Wireless networked control systems (WNCSs) are control systems whose components are connected through wireless networks. In WNCSs, a controlled object (CO) could become unstable due to bursty packet losses in addition to random packet losses and round-trip delays on wireless networks. In this paper, to reduce these network-induced effects, we propose a new design for multihop TDMA-based WNCSs with two-disjoint-path switching, where two disjoint paths are established between a controller and a CO, and they are switched if bursty packet losses are detected. In this system, we face the following two difficulties: (i) link scheduling in TDMA should be done in such a way that two paths can be switched without rescheduling, taking into account of the constraint of control systems. (ii) the conventional cross-layer design method of control systems is not directly applicable because round-trip delays may vary according to the path being used. Therefore, to overcome the difficulties raised by the two-path approach, we reformulate link scheduling in multihop TDMA and cross-layer design for control systems. Simulation results confirm that the proposed WNCS achieves better performance in terms of the 2-norm of CO's states.

Epidemic Routing is a data delivery scheme based on the store-carry-forward routing paradigm for sparsely populated mobile ad hoc networks. In Epidemic Routing, each node copies packets in its buffer into any other node that comes within its communication range. Although Epidemic Routing has short delay performance, it causes excessive buffer space utilization at nodes because many packet copies are disseminated over the network. In this paper, aiming at efficient buffer usage, we propose an XOR-based delivery scheme for Epidemic Routing, where nodes encode packets by XORing them when their buffers are full. Note that existing delivery schemes with coding are active coding, where source nodes always encode packets before transmitting them. On the other hand, the proposed scheme is passive coding, where source nodes encode packets only when buffer overflow would occur. Therefore, the behavior of the proposed scheme depends on the buffer utilization. More specifically, if sufficient buffer space is available, the proposed scheme delivers packets by the same operation as Epidemic Routing. Otherwise, it avoids buffer overflow by encoding packets. Simulation experiments show that the proposed scheme improves the packet delivery ratio.

In wireless environment, TCP suffers from significant performance degradation due to bit errors on wireless link and handovers because it responds to all packet losses by invoking congestion control even though packet losses are not related to congestion. Several schemes have been proposed to improve the performance degradation due to each cause. They have been evaluated in a specific network environment where either bit errors or handover occurs, i.e. they do not occur at the same time. In this paper, we reveal the packet recovery mismatch problem in an environment where both of bit errors and handover can cause the performance degradation. We pick up one scenario that TCP traffic is transmitted in the situation that ARQ (Automatic Repeat reQuest) and packet forwarding are implemented together. They are proposed to reduce the influence of bit errors and handover respectively and are natural approaches from the viewpoint of protocol layering. Computer simulation shows that in that scenario both techniques cannot perform efficiently due to interaction of each other. We also propose two buffer control approaches to resolve the packet recovery mismatch problem in our scenario according to applicability of cross-layer operation between layer 2 and layer 3.

This paper proposes a contention-free burst scheduling scheme for optically burst-switched WDM networks. We construct contention-free wavelength planes (λ-planes) by assigning dedicated wavelengths to each ingress node. Bursts are transmitted to their egress nodes on λ-planes, along routes forming a spanning tree. As a result, contention at intermediate core nodes is completely eliminated, and contention at ingress nodes is resolved by means of electric buffers. This paper develops a spanning tree construction algorithm, aiming at balancing input loads among output ports at each ingress node. Furthermore, a wavelength assignment algorithm is proposed, which is based on the amount of traffic lost at ingress nodes. We show that the proposed scheme can decrease the burst loss probability drastically, even if traffic intensities at ingress nodes are different.

We consider a location-aware store-carry-forward routing scheme based on node density estimation (LA Routing in short), which adopts different message forwarding strategies depending on node density at contact locations where two nodes encounter. To do so, each node estimates a node density distribution based on information about contact locations. In this paper, we clarify how the estimation accuracy affects the performance of LA Routing. We also examine the performance of LA Routing when it applies to networks with homogeneous node density. Through simulation experiments, we show that LA Routing is fairly robust against the accuracy of node density estimation and its performance is comparable with Probabilistic Routing even in the case that that node density is homogeneous.

Aggregate signature schemes enable us to aggregate multiple signatures into a single short signature. One of its typical applications is sensor networks, where a large number of users and devices measure their environments, create signatures to ensure the integrity of the measurements, and transmit their signed data. However, if an invalid signature is mixed into aggregation, the aggregate signature becomes invalid, thus if an aggregate signature is invalid, it is necessary to identify the invalid signature. Furthermore, we need to deal with a situation where an invalid sensor generates invalid signatures probabilistically. In this paper, we introduce a model of aggregate signature schemes with interactive tracing functionality that captures such a situation, and define its functional and security requirements and propose aggregate signature schemes that can identify all rogue sensors. More concretely, based on the idea of Dynamic Traitor Tracing, we can trace rogue sensors dynamically and incrementally, and eventually identify all rogue sensors of generating invalid signatures even if the rogue sensors adaptively collude. In addition, the efficiency of our proposed method is also sufficiently practical.

Key encapsulation mechanism (KEM) combiners, recently formalized by Giacon, Heuer, and Poettering (PKC'18), enable hedging against insecure KEMs or weak parameter choices by combining ingredient KEMs into a single KEM that remains secure assuming just one of the underlying ingredient KEMs is secure. This seems particularly relevant when considering quantum-resistant KEMs which are often based on arguably less well-understood hardness assumptions and parameter choices. We propose a new simple KEM combiner based on a one-time secure message authentication code (MAC) and two-time correlated input secure hash. Instantiating the correlated input secure hash with a t-wise independent hash for an appropriate value of t, yields a KEM combiner based on a strictly weaker additional primitive than the standard model construction of Giaon et al. and furthermore removes the need to do n full passes over the encapsulation, where n is the number of ingredient KEMs, which Giacon et al. highlight as a disadvantage of their scheme. However, unlike Giacon et al., our construction requires the public key of the combined KEM to include a hash key, and furthermore requires a MAC tag to be added to the encapsulation of the combined KEM.

In this paper, we study robust Principal Component Analysis (PCA)-based anomaly detection techniques in network traffic, which can detect traffic anomalies by projecting measured traffic data onto a normal subspace and an anomalous subspace. In a PCA-based anomaly detection, outliers, anomalies with excessively large traffic volume, may contaminate the subspaces and degrade the performance of the detector. To solve this problem, robust PCA methods have been studied. In a robust PCA-based anomaly detection scheme, outliers can be removed from the measured traffic data before constructing the subspaces. Although the robust PCA methods are promising, they incure high computational cost to obtain the optimal location vector and scatter matrix for the subspace. We propose a novel anomaly detection scheme by extending the minimum covariance determinant (MCD) estimator, a robust PCA method. The proposed scheme utilizes the daily periodicity in traffic volume and attempts to detect anomalies for every period of measured traffic. In each period, before constructing the subspace, outliers are removed from the measured traffic data by using a location vector and a scatter matrix obtained in the preceding period. We validate the proposed scheme by applying it to measured traffic data in the Abiline network. Numerical results show that the proposed scheme provides robust anomaly detection with less computational cost.

Network tomography is a technique for estimating internal network characteristics from end-to-end measurements. In this paper, we focus on loss tomography, which is a network tomography problem for estimating link loss rates. We study a loss tomography problem to detect links with high link loss rates in network environments with dynamically changing link loss rates, and propose a window-based sequential loss tomography scheme. The loss tomography problem is formulated as an underdetermined linear inverse problem, where there are infinitely many candidates of the solution. In the proposed scheme, we use compressed sensing, which can solve the problem with a prior information that the solution is a sparse vector. Measurement nodes transmit probe packets on measurement paths established between them, and calculate packet loss rates of measurement paths (path loss rates) from probe packets received within a window. Measurement paths are classified into normal quality and low quality states according to the path loss rates. When a measurement node finds measurement paths in the low quality states, link loss rates are estimated by compressed sensing. Using simulation scenarios with a few link states changing dynamically from low to high link loss rates, we evaluate the performance of the proposed scheme.

This survey summarizes the state-of-the-art research on network coding, mainly focusing on its applications to computer networking. Network coding generalizes traditional store-and-forward routing techniques by allowing intermediate nodes in networks to encode several received packets into a single coded packet before forwarding. Network coding was proposed in 2000, and since then, it has been studied extensively in the field of computer networking. In this survey, we first summarize linear network coding and provide a taxonomy of network coding research, i.e., the network coding design problem and network coding applications. Moreover, the latter is subdivided into throughput/capacity enhancement, robustness enhancement, network tomography, and security. We then discuss the fundamental characteristics of network coding and diverse applications of network coding in details, following the above taxonomy.

Non-Interactive Key Exchange (NIKE) is a cryptographic primitive that allows two users to compute a shared key without any interaction. The Diffie-Hellman key exchange scheme is probably the most well-known example of a NIKE scheme. Freire et al. (PKC 2013) defined four security notions for NIKE schemes, and showed implications among them. In these notions, we consider an adversary that is challenged to distinguish a shared key of a new pair of users from a random value, using only its knowledge of keys shared between other pairs of users. To take into account side-channel attacks such as tampering and fault-injection attacks, Bellare and Kohno (Eurocrypt 2003) formalized related-key attacks (RKA), where stronger adversaries are considered. In this paper, we introduce four RKA security notions for NIKE schemes. In these notions, we consider an adversary that can also manipulate the secret keys of users and obtain shared keys computed under the modified secret keys. We also show implications and separations among the security notions, and prove that one of the NIKE schemes proposed by Freire et al. is secure in the strongest RKA sense in the random oracle model under the Double Strong Diffie-Hellman (DSDH) assumption over the group of signed quadratic residues, which is implied by the factoring assumption.

In remote control, efficient compression or representation of control signals is essential to send them through rate-limited channels. For this purpose, we propose an approach of sparse control signal representation using the compressive sampling technique. The problem of obtaining sparse representation is formulated by cardinality-constrained 2 optimization of the control performance, which is reducible to 1-2 optimization. The low rate random sampling employed in the proposed method based on the compressive sampling, in addition to the fact that the 1-2 optimization can be effectively solved by a fast iteration method, enables us to generate the sparse control signal with reduced computational complexity, which is preferable in remote control systems where computation delays seriously degrade the performance. We give a theoretical result for control performance analysis based on the notion of restricted isometry property (RIP). An example is shown to illustrate the effectiveness of the proposed approach via numerical experiments.

In this paper, we consider network monitoring techniques to estimate communication qualities in wide-area mobile networks, where an enormous number of heterogeneous components such as base stations, routers, and servers are deployed. We assume that average delays of neighboring base stations are comparable, most of servers have small delays, and delays at core routers are negligible. Under these assumptions, we propose Heterogeneous Delay Tomography (HDT) to estimate the average delay at each network component from end-to-end round trip times (RTTs) between mobile terminals and servers. HDT employs a crowdsourcing approach to collecting RTTs, where voluntary mobile users report their empirical RTTs to a data collection center. From the collected RTTs, HDT estimates average delays at base stations in the Graph Fourier Transform (GFT) domain and average delays at servers, by means of Compressed Sensing (CS). In the crowdsourcing approach, the performance of HDT may be degraded when the voluntary mobile users are unevenly distributed. To resolve this problem, we further extend HDT by considering the number of voluntary mobile users. With simulation experiments, we evaluate the performance of HDT.

The concept of threshold public key encryption (TPKE) with the special property called key re-splittability (re-splittable TPKE, for short) was introduced by Hanaoka et al. (CT-RSA 2012), and used as one of the building blocks for constructing their proxy re-encryption scheme. In a re-splittable TPKE scheme, a secret key can be split into a set of secret key shares not only once, but also multiple times, and the security of the TPKE scheme is guaranteed as long as the number of corrupted secret key shares under the same splitting is smaller than the threshold. In this paper, we show several new constructions of a re-splittable TPKE scheme by extending the previous (ordinary) TPKE schemes. All of our proposed schemes are based on discrete logarithm (DL)-type assumptions. Therefore, our results suggest that key re-splittability is a very natural property for DL-type TPKE schemes.

A fault-tolerant aggregate signature (FT-AS) scheme is a variant of an aggregate signature scheme with the additional functionality to trace signers that create invalid signatures in case an aggregate signature is invalid. Several FT-AS schemes have been proposed so far, and some of them trace such rogue signers in multi-rounds, i.e., the setting where the signers repeatedly send their individual signatures. However, it has been overlooked that there exists a potential attack on the efficiency of bandwidth consumption in a multi-round FT-AS scheme. Since one of the merits of aggregate signature schemes is the efficiency of bandwidth consumption, such an attack might be critical for multi-round FT-AS schemes. In this paper, we propose a new multi-round FT-AS scheme that is tolerant of such an attack. We implement our scheme and experimentally show that it is more efficient than the existing multi-round FT-AS scheme if rogue signers randomly create invalid signatures with low probability, which for example captures spontaneous failures of devices in IoT systems.

To localize an unknown wave source in non-line-of-sight environments, a wave source localization scheme using multiple unmanned-aerial-vehicles (UAVs) is proposed. In this scheme, each UAV estimates the direction-of-arrivals (DoAs) of received signals and the wave source is localized from the estimated DoAs by means of maximum likelihood estimation. In this study, by extending the concept of this scheme, we propose a novel wave source localization scheme using a single UAV. In the proposed scheme, the UAV moves on the path comprising multiple measurement points and the wave source is sequentially localized from DoA distributions estimated at these measurement points. At each measurement point, with a moving path planning algorithm, the UAV determines the next measurement point from the estimated DoA distributions and measurement points that the UAV has already visited. We consider two moving path planning algorithms, and validate the proposed scheme through simulation experiments.

In the IEEE 802.11 MAC protocol, access points (APs) are given the same priority as wireless terminals in terms of acquiring the wireless link, even though they aggregate several downlink flows. This feature leads to a serious throughput degradation of downlink flows, compared with uplink flows. In this paper, we propose a dynamic contention window control scheme for the IEEE 802.11e EDCA-based wireless LANs, in order to achieve fairness between uplink and downlink TCP flows while guaranteeing QoS requirements for real-time traffic. The proposed scheme first determines the minimum contention window size in the best-effort access category at APs, based on the number of TCP flows. It then determines the minimum and maximum contention window sizes in higher priority access categories, such as voice and video, so as to guarantee QoS requirements for these real-time traffic. Note that the proposed scheme does not require any modification to the MAC protocol at wireless terminals. Through simulation experiments, we show the effectiveness of the proposed scheme.

In IEEE 802.11 wireless local area networks (WLANs), contention window (CW) in carrier sense multiple access with collision avoidance (CSMA/CA) is one of the most important techniques determining throughput performance. In this paper, we propose a novel CW control scheme to achieve high transmission efficiency in dense user environments. Whereas the standard CSMA/CA mechanism. Employs an adaptive CW control scheme that responds to the number of retransmissions, the proposed scheme uses the optimum CW size, which is shown to be a function of the number of terminal stations. In the proposed scheme, the number of terminal stations are estimated from the probability of packet collision measured at an access point (AP). The optimum CW size is then derived from a theoretical analysis based on a Markov chain model. We evaluate the performance of the proposed scheme with simulation experiments and show that it significantly improves the throughput performance.

Fault-tolerant aggregate signature (FT-AS) is a special type of aggregate signature that is equipped with the functionality for tracing signers who generated invalid signatures in the case an aggregate signature is detected as invalid. In existing FT-AS schemes (whose tracing functionality requires multi-rounds), a verifier needs to send a feedback to an aggregator for efficiently tracing the invalid signer(s). However, in practice, if this feedback is not responded to the aggregator in a sufficiently fast and timely manner, the tracing process will fail. Therefore, it is important to estimate whether this feedback can be responded and received in time on a real system. In this work, we measure the total processing time required for the feedback by implementing an existing FT-AS scheme, and evaluate whether the scheme works without problems in real systems. Our experimental results show that the time required for the feedback is 605.3 ms for a typical parameter setting, which indicates that if the acceptable feedback time is significantly larger than a few hundred ms, the existing FT-AS scheme would effectively work in such systems. However, there are situations where such feedback time is not acceptable, in which case the existing FT-AS scheme cannot be used. Therefore, we further propose a novel FT-AS scheme that does not require any feedback. We also implement our new scheme and show that a feedback in this scheme is completely eliminated but the size of its aggregate signature (affecting the communication cost from the aggregator to the verifier) is 144.9 times larger than that of the existing FT-AS scheme (with feedbacks) for a typical parameter setting, and thus has a trade-off between the feedback waiting time and the communication cost from the verifier to the aggregator with the existing FT-AS scheme.

TCP/IP is a key technology in the next generation mobile communication networks. A significant amount of wireless traffic will be carried in the Internet, and wireless connections will have to share network resources with wired connections. However, in a wireless network environment, TCP suffers significant throughput degradation due to the lossy characteristic of a wireless link. Therefore, to design the next generation mobile networks, it is necessary to know how much the wireless connection suffers from the degradation in comparison to the wired connection. In this paper, we discuss the fairness issue between TCP connections over wireless and wired links, and theoretically analyze the fairness of throughput between TCP over wireless link with ARQ (Automatic Repeat reQuest)-based link layer error recovery and TCP over error-free wired link. We validate our analysis by comparing the numerical results obtained from the analysis with the results obtained from computer simulation. The numerical results show that the fairness is sensitive to network propagation delay and variation rapidity of wireless link characteristic. We also obtain the theoretical lower bound of fairness.