Mobile and Wireless Network Systems

My current research interests are on mobile and wireless network systems, in particular MANET (Mobile Ad-Hoc Network), sensor networks, and pervasive embedded systems. My focus is on protocols, middleware, system/platform implementation, and security mechanisms. I have taken an approach that is largely experimental and system-oriented. My research contributions can be categorized in the following three areas: platform and system, transport and middelware, and security.

Experimentation Platform and System Implementation

MANET is a very complex system that involves significant interactions across layers and with the environment. We are going to face great technical challenges in developing platforms, middleware, and applications for MANET systems. Our vision is to study the operating systems, middleware, and implementation issues, and to build a series of systems to make MANET easy to develop, easy to deploy, and easy to use. My research includes: tools for testing MANET, systems for implementing MANET, and middlewares for facilitating MANET.

• Wireless Network Emulator (MobiEmu): We have developed a useful tool for emulating MANET environment with a fixed network of Linux machines in a Lab setting. It supports virtually any mobility scenario (such as ns2 scenarios) without physically moving the nodes. It is good for MANET research that requires testing a real implementation or application with different mobility patterns.

  This work has led to a more ambitious project at HRL called WiNE -- a high fidelity wireless network emulator which emulates all aspects including radio propagation, terrain model, mobility, and MAC. It uses a specially built hardware cluster to achieve faster-than-real-time simulation and packet delivery garantee.

• System support and API for ad-hoc routing implementation (ASLib): Most operating systems today have insufficient support for ad-hoc routing (e.g., on-demand routing). This has hindered ad-hoc network implementation and deployment. To solve this problem, we have developed a general solution for enhancing the operating systems with new system services to support ad-hoc routing, and with a new programming abstraction (API) to facilitate protocol development.

Transport Protocols and Middleware Support

We are interested in the applicability, operational regions, and performance of a network protocol in the MANET environment.

• XCP: We are currently investigating XCP in the context of MANET environment.
• TCP DOOR: We have studied various mechanisms to detect and to respond to TCP performance-degradation events in MANET, such as temporary link failure and frequent route changes. We have developed a new way to improve performance by detecting and responding to out-of-order packet delivery events, which are the results of frequent route changes.
• EBN: We have explored an explict bandwidth notification mechanism to deal with sudden and drastic bandwidth changes in MANET or hybrid wireless networks environment.

Security

Mobile Ad-Hoc Network (MANET) is often vulnerable to security attacks due to its features of open medium, dynamic changing topology, cooperative algorithms, lack of centralized monitoring and management point, and often lack of a clear line of defense. All these have changed the landscape of network security. The traditional way of protecting networks with firewalls and encryption software is no longer sufficient and effective. We need to search for new architecture and mechanisms to protect MANET infrastructure and applications.

• Anomaly Detection Model for MANET: Many of the intrusion detection techniques developed on a fixed wired network are not applicable in MANET due to it special network characteristics. In this project we have studied how to do intrusion detection effectively in this new environment, and developed an anomaly detection model that can satisfy this goal.
• Multi-Layer Security Protocols: We point out that some end-to-end network security mechanisms such as IPsec is fundamentally conflicted with certain advanced network services such as QoS and TCP Performance Enhancement Proxies. We have developed a multi-layer IPsec protocol called ML-IPsec to provide both security and extensibility in one unified platform. It grants trusted intermediate routers a secure, controlled, and limited access to selected portions of IP datagrams, while preserving the end-to-end security protection to user data.

  ML-IPsec can be used in wireless networks to solve the conflicts between IPsec and TCP Performance Enhancement Proxies (such as TCP snooping, spoofing, splitting, ACK spacing, etc.).