Mobile ad hoc networks (MANETs), which connect individual users to each other, remain a topic of research development in wireless network systems. The data in these systems are transmitted by way of multiple-hops, when the source node is distant from the destination node. These MANETs have been used mainly in military applications such on the battlefield to exchange information about the combat environment between army units. This type of system is faced with not only the usual security problems, but must also work under certain limitations, such as low power and restricted computing ability. In this paper, we discuss a fundamental procedure of constructing the common key in mathematically geometric property and some feasible crime-investigation-aid applications for an MANET, also addressing relevant security problems. In a well-constructed MANET of security-proof for the applications against cyber-crime, malicious attacks and invasions can be avoided, allowing normal functioning of the system.

Shiuh Jeng Wang;式刚 陈;Jia Hung Huang

2006

Bloom filters have been extensively applied in many network functions. Their performance is judged by three criteria: query overhead, space requirement, and false positive ratio. Due to wide applicability, any improvement to the performance of Bloom filters can potentially have a broad impact in many areas of networking research. In this paper, we study Bloom-1, a data structure that performs membership check in one memory access, which compares favorably with the k memory accesses of a standard Bloom filter. We also generalize Bloom-1 to Bloom-g and Bloom-Q, allowing performance tradeoff between membership query overhead and false positive ratio. We thoroughly examine the variants in this family of filters, and show that they can be configured to outperform the Bloom filters with a smaller number of memory accesses, a smaller or equal number of hash bits, and a smaller or comparable false positive ratio in practical scenarios. We also perform experiments based on a real traffic trace to support our filter design.

Yan Qiao;Tao Li;式刚 陈

IEEE Transactions on Parallel and Distributed Systems

2014-1-1

A wireless mesh network (WMN) provides a flexible and low-cost solution for end users to connect to the Internet through its multi-hop infrastructure. For such a network to proliferate, a fundamental problem that must be solved is to ensure the fair allocation of network bandwidth to all participating parties. This paper proposes a cross-layer design for achieving end-to-end maxmin fairness in WMNs. At the network layer, it allocates maxmin shares of network capacity to end-to-end flows. At the MAC layer, it realizes the maxmin bandwidth allocation through a two-level packet scheduling algorithm. The proposed design is able to equalize the end-to-end bandwidth allocation to competing flows that share common bottlenecks, while fully utilizing the network capacity. Comparing with previous works, our solution has two advantages. It is based on the popular IEEE 802.11 DCF. It achieves far better fairness (or weighted fairness) among end-to-end flows.

Liang Zhang;式刚 陈;Ying Jian;Ming Zhang

2008

Many important functions in software defined networks can benefit from fine-grained traffic measurement at flow level. Because TCAM-based flow entries only provide aggregate traffic statistics, prior research has suggested to perform flow-level measurement in SRAM and balance the measurement load across the network through collaborative traffic measurement. The key problem of collaborative measurement is to provide a mechanism to distribute flows to switches such that each switch can identify its subset of flows to measure. We observe that the prior work has focused on optimizing flow distribution among switches, but overlooked their high space and per-packet processing overhead introduced to the data plane, which becomes a serious issue in large SDN systems. In this paper, we propose a new lightweight solution to the flow distribution problem. It follows the design principle of alleviating complexity of the data plane by minimizing the data-plane space and processing overhead. At the control plane, we formulate flow distribution as optimization problems under two scenarios that implement collaborative measurement by edge switches only and by edge/core switches together, respectively. Our extensive simulations demonstrate that, comparing with the best existing work, the proposed lightweight solution achieves a comparable performance in terms of load balancing, while drastically reducing both space overhead and per-packet processing overhead, making it more practical in real-world systems that are sensitive to the additional overhead introduced by flow distribution.

Hongli Xu;式刚 陈;Qianpiao Ma;刘生 黄

2019-4

Software Defined Networking (SDN) separates the control plane from the data plane to ease network management and provide flexibility in packet routing. The control plane interacts with the data plane through the forwarding tables, usually including a flow table and a group table, at each switch. Due to high cost and power consumption of Ternary Content Addressable Memory (TCAM), commodity switches can only support flow/group tables of limited size, which presents serious challenge for SDN to scale to large networks. One promising approach to address the scalability problem is to deploy aggregate default paths specified by wildcard forwarding rules. However, the multi-dimensional interaction among numerous system parameters and performance/scalability considerations makes the problem of setting up the flow/group tables at all switches for optimal overall layout of default paths very challenging. This paper studies the joint optimization of flow/group tables in the complex setting of large-scale SDNs. We formulate this problem as an integer linear program, and prove its NP-Hardness. An efficient algorithm with bounded approximation factors is proposed to solve the problem. The properties of our algorithm are formally analyzed. We implement the proposed algorithm on an SDN testbed for experimental studies and use simulations for large-scale investigation. The experimental results and simulation results demonstrate high efficiency of our proposed algorithm.

Gongming Zhao;Hongli Xu;式刚 陈;刘生 黄;Pengzhan Wang

2017-11-21

Radio frequency identification (RFID) technologies are making their way into retail products, library books, debit cards, passports, driver licenses, car plates, medical devices, etc. The widespread use of tags in traditional ways of deployment raises a privacy concern: They make their carriers trackable. To protect the privacy of the tag carriers, we need to invent new mechanisms that keep the usefulness of tags while doing so anonymously. Many tag applications such as toll payment require authentication. This paper studies the problem of anonymous authentication. Since low-cost tags have extremely limited hardware resource, we propose an asymmetric design principle that pushes most complexity to more powerful RFID readers. Thus, we develop a lightweight technique that generates dynamic tokens for anonymous authentication. Instead of implementing complicated and hardware-intensive cryptographic hash functions, our authentication protocol only requires tags to perform several simple and hardware-efficient operations such as bitwise XOR, one-bit left circular shift, and bit flip. The theoretic analysis and randomness tests demonstrate that our protocol can ensure the privacy of the tags. Moreover, our protocol reduces the communication overhead and online computation overhead to O(1) per authentication for both tags and readers, which compares favorably with the prior art.

Min Chen;式刚 陈

2016-3-18

Sleep monitoring plays an important role in many medical applications, including SIDS prevention, care of patients with pressure ulcers, and assistance to patients with sleep apnea, where studies have shown that autonomous and continuous monitoring of sleep postures provides useful information for lowering health risk. Existing systems are designed based on electrocardiogram, cameras and pressure sensors, which are expensive to deploy, intrusive to privacy, or uncomfortable to use. This paper presents TagSheet, the first sleep monitoring system based on passive RFID tags, which provides a convenient, non-intrusive, and comfortable way of monitoring the sleeping postures. It does not require attaching any tag directly to a patient's body. Tags are taped under a bed sheet. With a combination of hierarchical recognition, image processing and polynomial fitting, the proposed system identifies body postures based on the observed variation caused by the patient body to the backscattered signals from tags. The system does not require any personalized data training, making it plug-n-play in use. One additional advantage is that the system can also estimate the patient's respiration rate. This is particularly helpful in assisting patients with sleep apnea. We have implemented a prototype system, and experiments show that the system performs posture identification with an accuracy up to 96.7% and in the meantime it measures the respiration rate with a small error of about 0.7 bpm (breath per minute).

Jia Liu;Xingyu Chen;式刚 陈;Xiulong Liu;Yanyan Wang;Lijun Chen

2019-4

With the development of GPS-enabled devices, wireless communication and storage technologies, trajectories representing the mobility of moving objects are accumulated at an unprecedented pace. They contain a large amount of temporal and spatial semantic information. A great deal of valuable information can be obtained by mining and analyzing the trajectory dataset. Trajectory clustering is one of the simplest and most powerful methods to obtain knowledge from trajectory data, which is based on the similarity measure between trajectories. The existing similarity measurement methods cannot fully utilize the specific features of trajectory itself when measuring the distance between trajectories. In this paper, an enhanced trajectory model is proposed and a new trajectory clustering algorithm is presented based on multi-feature trajectory similarity measure, which can maximize the similarity of trajectories in the same cluster, and can be used to better serve for applications including traffic monitoring and road congestion prediction. Both the intuitive visualization presentation and the experimental results on synthetic and real trajectory datasets show that, compared to existing methods, the proposed approach improves the accuracy and efficiency of trajectory clustering.

Qingying Yu;永龙 罗;Chuanming Chen;式刚 陈

Applied Intelligence

2019-6-15

Cardinality estimation over big network data consisting of numerous flows is a fundamental problem with many practical applications. Traditionally the research on this problem focused on using a small amount of memory to estimate each flow's cardinality from a large range (up to 109). However, although the memory needed for each flow has been greatly compressed, when there is an extremely large number of flows, the overall memory demand can still be very high, exceeding the availability under some important scenarios, such as implementing online measurement modules in network processors using only on-chip cache memory. In this paper, instead of allocating a separated data structure (called estimator) for each flow, we take a different path by viewing all the flows together as a whole: Each flow is allocated with a virtual estimator, and these virtual estimators share a common memory space. We discover that sharing at the register (multi-bit) level is superior than sharing at the bit level. We propose a framework of virtual estimators that allows us to apply the idea of sharing to an array of cardinality estimation solutions, achieving far better memory efficiency than the best existing work. Our experiment shows that the new solution can work in a tight memory space of less than 1 bit per flow or even one tenth of a bit per flow-a quest that has never been realized before.

Qingjun Xiao;式刚 陈;Min Chen;Yibei Ling

Performance Evaluation Review

2015-6-24

The goal of quality-of-service (QoS) routing is to find a network path which has sufficient resources to satisfy certain constraints on delay, bandwidth and/or other metrics. The network state information maintained at every node is often imprecise in a dynamic environment because of nonnegligible propagation delay of state messages, periodic updates due to overhead concern, and hierarchical state aggregation. The information imprecision makes QoS routing difficult. The traditional shortest-path routing algorithm does not provide satisfactory performance with imprecise state information. We propose a distributed routing scheme, called ticket-based probing, which searches multiple paths in parallel for a satisfactory one. The scheme is designed to work with imprecise state information. It allows the dynamic trade-off between the routing performance and the overhead. The state information of intermediate nodes is collectively used to guide the routing messages along the most appropriate paths in order to maximize the success probability. The proposed algorithm consider not only the QoS requirements but also the cost optimality of the routing path. Extensive simulations show that our algorithm achieve high call-admission ratio and low-cost routing paths with modest overhead. The algorithm can tolerate high degree of information imprecision.

式刚 陈;Klara Nahrstedt

1998