Traffic engineering is an important mechanism for Internet network providers seeking to optimize network performance and traffic delivery. Routing optimization plays a key role in traffic engineering, finding efficient routes so as to achieve the desired network performance. In this survey we review Internet traffic engineering from the perspective of routing optimization. A taxonomy of routing algorithms in the literature is provided, dating from the advent of the TE concept in the late 1990s. We classify the algorithms into multiple dimensions: unicast/multicast, intra-/interdomain, IP-/MPLS-based and offline/online TE schemes. In addition, we investigate some important traffic engineering issues, including robustness, TE interactions, and interoperability with overlay selfish routing. In addition to a review of existing solutions, we also point out some challenges in TE operation and important issues that are worthy of investigation in future research activities.
Abstract-In the last decade, mobile ad hoc networks (MANETs) have emerged as a major next generation wireless networking technology. However, MANETs are vulnerable to various attacks at all layers, including in particular the network layer, because the design of most MANET routing protocols assumes that there is no malicious intruder node in the network. In this paper, we present a survey of the main types of attack at the network layer, and we then review intrusion detection and protection mechanisms that have been proposed in the literature. We classify these mechanisms as either point detection algorithms that deal with a single type of attack, or as intrusion detection systems (IDSs) that can deal with a range of attacks. A comparison of the proposed protection mechanisms is also included in this paper. Finally, we identify areas where further research could focus.Index Terms-Intrusion detection and prevention, mobile ad hoc networks, network layer attacks, securing ad hoc networks.
Abstract. Mobile Ad Hoc networks (MANETs) are susceptible to having their effective operation compromised by a variety of security attacks. Nodes may misbehave either because they are malicious and deliberately wish to disrupt the network, or because they are selfish and wish to conserve their own limited resources such as power, or for other reasons. In this paper, we present a mechanism that enables the detection of nodes that exhibit packet forwarding misbehavior. We present evaluation results that demonstrate the operation of our algorithm in mobile ad hoc environments and show that it effectively detects nodes that drop a significant fraction of packets.
Abstract-Opportunistic networks are a class of mobile ad hoc networks (MANETs) where contacts between mobile nodes occur unpredictably and where a complete end-to-end path between source and destination rarely exists at one time. Two important functions, traditionally provided by the transport layer, are ensuring the reliability of data transmission between source and destination, and ensuring that the network does not become congested with traffic. However, modified versions of TCP that have been proposed to support these functions in MANETs are ineffective in opportunistic networks. In addition, opportunistic networks require different approaches to those adopted in the more common intermittently connected networks, e.g. deep space networks. In this article we capture the state of the art of proposals for transfer reliability and storage congestion control strategies in opportunistic networks. We discuss potential mechanisms for transfer reliability service, i.e. hop-by-hop custody transfer and end-to-end return receipt. We also identify the requirements for storage congestion control and categorise these issues based on the number of message copies distributed in the networks. For single-copy forwarding, storage congestion management and congestion avoidance mechanism are discussed. For multiple-copy forwarding, the principal storage congestion control mechanisms are replication management and drop policy. Finally, we identify open research issues in the field where future research could usefully be focused.
This article presents an architecture for supporting inter-domain QoS across the multi-provider global Internet. Whilst most research to date has focused on supporting QoS within a single administrative domain, mature solutions are not yet available for the provision of QoS across multiple domains administered by different organizations. The architecture described in this article encompasses the full set of functions required in the management (service and resource), control and data planes for the provision of end-to-end QoS-based IP connectivity services. We use the concept of QoS Classes and show how these can be cascaded using service level specifications (SLSs) agreed between BGP peer domains to construct a defined end-to-end QoS. We illustrate the architecture by describing a typical operational scenario.
Mobile ad-hoc networks (MANETs) are well known to be vulnerable to various attacks, due to features such as lack of centralized control, dynamic topology, limited physical security and energy constrained operations. In this paper we focus on preventing denial-of-service (DoS) attacks. As an example, we consider intruders that can cause DoS by exploiting the route discovery procedure of reactive routing protocols. We show the unsuitability of tools such as control chart, used in statistical process control (SPC), to detect DoS and propose an anomaly-based intrusion detection system that uses a combination of chi-square test & control chart to first detect intrusion and then identify an intruder. When the intruder is isolated from the network we show reduced overhead and increased throughput. Simulation results show that AIDP performs well at an affordable processing overhead over the range of scenarios tested.
Mobile ad hoc networks (MANETs) are well known to be vulnerable to various attacks due to their lack of centralized control, and their dynamic topology and energy-constrained operation. Much research in securing MANETs has focused on proposals which detect and prevent a specific kind of attack such as sleep deprivation, black hole, grey hole, rushing or sybil attacks. In this paper we propose a generalized intrusion detection and prevention mechanism. We use a combination of anomaly-based and knowledge-based intrusion detection to secure MANETs from a wide variety of attacks. This approach also has the capability to detect new unforeseen attacks. Simulation results of a case study shows that our proposed mechanism can successfully detect attacks, including multiple simultaneous different attacks, and identify and isolate the intruders causing a variety of attacks, with an affordable network overhead. We also investigate the impact on the MANET performance of (a) the various attacks and (b) the type of intrusion response, and we demonstrate the need for an adaptive intrusion response.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.