Protection Switching Methods for Point‐to‐Multipoint Connections in Packet Transport Networks

In this paper, we discuss the issues of providing protection for point‐to‐multipoint connections in both Ethernet and MPLS‐TP‐based packet transport networks. We introduce two types of per‐leaf protection–linear and ring. Neither of the two types requires that modifications to existing standards be made. Their performances can be improved by a collective signal fail mechanism proposed in this paper. In addition, two schemes — tree protection and hybrid protection — are newly proposed to reduce the service recovery time when a single failure leads to multiple signal fail events, which in turn places a significant amount of processing burden upon a root node. The behavior of the tree protection protocol is designed with minimal modifications to existing standards. The hybrid protection scheme is devised to maximize the benefits of per‐leaf protection and tree protection. To observe how well each scheme achieves an efficient traffic recovery, we evaluate their performances using a test bed as well as computer simulation based on the formulae found in this paper.     

Security analysis of an ultra‐lightweight RFID authentication protocol for m‐commerce

Nowadays, many people perform their commercial activities, such as electronic payment and electronic banking, through their mobile phones. Mobile commerce (m‐commerce) refers to manipulating electronic commerce (e‐commerce) by using mobile devices and wireless networks. Radio‐frequency identification (RFID) is a technology which can be employed to complete payment functions on m‐commerce. As an RFID subsystem is applied in m‐commerce and supply chains, the related security concerns are very important. Recently, Fan et al. have proposed an ultra‐lightweight RFID authentication scheme for m‐commerce (ULRAS) and claimed that their protocol is efficient enough and provides a high level of security. In this paper, we show that their protocol is vulnerable to secret disclosure and reader impersonation attacks. Finally, we improve it to a protocol that is resistant to the attacks presented in this paper and the other known attacks in the context of RFID authentication. We further analyze the security of the improved protocol through the Burrows–Abadi–Needham logic (BAN‐logic). Moreover, our proposed improvement does not impose any additional workload on the RFID tag.     

Uninterrupted Ethernet using failure‐adaptive spanning trees

Failure recovery is a critical performance issue in large‐scale Ethernet networks. The standard mechanisms of link‐failure recovery in spanning tree protocol (STP) and rapid STP may cause interruptions of data transmission because of long recovery time. Several previous approaches construct multiple alternative trees to avoid such interruptions caused by single or multiple failed links based on multiple STP. However, the prototypical protocol of standard root election would result in the same root switch for different spanning trees. Hence, the alternative trees may become invalid if a failed link appears in more than 1 spanning tree. Our scheme, failure‐adaptive spanning trees (FAST), improves the resilience of Ethernet with multiple spanning trees. It avoids simultaneous faults of multiple spanning trees by incorporating a new approach to electing an appropriate root switch for each spanning tree. Failure‐adaptive spanning trees also use active links of alternative spanning trees for data transmission. The paths of different spanning trees can thus act as shortcuts to shorten frame paths. The experimental results demonstrate that FAST can sustain network throughput under multiple link failures. The FAST also balances both link and switch loads.     

A gradient‐based multiple‐path routing protocol for low duty‐cycled wireless sensor networks

Routing in a low duty‐cycled wireless sensor network (WSN) has attracted much attention recently because of the challenge that low duty‐cycled sleep scheduling brings to the design of efficient distributed routing protocols for such networks. In a low duty‐cycled WSN, a big problem is how to design an efficient distributed routing protocol, which uses only local network state information while achieving low end‐to‐end (E2E) packet delivery delay and also high packet delivery efficiency. In this paper, we study low duty‐cycled WSNs wherein sensor nodes adopt pseudorandom sleep scheduling for energy saving. The objective of this paper is to design an efficient distributed routing protocol with low overhead. For this purpose, we design a simple but efficient hop‐by‐hop routing protocol, which integrates the ideas of multipath routing and gradient‐based routing for improved routing performance. We conduct extensive simulations, and the results demonstrate the high performance of the proposed protocol in terms of E2E packet delivery latency and packet delivery efficiency as compared with existing protocols. Copyright © 2014 John Wiley & Sons, Ltd.     

A secure and efficient remote patient‐monitoring authentication protocol for cloud‐IoT

The ongoing Cloud‐IoT (Internet of Things)–based technological advancements have revolutionized the ways in which remote patients could be monitored and provided with health care facilities. The real‐time monitoring of patient's health leads to dispensing the right medical treatment at the right time. The health professionals need to access patients' sensitive data for such monitoring, and if treated with negligence, it could also be used for malevolent objectives by the adversary. Hence, the Cloud‐IoT–based technology gains could only be conferred to the patients and health professionals, if the latter authenticate one another properly. Many authentication protocols are proposed for remote patient health care monitoring, but with limitations. Lately, Sharma and Kalra (DOI: 10.1007/s40998‐018‐0146‐5) present a remote patient‐monitoring authentication scheme based on body sensors. However, we discover that the scheme still bears many drawbacks including stolen smart card attack, session key compromise, and user impersonation attacks. In view of those limitations, we have designed an efficient authentication protocol for remote patient health monitoring that counters all the above‐mentioned drawbacks. Moreover, we prove the security features of our protocol using BAN logic‐based formal security analysis and validate the results in ProVerif automated security tool.     

Modelling of wireless TCP for short‐lived flows

The transmission control protocol (TCP) is one of the most important Internet protocols. It provides reliable transport services between two end‐hosts. Since TCP performance affects overall network performance, many studies have been done to model TCP performance in the steady state. However, recent researches have shown that most TCP flows are short‐lived. Therefore, it is more meaningful to model TCP performance in relation to the initial stage of short‐lived flows. In addition, the next‐generation Internet will be an unified all‐IP network that includes both wireless and wired networks integrated together. In short, modelling short‐lived TCP flows in wireless networks constitutes an important axis of research. In this paper, we propose simple wireless TCP models for short‐lived flows that extend the existing analytical model proposed in [IEEE Commun. Lett. 2002; 6 (2):85–88]. In terms of wireless TCP, we categorized wireless TCP schemes into three types: end‐to‐end scheme, split connection scheme, and local retransmission scheme, which is similar to the classification proposed in [IEEE/ACM Trans. Networking 1997; 756–769]. To validate the proposed models, we performed ns‐2 simulations. The average differences between the session completion time calculated using the proposed model and the simulation result for three schemes are less than 9, 16, and 7 ms, respectively. Consequently, the proposed model provides a satisfactory means of modelling the TCP performance of short‐lived wireless TCP flows. Copyright © 2005 John Wiley & Sons, Ltd.     

Low end‐to‐end delay fuzzy networking protocol for mobile wireless sensing

Because of the practical limitations of the energy and processing capabilities, the deployment of many Wireless Sensor Networks (WSN) is facing two main challenges of increasing network lifetime and reducing End to End Delay (EED) which become critical when the nodes are mobile and use non‐rechargeable energy sources. One way to help to extend network lifetime is using fuzzy logic in a form of artificial intelligence. To this end we propose a new routing protocol for using mobile WSNs, which holds the nodes in an equal level of energy and decreases energy dissipation of the network. An optimum path is selected based on the cost of each node to increase network lifetime. In order to lessen EED, we also attempt to design a novel zoning‐scheme for the network area. In this scheme, zonation is dynamic and works based on the Data Link (DL) position. The simulation result shows a significant improvement in lifetime and EED by proposed protocol compared with existing protocols. Copyright © 2016 John Wiley & Sons, Ltd.     

CAKA: a novel cache‐aware K‐anycast routing scheme for publish/subscribe‐based information‐centric network

In the past few years, many publish/subscribe‐based information‐centric network (PS‐ICN) architectures have been proposed and investigated to efficiently deliver information from content publishers to subscribers. However, most existing studies on PS‐ICN have not considered how to utilize in‐network caches, which is a common but important feature in ICN. To address this issue, in this paper, we propose a novel cache‐aware K‐anycast routing scheme, namely, CAKA, that can significantly improve the performance of content delivery. Specifically, we choose PURSUIT, which is one of the most important PS‐ICN architectures, and leverage its bidirectional communication procedure to do the following: (1) enable multiple publishers to send probing messages to the same subscriber; and (2) allow the subscriber to retrieve content objects using K‐anycast routing and network coding. In this study, we extend the PURSUIT protocol to support cache‐aware K‐anycast routing and design the algorithms to choose multiple partially disjointed paths for probing, and to select paths for content retrieval. To evaluate the performance of the proposed scheme, we develop not only a simulation testbed, but also a prototype running in a realistic network environment. Our studies show that the proposed scheme can significantly reduce the average hops to retrieve content objects, with very small overheads. Copyright © 2015 John Wiley & Sons, Ltd.     

Virtual‐coordinate‐based delivery‐guaranteed routing protocol in three‐dimensional wireless sensor networks

Because of the wide range of applications, many geographic routing protocols have been proposed in three‐dimensional (3D) wireless sensor networks. However, all the methods require assistance from a global positioning system (GPS), which is not always available. In this paper, we propose a method of constructing an axis‐based virtual coordinate assignment in 3D wireless sensor networks (ABVCap_3D) that requires no GPS assistance. We also propose a routing protocol based on ABVCap_3D, which guarantees packet delivery in 3D networks. Using simulations, we evaluate the performance of ABVCap_3D routing and other well‐known routing protocols, such as greedy‐random‐greedy routing, greedy‐hull‐greedy routing, and the routing based on axis‐based virtual coordinate assignment in 2D wireless sensor networks (ABVCap routing). Simulations show that ABVCap_3D routing requires significantly relative lower cost for guaranteeing packet delivery in comparison with ABVCap routing. Simulations also demonstrate that ABVCap_3D routing ensures a moderate ratio for routing path length to the shortest (ideal) path length. Copyright © 2012 John Wiley & Sons, Ltd.     

Large‐Scale Synthesis of Long Crystalline Cu2‐xSe Nanowire Bundles by Water‐Evaporation‐Induced Self‐Assembly and Their Application in Gas Sensing

By a facile water evaporation process without adding any directing agent, Cu_2‐xSe nanowire bundles with diameters of 100–300 nm and lengths up to hundreds of micrometers, which comprise crystalline nanowires with diameters of 5–8 nm, are obtained. Experiments reveal the initial formation/stacking of CuSe nanoplates and the subsequent transformation to the Cu_2‐xSe nanowire bundles. A water‐evaporation‐induced self‐assembly (WEISA) mechanism is proposed, which highlights the driving force of evaporation in promoting the nanoplate stacking, CuSe‐to‐Cu_2‐xSe transformation and the growth/bundling of the Cu_2‐xSe nanowires. The simplicity, benignancy, scalability, and high‐yield of the synthesis of this important nanowire material herald its numerous applications. As one example, the use of the Cu_2‐xSe nanowire bundles as a photoluminescence‐type sensor of humidity is demonstrated, which shows good sensitivity, ideal linearity, quick response/recovery and long lifetime in a very wide humidity range at room temperature.     

Efficient authenticated key agreement protocols resistant to a denial‐of‐service attack

Malicious intruders may launch as many invalid requests as possible without establishing a server connection to bring server service to a standstill. This is called a denial‐of‐service (DoS) or distributed DoS (DDoS) attack. Until now, there has been no complete solution to resisting a DoS/DDoS attack. Therefore, it is an important network security issue to reduce the impact of a DoS/DDoS attack. A resource‐exhaustion attack on a server is one kind of denial‐of‐service attack. In this article we address the resource‐exhaustion problem in authentication and key agreement protocols. The resource‐exhaustion attack consists of both the CPU‐exhaustion attack and the storage‐exhaustion attack. In 2001, Hirose and Matsuura proposed an authenticated key agreement protocol (AKAP) that was the first protocol simultaneously resistant to both the CPU‐exhaustion attack and the storage‐exhaustion attack. However, their protocol is time‐consuming for legal users in order to withstand the DoS attack. Therefore, in this paper, we propose a slight modification to the Hirose–Matsuura protocol to reduce the computation cost. Both the Hirose–Matsuura and the modified protocols provide implicit key confirmation. Also, we propose another authenticated key agreement protocol with explicit key confirmation. The new protocol requires less computation cost. Because DoS/DDoS attacks come in a variety of forms, the proposed protocols cannot fully disallow a DoS/DDoS attack. However, they reduce the effect of such an attack and thus make it more difficult for the attack to succeed. Copyright © 2005 John Wiley & Sons, Ltd.     

A simple void node and loop‐free three‐dimensional routing protocol for multi‐hop wireless networks

Wireless networks are now very essential part for modern ubiquitous communication systems. The design of efficient routing and scheduling techniques for such networks have gained importance to ensure reliable communication. Most of the currently proposed geographic routing protocols are designed for 2D spatial distribution of user nodes, although in many practical scenarios user nodes may be deployed in 3D space also. In this paper, we propose 3D routing protocols for multihop wireless networks that may be implemented in two different ways depending on how the routing paths are computed. When the routing paths to different user nodes from the base station in the wireless network are computed by the base station, we call it centralized protocol (3DMA‐CS). A distributed routing (3DMA‐DS) protocol is implemented when respective routing path of each user node to the base station is computed by the user node. In both of these protocols, the user (base station) selects the relay node to forward packets in the direction of destination, from the set of its neighbours, which makes minimum angle with the reference line drawn from user (base station) to the base station (user), within its transmission range. The proposed protocols are free from looping problem and can solve the void node problem (VNP) of multihop wireless networks. Performance analysis of the proposed protocol is shown by calculating end‐to‐end throughput, average path length, end‐to‐end delay, and energy consumption of each routing path through extensive simulation under different network densities and transmission ranges.     

Dynamics of a rumor‐spreading model with diversity of configurations in scale‐free networks

In this paper, we propose a new rumor‐spreading model, which is a variant of the susceptible–exposed–infectious–removed epidemic model. We consider the influences of the diversity of configurations as a defense strategy to diminish the damage brought by rumor diffusion. The diversity of configuration can be found in different instant messengers or social networks. Moreover, we apply two kinds of the rumor immunization strategies such as random immunization and targeted immunization and show that targeted immunization is better than random immunization for rumor‐spreading control in scale‐free networks. We carry out the systematic analysis of the model and study the local and global stability of rumor‐free equilibrium. In the proposed model, we introduce two new states, namely, hibernator and stifler2, to study dynamical behaviors of the model. The proposed model combines both targeted immunization and diversity of configuration to prevent rumor spreading. By numerical simulations, we indicate that our model is appreciably better than other models in terms of declining the rumor diffusion speed. Furthermore, we investigate many related dynamic properties to make the result more complete. Simulation results show the effect of different parameters on the rumor diffusion in scale‐free networks; meanwhile, numerical simulations confirm the theoretical solution. Copyright © 2015 John Wiley & Sons, Ltd.     

An OAM function to improve the packet loss in MPLS‐TP domains for prioritized QoS‐aware services

The emergence of new kinds of applications and technologies (e.g., data‐intensive applications, server virtualization, and big data technology) has led to a higher utilization of network resources. These services imply increased bandwidth consumption and unexpected congestions, especially in backbones. In this article, a novel proposal is studied with the aim of improving the performance of prioritized forwarding equivalence classes in congested Multiprotocol Label Switching Transport Profile (MPLS‐TP) domains. The congestion impact on those QoS‐aware services that require high reliability and low delay is analyzed. A new policy has been implemented on MPLS‐TP, which is a technology that provides QoS by means of flow differentiation in the Internet backbones. The proposal is known as Gossip‐based local recovery policy and is offered as an operation, administration, and management function to allow local recovery of lost traffic for MPLS‐TP privileged forwarding equivalence classes. In order to fulfill the requirements for implementation on MPLS‐TP, a minimum set of extensions to resource reservation protocol traffic engineering has also been proposed to provide self‐management capable routes. Finally, we have carried out a performance improvement measurement by means of an analytical model and simulations. Copyright © 2014 John Wiley & Sons, Ltd.     

On ‘a simple three‐party password‐based key exchange protocol’

In 2009, Huang (Int. J. Commun. Syst., 22 , 857–862) proposed a simple and efficient three‐party password‐based key exchange protocol without server's public key. This work shows that the protocol could be vulnerable to an undetectable online password guessing attack. Furthermore, an improved protocol is proposed to avoid the attack. Copyright © 2011 John Wiley & Sons, Ltd.     

An improved t‐out‐of‐n e‐lottery protocol

In 2009, Lee and Chang proposed an electronic t‐out‐of‐n lottery protocol over the Internet based on the Chinese remainder theorem and blind signature. However, a security flaw exists in Lee–Chang's protocol that the lottery agent and the malicious purchaser can collude to control the winning result, which is unfair for the honest participants. On the basis of a verifiable random number generated by using the Lagrange interpolation formula over a finite field, an improved t‐out‐of‐n e‐lottery protocol is proposed, which guarantees that each participant can generate the winning result equally. The improved protocol achieves public verifiability and fairness without a trusted third party and a delaying function, which makes it more robust and more efficient. Copyright © 2013 John Wiley & Sons, Ltd.     

Performance analysis of switch‐and‐stay combining in two‐way relay systems with analog network coding and time‐division broadcast protocols

In this paper, we consider switch‐and‐stay combining (SSC) in two‐way relay systems with two amplify‐and‐forward relays, one of which is activated to assist the information exchange between the two sources. The system operates in either analog network coding (ANC) protocol where the communication is only achieved with the help of the active relay or time‐division broadcast (TDBC) protocol where the direct link between two sources can be utilized to exploit more diversity gain. In both cases, we study the outage probability and bit error rate (BER) for Rayleigh fading channels. In particular, we derive closed‐form lower bounds for the outage probability and the average BER, which remain tight for different fading conditions. We also present asymptotic analysis for both the outage probability and the average BER at high signal‐to‐noise ratio. It is shown that SSC can achieve the full diversity order in two‐way relay systems for both ANC and TDBC protocols with proper switching thresholds. Copyright © 2014 John Wiley & Sons, Ltd.     

MaTRU‐KE revisited: CCA2‐secure key establishment protocol based on MaTRU

Quantum attack–resistant cryptosystems are required for secure communication since there is a big demand to have quantum computers. Lattice‐based cryptography is one of the quantum‐secure families due to its key/ciphertext sizes and performance. NTRU‐based cryptosystems, a member of lattice‐based cryptosystems, have received much more attention. MaTRU, a noncommutative version of NTRU with some matrix properties, is used to obtain a key exchange protocol in 2018. In this paper, we focus on MaTRU‐based key exchange protocols having CCA2 properties. We propose CCA2‐secure versions of MaTRU‐KE and then provide a security analysis of CCA2‐secure key establishment protocols. We also provide a comparison with the previous ones.     

PAQM: an adaptive and proactive queue management for end‐to‐end TCP congestion control

Two functions, the congestion indicator (i.e. how to detect congestion) and the congestion control function (i.e. how to avoid and control congestion), are used at a router to support end‐to‐end congestion control in the Internet. Random early detection (RED) (IEEE/ACM Trans. Networking 1993; 1 (4):397–413) enhanced the two functions by introducing queue length averaging and probabilistic early packet dropping. In particular, RED uses an exponentially weighted moving average (EWMA) queue length not only to detect incipient congestion but also to smooth the bursty incoming traffic and its resulting transient congestion. Following RED, many active queue management (AQM)‐based extensions have been proposed. However, many AQM proposals have shown severe problems with detection and control of the incipient congestion adaptively to the dynamically changing network situations. In this paper, we introduce and analyse a feedback control model of TCP/AQM dynamics. Then, we propose the Pro‐active Queue Management (PAQM) mechanism, which is able to provide proactive congestion avoidance and control using an adaptive congestion indicator and a control function under a wide range of traffic environments. The PAQM stabilizes the queue length around the desired level while giving smooth and low packet loss rates and high network resource utilization. Copyright © 2004 John Wiley & Sons, Ltd.