Early Binding Updates for Mobile IPv6
Size: px
Start display at page:

Download "Early Binding Updates for Mobile IPv6"

Transcription

1 Early Binding Updates for Mobile IPv6 Christian Vogt, Roland Bless, Mark Doll, Tobias Küfner, IEEE Wireless and Communications and Networking Conference New Orleans, March 15, 2005 Christian Vogt, Research Institute of Telematics, University of Karlsruhe, Germany 1

2 Mobile IPv6 Scenario FTP Christian Vogt, Research Institute of Telematics, University of Karlsruhe, Germany 2

3 Outline Mobile IPv6 basics Security and efficiency Proposed optimization Early Binding Updates Credit-Based Authorization Analysis Conclusion Christian Vogt, Research Institute of Telematics, University of Karlsruhe, Germany 3

4 Mobile IPv6 Basics Mobile Care-of Address Home Address Internet 3000::/ ::/64 Home Address = global ID above IP Care-of Address = locator Christian Vogt, Research Institute of Telematics, University of Karlsruhe, Germany 4

5 Mobile IPv6 Basics Mobile Care-of Address Home Address Internet 3000::/ ::/64 Home Address = global ID above IP Care-of Address = locator Christian Vogt, Research Institute of Telematics, University of Karlsruhe, Germany 5

6 Be Aware! Issue 1: Impersonation Attacker binds a false HoA to some CoA Unauthorized use of a HoA connection Victim's peer hi-jacking, eavesdropping, man-in-the-middle attacks, DoS Man i/t middle (false HoA) Victim (true HoA) Issue 2: Packet Misdirection Amplification Attacker redirects packets to a false CoA Unauthorized use of a CoA flooding Attacker (true CoA) Attacker's peer Victim (false CoA) Solution: HoA/CoA-ownership proofs (HoA/CoA tests) Christian Vogt, Research Institute of Telematics, University of Karlsruhe, Germany 6

7 What Mobile IPv6 Does About It Relationship btw. MN and HA Long-lasting Pre-configuration: Credentials, authorization records Mobile IPv6: IPsec authentication Relationship btw. MN and CN Usually without history No pre-configuration Key exchange insufficient; HoA/CoA-ownership proof required Mobile IPv6: non-cryptographic HoA/CoA tests Christian Vogt, Research Institute of Telematics, University of Karlsruhe, Germany 7

8 What Mobile IPv6 Does About It Mobile Detach Attach Registration with HA RFC 3775 Registration with CN Home Address Test Care-of Address Test Binding Update to CN Christian Vogt, Research Institute of Telematics, University of Karlsruhe, Germany 8

9 And How This Performs Mobile 1 RTT Detach Attach Last packet First packet Registration with HA Home Address Test Care-of Address Test RFC 3775 Binding Update to CN Christian Vogt, Research Institute of Telematics, University of Karlsruhe, Germany 9

10 And How This Performs Mobile Detach Attach Last packet 2 RTT Registration with HA Home Address Test First packet Care-of Address Test RFC 3775 Binding Update to CN Christian Vogt, Research Institute of Telematics, University of Karlsruhe, Germany 10

11 Our Objectives Need Optimization Which significantly reduces handover latency across domains and without special network support Related Work Local: Hierarchical Mobile IPv6, Fast Handovers pro: low latency, zero packet loss con: network support required, no inter-domain optimization End-to-end: Cryptographically Generated Addresses pro: cryptographic HoA-ownership proof, eliminates HoA test con: CoA test still required Christian Vogt, Research Institute of Telematics, University of Karlsruhe, Germany 11

12 Our Approach: Early Binding Updates Mobile Do this test before handover! Register early with the CN! Use CoA during test! Detach Attach Early Binding Updates Home Address Test Registration with HA Early Binding Update to CN Care-of Address Test Binding Update to CN Christian Vogt, Research Institute of Telematics, University of Karlsruhe, Germany 12

13 Unverified Care-of Addresses Issue: CoA unverified for a while Period of vulnerability btw. Early and standard Binding Update Negligible in some scenarios, usually requires additional protection Solution: Prevent amplification Observation: amplification (not misdirection per se) makes redirection-based flooding attractive Rationale: no amplification redirection-based flooding unattractive Credit-based technique Christian Vogt, Research Institute of Telematics, University of Karlsruhe, Germany 13

14 Our Solution: Credit-Based Authorization Mobile Acquires credit by sending pkts. Consumes credit for being sent pkts. to unverified CoA Maintains credit account Christian Vogt, Research Institute of Telematics, University of Karlsruhe, Germany 14

15 Our Solution: Credit-Based Authorization Mobile Christian Vogt, Research Institute of Telematics, University of Karlsruhe, Germany 15

16 Our Solution: Credit-Based Authorization Mobile Christian Vogt, Research Institute of Telematics, University of Karlsruhe, Germany 16

17 Our Solution: Credit-Based Authorization Mobile Christian Vogt, Research Institute of Telematics, University of Karlsruhe, Germany 17

18 Our Solution: Credit-Based Authorization Mobile Christian Vogt, Research Institute of Telematics, University of Karlsruhe, Germany 18

19 Our Solution: Credit-Based Authorization Mobile Christian Vogt, Research Institute of Telematics, University of Karlsruhe, Germany 19

20 Our Solution: Credit-Based Authorization Mobile Christian Vogt, Research Institute of Telematics, University of Karlsruhe, Germany 20

21 Our Solution: Credit-Based Authorization Mobile Detach Attach CoA unverified Signaling not shown Christian Vogt, Research Institute of Telematics, University of Karlsruhe, Germany 21

22 Our Solution: Credit-Based Authorization Mobile Detach Attach CoA unverified Signaling not shown Christian Vogt, Research Institute of Telematics, University of Karlsruhe, Germany 22

23 Our Solution: Credit-Based Authorization Mobile Detach Attach CoA unverified Signaling not shown Christian Vogt, Research Institute of Telematics, University of Karlsruhe, Germany 23

24 Our Solution: Credit-Based Authorization Mobile Detach Attach CoA unverified Signaling not shown Christian Vogt, Research Institute of Telematics, University of Karlsruhe, Germany 24

25 Our Solution: Credit-Based Authorization Mobile Detach Attach CoA unverified Signaling not shown Christian Vogt, Research Institute of Telematics, University of Karlsruhe, Germany 25

26 Our Solution: Credit-Based Authorization Mobile Detach Attach CoA unverified Signaling not shown! Christian Vogt, Research Institute of Telematics, University of Karlsruhe, Germany 26

27 Our Solution: Credit-Based Authorization Mobile Detach Attach CoA unverified Signaling not shown Christian Vogt, Research Institute of Telematics, University of Karlsruhe, Germany 27

28 Our Solution: Credit-Based Authorization Mobile Detach Attach CoA unverified Signaling not shown Christian Vogt, Research Institute of Telematics, University of Karlsruhe, Germany 28

29 Asymmetric Traffic Patterns Issue: Asymmetric Traffic Patterns Some applications feature asymmetric traffic patterns No sufficient credit upon handover Solution: Credit for Packet Reception and Processing Feedback mechanism for CN Care-of Address Spot Checks (in-band extension of CoA tests) Not covered here Christian Vogt, Research Institute of Telematics, University of Karlsruhe, Germany 29

30 How Much Do We Benefit? Mobile Corresp'dnt Mobile Corresp'dnt Last packet 1 RTT Other Last packet First packet First packet RFC 3775 Early Binding Updates Christian Vogt, Research Institute of Telematics, University of Karlsruhe, Germany 30

31 How Much Do We Benefit? Mobile Corresp'dnt Mobile Corresp'dnt Last packet Last packet 2 RTT 1 RTT First packet First packet RFC 3775 Early Binding Updates Christian Vogt, Research Institute of Telematics, University of Karlsruhe, Germany 31

32 Analysis of Early Binding Updates Advantages of Early Binding Updates Half of standard latency, or less No special network support Applicable to inter-domain handovers Drawbacks of Early Binding Updates Additional signaling for proactive HoA tests (if done periodically) Still 1 RTT latency Christian Vogt, Research Institute of Telematics, University of Karlsruhe, Germany 32

33 Scenario 1: TCP Throughput Seqno RFC E6 3,678KB Early Binding Updates 4,363KB 3.0E6 50ms 50ms 2.0E6 50ms One-Way Times 1.0E6 x+5s x+10s x+15s x+20s x+5s x+10s x+15s x+20s Christian Vogt, Research Institute of Telematics, University of Karlsruhe, Germany 33

34 Preliminary Results of TCP Experimentations Seqno RFC E6 Early Binding Updates 4,226KB 2.5E6 2,296KB 100ms,256kbps 100ms,256kbps 50ms 256kbps 1.5E6 One-Way Times & Bandwidths 0.5E6 x+5s x+10s x+15s x+20s x+5s x+10s x+15s x+20s Christian Vogt, Research Institute of Telematics, University of Karlsruhe, Germany 34

35 Conclusion Current Status Implementation in FreeBSD 5.3, Kame-Shisa Mobile IPv6 Ongoing work in IETF, IRTF; CBA now to be integrated into HIP Open Issues Impacts on applications? Effects on TCP retransmission timers? Future Perspectives Proactive registration before handover eliminate remaining delays Christian Vogt, Research Institute of Telematics, University of Karlsruhe, Germany 35

Similar documents

Efficient End-to-End Mobility Support in IPv6

Efficient End-to-End Mobility Support in IPv6 Efficient End-to-End Mobility Support in IPv6, Mark Doll, doll@tm.uka.de, Communicating Anywhere, Anytime 1 Mobile IPv6 Basics mobile node @ home address Internet visited network home network correspondent

More information

Early Binding Updates and Credit-Based Authorization A Status Update

Early Binding Updates and Credit-Based Authorization A Status Update Status update New drafts Implementation Experimentation results Early Binding Updates and Credit-Based Authorization A Status Update Why Do We Need Enhancement? Mobile IPv6 Route Optimization uses return-routability

More information

MIP6 Route Optimization Enhancements

MIP6 Route Optimization Enhancements MIP6 Route Optimization Enhancements draft-arkko-mip6-ro-enhancements-00 Jari Arkko, jari.arkko@ericsson.com Christian Vogt, chvogt@tm.uka.de IETF 61, Washington D.C. Mobopts Meeting, November 10, 2004

More information

REDUCING PACKET OVERHEAD IN MOBILE IPV6

REDUCING PACKET OVERHEAD IN MOBILE IPV6 REDUCING PACKET OVERHEAD IN MOBILE IPV6 ABSTRACT Hooshiar Zolfagharnasab 1 1 Department of Computer Engineering, University of Isfahan, Isfahan, Iran hoppico@eng.ui.ac.ir hozo19@gmail.com Common Mobile

More information

An Active Network Based Hierarchical Mobile Internet Protocol Version 6 Framework

An Active Network Based Hierarchical Mobile Internet Protocol Version 6 Framework An Active Network Based Hierarchical Mobile Internet Protocol Version 6 Framework Zutao Zhu Zhenjun Li YunYong Duan Department of Business Support Department of Computer Science Department of Business

More information

Research Article A Two-Layered Mobility Architecture Using Fast Mobile IPv6 and Session Initiation Protocol

Research Article A Two-Layered Mobility Architecture Using Fast Mobile IPv6 and Session Initiation Protocol Hindawi Publishing Corporation EURA Journal on Wireless Communications and Networking Volume 2008, Article ID 348594, 8 pages doi:10.1155/2008/348594 Research Article A Two-Layered Mobility Architecture

More information

Performance Evaluation of a QoS-Aware Handover Mechanism

Performance Evaluation of a QoS-Aware Handover Mechanism Performance Evaluation of a QoS-Aware Handover Mechanism 1.Introduction Background Requirements in mobile communication Seamless mobility support Guarantee certain levels of QoS Mobile communications over

More information

Boosting mobility performance with Multi-Path TCP

Boosting mobility performance with Multi-Path TCP Boosting mobility performance with Multi-Path TCP Name SURNAME 1, Name SURNAME 2 1 Organisation, Address, City, Postcode, Country Tel: +countrycode localcode number, Fax: + countrycode localcode number,

More information

Tomás P. de Miguel DIT-UPM. dit UPM

Tomás P. de Miguel DIT-UPM. dit UPM Tomás P. de Miguel DIT- 15 12 Internet Mobile Market Phone.com 15 12 in Millions 9 6 3 9 6 3 0 1996 1997 1998 1999 2000 2001 0 Wireless Internet E-mail subscribers 2 (January 2001) Mobility The ability

More information

Network Mobility Support Scheme on PMIPv6 Networks

Network Mobility Support Scheme on PMIPv6 Networks Network Mobility Support Scheme on PMIPv6 Networks Hyo-Beom Lee 1, Youn-Hee Han 2 and Sung-Gi Min 1 1 Dept. of Computer Science and Engineering, Korea University, Seoul, South Korea. sgmin@korea.ac.kr

More information

Security issues with Mobile IP

Security issues with Mobile IP Technical report, IDE1107, February 2011 Security issues with Mobile IP Master s Thesis in Computer Network Engineering Abdel Rahman Alkhawaja & Hatem Sheibani School of Information Science, Computer and

More information

MOBILE VIDEO WITH MOBILE IPv6

MOBILE VIDEO WITH MOBILE IPv6 MOBILE VIDEO WITH MOBILE IPv6 DANIEL MINOLI WILEY A JOHN WILEY & SONS, INC., PUBLICATION CONTENTS PREFACE ABOUT THE AUTHOR xi xiii 1 THE MOBILE USER ENVIRONMENT: SMART PHONES, PORTABLE MEDIA PLAYERS (PMPs),

More information

Mobile Internet Protocol v6 MIPv6

Mobile Internet Protocol v6 MIPv6 Mobile Internet Protocol v6 MIPv6 A brief introduction Holger.Zuleger@hznet.de 13-dec-2005 Holger Zuleger 1/15 > c Defined by MIPv6 RFC3775: Mobility Support in IPv6 (June 2004) RFC3776: Using IPsec to

More information

Quality-of-Service Support for Mobile Users using NSIS Roland Bless, Martin Röhricht Networking 2009, Aachen

Quality-of-Service Support for Mobile Users using NSIS Roland Bless, Martin Röhricht Networking 2009, Aachen Quality-of-Service Support for Mobile Users using NSIS Roland Bless, Martin Röhricht Motivation 1 More and more resource demanding Internet applications and multimedia streams video broadcasts, Voice-over-IP,

More information

Mobile IP Part I: IPv4

Mobile IP Part I: IPv4 Mobile IP Part I: IPv4 Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu These slides are available on-line at: http://www.cse.wustl.edu/~jain/cse574-06/ 12-1 q Mobile

More information

A Brief Overview of VoIP Security. By John McCarron. Voice of Internet Protocol is the next generation telecommunications method.

A Brief Overview of VoIP Security. By John McCarron. Voice of Internet Protocol is the next generation telecommunications method. A Brief Overview of VoIP Security By John McCarron Voice of Internet Protocol is the next generation telecommunications method. It allows to phone calls to be route over a data network thus saving money

More information

IP and Mobility. Requirements to a Mobile IP. Terminology in Mobile IP

IP and Mobility. Requirements to a Mobile IP. Terminology in Mobile IP IP and Mobility Chapter 2 Technical Basics: Layer Methods for Medium Access: Layer 2 Chapter Wireless Networks: Bluetooth, WLAN, WirelessMAN, WirelessWAN Mobile Telecommunication Networks: GSM, GPRS, UMTS

More information

Network Security Fundamentals

Network Security Fundamentals APNIC elearning: Network Security Fundamentals 27 November 2013 04:30 pm Brisbane Time (GMT+10) Introduction Presenter Sheryl Hermoso Training Officer sheryl@apnic.net Specialties: Network Security IPv6

More information

Packet Level Authentication Overview

Packet Level Authentication Overview Packet Level Authentication Overview Dmitrij Lagutin, Dmitrij.Lagutin@hiit.fi Helsinki Institute for Information Technology HIIT Aalto University School of Science and Technology Contents Introduction

More information

Strategies. Addressing and Routing

Strategies. Addressing and Routing Strategies Circuit switching: carry bit streams original telephone network Packet switching: store-and-forward messages Internet Spring 2007 CSE 30264 14 Addressing and Routing Address: byte-string that

More information

Hierarchical Mobility Management for VoIP Traffic

Hierarchical Mobility Management for VoIP Traffic Hierarchical Mobility Management for VoIP Traffic Archan Misra Subir Das Anthony J McAuley Telcordia Technologies, Inc 445 South Street Morristown, NJ 07960 1 Abstract A hierarchical IP-based mobility

More information

Analysis of Mobile IP in Wireless LANs

Analysis of Mobile IP in Wireless LANs ENSC 835: COMMUNICATION NETWORKS FINAL PROJECT PRESENTATIONS Spring 2011 Analysis of Mobile IP in Wireless LANs www.sfu.ca/~bshahabi Babak Shahabi (bshahabi@sfu.ca( bshahabi@sfu.ca) 301102998 Shaoyun Yang

More information

IEEE P802 Handoff ECSG Handoff for Multi-interfaced 802 Mobile Devices. Abstract

IEEE P802 Handoff ECSG Handoff for Multi-interfaced 802 Mobile Devices. Abstract IEEE P802 Handoff ECSG Handoff for Multi-interfaced 802 Mobile Devices Date: May 12, 2003 Authors: Huai-An (Paul) Lin Intel Corp. 2111 NE 25 th Avenue, OR 97124 Phone: +1 503-264-6726 E-mail: huai-an.lin@intel.com

More information

Performance Evaluation of Two Layered Mobility Management using Mobile IP and Session Initiation Protocol

Performance Evaluation of Two Layered Mobility Management using Mobile IP and Session Initiation Protocol Performance Evaluation of Two Layered Mobility Management using Mobile IP and Session Initiation Protocol Jin-Woo Jung*, Hyun-Kook Kahng**, Ranganathan Mudumbai*, Doug Montgomery * * National Institute

More information

Security Issues in Space Networks

Security Issues in Space Networks Security Issues in Space Networks Mohammed Atiquzzaman and Md. Shohrab Hossain School of Computer Science The University of Oklahoma, Norman, OK 73019 shohrab@ou.edu, atiq@ou.edu Abstract Satellites are

More information

Lecture Objectives. Lecture 07 Mobile Networks: TCP in Wireless Networks. Agenda. TCP Flow Control. Flow Control Can Limit Throughput (1)

Lecture Objectives. Lecture 07 Mobile Networks: TCP in Wireless Networks. Agenda. TCP Flow Control. Flow Control Can Limit Throughput (1) Lecture Objectives Wireless and Mobile Systems Design Lecture 07 Mobile Networks: TCP in Wireless Networks Describe TCP s flow control mechanism Describe operation of TCP Reno and TCP Vegas, including

More information

Load Balancing in Mobile IPv6 s Correspondent Networks with Mobility Agents

Load Balancing in Mobile IPv6 s Correspondent Networks with Mobility Agents Load Balancing in Mobile IPv6 s Correspondent Networks with Mobility Agents Albert Cabellos-Aparicio, Jordi Domingo Pascual Departament d Arquitectura de Computadors Universitat Politècnica de Catalunya

More information

INTERNATIONAL JOURNAL OF PURE AND APPLIED RESEARCH IN ENGINEERING AND TECHNOLOGY

INTERNATIONAL JOURNAL OF PURE AND APPLIED RESEARCH IN ENGINEERING AND TECHNOLOGY INTERNATIONAL JOURNAL OF PURE AND APPLIED RESEARCH IN ENGINEERING AND TECHNOLOGY A PATH FOR HORIZING YOUR INNOVATIVE WORK AN OVERVIEW OF MOBILE ADHOC NETWORK: INTRUSION DETECTION, TYPES OF ATTACKS AND

More information

A O T. Heterogeneous Networks and Mobility User Perspective. Agententechnologien in der Telekommunikation Sommersemester 2009. Lecture 4 20.05.

A O T. Heterogeneous Networks and Mobility User Perspective. Agententechnologien in der Telekommunikation Sommersemester 2009. Lecture 4 20.05. Heterogeneous Networks and Mobility User Perspective Agententechnologien in der Telekommunikation Sommersemester 2009 Thomas Geithner thomas.geithner@dai-labor.de Lecture 4 20.05.2009 Agententechnologien

More information

Mobility Management Advanced

Mobility Management Advanced Mobility Management Advanced Summer Semester 2011 Integrated Communication Systems Group Ilmenau University of Technology Outline Motivation Mobility Management Approaches in the TCP/IP Reference Model

More information

Network Friendliness of Mobility Management Protocols

Network Friendliness of Mobility Management Protocols Network Friendliness of Mobility Management Protocols Md Sazzadur Rahman, Mohammed Atiquzzaman Telecommunications and Networks Research Lab School of Computer Science, University of Oklahoma, Norman, OK

More information

APNIC elearning: Network Security Fundamentals. 20 March 2013 10:30 pm Brisbane Time (GMT+10)

APNIC elearning: Network Security Fundamentals. 20 March 2013 10:30 pm Brisbane Time (GMT+10) APNIC elearning: Network Security Fundamentals 20 March 2013 10:30 pm Brisbane Time (GMT+10) Introduction Presenter/s Nurul Islam Roman Senior Training Specialist nurul@apnic.net Specialties: Routing &

More information

Link Layer and Network Layer Security for Wireless Networks

Link Layer and Network Layer Security for Wireless Networks White Paper Link Layer and Network Layer Security for Wireless Networks Abstract Wireless networking presents a significant security challenge. There is an ongoing debate about where to address this challenge:

More information

Load Balancing in Mobile IPv6 s Correspondent Networks with Mobility Agents

Load Balancing in Mobile IPv6 s Correspondent Networks with Mobility Agents 1 Load Balancing in Mobile IPv6 s Correspondent Networks with Mobility Agents Albert Cabellos-Aparicio, Jordi Domingo-Pascual Abstract A foreseeable scenario is where on the Internet Mobile IPv6 is deployed

More information

A Study on Mobile IPv6 Based Mobility Management Architecture

A Study on Mobile IPv6 Based Mobility Management Architecture UDC 621.396.69:681.32 A Study on Mobile IPv6 Based Mobility Management Architecture VTsuguo Kato VRyuichi Takechi VHideaki Ono (Manuscript received January 19, 2001) Mobile IPv6 is considered to be one

More information

Firewall Defaults, Public Server Rule, and Secondary WAN IP Address

Firewall Defaults, Public Server Rule, and Secondary WAN IP Address Firewall Defaults, Public Server Rule, and Secondary WAN IP Address This quick start guide provides the firewall defaults and explains how to configure some basic firewall rules for the ProSafe Wireless-N

More information

IP Flow Mobility: Smart Traffic Offload for Future Wireless Networks

IP Flow Mobility: Smart Traffic Offload for Future Wireless Networks 1 IP Flow Mobility: Smart Traffic Offload for Future Wireless Networks Antonio de la Oliva, Carlos J. Bernardos, Maria Calderon, Telemaco Melia and Juan Carlos Zuniga Universidad Carlos III de Madrid,

More information

A Solution for IP Mobility Support in Software Defined Networks

A Solution for IP Mobility Support in Software Defined Networks A Solution for IP Mobility Support in Software Defined Networks You Wang and Jun Bi Institute for Network Sciences and Cyberspace Department of Computer Science Tsinghua National Laboratory for Information

More information

DOMAIN NAME SECURITY EXTENSIONS

DOMAIN NAME SECURITY EXTENSIONS DOMAIN NAME SECURITY EXTENSIONS The aim of this paper is to provide information with regards to the current status of Domain Name System (DNS) and its evolution into Domain Name System Security Extensions

More information

Mobility Management in Military Networks

Mobility Management in Military Networks 1 Multilayered Mobility Management for Survivable Network Ashutosh Dutta, James Burns, K. Daniel Wong, Ravi Jain, Ken Young Telcordia Technologies, 445 South Street, Morristown, NJ 07960 Henning Schulzrinne

More information

Basic Vulnerability Issues for SIP Security

Basic Vulnerability Issues for SIP Security Introduction Basic Vulnerability Issues for SIP Security By Mark Collier Chief Technology Officer SecureLogix Corporation mark.collier@securelogix.com The Session Initiation Protocol (SIP) is the future

More information

TLS and SRTP for Skype Connect. Technical Datasheet

TLS and SRTP for Skype Connect. Technical Datasheet TLS and SRTP for Skype Connect Technical Datasheet Copyright Skype Limited 2011 Introducing TLS and SRTP Protocols help protect enterprise communications Skype Connect now provides Transport Layer Security

More information

Chapter 7 Transport-Level Security

Chapter 7 Transport-Level Security Cryptography and Network Security Chapter 7 Transport-Level Security Lectured by Nguyễn Đức Thái Outline Web Security Issues Security Socket Layer (SSL) Transport Layer Security (TLS) HTTPS Secure Shell

More information

Security Overview on Mobile IP Networks

Security Overview on Mobile IP Networks Security Overview on Mobile IP Networks Osama Ali Abdelgadir 1, Amin Babiker A.Nabi 2, Ashraf Gasim Elsid Abdalla 3 1 Alneelain University, Department of Electronics & Communication Engineering, Faculty

More information

Proactive DAD: An L2-assisted Fast Address Acquisition. Strategy for Mobile IPv6 Networks

Proactive DAD: An L2-assisted Fast Address Acquisition. Strategy for Mobile IPv6 Networks Proactive DAD: An L2-assisted Fast Address Acquisition Strategy for Mobile IPv6 Networks Chien-Chao Tseng Department of Computer Science and Information Engineering National Chiao-Tung University Hsinchu,

More information

Data Networks Summer 2007 Homework #3

Data Networks Summer 2007 Homework #3 Data Networks Summer Homework # Assigned June 8, Due June in class Name: Email: Student ID: Problem Total Points Problem ( points) Host A is transferring a file of size L to host B using a TCP connection.

More information

Securing VoIP Networks using graded Protection Levels

Securing VoIP Networks using graded Protection Levels Securing VoIP Networks using graded Protection Levels Andreas C. Schmidt Bundesamt für Sicherheit in der Informationstechnik, Godesberger Allee 185-189, D-53175 Bonn Andreas.Schmidt@bsi.bund.de Abstract

More information

MOBILITY MANAGEMENT ARCHITECTURE FOR 4G NETWORKS. This chapter discusses the design of proposed mobility management

MOBILITY MANAGEMENT ARCHITECTURE FOR 4G NETWORKS. This chapter discusses the design of proposed mobility management 118 Chapter 3 MOBILITY MANAGEMENT ARCHITECTURE FOR 4G NETWORKS This chapter discusses the design of proposed mobility management (MM) architecture for future 4G networks. As indicated earlier in previous

More information

The Problem with TCP. Overcoming TCP s Drawbacks

The Problem with TCP. Overcoming TCP s Drawbacks White Paper on managed file transfers How to Optimize File Transfers Increase file transfer speeds in poor performing networks FileCatalyst Page 1 of 6 Introduction With the proliferation of the Internet,

More information

An End-System Approach to Mobility Management for 4G Networks and its Application to Thin-Client Computing

An End-System Approach to Mobility Management for 4G Networks and its Application to Thin-Client Computing An End-System Approach to Mobility Management for 4G Networks and its Application to Thin-Client Computing Leo Patanapongpibul a Glenford Mapp b Andy Hopper a leo.p@cantab.net g.mapp@mdx.ac.uk ah12@cam.ac.uk

More information

Protecting DNS Critical Infrastructure Solution Overview. Radware Attack Mitigation System (AMS) - Whitepaper

Protecting DNS Critical Infrastructure Solution Overview. Radware Attack Mitigation System (AMS) - Whitepaper Protecting DNS Critical Infrastructure Solution Overview Radware Attack Mitigation System (AMS) - Whitepaper Table of Contents Introduction...3 DNS DDoS Attacks are Growing and Evolving...3 Challenges

More information

A Mobile Ad-hoc Satellite and Wireless Mesh Networking Approach for Public Safety Communications

A Mobile Ad-hoc Satellite and Wireless Mesh Networking Approach for Public Safety Communications A Mobile Ad-hoc Satellite and Wireless Mesh Networking Approach for Public Safety Communications G. Iapichino, C. Bonnet Mobile Communications Department Eurecom Sophia Antipolis, France {Iapichin, Bonnet}@eurecom.fr

More information

An Experimental Study of Cross-Layer Security Protocols in Public Access Wireless Networks

An Experimental Study of Cross-Layer Security Protocols in Public Access Wireless Networks An Experimental Study of Cross-Layer Security Protocols in Public Access Wireless Networks Avesh K. Agarwal Wenye Wang Department of Electrical and Computer Engineering North Carolina State University,

More information

Low-rate TCP-targeted Denial of Service Attack Defense

Low-rate TCP-targeted Denial of Service Attack Defense Low-rate TCP-targeted Denial of Service Attack Defense Johnny Tsao Petros Efstathopoulos University of California, Los Angeles, Computer Science Department Los Angeles, CA E-mail: {johnny5t, pefstath}@cs.ucla.edu

More information

A Network-Controlled Architecture for SCTP Hard Handover

A Network-Controlled Architecture for SCTP Hard Handover A Network-Controlled Architecture for SCTP Hard Handover Khadija Daoud, Karine Guillouard, Philippe Herbelin Orange Labs, Issy Les Moulineaux, France {first name.last name}@orange-ftgroup.com Abstract

More information

Chapter 8 Security. IC322 Fall 2014. Computer Networking: A Top Down Approach. 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012

Chapter 8 Security. IC322 Fall 2014. Computer Networking: A Top Down Approach. 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 Chapter 8 Security IC322 Fall 2014 Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 All material copyright 1996-2012 J.F Kurose and K.W. Ross, All

More information

How To Write A Transport Layer Protocol For Wireless Networks

How To Write A Transport Layer Protocol For Wireless Networks Chapter 9: Transport Layer and Security Protocols for Ad Hoc Wireless Networks Introduction Issues Design Goals Classifications TCP Over Ad Hoc Wireless Networks Other Transport Layer Protocols Security

More information

IP Networking Untethered

IP Networking Untethered IP Networking Untethered Alan O NeillO Flarion Technologies Reliable link Low delay Link Layer Wish List Far fewer end-to to-end retransmissions Better Efficient transport layer (TCP/IP) User Experience

More information

Applications. Network Application Performance Analysis. Laboratory. Objective. Overview

Applications. Network Application Performance Analysis. Laboratory. Objective. Overview Laboratory 12 Applications Network Application Performance Analysis Objective The objective of this lab is to analyze the performance of an Internet application protocol and its relation to the underlying

More information

IPv6 mobility and ad hoc network mobility overview report

IPv6 mobility and ad hoc network mobility overview report Institut Eurecom 1 Department of Mobile Communications 2229, route des Crêtes B.P. 193 06904 Sophia Antipolis FRANCE Research Report RR-08-217 IPv6 mobility and ad hoc network mobility overview report

More information

Security vulnerabilities in the Internet and possible solutions

Security vulnerabilities in the Internet and possible solutions Security vulnerabilities in the Internet and possible solutions 1. Introduction The foundation of today's Internet is the TCP/IP protocol suite. Since the time when these specifications were finished in

More information

3G/Wi-Fi Seamless Offload

3G/Wi-Fi Seamless Offload Qualcomm Incorporated March 2010 Table of Contents [1] Introduction... 1 [2] The Role of WLAN... 2 [3] 3G/Wi-Fi Seamless Offload Pathway... 2 [4] Application-Based Switching... 3 [5] Wi-Fi Mobility...

More information

TCP for Wireless Networks

TCP for Wireless Networks TCP for Wireless Networks Outline Motivation TCP mechanisms Indirect TCP Snooping TCP Mobile TCP Fast retransmit/recovery Transmission freezing Selective retransmission Transaction oriented TCP Adapted

More information

Wireless Networks: Network Protocols/Mobile IP

Wireless Networks: Network Protocols/Mobile IP Wireless Networks: Network Protocols/Mobile IP Mo$va$on Data transfer Encapsula$on Security IPv6 Problems DHCP Adapted from J. Schiller, Mobile Communications 1 Mo$va$on for Mobile IP Rou$ng based on IP

More information

Handover Management based on the Number of Retries for VoIP on WLANs

Handover Management based on the Number of Retries for VoIP on WLANs Handover Management based on the Number of Retries for VoIP on WLANs Shigeru Kashihara Yuji Oie Department of Computer Science and Electronics, Kyushu Institute of Technology Kawazu 68-4, Iizuka, 82-852

More information

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs Why Network Security? Keep the bad guys out. (1) Closed networks

More information

Internet Architecture for Robust Mobility. Sangheon Pack (백상헌) Korea University shpack@korea.ac.kr

Internet Architecture for Robust Mobility. Sangheon Pack (백상헌) Korea University shpack@korea.ac.kr Internet Architecture for Robust Mobility Sangheon Pack (백상헌) Korea University shpack@korea.ac.kr Contents Introduction IETF Activity Home Agent Reliability Protocol P2P-based Approaches ROAM and SAMP

More information

User authentication in SIP

User authentication in SIP User authentication in SIP Pauli Vesterinen Helsinki University of Technology pjvester@cc.hut.fi Abstract Today Voice over Internet Protocol (VoIP) is used in large scale to deliver voice and multimedia

More information

Secured VPN Models for LTE Backhaul Networks

Secured VPN Models for LTE Backhaul Networks Secured VPN Models for LTE Backhaul Networks Madhusanka Liyanage, Andrei Gurtov Centre for Wireless Communications University of Oulu, P.O. Box 45, FI-914 Oulu, Finland Email: [madhusanka, gurtov]@ee.oulu.fi

More information

Vulnerabili3es and A7acks

Vulnerabili3es and A7acks IPv6 Security Vulnerabili3es and A7acks Inherent vulnerabili3es Less experience working with IPv6 New protocol stack implementa3ons Security devices such as Firewalls and IDSs have less support for IPv6

More information

VoIP Security. Seminar: Cryptography and Security. 07.06.2006 Michael Muncan

VoIP Security. Seminar: Cryptography and Security. 07.06.2006 Michael Muncan VoIP Security Seminar: Cryptography and Security Michael Muncan Overview Introduction Secure SIP/RTP Zfone Skype Conclusion 1 Introduction (1) Internet changed to a mass media in the middle of the 1990s

More information

Adaptive MAP Selection with Load Balancing Mechanism for the Hierarchical Mobile IPv6

Adaptive MAP Selection with Load Balancing Mechanism for the Hierarchical Mobile IPv6 Tamkang Journal of Science and Engineering, Vol. 12, No. 4, pp. 481 487 (2009) 481 Adaptive MAP Selection with Load Balancing Mechanism for the Hierarchical Mobile IPv6 Ying-Hong Wang, Chih-Peng Hsu* and

More information

SCTP-Sec: A secure Transmission Control Protocol

SCTP-Sec: A secure Transmission Control Protocol SCTP-Sec: A secure Transmission Control Protocol Rahul Choudhari Indian Institute of Information Technology & Management, Gwalior, INDIA Email: rahul.choudhari@iiitm.ac.in { Somanath Tripathy Indian Institute

More information

A Major Functionality in Next Generation Networks Using -- Mobility Management

A Major Functionality in Next Generation Networks Using -- Mobility Management A Major Functionality in Next Generation Networks Using -- Mobility Management Sunil kumar J, Satyanarayana Gadadda, K.Sateesh Kumar Assistant Professor, Department of Electrical and computer science Engineering,

More information

Introducing Reliability and Load Balancing in Mobile IPv6 based Networks

Introducing Reliability and Load Balancing in Mobile IPv6 based Networks Introducing Reliability and Load Balancing in Mobile IPv6 based Networks Jahanzeb Faizan Southern Methodist University Dallas, TX, USA jfaizan@engr.smu.edu Hesham El-Rewini Southern Methodist University

More information

Lecture 15: Congestion Control. CSE 123: Computer Networks Stefan Savage

Lecture 15: Congestion Control. CSE 123: Computer Networks Stefan Savage Lecture 15: Congestion Control CSE 123: Computer Networks Stefan Savage Overview Yesterday: TCP & UDP overview Connection setup Flow control: resource exhaustion at end node Today: Congestion control Resource

More information

TRIM: an Architecture for Transparent IMS-based Mobility

TRIM: an Architecture for Transparent IMS-based Mobility TRIM: an Architecture for Transparent IMS-based Mobility Ivan Vidal a,, Antonio de la Oliva a, Jaime Garcia-Reinoso a, Ignacio Soto b a Universidad Carlos III de Madrid. Avda. de la Universidad 30 28911

More information

TECHNICAL CHALLENGES OF VoIP BYPASS

TECHNICAL CHALLENGES OF VoIP BYPASS TECHNICAL CHALLENGES OF VoIP BYPASS Presented by Monica Cultrera VP Software Development Bitek International Inc 23 rd TELELCOMMUNICATION CONFERENCE Agenda 1. Defining VoIP What is VoIP? How to establish

More information

CS268 Exam Solutions. 1) End-to-End (20 pts)

CS268 Exam Solutions. 1) End-to-End (20 pts) CS268 Exam Solutions General comments: ) If you would like a re-grade, submit in email a complete explanation of why your solution should be re-graded. Quote parts of your solution if necessary. In person

More information

Using the Domain Name System for System Break-ins

Using the Domain Name System for System Break-ins Using the Domain Name System for System Break-ins Steven M. Bellovin Presented by: Thomas Repantis trep@cs.ucr.edu CS255-Computer Security, Winter 2004 p.1/37 Overview Using DNS to spoof a host s name

More information

6 Mobility Management

6 Mobility Management Politecnico di Milano Facoltà di Ingegneria dell Informazione 6 Mobility Management Reti Mobili Distribuite Prof. Antonio Capone Introduction Mobility management allows a terminal to change its point of

More information

MAC Based Routing Table Approach to Detect and Prevent DDoS Attacks and Flash Crowds in VoIP Networks

MAC Based Routing Table Approach to Detect and Prevent DDoS Attacks and Flash Crowds in VoIP Networks BULGARIAN ACADEMY OF SCIENCES CYBERNETICS AND INFORMATION TECHNOLOGIES Volume 11, No 4 Sofia 2011 MAC Based Routing Table Approach to Detect and Prevent DDoS Attacks and Flash Crowds in VoIP Networks N.

More information

SURVEY ON MOBILITY MANAGEMENT PROTOCOLS FOR IPv6

SURVEY ON MOBILITY MANAGEMENT PROTOCOLS FOR IPv6 SURVEY ON MOBILITY MANAGEMENT PROTOCOLS FOR IPv6 BASED NETWORK 1 Nitul Dutta, 2 Iti Saha Misra, 3 Kushal Pokhrel and 4 Md. Abu Safi 1 Department of Computer Science & Engineering, Sikkim Manipal Institute

More information

Reliable Multicast Protocol with Packet Forwarding in Wireless Internet

Reliable Multicast Protocol with Packet Forwarding in Wireless Internet Reliable Multicast Protocol with Packet Forwarding in Wireless Internet Taku NOGUCHI, Toru YOSHIKAWA and Miki YAMAMOTO College of Information Science and Engineering, Ritsumeikan University 1-1-1, Nojihigashi,

More information

Application DDoS Mitigation

Application DDoS Mitigation Application DDoS Mitigation Revision A 2014, Palo Alto Networks, Inc. www.paloaltonetworks.com Contents Overview... 3 Volumetric vs. Application Denial of Service Attacks... 3 Volumetric DoS Mitigation...

More information

Mobility on IPv6 Networks

Mobility on IPv6 Networks Mobility on IPv6 Networks Pedro M. Ruiz Project Manager Agora Systems S.A. Global IPv6 Summit Madrid 13-15 March 2002 Pedro M. Ruiz (c) Agora Systems S.A, 2002 1 Outline Motivation MIPv6 architecture MIPv6

More information

VoIP Security Threats and Vulnerabilities

VoIP Security Threats and Vulnerabilities Abstract VoIP Security Threats and Vulnerabilities S.M.A.Rizvi and P.S.Dowland Network Research Group, University of Plymouth, Plymouth, UK e-mail: info@network-research-group.org This paper presents the

More information

An enhanced TCP mechanism Fast-TCP in IP networks with wireless links

An enhanced TCP mechanism Fast-TCP in IP networks with wireless links Wireless Networks 6 (2000) 375 379 375 An enhanced TCP mechanism Fast-TCP in IP networks with wireless links Jian Ma a, Jussi Ruutu b and Jing Wu c a Nokia China R&D Center, No. 10, He Ping Li Dong Jie,

More information

A Seamless Handover Mechanism for IEEE 802.16e Broadband Wireless Access

A Seamless Handover Mechanism for IEEE 802.16e Broadband Wireless Access A Seamless Handover Mechanism for IEEE 802.16e Broadband Wireless Access Kyung-ah Kim 1, Chong-Kwon Kim 2, and Tongsok Kim 1 1 Marketing & Technology Lab., KT, Seoul, Republic of Korea, {kka1,tongsok}@kt.co.kr

More information

CS5008: Internet Computing

CS5008: Internet Computing CS5008: Internet Computing Lecture 22: Internet Security A. O Riordan, 2009, latest revision 2015 Internet Security When a computer connects to the Internet and begins communicating with others, it is

More information

Proxy Mobile IPv6-Based Handovers for VoIP Services in Wireless Heterogeneous Networks

Proxy Mobile IPv6-Based Handovers for VoIP Services in Wireless Heterogeneous Networks IACSIT International Journal of Engineering and Technology, Vol. 4, No. 5, October 12 Proxy Mobile IPv6-Based Handovers for VoIP Services in Wireless Heterogeneous Networks N. P. Singh and Brahmjit Singh

More information

Link Layer and Network Layer Security for Wireless Networks

Link Layer and Network Layer Security for Wireless Networks Link Layer and Network Layer Security for Wireless Networks Interlink Networks, Inc. May 15, 2003 1 LINK LAYER AND NETWORK LAYER SECURITY FOR WIRELESS NETWORKS... 3 Abstract... 3 1. INTRODUCTION... 3 2.

More information

Performance Evaluation for Mobility Management Protocols in Cellular IP and Hawaii Mobile Networks

Performance Evaluation for Mobility Management Protocols in Cellular IP and Hawaii Mobile Networks Performance Evaluation for Mobility Management Protocols in Cellular IP and Hawaii Mobile Networks M.Mansour, A.Ghneimat,J. E. Mellor Department of Computing University of Bradford Bradford BD7 1DP, UK.

More information

ENHANCEMENTS FOR SIMULTANEOUS ACCESS IN NETWORK-BASED LOCALIZED MOBILITY MANAGEMENT

ENHANCEMENTS FOR SIMULTANEOUS ACCESS IN NETWORK-BASED LOCALIZED MOBILITY MANAGEMENT ENHANCEMENTS FOR SIMULTANEOUS ACCESS IN NETWORK-BASED LOCALIZED MOBILITY MANAGEMENT Huu-Nghia Nguyen Mobile Communications Department Eurecom Institute Sophia Antipolis, France Christian Bonnet Mobile

More information

IPv6 Moving Network Testbed with Micro-Mobility Support

IPv6 Moving Network Testbed with Micro-Mobility Support IPv6 Moving Network Testbed with Micro-Mobility Support Miklós Aurél Rónai 1, Kristóf Fodor 1, Ralf Tönjes 2 Ericsson Research, 1 Traffic Lab (Hungary), 2 Eurolab (Germany) {Miklos.Ronai, Kristof.Fodor,

More information

A Novel Pathway for Portability of Networks and Handing-on between Networks

A Novel Pathway for Portability of Networks and Handing-on between Networks A Novel Pathway for Portability of Networks and Handing-on between Networks D. S. Dayana #1, S. R. Surya #2 Department of Computer Applications, SRM University, Chennai, India 1 dayanads@rediffmail.com

More information

Securing IP Networks with Implementation of IPv6

Securing IP Networks with Implementation of IPv6 Securing IP Networks with Implementation of IPv6 R.M.Agarwal DDG(SA), TEC Security Threats in IP Networks Packet sniffing IP Spoofing Connection Hijacking Denial of Service (DoS) Attacks Man in the Middle

More information

Mobility Management 嚴 力 行 高 雄 大 學 資 工 系

Mobility Management 嚴 力 行 高 雄 大 學 資 工 系 Mobility Management 嚴 力 行 高 雄 大 學 資 工 系 Mobility Management in Cellular Systems Cellular System HLR PSTN MSC MSC VLR BSC BSC BSC cell BTS BTS BTS BTS MT BTS BTS BTS BTS HLR and VLR HLR (Home Location Register)

More information

IPv6 SECURITY. May 2011. The Government of the Hong Kong Special Administrative Region

IPv6 SECURITY. May 2011. The Government of the Hong Kong Special Administrative Region IPv6 SECURITY May 2011 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in part without the express

More information

SERVICE DISCOVERY AND MOBILITY MANAGEMENT

SERVICE DISCOVERY AND MOBILITY MANAGEMENT Objectives: 1) Understanding some popular service discovery protocols 2) Understanding mobility management in WLAN and cellular networks Readings: 1. Fundamentals of Mobile and Pervasive Computing (chapt7)

More information
2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback | Do Not Sell My Personal Information