Your search keyword '"Haodong Wang"' showing total 22 results

1. FPC: A new approach to firewall policies compression

Author

Weiping Wang, Jianxin Wang, Yuzhu Cheng, and Haodong Wang

Subjects

Multidisciplinary, Computer science, Network security, business.industry, Network packet, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, 020206 networking & telecommunications, 02 engineering and technology, Rectilinear polygon, 020202 computer hardware & architecture, Firewall (construction), Compression ratio, 0202 electrical engineering, electronic engineering, information engineering, Network performance, Geometric modeling, business, Computer network

Abstract

Firewalls are crucial elements that enhance network security by examining the field values of every packet and deciding whether to accept or discard a packet according to the firewall policies. With the development of networks, the number of rules in firewalls has rapidly increased, consequently degrading network performance. In addition, because most real-life firewalls have been plagued with policy conflicts, malicious traffics can be allowed or legitimate traffics can be blocked. Moreover, because of the complexity of the firewall policies, it is very important to reduce the number of rules in a firewall while keeping the rule semantics unchanged and the target firewall rules conflict-free. In this study, we make three major contributions. First, we present a new approach in which a geometric model, multidimensional rectilinear polygon, is constructed for the firewall rules compression problem. Second, we propose a new scheme, Firewall Policies Compression (FPC), to compress the multidimensional firewall rules based on this geometric model. Third, we conducted extensive experiments to evaluate the performance of the proposed method. The experimental results demonstrate that the FPC method outperforms the existing approaches, in terms of compression ratio and efficiency while maintaining conflict-free firewall rules.

Published

2019

2. Cluster-based Handoff Scheme Design for Platoons in Cellular V2X Networks

Author

Shuhang Zhang, Haodong Wang, Boya Di, and Lingyang Song

Subjects

Markov chain, Computer science, business.industry, Markov process, Base station, symbols.namesake, Handover, Cluster (physics), symbols, Overhead (computing), Resource allocation, Platoon, business, Computer network

Abstract

In this paper we propose a cluster-based platoon handoff protocol (CPHP), in which the platoon is divided into clusters to minimize its handoff delay between two adjacent cells. Via the vehicle-to-vehicle (V2V) communications, multiple clusters are constructed within one platoon and only the cluster head (CH) communicates with the base station (BS) via the vehicle-to-infrastructure (V2I) communications. In this way, the number of V2I links can be greatly saved and the signaling overhead is reduced, thereby shortening the handoff delay. Specifically, we formulate a delay minimization problem based on a discrete-time Markov chain and then optimize the number of clusters and spectrum resource allocation. Simulation results demonstrate a significant decrease in the handoff delay of the platoon. The optimal expected delay under a platoon with 50 vehicles by utilizing the proposed CPHP is 15% smaller than that of the traditional handoff scheme.

Published

2021

3. An optimization of virtual machine selection and placement by using memory content similarity for server consolidation in cloud

Author

Huixi Li, Haodong Wang, Jianxin Wang, and Wenjun Li

Subjects

020203 distributed computing, Computer Networks and Communications, business.industry, Heuristic (computer science), Computer science, Approximation algorithm, 020206 networking & telecommunications, Cloud computing, 02 engineering and technology, computer.software_genre, Similarity (network science), Hardware and Architecture, Virtual machine, 0202 electrical engineering, electronic engineering, information engineering, Data center, business, computer, Host (network), Software, Computer network

Abstract

Optimizing the virtual machine (VM) migration is an important issue of server consolidation in the cloud data center. By leveraging the content similarity among the memory of VMs, the time and the amount of transferred data in VM migration, as well as the pressure of network traffic, can be reduced. There are two problems in server consolidation: (1) determining which VMs should be migrated from the overloaded hosts (VM selection problem) and (2) how to place these VMs to the destination hosts (VM placement problem). By exploiting the content similarity, we redefine the above two problems into one problem to minimize the transferred memory data in VM migration. Given a fixed host overloaded threshold, an approximation algorithm is proposed to solve the problem with one overloaded host and one destination host. For the case of multiple overloaded hosts and destination hosts, two heuristic algorithms are presented with fixed and dynamic overloaded threshold respectively. We conduct a real workload trace based simulation to evaluate the performance of our algorithms. The result shows that our algorithms can produce fewer transferred VM memory data and consume less energy than existing policies.

Published

2018

4. Reducing transport latency for short flows with multipath TCP

Author

Pingping Dong, Wensheng Tang, Jianxin Wang, Wenjun Yang, Haodong Wang, Jiawei Huang, and Yi Pan

Subjects

Computer Networks and Communications, Computer science, business.industry, Network packet, Goodput, Testbed, Congestion window, 020206 networking & telecommunications, Throughput, 02 engineering and technology, Multipath TCP, Computer Science Applications, Scheduling (computing), Hardware and Architecture, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, Latency (engineering), Timeout, business, Heterogeneous network, Computer network

Abstract

Multipath TCP (MPTCP) has been an emerging transport protocol that provides network resilience to failures and improves throughput by splitting a data stream into multiple subflows across all the available multiple paths. While MPTCP is generally beneficial for throughput-sensitive large flows with large number of subflows, it may be harmful for latency-sensitive small flows. MPTCP assigns each subflow a congestion window, making short flows susceptible to timeout when a flow only contains a few packets. This condition becomes even worse when the paths have heterogeneous characteristics as packet reordering occurs and the slow paths can be used with MPTCP, causing the increased end-to-end delay and the lower application Goodput. Thus, it is important to choose the appropriate subflows for each MPTCP connection to achieve the good performance. However, the subflows in MPTCP are determined before a connection is established, and they usually remain unchanged during the lifetime of that connection. To address this issue, we propose DMPTCP, which dynamically adjusts the subflows according to application workloads. Specifically, DMPTCP first utilizes the idea of TCP modeling to estimate the latency on the path under scheduling and the data amount sent on the other paths simultaneously, and then decides the set of subflows to be used for certain application periodically with the goal of reducing completion time for short flows and achieving a higher throughput for long flows. We implement DMPTCP in a Linux server and conduct extensive experiments both in NS3 and in Linux testbed to validate its effectiveness. Our evaluation shows that DMPTCP decreases the completion time by over 46.55% compared to conventional MPTCP for short flows while increases the Goodput up to 21.3% for long-lived flows.

Published

2018

5. A MPTCP Scheduler for Web Transfer

Author

Hangjun Zhou, Haodong Wang, Wensheng Tang, Kai Gao, Xiaoping Lou, Pingping Dong, and Wenjun Yang

Subjects

021103 operations research, Computer science, business.industry, 0211 other engineering and technologies, 02 engineering and technology, Computer Science Applications, Biomaterials, Mechanics of Materials, Modeling and Simulation, Transfer (computing), 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, Electrical and Electronic Engineering, business, Computer network

Published

2018

6. Performance Enhancement of Multipath TCP for Wireless Communications With Multiple Radio Interfaces

Author

Haodong Wang, Geyong Min, Jianxin Wang, Pingping Dong, and Jiawei Huang

Subjects

CUBIC TCP, Engineering, TCP acceleration, business.industry, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, TCP tuning, 020206 networking & telecommunications, 02 engineering and technology, Multipath TCP, TCP global synchronization, Network congestion, TCP Westwood plus, TCP Friendly Rate Control, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, Electrical and Electronic Engineering, business, Computer network

Abstract

Multipath transmission control protocol (MPTCP) allows a TCP connection to operate across multiple paths simultaneously and becomes highly attractive to support the emerging mobile devices with various radio interfaces and to improve resource utilization as well as connection robustness. The existing multipath congestion control algorithms, however, are mainly loss-based and prefer the paths with lower drop rates, leading to severe performance degradation in wireless communication systems, where random packet losses occur frequently. To address this challenge and improve the performance of MPTCP in wireless networks, this paper proposes a new mVeno algorithm, which makes full use of the congestion information of all the subflows belonging to a TCP connection in order to adaptively adjust the transmission rate of each subflow. Specifically, mVeno modifies the additive increase phase of Veno so as to effectively couple all subflows by dynamically varying the congestion window increment based on the receiving ACKs. The weighted parameter of each subflow for tuning the congestion window is determined by distinguishing packet losses caused by random error of wireless links or by network congestion. We implement mVeno in a Linux server and conduct extensive experiments both in test bed and in real WAN to validate its effectiveness. The performance results demonstrate that compared with the existing schemes, mVeno increases the throughput significantly, achieves load balancing, and can keep the fairness with regular TCP.

Published

2016

7. Improving Performance of QoS Applications for Wireless Networks

Author

Jianxin Wang, Haodong Wang, Yi Pan, Pingping Dong, and Jiawei Huang

Subjects

Article Subject, Computer Networks and Communications, business.industry, Computer science, Wireless network, Goodput, Quality of service, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, General Engineering, lcsh:QA75.5-76.95, Telecommunications link, lcsh:Electronic computers. Computer science, business, Computer network

Abstract

The contention based medium access method of 802.11 standards is a fundamental cause of poor downlink goodput and high latency over wireless networks, which makes it impossible to provide QoS guarantees. The intensive channel contention leads to the performance degradation. The problem exacerbates when the traffic asymmetry between the uplink and the downlink is present. While prior research works proposed various mechanisms to alleviate the issue, little was done to specifically address the appropriate parameter setting in a real world network. This study presents a way to obtain the appropriate access parameters that improves the performance of QoS applications over wireless networks. In particular, we propose AQEDCA, a traffic-aware minimum contention window adjustment algorithm. We validate our scheme by the extensive real world network tests and the results show that our scheme improves the downlink goodput up to 199.13%, decreases the latency up to 54.77%, and can achieve tight QoS guarantees as compared to the existing schemes.

Published

2015

8. Channel-Hopping-Based Communication Rendezvous in Cognitive Radio Networks

Author

Qun Li, Gexin Yu, Xiaojun Zhu, Haodong Wang, Yifan Zhang, and Baosheng Wang

Subjects

Computer Networks and Communications, business.industry, Computer science, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, Rendezvous, Throughput, Clock synchronization, Synchronization, Computer Science Applications, Cognitive radio, Control channel, Asynchronous communication, Electrical and Electronic Engineering, business, Software, Computer network, Communication channel

Abstract

Cognitive radio (CR) networks have an ample but dynamic amount of spectrum for communications. Communication rendezvous in CR networks is the process of establishing a control channel between radios before they can communicate. Designing a communication rendezvous protocol that can take advantage of all the available spectrum at the same time is of great importance, because it alleviates load on control channels, and thus further reduces probability of collisions. In this paper, we present ETCH, efficient channel-hopping-based MAC-layer protocols for communication rendezvous in CR networks. Compared to the existing solutions, ETCH fully exploits spectrum diversity in communication rendezvous by allowing all the rendezvous channels to be utilized at the same time. We propose two protocols, SYNC-ETCH, which is a synchronous protocol assuming CR nodes can synchronize their channel hopping processes, and ASYNC-ETCH, which is an asynchronous protocol not relying on global clock synchronization. Our theoretical analysis and ns-2-based evaluation show that ETCH achieves better performances of time-to-rendezvous and throughput than the existing work.

Published

2014

9. Achieving distributed user access control in sensor networks

Author

Haodong Wang and Qun Li

Subjects

Authentication, Computer access control, Computer Networks and Communications, business.industry, Computer science, Network Access Device, Testbed, Access control, Public-key cryptography, Base station, Hardware and Architecture, Network Admission Control, Sensor node, Network Access Control, Access network discovery and selection function, business, Wireless sensor network, Software, Adversary model, Computer network

Abstract

User access control in sensor networks defines a process of granting user an access right to the stored information. It is essential for future real sensor network deployment in which sensors may provide users with different services in terms of data and resource accesses. A centralized access control mechanism requires the base station to be involved whenever a user requests to get authenticated and access the information stored in the sensor node, which is inefficient, not scalable, and is exposed to many potential attacks along long communication paths. In this paper, we propose a distributed user access control under a realistic adversary model in which sensors can be compromised and user may collude. We split the access control into local authentication conducted by a group of sensors physically close to a user, and a light remote authentication based on the endorsement of the local sensors. We implement the access control protocols on a testbed of TelosB motes. Our analysis and experimental results show that our schemes are feasible for real access control requirements.

Published

2012

10. Public-key based access control in sensornet

Author

Haodong Wang, Chiu C. Tan, Bo Sheng, and Qun Li

Subjects

Cryptographic primitive, Computer Networks and Communications, Computer science, business.industry, Key distribution, Access control, Cryptographic protocol, Public-key cryptography, Symmetric-key algorithm, Sensor node, Electrical and Electronic Engineering, Elliptic curve cryptography, business, Key management, Wireless sensor network, Information Systems, Computer network

Abstract

Symmetric cryptography has been mostly used in security schemes in sensor networks due to the concern that public key cryptography (PKC) is too expensive for sensor devices. While these schemes are efficient in processing time, they generally require complicated key management, which may introduce high memory and communication overhead. On the contrary, PKC-based schemes have simple and clean key management, but cost more computational time. The recent progress in PKC implementation, specially elliptic curve cryptography (ECC), on sensors motivates us to design a PKC-based security scheme and compare its performance with the symmetric-key counterparts. This paper proposes a practical PKC-based access control for sensor networks, which consists of pairwise key establishment, local access control, and remote access control. We have implemented both cryptographic primitives on commercial off-the-shelf sensor devices. Building the user access control as a case study, we show that PKC-based protocol is more advantageous than those built on symmetric cryptography in terms of the memory usage, message complexity, and security resilience. Meanwhile, our work also provides insights in integrating and designing PKC-based security protocols for sensor networks.

Published

2011

11. IBE-Lite: A Lightweight Identity-Based Cryptography for Body Sensor Networks

Author

Haodong Wang, Chiu C. Tan, Sheng Zhong, and Qun Li

Subjects

Information privacy, Medical Records Systems, Computerized, business.industry, Computer science, Remote patient monitoring, Information Storage and Retrieval, Data security, Cryptography, General Medicine, Computer security, computer.software_genre, Encryption, Computer Science Applications, Biometric Identification, Identity (object-oriented programming), Humans, Electrical and Electronic Engineering, business, computer, Wireless sensor network, Algorithms, Confidentiality, Monitoring, Physiologic, Biotechnology, Computer network

Abstract

A body sensor network (BSN) is a network of sensors deployed on a person's body for health care monitoring. Since the sensors collect personal medical data, security and privacy are important components in a BSN. In this paper, we developed IBE-Lite, a lightweight identity-based encryption suitable for sensors in a BSN. We present protocols based on IBE-Lite that balance security and privacy with accessibility and perform evaluation using experiments conducted on commercially available sensors.

Published

2009

12. Privacy-aware routing in sensor networks

Author

Haodong Wang, Bo Sheng, and Qun Li

Subjects

Routing protocol, Static routing, Dynamic Source Routing, Computer Networks and Communications, business.industry, Computer science, Advantage, Policy-based routing, Geographic routing, Adversary, Computer security, computer.software_genre, Destination-Sequenced Distance Vector routing, business, Wireless sensor network, computer, Adversary model, Computer network

Abstract

A typical sensor network application is to monitor objects, including wildlife, vehicles and events, in which information about an object is periodically sent back to the sink. Many times, the object needs to be protected for security reasons. However, an adversary can detect message flows and trace the message back to its source by moving in the reverse direction of the flows. This paper aims to maximize source location privacy, which is evaluated by the adversary's traceback time, by designing routing protocols that distribute message flows to different routes. First, we give the performance bound for any routing scheme. Then, we present our routing schemes, which maximize the adversary's average traceback time and achieve max-min traceback time given certain energy constraints. We then propose WRS, a suboptimal but practical privacy-aware routing scheme, and provide simulation results. Finally, we extend the discussion to an extreme adversary model, which allows the adversary to deploy an adversary sensor network to monitor the message routing activities. Accordingly, we propose a random schedule scheme to confuse the adversary. To reduce the message delivery time, we give an approximation algorithm for message routing.

Published

2009

13. Achieving robust message authentication in sensor networks: a public-key based approach

Author

Haodong Wang and Qun Li

Subjects

Authentication, Computer Networks and Communications, business.industry, Computer science, Network packet, Cryptography, Adversary, Computer security, computer.software_genre, Public-key cryptography, Key distribution in wireless sensor networks, Symmetric-key algorithm, Mobile wireless sensor network, Message authentication code, Electrical and Electronic Engineering, Elliptic curve cryptography, business, computer, Wireless sensor network, Information Systems, Computer network

Abstract

Given the extremely limited hardware resources on sensor nodes and the inclement deploying environment, the adversary Denial-of-Service (DoS) attack becomes a serious security threat toward wireless sensor networks. Without adequate defense mechanism, the adversary can simply inundate the network by flooding the bogus data packets, and paralyze the partial or whole sensor network by depleting node battery power. Prior work on false packet filtering in sensor networks are mostly based on symmetric key schemes, with the concern that the public key operations are too expensive for the resource constrained sensors. Recent progress in public key implementations on sensors, however, has shown that public key is already feasible for sensors. In this paper, we present PDF, a Public-key based false Data Filtering scheme that leverages Shamir's threshold cryptography and Elliptic Curve Cryptography (ECC), and effectively rejects 100% of false data packets. We evaluate PDF by real world implementation on MICAz motes. Our experiment results support the conclusion that PDF is practical for real world sensor deployment.

Published

2009

14. LightFlood: Minimizing Redundant Messages and Maximizing Scope of Peer-to-Peer Search

Author

Lei Guo, Xiaodong Zhang, Song Jiang, and Haodong Wang

Subjects

Web server, Computer science, business.industry, Distributed computing, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, Message passing, Overlay network, Peer-to-peer, computer.software_genre, Flooding (computer networking), Computational Theory and Mathematics, File sharing, Hardware and Architecture, Signal Processing, Scalability, business, computer, Computer network

Abstract

Flooding is a fundamental file search operation in unstructured peer-to-peer (P2P) file sharing systems, in which a peer starts the file search procedure by broadcasting a query to its neighbors, who continue to propagate it to their neighbors. This procedure repeats until a time-to-live (TTL) counter is decremented to 0. Flooding can seriously limit system scalability, because the number of redundant query messages grows exponentially during the message propagation. Our study shows that more than 70 percent of the generated messages are redundant in a flooding with a TTL of 7 in a moderately connected Gnutella network. Existing efforts to address this issue have been focused on limiting the use of the flooding operation. We propose a new flooding scheme, called LightFlood, with the objective of minimizing the number of redundant messages and retaining a similar message-propagating scope as that of the standard flooding. In the scheme, each peer keeps track of the connectivities of every immediate and next indirect neighbor peers, which can be acquired locally. LightFlood identifies the neighbor with the highest connectivity and uses the link to that neighbor to form a suboverlay within the existing P2P overlay. In LightFlood, flooding is divided into two stages. The first stage is a standard flooding with a limited number of TTL hops, where a message can spread to a sufficiently large scope with a small number of redundant messages. In the second stage, message propagating is only conducted along the suboverlay, significantly reducing the number of redundant messages. Our analysis and simulation experiments show that the LightFlood scheme provides a low-overhead broadcast facility that can be effectively used in P2P search. For example, compared with standard flooding with seven TTL hops, we show that LightFlood with an additional two to three hops can reduce up to 69 percent of the flooding messages and retain the same flooding scope. We believe that LightFlood can be widely used as a core mechanism for efficient message broadcasting in P2P systems due to its near-optimal performance.

Published

2008

15. Distributed privacy-preserving access control in a single-owner multi-user sensor network

Author

Yi Gao, Chun Chen, Jiajun Bu, Mingjian Yin, Daojing He, Sencun Zhu, Haodong Wang, and Sammy Chan

Subjects

Information privacy, Computer access control, business.industry, Computer science, Network Access Device, Authorization, Access control, Computer security, computer.software_genre, Public-key cryptography, Data access, Network Admission Control, Network Access Control, Access network discovery and selection function, business, computer, Wireless sensor network, Computer network

Abstract

A distributed access control module in wireless sensor networks (WSNs) allows the network to authorize and grant user access privileges for in-network data access. Prior research mainly focuses on designing such access control modules for WSNs, but little attention has been paid to protect user's identity privacy when a user is verified by the network for data accesses. Often, a user does not want the WSN to associate his identity to the data he requests, particularly in a single-owner multi-user WSN. In this paper, we present the design, implementation, and evaluation of a novel approach, Priccess, to ensure privacy-preserving access control. In addition to the theoretical analysis that demonstrates the security properties of Priccess, this paper also reports the experimental results of Priccess in a network of Imote2 motes, which show the efficiency of Priccess in practice.

Published

2011

16. High Speed Data Routing in Vehicular Sensor Networks

Author

Gregory Patrick, George Hsieh, Qun Li, Seth Utecht, Haodong Wang, Harry Gao, and Fengyuan Xu

Subjects

Routing protocol, Zone Routing Protocol, Static routing, Dynamic Source Routing, business.industry, Computer science, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, Enhanced Interior Gateway Routing Protocol, Wireless Routing Protocol, Routing Information Protocol, Link-state routing protocol, Electrical and Electronic Engineering, business, Computer network

Abstract

In this paper, we show through a simple secure symmetric key based protocol design and experiments the feasibility of secure data collection in a vehicular sensor networks. This protocol exhibits high speed data routing for sensor data collection through vehicles. The large communictaion and storage capacities of a vehicle and its mobility facilitates this high speed routing scheme compared with routing through hop-by-hop communication among sensors. We demonstrate that the protocol works in a realistic setting by collecting the real trace data through real implementation.

Published

2010

17. Experimental Study on Secure Data Collection in Vehicular Sensor Networks

Author

Seth Utecht, Harry Gao, Fengyuan Xu, Qun Li, and Haodong Wang

Subjects

Data collection, SIMPLE (military communications protocol), business.industry, Computer science, Distributed computing, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, Jamming, Adversary, Authentication server, Symmetric-key algorithm, Key (cryptography), business, Wireless sensor network, Protocol (object-oriented programming), Computer network

Abstract

In this paper, we show through a simple secure symmetric key based protocol design and its implementation the feasibility of secure data collection in a vehicular sensor networks. We demonstrate that the protocol works in a realistic setting by collecting the real trace data through real implementation. Some of the key considerations are efficiency, deployability and security. The protocol does not safeguard against some of the techniques an adversary could deploy, such as jamming and deliberate battery-draining.

Published

2009

18. Comparing Symmetric-key and Public-key Based Security Schemes in Sensor Networks: A Case Study of User Access Control

Author

Haodong Wang, Chiu C. Tan, Bo Sheng, and Qun Li

Subjects

business.industry, Computer science, Data security, Access control, Cryptography, Cryptographic protocol, Public-key cryptography, Key distribution in wireless sensor networks, Symmetric-key algorithm, Elliptic curve cryptography, business, Key management, Wireless sensor network, Computer network

Abstract

While symmetric-key schemes are efficient in processing time for sensor networks, they generally require complicated key management, which may introduce large memory and communication overhead. On the contrary, public-key based schemes have simple and clean key management, but cost more computational time. The recent progress of elliptic curve cryptography (ECC) implementation on sensors motivates us to design a public-key scheme and compare its performance with the symmetric-key counterparts. This paper builds the user access control on commercial off-the-shelf sensor devices as a case study to show that the public-key scheme can be more advantageous in terms of the memory usage, message complexity, and security resilience. Meanwhile, our work also provides insights in integrating and designing public-key based security protocols for sensor networks.

Published

2008

19. Snoogle: A Search Engine for the Physical World

Author

Chiu C. Tan, Haodong Wang, and Qun Li

Subjects

Information privacy, Search engine, business.industry, Computer science, Real-time computing, Overhead (computing), Data security, Bloom filter, business, Object (computer science), Wireless sensor network, Computer network, Data compression

Abstract

Hardware advances will allow us to embed small devices into everyday objects such as toasters and coffee mugs, thus naturally form a wireless object network that connects the object with each other. This paper presents Snoogle, a search engine for such a network. Snoogle uses information retrieval techniques to index information and process user queries, and compression schemes such as Bloom filters to reduce communication overhead. Snoogle also considers security and privacy protections for sensitive data. We have implemented the system prototype on off-the-shelf sensor motes, and conducted extensive experiments to evaluate the system performance.

Published

2008

20. Body sensor network security

Author

Chiu C. Tan, Sheng Zhong, Qun Li, and Haodong Wang

Subjects

business.industry, Event (computing), Computer science, Cryptography, Encryption, Computer security, computer.software_genre, Key distribution in wireless sensor networks, Body area network, Identity (object-oriented programming), Sensor network security, business, Wireless sensor network, computer, Computer network

Abstract

A body sensor network (BSN), is a network of sensors deployed on a person's body, usually for health care monitoring. Since the sensors collect personal medical data, security and privacy are important components in a body sensor network. At the same time, the collected data has to readily available in the event of an emergency. In this paper, we present IBE-Lite, a lightweight identity-based encryption suitable for sensors, and developed protocols based on IBE-Lite for a BSN.

Published

2008

21. Boosting VoIP Capacity via Service Differentiation in IEEE 802.11e EDCA Networks

Author

Haodong Wang, Jianxin Wang, Pingping Dong, and Yi Pan

Subjects

IEEE 802, Boosting (machine learning), Voice over IP, Article Subject, Computer Networks and Communications, Computer science, business.industry, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, General Engineering, Access control, lcsh:QA75.5-76.95, Telecommunications link, lcsh:Electronic computers. Computer science, business, Computer network

Abstract

This paper considers the performance problem of VoIP over 802.11e WLANs caused by the unfairness between uplink and downlink as well as the inefficient EDCA. A novel medium access control scheme named BEDCA (Balanced EDCA) is presented, which provides service differentiation between the access point (AP) and the mobile stations (STAs) to enhance VoIP capacity. In BEDCA, the expression of AP's contention window is obtained which is a relative constant value independent of the participating STAs. The minimum contention window of the STAs is traffic-aware based on the proposed algorithm. The performance improvement of BEDCA is verified through intensive simulations and the results show the capacity improvement of 82.1% compared to EDCA.

Published

2015

22. Elliptic curve cryptography-based access control in sensor networks

Author

Bo Sheng, Qun Li, and Haodong Wang

Subjects

Computer Networks and Communications, Wireless network, business.industry, Computer science, Cryptography, Access control, Public-key cryptography, Key distribution in wireless sensor networks, Mobile wireless sensor network, Electrical and Electronic Engineering, Elliptic curve cryptography, Safety, Risk, Reliability and Quality, business, Wireless sensor network, Computer network

Abstract

Access control in sensor networks is used to authorise and grant users the right to access the network and data collected by sensors. Different users have different access right due to the access restriction implicated by the data security and confidentiality. Even though symmetric-key scheme, which has been investigated extensively for sensor networks, can fulfil the requirement, public-key cryptography is more flexible and simple rendering a clean interface for the security component. Against the popular belief that a public key scheme is not practical for sensor networks, this paper describes a public-key implementation of access control in a sensor network. We detail the implementation of Elliptic Curve Cryptography (ECC) over primary field, a public-key cryptography scheme, on TelosB, which is the latest sensor network platform. We evaluate the performance of our implementation and compare with other implementations we have ported to TelosB.

Published

2006