Addressing Scheme for IOT Network Using IPV6

The goal of this paper is to present an addressing scheme that allows for assigning a unique IPv6 address to each node in the Internet of Things (IoT) network. This scheme guarantees uniqueness by extracting the clock skew of each communication device and converting it into an IPv6 address. Simulation analysis confirms that the presented scheme provides reductions in terms of energy consumption, communication overhead and response time as compared to four studied addressing schemes Strong DAD, LEADS, SIPA and CLOSA.

Improving Cryptographically Generated Address Algorithm in IPv6 Secure Neighbor Discovery Protocol through Trust Management

As transition to widespread use of IPv6 addresses has gained momentum, it has been shown to be vulnerable to certain security attacks such as those targeting Neighbor Discovery Protocol (NDP) which provides the address resolution functionality in IPv6. To protect this protocol, Secure Neighbor Discovery (SEND) is introduced. This protocol uses Cryptographically Generated Address (CGA) and asymmetric cryptography as a defense against threats on integrity and identity of NDP. Although SEND protects NDP against attacks, it is computationally intensive due to Hash2 condition in CGA. To improve the CGA computation speed, we parallelized CGA generation process and used the available resources in a trusted network. Furthermore, we focused on the influence of the existence of malicious nodes on the overall load of un-malicious ones in the network. According to the evaluation results, malicious nodes have adverse impacts on the average CGA generation time and on the average number of tries. We utilized a Trust Management that is capable of detecting and isolating the malicious node to remove possible incentives for malicious behavior. We have demonstrated the effectiveness of the Trust Management System in detecting the malicious nodes and hence improving the overall system performance.

A Distributed Cryptographically Generated Address Computing Algorithm for Secure Neighbor Discovery Protocol in IPv6

Due to shortage in IPv4 addresses, transition to IPv6 has gained significant momentum in recent years. Like Address Resolution Protocol (ARP) in IPv4, Neighbor Discovery Protocol (NDP) provides some functions like address resolution in IPv6. Besides functionality of NDP, it is vulnerable to some attacks. To mitigate these attacks, Internet Protocol Security (IPsec) was introduced, but it was not efficient due to its limitation. Therefore, SEND protocol is proposed to automatic protection of auto-configuration process. It is secure neighbor discovery and address resolution process. To defend against threats on NDP’s integrity and identity, Cryptographically Generated Address (CGA) and asymmetric cryptography are used by SEND. Besides advantages of SEND, its disadvantages like the computation process of CGA algorithm and sequentially of CGA generation algorithm are considerable. In this paper, we parallel this process between network resources in order to improve it. In addition, we compare the CGA generation time in self-computing and distributed-computing process. We focus on the impact of the malicious nodes on the CGA generation time in the network. According to the result, although malicious nodes participate in the generation process, CGA generation time is less than when it is computed in a one-way. By Trust Management System, detecting and insulating malicious nodes is easier.

Key Concepts of 5th Generation Mobile Technology

The 5th generation of mobile networks is term used in various research papers and projects to identify the next major phase of mobile telecommunications standards. 5G wireless networks will support higher peak data rate, lower latency and provide best connections with QoS guarantees. In this article, we discuss various promising technologies for 5G wireless communication systems, such as IPv6 support, World Wide Wireless Web (WWWW), Dynamic Adhoc Wireless Networks (DAWN), BEAM DIVISION MULTIPLE ACCESS (BDMA), Cloud Computing, cognitive radio technology and FBMC/OQAM. This paper is organized as follows: First, we will give introduction to 5G systems, present some goals and requirements of 5G. In the next, basic differences between 4G and 5G are given, after we talk about key technology innovations of 5G systems and finally we will conclude in last Section.

Survey Based Data Security Evaluation in Pakistan Financial Institutions against Malicious Attacks

In today’s heterogeneous network environment, there is a growing demand for distrust clients to jointly execute secure network to prevent from malicious attacks as the defining task of propagating malicious code is to locate new targets to attack. Residual risk is always there no matter what solutions are implemented or whet so ever security methodology or standards being adapted. Security is the first and crucial phase in the field of Computer Science. The main aim of the Computer Security is gathering of information with secure network. No one need wonder what all that malware is trying to do: It's trying to steal money through data theft, bank transfers, stolen passwords, or swiped identities. From there, with the help of our survey we learn about the importance of white listing, antimalware programs, security patches, log files, honey pots, and more used in banks for financial data protection but there’s also a need of implementing the IPV6 tunneling with Crypto data transformation according to the requirements of new technology to prevent the organization from new Malware attacks and crafting of its own messages and sending them to the target. In this paper the writer has given the idea of implementing IPV6 Tunneling Secessions on private data transmission from financial organizations whose secrecy needed to be safeguarded.

NGN and WiMAX: Putting the Pieces Together

With the exponential rise in the number of multimedia applications available, the best-effort service provided by the Internet today is insufficient. Researchers have been working on new architectures like the Next Generation Network (NGN) which, by definition, will ensure Quality of Service (QoS) in an all-IP based network [1]. For this approach to become a reality, reservation of bandwidth is required per application per user. WiMAX (Worldwide Interoperability for Microwave Access) is a wireless communication technology which has predefined levels of QoS which can be provided to the user [4]. IPv6 has been created as the successor for IPv4 and resolves issues like the availability of IP addresses and QoS. This paper provides a design to use the power of WiMAX as an NSP (Network Service Provider) for NGN using IPv6. The use of the Traffic Class (TC) field and the Flow Label (FL) field of IPv6 has been explained for making QoS requests and grants [6], [7]. Using these fields, the processing time is reduced and routing is simplified. Also, we define the functioning of the ASN gateway and the NGN gateway (NGNG) which are edge node interfaces in the NGNWiMAX design. These gateways ensure QoS management through built in functions and by certain physical resources and networking capabilities.

Network Based Intrusion Detection and Prevention Systems in IP-Level Security Protocols

IPsec has now become a standard information security technology throughout the Internet society. It provides a well-defined architecture that takes into account confidentiality, authentication, integrity, secure key exchange and protection mechanism against replay attack also. For the connectionless security services on packet basis, IETF IPsec Working Group has standardized two extension headers (AH&ESP), key exchange and authentication protocols. It is also working on lightweight key exchange protocol and MIB's for security management. IPsec technology has been implemented on various platforms in IPv4 and IPv6, gradually replacing old application-specific security mechanisms. IPv4 and IPv6 are not directly compatible, so programs and systems designed to one standard can not communicate with those designed to the other. We propose the design and implementation of controlled Internet security system, which is IPsec-based Internet information security system in IPv4/IPv6 network and also we show the data of performance measurement. With the features like improved scalability and routing, security, ease-of-configuration, and higher performance of IPv6, the controlled Internet security system provides consistent security policy and integrated security management on IPsec-based Internet security system.

A Comparative Study on Available IPv6 Platforms for Wireless Sensor Network

The low power wireless sensor devices which usually uses the low power wireless private area network (IEEE 802.15.4) standard are being widely deployed for various purposes and in different scenarios. IPv6 low power wireless private area network (6LoWPAN) was adopted as part of the IETF standard for the wireless sensor devices so that it will become an open standard compares to other dominated proprietary standards available in the market. 6LoWPAN also allows the integration and communication of sensor nodes with the Internet more viable. This paper presents a comparative study on different available IPv6 platforms for wireless sensor networks including open and close sources. It also discusses about the platforms used by these stacks. Finally it evaluates and provides appropriate suggestions which can be use for selection of required IPv6 stack for low power devices.

Next Generation IP Address Transition Mechanism for Web Application System

Internet Protocol version 4 (IPv4) address is decreasing and a rapid transition method to the next generation IP address (IPv6) should be established. This study aims to evaluate and select the best performance of the IPv6 address network transitionmechanisms, such as IPv4/IPv6 dual stack, transport Relay Translation (TRT) and Reverse Proxy with additional features. It is also aim to prove that faster access can be done while ensuring optimal usage of available resources used during the test and actual implementation. This study used two test methods such asInternet Control Message Protocol (ICMP)ping and ApacheBenchmark (AB) methodsto evaluate the performance.Performance metrics for this study include aspects ofaverageaccessin one second,time takenfor singleaccess,thedata transfer speed and the costof additional requirements.Reverse Proxy with Caching featureis the most efficientmechanism because of it simpler configurationandthe best performerfrom the test conducted.

Seamless Multicast Handover in Fmipv6-Based Networks

This paper proposes a fast tree join scheme to provide seamless multicast handover in the mobile networks based on the Fast Mobile IPv6 (FMIPv6). In the existing FMIPv6-based multicast handover scheme, the bi-directional tunnelling or the remote subscription is employed with the packet forwarding from the previous access router (AR) to the new AR. In general, the remote subscription approach is preferred to the bi-directional tunnelling one, since in the remote subscription scheme we can exploit an optimized multicast path from a multicast source to many mobile receivers. However, in the remote subscription scheme, if the tree joining operation takes a long time, the amount of data packets to be forwarded and buffered for multicast handover will increase, and thus the corresponding buffer may overflow, which results in severe packet losses. In order to reduce these costs associated with packet forwarding and buffering, this paper proposes the fast join to multicast tree, in which the new AR will join the multicast tree as fast as possible, so that the new multicast data packets can also arrive at the new AR, by which the packet forwarding and buffering costs can be reduced. From numerical analysis, it is shown that the proposed scheme can give better performance than the existing FMIPv6-based multicast handover schemes in terms of the multicast packet delivery costs.

Mobility Management Architecture for Transport System

Next generation wireless/mobile networks will be IP based cellular networks integrating the internet with cellular networks. In this paper, we propose a new architecture for a high speed transport system and a mobile management protocol for mobile internet users in a transport system. Existing mobility management protocols (MIPv6, HMIPv6) do not consider real world fast moving wireless hosts (e.g. passengers in a train). For this reason, we define a virtual organization (VO) and proposed the VO architecture for the transport system. We also classify mobility as VO mobility (intra VO) and macro mobility (inter VO). Handoffs in VO are locally managed and transparent to the CH while macro mobility is managed with Mobile IPv6. And, from the features of the transport system, such as fixed route and steady speed, we deduce the movement route and the handoff disruption time of each handoff. To reduce packet loss during handoff disruption time, we propose pre-registration scheme using pre-registration. Moreover, the proposed protocol can eliminate unnecessary binding updates resulting from sequence movement at high speed. The performance evaluations demonstrate our proposed protocol has a good performance at transport system environment. Our proposed protocol can be applied to the usage of wireless internet on the train, subway, and high speed train.

Location Update Cost Analysis of Mobile IPv6 Protocols

Mobile IP has been developed to provide the continuous information network access to mobile users. In IP-based mobile networks, location management is an important component of mobility management. This management enables the system to track the location of mobile node between consecutive communications. It includes two important tasks- location update and call delivery. Location update is associated with signaling load. Frequent updates lead to degradation in the overall performance of the network and the underutilization of the resources. It is, therefore, required to devise the mechanism to minimize the update rate. Mobile IPv6 (MIPv6) and Hierarchical MIPv6 (HMIPv6) have been the potential candidates for deployments in mobile IP networks for mobility management. HMIPv6 through studies has been shown with better performance as compared to MIPv6. It reduces the signaling overhead traffic by making registration process local. In this paper, we present performance analysis of MIPv6 and HMIPv6 using an analytical model. Location update cost function is formulated based on fluid flow mobility model. The impact of cell residence time, cell residence probability and user-s mobility is investigated. Numerical results are obtained and presented in graphical form. It is shown that HMIPv6 outperforms MIPv6 for high mobility users only and for low mobility users; performance of both the schemes is almost equivalent to each other.

Evaluation of Handover Latency in Intra- Domain Mobility

Mobile IPv6 (MIPv6) describes how mobile node can change its point of attachment from one access router to another. As a demand for wireless mobile devices increases, many enhancements for macro-mobility (inter-domain) protocols have been proposed, designed and implemented in Mobile IPv6. Hierarchical Mobile IPv6 (HMIPv6) is one of them that is designed to reduce the amount of signaling required and to improve handover speed for mobile connections. This is achieved by introducing a new network entity called Mobility Anchor Point (MAP). This report presents a comparative study of the Hierarchical Mobility IPv6 and Mobile IPv6 protocols and we have narrowed down the scope to micro-mobility (intra-domain). The architecture and operation of each protocol is studied and they are evaluated based on the Quality of Service (QoS) parameter; handover latency. The simulation was carried out by using the Network Simulator-2. The outcome from this simulation has been discussed. From the results, it shows that, HMIPv6 performs best under intra-domain mobility compared to MIPv6. The MIPv6 suffers large handover latency. As enhancement we proposed to HMIPv6 to locate the MAP to be in the middle of the domain with respect to all Access Routers. That gives approximately same distance between MAP and Mobile Node (MN) regardless of the new location of MN, and possible shorter distance. This will reduce the delay since the distance is shorter. As a future work performance analysis is to be carried for the proposed HMIPv6 and compared to HMIPv6.

Improvising Intrusion Detection for Malware Activities on Dual-Stack Network Environment

Malware is software which was invented and meant for doing harms on computers. Malware is becoming a significant threat in computer network nowadays. Malware attack is not just only involving financial lost but it can also cause fatal errors which may cost lives in some cases. As new Internet Protocol version 6 (IPv6) emerged, many people believe this protocol could solve most malware propagation issues due to its broader addressing scheme. As IPv6 is still new compares to native IPv4, some transition mechanisms have been introduced to promote smoother migration. Unfortunately, these transition mechanisms allow some malwares to propagate its attack from IPv4 to IPv6 network environment. In this paper, a proof of concept shall be presented in order to show that some existing IPv4 malware detection technique need to be improvised in order to detect malware attack in dual-stack network more efficiently. A testbed of dual-stack network environment has been deployed and some genuine malware have been released to observe their behaviors. The results between these different scenarios will be analyzed and discussed further in term of their behaviors and propagation methods. The results show that malware behave differently on IPv6 from the IPv4 network protocol on the dual-stack network environment. A new detection technique is called for in order to cater this problem in the near future.

A Fast Handover Scheme for Proxy Mobile IPv6 using IEEE 802.21 Media Independent Handover

In this paper, to resolve the problem of existing schemes, an alternative fast handover Proxy Mobile IPv6 (PMIPv6) scheme using the IEEE 802.21 Media Independent Handover (MIH) function is proposed for heterogeneous wireless networks. The proposed scheme comes to support fast handover for the mobile node (MN) irrespective of the presence or absence of MIH functionality as well as L3 mobility functionality, whereas the MN in existing schemes has to implement MIH functionality. That is, the proposed scheme does not require the MN to be involved in MIH related signaling required for handover procedure. The base station (BS) with MIH functionality performs handover on behalf of the MN. Therefore, the proposed scheme can reduce burden and power consumption of MNs with limited resource and battery power since MNs are not required to be involved for the handover procedure. In addition, the proposed scheme can reduce considerably traffic overhead over wireless links between MN and BS since signaling messages are reduced.

An Efficient MIPv6 Return Routability Scheme Based on Geometric Computing

IETF defines mobility support in IPv6, i.e. MIPv6, to allow nodes to remain reachable while moving around in the IPv6 internet. When a node moves and visits a foreign network, it is still reachable through the indirect packet forwarding from its home network. This triangular routing feature provides node mobility but increases the communication latency between nodes. This deficiency can be overcome by using a Binding Update (BU) scheme, which let nodes keep up-to-date IP addresses and communicate with each other through direct IP routing. To further protect the security of BU, a Return Routability (RR) procedure was developed. However, it has been found that RR procedure is vulnerable to many attacks. In this paper, we will propose a lightweight RR procedure based on geometric computing. In consideration of the inherent limitation of computing resources in mobile node, the proposed scheme is developed to minimize the cost of computations and to eliminate the overhead of state maintenance during binding updates. Compared with other CGA-based BU schemes, our scheme is more efficient and doesn-t need nonce tables in nodes.

Experimental Evaluation of Mobility Anchor Point Selection Scheme in Hierarchical Mobile IPv6

Hierarchical Mobile IPv6 (HMIPv6) was designed to support IP micro-mobility management in the Next Generation Networks (NGN) framework. The main design behind this protocol is the usage of Mobility Anchor Point (MAP) located at any level router of network to support hierarchical mobility management. However, the distance MAP selection in HMIPv6 causes MAP overloaded and increase frequent binding update as the network grows. Therefore, to address the issue in designing MAP selection scheme, we propose a dynamic load control mechanism integrates with a speed detection mechanism (DMS-DLC). From the experimental results we obtain that the proposed scheme gives better distribution in MAP load and increase handover speed.

Optimization of Multicast Transmissions in NC-HMIPv6 Environment

Multicast transmissions allow an host (the source) to send only one flow bound for a group of hosts (the receivers). Any equipment eager to belong to the group may explicitly register itself to that group via its multicast router. This router will be given the responsibility to convey all information relating to the group to all registered hosts. However in an environment in which the final receiver or the source frequently moves, the multicast flows need particular treatment. This constitutes one of the multicast transmissions problems around which several proposals were made in the Mobile IPv6 case in general. In this article, we describe the problems involved in this IPv6 multicast mobility and the existing proposals for their resolution. Then architecture will be proposed aiming to satisfy and optimize these transmissions in the specific case of a mobile multicast receiver in NC-HMIPv6 environment.

Optimizing TCP Vegas- Performance with Packet Spacing and Effect of Variable FTP Packet Size over Wireless IPv6 Network

This paper describes the performance of TCP Vegas over the wireless IPv6 network. The performance of TCP Vegas is evaluated using network simulator (ns-2). The simulation experiment investigates how packet spacing affects the network delay, network throughput and network efficiency of TCP Vegas. Moreover, we investigate how the variable FTP packet sizes affect the network performance. The result of the simulation experiment shows that as the packet spacing is implements, the network delay is reduces, network throughput and network efficiency is optimizes. As the FTP packet sizes increase, the ratio of delay per throughput decreases. From the result of experiment, we propose the appropriate packet size in transmitting file transfer protocol application using TCP Vegas with packet spacing enhancement over wireless IPv6 environment in ns-2. Additionally, we suggest the appropriate ratio in determining the appropriate RTT and buffer size in a network.