07-04-2011, 02:52 PM
[attachment=11859]
Dynamic Routing with Security Considerations(Heightening Security for Data Transmission through Routing)
Abstract:
In this project we deal fully about the Security which has become one of the major issues for data communication over wired and wireless networks. Different from the past work on the designs of cryptography algorithms and system infrastructures, we will propose a dynamic routing algorithm that could randomize delivery paths for data transmission. The algorithm is easy to implement and compatible with popular routing protocols, such as the Routing Information Protocol in wired networks and Destination-Sequenced Distance Vector protocol in wireless networks, without introducing extra control messages. An analytic study on the proposed algorithm is presented, and a series of simulation experiments are conducted to verify the analytic results and to show the capability of the proposed algorithm. In the past decades, various security-enhanced measures have been proposed to improve the security of data transmission over public networks. Existing work on security-enhanced data transmission includes the designs of cryptography algorithms and system infrastructures and security-enhanced routing methods. The main objective of the project is to propose a dynamic routing algorithm to improve the security of data transmission.
Introduction
In the past decades, various security-enhanced measures have been proposed to improve the security of data transmission over public networks. Existing work on security-enhanced data transmission includes the designs of cryptography algorithms and system infrastructures and security-enhanced routing methods. Their common objectives are often to defeat various threats over the Internet, including eavesdropping, spoofing, session hijacking, etc.Among many well-known designs for cryptograph based systems, the IP Security (IPSec) [23] and the Secure Socket Layer (SSL) [21] are popularly supported and implemented in many systems and platforms. Although IPSec and SSL do greatly improve the security level for data transmission, they unavoidably introduce substantial overheads [1], [7], [13], especially on gateway/host performance and effective network bandwidth. For example, the data transmission overhead is 5 cycles/byte over an Intel Pentium II with the Linux IP stack alone, and the overhead increases to 58 cycles/byte when Advanced Encryption Standard (AES) [10] is adopted for encryption/decryption for IPSec. Another alternative for security-enhanced data transmission is to dynamically route packets between each source and its destination so that the chance for system break-in, due to successful interception of consecutive packets for a session, is slim. The intention of security-enhanced routing is different from the adopting of multiple paths between a source and a destination to increase the throughput of data transmission.
In particular, Lou et al. proposed a secure routing protocol to improve the security of end-to-end data transmission based on multiple path deliveries. The set of multiple paths between each source and its destination is determined in an online fashion, and extra control message exchanging is needed. Bohacek et al. [2] proposed a secure stochastic routing mechanism to improve routing security. Similar to the work proposed by Lou et al. [14], [15], a set of paths is discovered for each source and its destination in an online fashion based on message flooding. Thus, a mass of control messages is needed. Yang and Papavassiliou [25] explored the trading of the security level and the traffic dispersion. They proposed a traffic dispersion scheme to reduce the probability of eavesdropped information along the used paths provided that the set of data delivery paths is discovered in advance. Although excellent research results have been proposed for security-enhanced dynamic routing, many of them rely on the discovery of multiple paths either in an online or offline fashion. For those online path searching approaches, the discovery of multiple paths involves a significant number of control signals over the Internet.
On the other hand, the discovery of paths in an offline fashion might not be suitable to networks with a dynamic changing configuration. Therefore, we will propose a dynamic routing algorithm to provide security enhanced data delivery without introducing any extra control messages. The objective of this work is to explore a security enhanced dynamic routing algorithm based on distributed routing information widely supported in existing wired and wireless networks. We aim at the randomization of delivery paths for data transmission to provide considerably small path similarity (i.e., the number of common links between two delivery paths) of two consecutive transmitted packets.
The proposed algorithm should be easy to implement and compatible with popular routing protocols, such as the Routing Information Protocol (RIP) for wired networks [16] and Destination-Sequenced Distance Vector (DSDV) protocol for wireless networks [20], over existing infrastructures. These protocols shall not increase the number of control messages if the proposed algorithm is adopted. An analytic study will be presented for the proposed routing algorithm, and a series of simulation study will be conducted to verify the analytic results and to show the capability of the proposed algorithm.
Scope of the project
The objective of this work is to explore a security enhanced dynamic routing algorithm based on distributed routing information widely supported in existing wired and wireless networks. We aim at the randomization of delivery paths for data transmission to provide considerably small path similarity (i.e., the number of common links between two delivery paths) of two consecutive transmitted packets. The proposed algorithm should be easy to implement and compatible with popular routing protocols, such as the Routing Information Protocol (RIP) for wired networks [16] and Destination-Sequenced Distance Vector (DSDV) protocol for wireless networks [20], over existing infrastructures. These protocols shall not increase the number of control messages if the proposed algorithm is adopted. An analytic study will be presented for the proposed routing algorithm, and a series of simulation study will be conducted to verify the analytic results and to show the capability of the proposed algorithm.
Literature survey:
Data transmission
Data transmission, digital transmission or digital communications is the physical transfer of data (a digital bit stream) over a point-to-point or point-to-multipoint transmission medium. Examples of such media are copper wires, optical fibers, wireless communication media, and storage media. The data is often represented as an electro-magnetic signal, such as an electrical voltage signal, a radio wave or microwave signal or an infra-red signal.
While analog communications represents a continuously varying signal, a digital transmission can be broken down into discrete messages. The messages are either represented by a sequence of pulses by means of a line code (base band transmission), or by a limited set of analogue wave forms (pass band transmission), using a digital modulation method. According to the most common definition of digital signal, both baseband and passband signals representing bit-streams are considered as digital transmission, while an alternative definition only considers the baseband signal as digital, and the passband transmission as a form of digital-to-analog conversion.
Data transmitted may be digital messages originating from a data source, for example a computer or a keyboard. It may also be an analog signal such as a phone call or a video signal, digitized into a bit-stream for example using pulse-code modulation (PCM) or more advanced source coding (data compression) schemes. This source coding and decoding is carried out by codec equipment.
Applications
Data (mainly but not exclusively informational) has been sent via non-electronic (e.g. optical, acoustic, mechanical) means since the advent of communication. Analog signal data has been sent electronically since the advent of the telephone. However, the first data electromagnetic transmission applications in modern time were telegraphy (1809) and teletypewriters (1906), which are both digital signals. The fundamental theoretical work in data transmission and information theory by Harry Nyquist, Ralph Hartley, Claude Shannon and others during the early 20th century, was done with these applications in mind.
Data transmission is utilized in computers in computer buses and for communication with peripheral equipment via parallel ports and serial ports such us RS-232 (1969), Firewire (1995) and USB (1996). The principles of data transmission are also utilized in storage media for Error detection and correction since 1951.
Data transmission is utilized in computer networking equipment such as modems (1940), local area networks (LAN) adapters (1964), repeaters, hubs, microwave links, wireless network access points (1997), etc.
In telephone networks, digital communication is utilized for transferring many phone calls over the same copper cable or fiber cable by means of Pulse code modulation (PCM), i.e. sampling and digitization, in combination with Time division multiplexing (TDM) (1962). Telephone exchanges have become digital and software controlled, facilitating many value added services. For example the first AXE telephone exchange was presented in 1976. Since late 1980th, digital communication to the end user has been possible using Integrated Services Digital Network (ISDN) services. Since the end of 1990th, broadband access techniques such as ADSL, Cable modems, fiber-to-the-building (FTTB) and fiber-to-the-home (FTTH) have become wide spread to small offices and homes. The current tendency is to replace traditional telecommunication services by packet mode communication such as IP telephony and IPTV.
Transmitting analog signals digitally allows for greater signal processing capability. The ability to process a communications signal means that errors caused by random processes can be detected and corrected. Digital signals can also be sampled instead of continuously monitored. The multiplexing of multiple digital signals is much simpler to the multiplexing of analog signals.
Because of all these advantages, and because recent advances in wideband communication channels and solid-state electronics have allowed scientists to fully realize these advantages, digital communications has grown quickly. Digital communications is quickly edging out analog communication because of the vast demand to transmit computer data and the ability of digital communications to do so.
Baseband or passband transmission
The physically transmitted signal may be one of the following:
1. A baseband signal ("digital-over-digital" transmission): A sequence of electrical pulses or light pulses produced by means of a line coding scheme such as Manchester coding. This is typically used in serial cables, wired local area networks such as Ethernet, and in optical fiber communication. It results in a pulse amplitude modulated signal, also known as a pulse train.
2. A passband signal ("digital-over-analog" transmission): A modulated sine wave signal representing a digital bit-stream. Note that this is in some textbooks considered as analog transmission, but in most books as digital transmission. The signal is produced by means of a digital modulation method such as PSK, QAM or FSK. The modulation and demodulation is carried out by modem equipment. This is used in wireless communication, and over telephone network local-loop and cable-TV networks.
Dynamic Routing with Security Considerations(Heightening Security for Data Transmission through Routing)
Abstract:
In this project we deal fully about the Security which has become one of the major issues for data communication over wired and wireless networks. Different from the past work on the designs of cryptography algorithms and system infrastructures, we will propose a dynamic routing algorithm that could randomize delivery paths for data transmission. The algorithm is easy to implement and compatible with popular routing protocols, such as the Routing Information Protocol in wired networks and Destination-Sequenced Distance Vector protocol in wireless networks, without introducing extra control messages. An analytic study on the proposed algorithm is presented, and a series of simulation experiments are conducted to verify the analytic results and to show the capability of the proposed algorithm. In the past decades, various security-enhanced measures have been proposed to improve the security of data transmission over public networks. Existing work on security-enhanced data transmission includes the designs of cryptography algorithms and system infrastructures and security-enhanced routing methods. The main objective of the project is to propose a dynamic routing algorithm to improve the security of data transmission.
Introduction
In the past decades, various security-enhanced measures have been proposed to improve the security of data transmission over public networks. Existing work on security-enhanced data transmission includes the designs of cryptography algorithms and system infrastructures and security-enhanced routing methods. Their common objectives are often to defeat various threats over the Internet, including eavesdropping, spoofing, session hijacking, etc.Among many well-known designs for cryptograph based systems, the IP Security (IPSec) [23] and the Secure Socket Layer (SSL) [21] are popularly supported and implemented in many systems and platforms. Although IPSec and SSL do greatly improve the security level for data transmission, they unavoidably introduce substantial overheads [1], [7], [13], especially on gateway/host performance and effective network bandwidth. For example, the data transmission overhead is 5 cycles/byte over an Intel Pentium II with the Linux IP stack alone, and the overhead increases to 58 cycles/byte when Advanced Encryption Standard (AES) [10] is adopted for encryption/decryption for IPSec. Another alternative for security-enhanced data transmission is to dynamically route packets between each source and its destination so that the chance for system break-in, due to successful interception of consecutive packets for a session, is slim. The intention of security-enhanced routing is different from the adopting of multiple paths between a source and a destination to increase the throughput of data transmission.
In particular, Lou et al. proposed a secure routing protocol to improve the security of end-to-end data transmission based on multiple path deliveries. The set of multiple paths between each source and its destination is determined in an online fashion, and extra control message exchanging is needed. Bohacek et al. [2] proposed a secure stochastic routing mechanism to improve routing security. Similar to the work proposed by Lou et al. [14], [15], a set of paths is discovered for each source and its destination in an online fashion based on message flooding. Thus, a mass of control messages is needed. Yang and Papavassiliou [25] explored the trading of the security level and the traffic dispersion. They proposed a traffic dispersion scheme to reduce the probability of eavesdropped information along the used paths provided that the set of data delivery paths is discovered in advance. Although excellent research results have been proposed for security-enhanced dynamic routing, many of them rely on the discovery of multiple paths either in an online or offline fashion. For those online path searching approaches, the discovery of multiple paths involves a significant number of control signals over the Internet.
On the other hand, the discovery of paths in an offline fashion might not be suitable to networks with a dynamic changing configuration. Therefore, we will propose a dynamic routing algorithm to provide security enhanced data delivery without introducing any extra control messages. The objective of this work is to explore a security enhanced dynamic routing algorithm based on distributed routing information widely supported in existing wired and wireless networks. We aim at the randomization of delivery paths for data transmission to provide considerably small path similarity (i.e., the number of common links between two delivery paths) of two consecutive transmitted packets.
The proposed algorithm should be easy to implement and compatible with popular routing protocols, such as the Routing Information Protocol (RIP) for wired networks [16] and Destination-Sequenced Distance Vector (DSDV) protocol for wireless networks [20], over existing infrastructures. These protocols shall not increase the number of control messages if the proposed algorithm is adopted. An analytic study will be presented for the proposed routing algorithm, and a series of simulation study will be conducted to verify the analytic results and to show the capability of the proposed algorithm.
Scope of the project
The objective of this work is to explore a security enhanced dynamic routing algorithm based on distributed routing information widely supported in existing wired and wireless networks. We aim at the randomization of delivery paths for data transmission to provide considerably small path similarity (i.e., the number of common links between two delivery paths) of two consecutive transmitted packets. The proposed algorithm should be easy to implement and compatible with popular routing protocols, such as the Routing Information Protocol (RIP) for wired networks [16] and Destination-Sequenced Distance Vector (DSDV) protocol for wireless networks [20], over existing infrastructures. These protocols shall not increase the number of control messages if the proposed algorithm is adopted. An analytic study will be presented for the proposed routing algorithm, and a series of simulation study will be conducted to verify the analytic results and to show the capability of the proposed algorithm.
Literature survey:
Data transmission
Data transmission, digital transmission or digital communications is the physical transfer of data (a digital bit stream) over a point-to-point or point-to-multipoint transmission medium. Examples of such media are copper wires, optical fibers, wireless communication media, and storage media. The data is often represented as an electro-magnetic signal, such as an electrical voltage signal, a radio wave or microwave signal or an infra-red signal.
While analog communications represents a continuously varying signal, a digital transmission can be broken down into discrete messages. The messages are either represented by a sequence of pulses by means of a line code (base band transmission), or by a limited set of analogue wave forms (pass band transmission), using a digital modulation method. According to the most common definition of digital signal, both baseband and passband signals representing bit-streams are considered as digital transmission, while an alternative definition only considers the baseband signal as digital, and the passband transmission as a form of digital-to-analog conversion.
Data transmitted may be digital messages originating from a data source, for example a computer or a keyboard. It may also be an analog signal such as a phone call or a video signal, digitized into a bit-stream for example using pulse-code modulation (PCM) or more advanced source coding (data compression) schemes. This source coding and decoding is carried out by codec equipment.
Applications
Data (mainly but not exclusively informational) has been sent via non-electronic (e.g. optical, acoustic, mechanical) means since the advent of communication. Analog signal data has been sent electronically since the advent of the telephone. However, the first data electromagnetic transmission applications in modern time were telegraphy (1809) and teletypewriters (1906), which are both digital signals. The fundamental theoretical work in data transmission and information theory by Harry Nyquist, Ralph Hartley, Claude Shannon and others during the early 20th century, was done with these applications in mind.
Data transmission is utilized in computers in computer buses and for communication with peripheral equipment via parallel ports and serial ports such us RS-232 (1969), Firewire (1995) and USB (1996). The principles of data transmission are also utilized in storage media for Error detection and correction since 1951.
Data transmission is utilized in computer networking equipment such as modems (1940), local area networks (LAN) adapters (1964), repeaters, hubs, microwave links, wireless network access points (1997), etc.
In telephone networks, digital communication is utilized for transferring many phone calls over the same copper cable or fiber cable by means of Pulse code modulation (PCM), i.e. sampling and digitization, in combination with Time division multiplexing (TDM) (1962). Telephone exchanges have become digital and software controlled, facilitating many value added services. For example the first AXE telephone exchange was presented in 1976. Since late 1980th, digital communication to the end user has been possible using Integrated Services Digital Network (ISDN) services. Since the end of 1990th, broadband access techniques such as ADSL, Cable modems, fiber-to-the-building (FTTB) and fiber-to-the-home (FTTH) have become wide spread to small offices and homes. The current tendency is to replace traditional telecommunication services by packet mode communication such as IP telephony and IPTV.
Transmitting analog signals digitally allows for greater signal processing capability. The ability to process a communications signal means that errors caused by random processes can be detected and corrected. Digital signals can also be sampled instead of continuously monitored. The multiplexing of multiple digital signals is much simpler to the multiplexing of analog signals.
Because of all these advantages, and because recent advances in wideband communication channels and solid-state electronics have allowed scientists to fully realize these advantages, digital communications has grown quickly. Digital communications is quickly edging out analog communication because of the vast demand to transmit computer data and the ability of digital communications to do so.
Baseband or passband transmission
The physically transmitted signal may be one of the following:
1. A baseband signal ("digital-over-digital" transmission): A sequence of electrical pulses or light pulses produced by means of a line coding scheme such as Manchester coding. This is typically used in serial cables, wired local area networks such as Ethernet, and in optical fiber communication. It results in a pulse amplitude modulated signal, also known as a pulse train.
2. A passband signal ("digital-over-analog" transmission): A modulated sine wave signal representing a digital bit-stream. Note that this is in some textbooks considered as analog transmission, but in most books as digital transmission. The signal is produced by means of a digital modulation method such as PSK, QAM or FSK. The modulation and demodulation is carried out by modem equipment. This is used in wireless communication, and over telephone network local-loop and cable-TV networks.