Catálogo de publicaciones - libros

In this paper, we study the performance of IEEE 802.11 broadcast scheme in multihop wireless networks using an analytical model. Previous works have evaluated the performance of IEEE 802.11 protocol assuming unicast communication, but there has not been an analysis considering broadcast communication. Analyzing performance of broadcast communication is important because multicast communication is gaining attention in wireless networks with numerous potential applications. Broadcast in IEEE 802.11 does not use virtual carrier sensing and thus only relies on physical carrier sensing to reduce collision. For this study, we define a successful broadcast transmission to be the case when all of the sender’s neighbors receive the broadcast frame correctly, and calculate the achievable throughput.

For the IEEE 802.11 protocol, the basic access method in its medium access control (MAC) layer protocol is the distributed coordination function (DCF). However, this strategy incurs a high collision probability and channel utilization is degraded in bursty arrival or congested scenarios. Besides, when a frame is collided on a wired network, the sender should slow down, but when one is lost on a wireless network, the sender should try harder. Extending the backoff time just makes matters worse because it brings bandwidth wastage. In this paper, we identify the relationship between backoff parameters and channel BER and put forth a pragmatic problem-solving solution. In addition to theoretical analysis, simulations are conducted to evaluate the performance scheme. As it turns out, our design indeed provides a remarkable improvement in a heavy load and error-prone WLANs environment.

One of the main issues to be addressed in the design of large-scale wireless LANs is that of assigning demand points to access points (APs) in such a way that each demand point is assigned to one AP and the aggregate traffic demand (which is referred to as load in this paper) of all demand points assigned to any AP does not overload that AP. In this paper, we consider the problem of assigning demand points to APs with the objective of minimizing the maximum load among the set of APs, which qualitatively represents congestion at some hot spots in the network service area. We refer to this problem as the . We formulated this problem as an integer linear program (ILP) and show that the problem is NP-hard. We propose an efficient -approximation algorithm for the problem.

The IEEE 802.11 MAC protocol adopts the distributed coordination function (DCF) with a binary exponential backoff as a medium access control mechanism. According to previous research results and our simulation study, the performance of IEEE 802.11 is highly dependent upon the number of contending stations and the initial value of contention window (). In this paper, we propose an adaptive contention window mechanism that dynamically selects the optimal backoff window by estimating the current number of contending stations in wireless ad hoc networks. In the proposed scheme, when there are small number of contending stations, a smaller value is selected, while a larger value is selected when there are large number of contending stations. We study the performance of the proposed mechanism by simulation and we got an improved performance over the IEEE 802.11 MAC protocol which uses a fixed value.

This paper presents experimental results for the actual effects of the IEEE 802.11 power saving mode (PSM) on communication performance and energy saving. First, we have measured the throughput and response time of a station working in PSM with various applications and compared them to those of the active mode. Energy consumptions have also been compared by analyzing trace data. Second, the effects of a PSM station to the neighbor stations have been investigated by measuring their performance changes. The experiments show that the amount of effects varies depending on application types due to traffic burstness and congestion control of underlying transport protocols. It may happen that a PSM station running a streaming application, somewhat abnormally, does harm to the performance of the neighbor station. Finally, a primitive solution against this abnormality is presented and experimented. This study could provide a good basis for further studies on utilizing PSM.

This paper presents and implements a high-performance network monitoring platform (HPNMP) for high bandwidth network intrusion detection system (NIDS). The traffic load on a single machine is heavily reduced in an operation mode of parallel cluster. An efficient user-level messaging mechanism is implemented and a multi-rule packet filter is built at user layer. The results of experiments indicate that HPNMP is capable of reducing the using rate of CPU while improving the efficiency of data collection in NIDS so as to save much more system resources for complex data analysis in NIDS. ...

is an important extension to the model of network security where emphasis is traditionally put on prevention and to a lesser extent on detection. It focuses on the , , and of network packets and events for investigative purposes. It is a young field for which very limited resources are available. In this paper, we briefly survey the state of the art in network forensics and report our experience with building and testing a network forensics system.

The intrusion detection system (IDS) is used as one of the solutions against the Internet attack. However the IDS reports extremely many alerts as compared with the number of the real attack. Thus the operator suffers from burden tasks that analyze floods of alerts and identify the root cause of them. The attribute oriented induction (AOI) is a kind of clustering method. By generalizing the attributes of raw alerts, it creates several clusters that include a set of alerts having similar or the same cause. However, if the attributes are excessively abstracted, the administrator does not identify the root cause of the alert. In this paper, we describe about the over generalization problem because of the unbalanced generalization hierarchy. We also discuss the solution of the problem and propose an algorithm to solve the problem.

This paper describes the design and implementation of a multi-agent system to detect and audit host security vulnerabilities. The system uses agent platforms allocated through the network to scan and interact with each host. The information collected by each agent is then used to build a common knowledge base that together with data retrieved from vulnerabilities information sources is used to improve the overall security. This approach reduces the total time to scan the network and the processing time overhead associated. The amount of traffic involved is also reduced. It allows the dissemination of updated knowledge about the network security status and reduces the communication with the network administrator. This solution provides an autonomous and proactive distributed system. It acts as a vulnerability assessment tool to make security notifications only if needed.

In this paper, we present the design and implementation of (CIPS), which includes (PFW), (FD) and (MIDS) to against large-scale or coordinated intrusions. The PFW consists of several firewalls working in parallel mainly by means of packet filtering, state inspection, and SYN proxy. The FD and MIDS detect and analyze the flow at the same time. The former one uses artificial neural network to analyze network traffic and detect flow anomaly. The latter one adopts traditional techniques such as protocol flow analysis and content-based virus detection to detect and prevent conventional intrusions and virus. Taking load balancing into account, CIPS also has (FS) for dispatching packets to each parallel component evenly. In addition, there is a (CM) aiming to reduce redundant alerts and to provide a feedback mechanism by alert clustering and to recognize the potential correlation rules among coordinated intrusion through mining large amounts of alerts.