slot was added to minimize the influence of the adversary. Randomized batch verification was applied to enhance efficiency. Furthermore, it is shown how to achieve those features and provide proof on pairing equations. Finally, the time complexity of the proposed scheme was analyzed and its performance evaluated by Simulation of Urban Mobility.
Vehicular Ad Hoc Network (VANET) is an emerging type of network which facilitates vehicles on roads to communicate for driving safety. It requires a mechanism to help authenticate messages, identify ...valid vehicles, and remove malevolent vehicles which do not obey the rules. Most existing solutions either do not have an effective message verification scheme, or use the public key infrastructure (PKI). In this network, vehicles are able to broadcast messages to other vehicles and a group of known vehicles can also communicate securely among themselves. So group communication is necessary for the network. However, most existing solutions either do not consider this or use pairing operation to realize this. They are either not secure or not effective. In this paper, we provide a more comprehensive set of secure schemes with Hash-based Message Authentication Code (HMAC) in VANETs to overcome their shortcomings. Of course, we still need to use Pairing operation in some place. Our scheme is composed of three schemes: (1) Communications between Vehicles and Road-Side Units (RSUs), (2) One to One Communications within a Group, (3) One to One Communications without a Group. Based on our simulation study, we show that our schemes are effective and the delay caused is much lower. The average delay caused by our first scheme is nearly thousands of times lower than prior schemes. The average delay caused by our second scheme is 0.312ms, while the delay caused by prior scheme is 12.3ms. Meanwhile the average delay caused by our third scheme is 0.312ms, and the delay caused by prior scheme is about 9s.
A mobile ad hoc network consists of mobile nodes that communicate in an open wireless medium. Adversaries can launch analysis against the routing information embedded in the routing message and data ...packets to detect the traffic pattern of the communications, thereby obtaining sensitive information of the system, such as the identity of a critical node. In order to thwart such attacks, anonymous routing protocols are developed. For the purposes of security and robustness, an ideal anonymous routing protocol should hide the identities of the nodes in the route, in particular, those of the source and the destination. Multiple routes should be established to increase the difficulty of traffic analysis and to avoid broken paths due to node mobility. Existing schemes either make the unrealistic and undesired assumption that certain topological information about the network is known to the nodes, or cannot achieve all the properties described in the above. In this paper, we propose an anonymous routing protocol with multiple routes called ARMR, which can satisfy all the required properties. In addition, the protocol has the flexibility of creating fake routes to confuse the adversaries, thus increasing the level of anonymity. In terms of communication efficiency, extensive simulation is carried out. Compared with AODV and MASK, our ARMR protocol gives a higher route request success rate under all situations and the delay of our protocol is comparable to the best of these two protocols.
This paper addresses the minimal energy scheduling problem in sensor networks to accommodate real-time surveillance orders. Assume we are given a set of sensors with adjustable sensing ranges and ...surveillance orders arrive in real time at a base station. Under the constraints that a sensor can deal with one order and an order only need to be handled by one sensor at a time, the base station schedules sensors to perform the orders such that the energy consumption is minimized. Our solution is optimal and simulation results show that our optimal solution performs better than another heuristic scheduling algorithm in terms of both energy consumption and percentage of scenarios in which all surveillance orders are accepted
Non-Transferable Proxy Re-Encryption Scheme Yi-Jun He; Tat Wing Chim; Hui, Lucas Chi Kwong ...
2012 5th International Conference on New Technologies, Mobility and Security (NTMS)
Conference Proceeding
A proxy re-encryption (PRE) scheme allows a proxy to re-encrypt a ciphertext for Alice (delegator) to a ciphertext for Bob (delegatee) without seeing the underlying plaintext. However, existing PRE ...schemes generally suffer from at least one of the followings. Some schemes fail to provide the non-transferable property in which the proxy and the delegatee can collude to further delegate the decryption right to anyone. This is the main open problem left for PRE schemes. Other schemes assume the existence of a fully trusted private key generator (PKG) to generate the re-encryption key to be used by the proxy for re-encrypting a given ciphertext for a target delegatee. But this poses two problems in PRE schemes if the PKG is malicious: the PKG in their schemes may decrypt both original ciphertexts and re-encrypted ciphertexts (referred as the key escrow problem); and the PKG can generate reencryption key for arbitrary delegatees without permission from the delegator (we refer to it as the PKG despotism problem). In this paper, we propose the first non-transferable proxy re-encryption scheme which successfully achieves the nontransferable property. We show that the new scheme solved the PKG despotism problem and key escrow problem as well.
Electric vehicle has attracted more and more attention all around the world in recent years because of its many advantages such as low pollution to the environment. However, due to the limitation of ...current technology, charging remains an important issue. In this paper, we study the problem of finding and making reservation on charging stations via a vehicular ad hoc network (VANET). Our focus is on the privacy concern as drivers would not like to be traced by knowing which charging stations they have visited. Technically, we make use of the property of blind signature to achieve this goal. In brief, an electric vehicle first generates a set of anonymous credentials on its own. A trusted authority then blindly signs on them after verifying the identity of the vehicle. After that, the vehicle can make charging station searching queries and reservations by presenting those signed anonymous credentials. We implemented the scheme and show that the credential signing process (expected to be the most time consuming step) can be completed within reasonable time when the parameters are properly set. In particular, the process can be completed in 5 minutes when 1024 bits of RSA signing key is used. Moreover, we show that our scheme is secure in terms of authentication and privacy-preserving.
In this paper, we investigate efficient strategies for routing events and queries in a wireless sensor network where energy is a major concern. Our along & across algorithm makes use of a hop tree ...structure. Event attributes are routed along hop levels while queries are routed across hop levels to seek for match. Location information is not assumed. Simulation results show that our algorithm yields much higher hitting probability between event attributes and queries than a previously proposed algorithm, rumor routing algorithm in a moderate-traffic environment. As a result, our algorithm consumes up to 72.6% less transmission overhead. As such, our along & across algorithm is sound and should be very useful to wireless sensor network developers.