Haitham Cruickshank

Dr Haitham Cruickshank


Reader
PhD, MSc and BSc
+44 (0)1483 686007
02 CII 01

Biography

Biography

Dr. Haitham Cruickshank, Reader at the Institute for Communication Systems (ICS), University of Surrey, Guildford UK.

He is experience researcher and worked several UK, EU and ESA security related projects. He has been the main author on several ETSI specifications on Intelligent Transport Systems (ITS) privacy and broadband satellite network security architectures.

His main research interests are network, user and IoT privacy and security, future network architecture in mobile, satellite and Internet. He also teaches in the security, Internet networking and satellite courses at University of Surrey. He is a member of the IEEE Satellite and Space Communications Committee. Also he is a chartered engineer and corporate member of the IEE in UK.

He also has over 165 publications, including 38 refereed journals and 5 ETSI/IETF standard specifications

Research

Research interests

My publications

Publications

Zhili Sun, Haitham Cruickshank, S Iyengar, Michael Howarth, L Claverotte, R Gomez (2003)IP multicast over satellite
Zhili Sun, Michael Howarth, Haitham Cruickshank, S Iyengar, L Claverotte (2003)Networking issues in IP multicast over satellite, In: INTERNATIONAL JOURNAL OF SATELLITE COMMUNICATIONS AND NETWORKING21(4-5)pp. 489-507

This paper describes the issues that arise when using satellites for IP multicast, with the emphasis on multicast protocols and how their implementation depends on the satellite communications platform. Various link layer standards such as DVB-S, DVB-RCS and ATM can be used in satellites with on-board processing, and applied to meet user and network requirements for IP multicast. The paper provides an overview of the networking issues and their interactions. Specifically, we show how multicast networking protocols have to be modified to take into account the satellite link characteristics: these protocols include IGMP, multicast routing protocols and reliable multicast protocols. We also discuss how security systems support IP multicast.

L Liang, M Bhutta, Haitham Cruickshank, Zhili Sun, C Kulatunga, G Fairhurst (2009)Integration of TESLA and FLUTE over Satellite Networks

Multicast research has explored the security challenges faced in group communications. Multicast transport and multicast security need to work in close collaboration to realise a multicast service. However, there has been comparatively little work to combine the two technologies. In this paper the authors is presenting an example of partially integrating Timed Efficient Stream Loss-Tolerant Authentication (TESLA) protocol and the File Delivery over Unidirectional Transport (FLUTE) protocol. The security concern raised by the proposed algorithm is analysed for satellite network. The proposed algorithm was implemented on a testbed with multicast tunnel between University of Surrey and University of Aberdeen and the results are presented in this paper.

A Lukman, Zhili Sun, HS Cruickshank (2010)End-to-End QoS Evaluation of IP-Diffserv Network over LEO Satellite Constellation, In: Personal Satellite Services43pp. 99-113

In this paper, we present an end-to-end QoS simulation studies on internetworking of remote LAN and long range communications over LEOIridium satellites constellation taking SuperJARING network in Malaysia as an example. A macro level network simulation scenario based on actual network topology in Malaysia is implemented as Diffserv network model using the Network Simulator-2 (NS-2). Web traffic (HTTP) is used as the internet traffic models in the simulation analysis. All simulations are carried out in error-free and link-loss environment. In error-free simulations, the accumulative network traffic loads are varied from 20%, 50% and 80% while in link-loss environment simulations only 20% traffic load is used with bit error rate (BER) varied from 1x10-5, 1x10-4 and 2x10-4. The results show clearly that QoS can be achieved with IP Diffserv over satellites constellation like Iridium.

M Alshamrani, Haitham Cruickshank, Zhili Sun, G Ansa, F Alshahwan (2016)SIP Signaling Implementations and Performance Enhancement over MANET: A Survey, In: International Journal of Advanced Computer Science and Applications7(5)pp. 191-202 The Science and Information (SAI) Organization

The implementation of the Session Initiation Protocol (SIP)-based Voice over Internet Protocol (VoIP) and multimedia over MANET is still a challenging issue. Many routing factors affect the performance of SIP signaling and the voice Quality of Service (QoS). Node mobility in MANET causes dynamic changes to route calculations, topology, hop numbers, and the connectivity status between the correspondent nodes. SIP-based VoIP depends on the caller’s registration, call initiation, and call termination processes. Therefore, the SIP signaling performance has an important role for the overall QoS of SIP-based VoIP applications for both IPv4 and IPv6 MANET. Different methods have been proposed to evaluate and benchmark the performance of the SIP signaling system. However, the efficiency of these methods vary and depend on the identified performance metrics and the implementation platforms. This survey examines the implementation of the SIP signaling system for VoIP applications over MANET and highlights the available performance enhancement methods.

R Mort, M Berioli, HS Cruickshank (2017)Network Management Architectures for Broadband

The approach currently being taken by ETSI (BSM) in defining future open standards for network management architecture for IP-based broadband multimedia satellite systems is described. This work has recently begun and the final objective is to arrive at a consensus for an architecture which meets the requirements of compatibility and interworking with external networks (e.g. within the NGN) and is flexible enough to meet different operators needs.

Remote Instrumentation Services (RIS) are an important component in PPDR applications, where heterogeneous devices can be present, ranging from measurement instrumentation and environmental sensors to telemedicine equipment. The presence of high disruption and absence of communication infrastructure might represent satellite network the only access possibility to remote areas. This paper focuses on examining the security and networking issues in satellite p2p, remote instrumentation services, and the related PPDR applications; also it highlights the security issues which rise due to high disruption, disconnectivity, and deployment of heterogeneous.

L Liang, Haitham Cruickshank, Zhili Sun (2017)ULE security implementation in PLATINE

Satellites are expected to play an essential role in bridging the “digital divide”; satellite networks are likely to be the only way to provide broadband services to regions that cannot be economically reached by terrestrial networks, in particular the more remote regions of Europe and the rest of the world. Security can be a problem for such global services. This paper presents a link layer security solution and how it is implemented for the Unidirectional Lightweight Encapsulation (ULE). A satellite testbed is constructed where the ULE security implementation is validated. The experiments results are presented in this paper.

HS Cruickshank (2010)Satellite Communications: from PEPs to DTNpp. 62-67

Disruption-Tolerant Networking represents an innovative way to cope with satellite communications impairments. In this view, the paper presents an in-depth analysis of implications of a DTN approach to satellite communications, focusing on these fundamental aspects: network architecture, security, and Quality of Service (QoS). For each topic, commonalities and differences between DTN and Performance Enhancing Proxies (PEPs) are highlighted, to show that the DTN architecture can be seen as a promising evolution of PEPs, at present the most widely adopted architecture. The analysis shows that DTN can effectively improve PEPs functionalities in the presence of intermittent and disruptive channels and/or a high level of network heterogeneity. In particular, DTN offers the possibility to operate with intermittent channels, a better resilience to channel disruptions, the possibility to implement both end-to-end and hop-by-hop security, and a greater flexibility in the use of advanced QoS techniques

S Mirzadeh, H Cruickshank, R Tafazolli (2008)An efficient key management solution for personal network federations, In: Proceedings - The 2nd International Conference on Mobile Ubiquitous Computing, Systems, Services and Technologies, UBICOMM 2008pp. 401-406
S Mirzadeh, H Cruickshank, R Tafazolli (2014)Secure Device Pairing: A Survey, In: IEEE COMMUNICATIONS SURVEYS AND TUTORIALS16(1)pp. 17-40 IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC
Haitham Cruickshank, H Pan, Zhili Sun, Barry Evans, JP Bodin (1998)THESEUS terminal-access to broadband networks for European stock exchanges, In: ELECTRONICS & COMMUNICATION ENGINEERING JOURNAL10(6)pp. 289-296 IEE-INST ELEC ENG
E Johnson, G Ansa, Haitham Cruickshank, Zhili Sun (2010)Access Control Framework for Delay/Disruption Tolerant Networks., In: PSATS43pp. 249-264
M Alfares, Zhili Sun, Haitham Cruickshank (2010)Intelligent Automation and Computer Engineering, In: Intelligent Automation and Computer Engineering(16)pp. 205-216 Springer Verlag

Intelligent Automation and Computer Engineering offers the state of the art oftremendous advances in intelligent automation and computer engineering and also ...

Zhili Sun, D He, Haitham Cruickshank, L Liang, A Sanchez, C Miguel, V Schena, C Tocci, B Carro (2004)Scalable architecture and evaluation for multiparty conferencing over satellite links, In: IEEE JOURNAL ON SELECTED AREAS IN COMMUNICATIONS22(3)pp. 594-605 IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC, 445 HOES LANE, PISCATAWAY, NJ 08855 USA

This paper describes the architecture of a proposed multiparty conferencing system for satellites. Different conferencing models are discussed and compared. A session initiation protocol (SIP)-based conference signaling model and an extension to protocol-independent multicast sparse mode that supports quality-of-service (QoS) in DiffServ networks are proposed, as particularly suitable for multiparty conferencing applications over satellite links. The paper also presents key issues and potential solutions of scalable QoS multicast services for multiparty conferences over satellite. End-to-end QoS parameters for voice and video are measured and analyzed on a prototype.

Philip Asuquo, Haitham Cruickshank, J Morley, Chibueze Pascal Anyigor Ogah, Ao Lei, Waleed Hathal, Shihan Bao, Zhili Sun (2018)Security and Privacy in Location-Based Services for Vehicular and Mobile Communications: An Overview, Challenges and Countermeasures, In: IEEE Internet of Things5(6)pp. 4778-4802 Institute of Electrical and Electronics Engineers (IEEE)

Location-based Services (LBS) have gained popularity as a result of the advances in mobile and communication technologies. LBS provide users with relevant information based on their location. In spite of the desirable features provided by LBS, the geographic location of users are not adequately protected. Location privacy is one of the major challenges in vehicular and mobile networks. In this article, we analyse the security and privacy requirements for LBS in vehicular and mobile networks. Specifically, this paper covers privacy enhancing technologies and cryptographic approaches that provide location privacy in vehicular and mobile networks. The different approaches proposed in literature are compared and open research areas are identified.

I Melhus, L Fan, Haitham Cruickshank, F Arnal, C Baudoin, F Nivor, T Gayraud, F Rodriguez, A Pietrabissa, L Lei, Z Sun (2008)Cross-layer optimization in the next-generation broadband satellite systems, In: 26th AIAA International Communications Satellite Systems Conference, ICSSC
L Fan, Haitham Cruickshank, Z Sun (2008)IP networking over next-generation satellite systems Springer Verlag

In addition, the book covers hot-button issues such as security, architecture improvement, resource allocation, video networking, and service integration.

L Liang, L Fan, Haitham Cruickshank, Z Sun, C Baudoin, D Barvaux (2008)A ULE security approach for satellite networks on PLATINE test bed, In: 26th AIAA International Communications Satellite Systems Conference, ICSSC
Y Sheng, H Cruickshank (2008)Security Mechanisms for Delivering Ubiquitous Services in Next Generation Mobile Networks, In: 2008 IEEE 19TH INTERNATIONAL SYMPOSIUM ON PERSONAL, INDOOR AND MOBILE RADIO COMMUNICATIONSpp. 2366-2370
M Ali, L Liang, Zhili Sun, Haitham Cruickshank (2009)FRAMEWORK FOR END-TO-END QOS MEASUREMENT OVER DVB-RCS NETWORK, In: 27th IET and AIAA International Communications Satellite Systems Conference (ICSSC 2009)pp. 211-?

Satellites are popular due to their wide area coverage and for providing connectivity in remote regions of the world. The future development of satellite systems providing services based on the Internet Protocol (IP) needs to be validated on a real satellite network. This paper presents the end-to-end quality of service (QoS) measurements taken at European Space Agency (ESA) testbed over DVB-RCS infrastructure. The applications chosen for these experiments are file transfer (FTP), web browsing (HTTP), video streaming and P2P filesharing. File transfer, web browsing and P2P file-sharing require reliable transport mechanism as a corrupted bit will hinder the intact data delivery. Therefore, these applications use transmission control protocol (TCP) as the transport protocol. TCP involves a three way handshake, which introduces extra delay during data transfer. Video streaming is a real time application, so, it is time-sensitive and requires lesser reliability compared to the other three applications. Hence, it employs user datagram protocol (UDP) at the transport layer, which do not offer any guarantee of reliable data delivery but is fast. The parameters that have been used to evaluate quality of service (QoS) are packet timestamps, file download time, round trip delay, packet sizes and packet loss rate. Also similar applications and results will be measured from a satellite emulation testbed, PLATINE. It is based on Linux operating system, in which most of the DVB-S and DVBRCS satellite network functions have been implemented. These functions include network topology configuration, Quality of Service (QoS), Demand Assigned Multiple Access (DAMA), traffic encapsulation using both Asynchronous Transfer mode (ATM) and ULE/MPEG, satellite network entities configuration and support for both IPv4 and IPv6. The paper concludes with the comparative analysis of the QoS of the applications in both real and emulation environments.

X Liang, FLC Ong, P Pillai, PML Chan, V Mancuso, G Koltsidas, F-N Pavlidou, L Caviglione, E Ferro, A Gotta, HS Cruickshank, S Iyengar, G Fairhurst (2007)Fusion of digital television, broadband Internet and mobile communications - Part II: Future service scenarios., In: Int. J. Satellite Communications Networking254pp. 409-440
HS Cruickshank, L Liang, P Pillai, M Noisternig, B Collini-Nocker, G Fairhurst (2013)Unified Link Layer Security Design for IP Encapsulation using Unidirectional Lightweight Encapsulation over Satellites, In: 27th IET and AIAA International Communications Satellite Systems Conference Proceedingspp. 113-?

There is growing interest in providing multimedia and broadband access over satellites. However there are several technical challenges need to be addressed. One challenge is security in terms of understanding threats and providing an effective security system. Also this paper presents a ULE security solution using ULE mandatory extension headers. The design issues and choices are discussed. The detailed security header format is described together with processing sequence in both transmitter and receiver sides.

FLC Ong, X Liang, P Pillai, PML Chan, G Koltsidas, F-N Pavlidou, E Ferro, A Gotta, HS Cruickshank, S Iyengar, G Fairhurst, V Mancuso (2007)Fusion of digital television, broadband Internet and mobile communications - Part I: Enabling technologies., In: Int. J. Satellite Communications Networking254pp. 363-407
M Al-Siyabi, Haitham Cruickshank, Zhili Sun, P Cornice (2017)Fair admission control model for aircrafts bundles data transmission for Delay Tolerant Networkspp. 54-61

Aircrafts in commercial routes have been proposed in some previous work as a novel DTN bundle carriers [1]. Satellites can be one of the hops in this application. DTN suffers from intermittent disconnections, long delays and has scarce resources. It is a challenge to control the admission to these resources to provide better QoS and ensure optimum resource utilisation. Furthermore, providing fairness to different users who compete to access limited and scarce resources makes the solution even harder. In this paper, we propose a fair novel admission control model for DTN aircrafts applications based on feedback history logging of past admissions. This model will locally estimate the resources and provide fair admissions for users within a group of users in the same area. We will show an analysis of aircrafts fair admission control design for both aircraft initiated and user initiated approaches, which will provide integrated service per flow basis. The paper also presents the initial simulation model using a modified version of DTN2 emulator and DTNperf_2 performance monitoring tool.

C Caini, HS Cruickshank, S Farrell, M Marchese (2011)Delay- and Disruption - Tolerant Networking (DTN): An Alternative Solution for Future Satellite Networking Applications, In: IEEE Special Issue on Aerospace Communications and Networking in the Next Two Decades: Current Trends and Future Perspectives99(11)pp. 1980-1997 IEEE

Satellite communications are characterized by long delays, packet losses, and sometimes intermittent connectivity and link disruptions. The TCP/IP stack is ineffective against these impairments and even dedicated solutions, such as performance enhancing proxies (PEPs), can hardly tackle the most challenging environments, and create compatibility issues with current security protocols. An alternative solution arises from the delay- and disruption-tolerant networking (DTN) architecture, which specifies an overlay protocol, called bundle protocol (BP), on top of either transport protocols (TCP, UDP, etc.), or of lower layer protocols (Bluetooth, Ethernet, etc.). The DTN architecture provides long-term information storage on intermediate nodes, suitable for coping with disrupted links, long delays, and intermittent connectivity. By dividing the end-to-end path into multiple DTN hops, in a way that actually extends the TCP-splitting concept exploited in most PEPs, DTN allows the use of specialized protocols on the satellite (or space) links. This paper discusses the prospects for use of DTN in future satellite networks. We present a broad DTN overview, to make the reader familiar with the characteristics that differentiate DTN from ordinary TCP/IP networking, compare the DTN and PEP architectures and stacks, as a preliminary step for the subsequent DTN performance assessment carried out in practical LEO/GEO satellite scenarios. DTN security is studied next, examining the advantages over present satellite architectures, the threats faced in satellite scenarios, and also open issues. Finally, the relation between DTN and quality of service (QoS) is investigated, by focusing on QoS architectures and QoS tools and by discussing the state of the art of DTN research activity in modeling, routing, and congestion control.

L Liang, H Cruickshank, Z Sun, C Kulatunga, G Fairhurst (2010)The Integration of TESLA and FLUTE over Satellite Networks, In: 2010 IEEE GLOBAL TELECOMMUNICATIONS CONFERENCE GLOBECOM 2010
Haitham Cruickshank, Michael Howarth, S Iyengar, Zhili Sun (2005)A comparison between satellite DVB conditional access and secure IP multicast

Security of satellite data is becoming an important issue. The DVB (TV broadcasting) Conditional Access system used in satellite broadcasting has however been surrounded by controversy for many years due to the spread of counterfeit smart cards, and this paper examines the weaknesses of current DVB-S security. We provide an alternative solution to secure multicast services over satellites using IPSEC and a group key management system called GSAKMP.

Z Sun, Haitham Cruickshank, L Liang, A Sánchez, C Miguel (2002)IP based multimedia conference over satellite, In: 20th AIAA International Communication Satellite Systems Conference and Exhibit

Significant research and development have been carried out recently in Voice over IP (VoIP) to integrate Internet data services and telephony services based on Public Switched Telephone Network (PSTN). Satellites have been used for many years to provide long distance telephone services and have today an increasing portion of their capacities used to carry IP packets for Internet services. Therefore, convergence of voice and data is happening not only in terrestrial communication links, but also in satellite networks. With their global coverage and reach to remote areas, satellites are well positioned to enable growth of VoIP services. In addition to telephone and Internet services, satellite can also be used for multimedia conference services due to the broadcasting capability. This paper presents the studies of these topics as results of the VIP-TEN project on IP telephony and the ICEBERGS projects on multimedia conference over satellite. © 2002 by the author(s). Published by the American Institute of Aeronautics and Astronautics, Inc., with permission.

Haitham Cruickshank, S Iyengar, Michael Howarth, Zhili Sun, F Zeppenfeldt, G Kenny (2003)Secure IP multicast over satellites
Haitham Cruickshank, Zhili Sun (2000)Analysis of IP voice conferencing over geostationary satellite systems, In: IEEE Colloquium (Digest)(17)pp. 5-10

Satellites are foreseen to be complementary to the future terrestrial networks in deploying multimedia communication systems. The use of Geostationary multi-beams and On-Board Processing (OBP) provides a great opportunity for the speedy deployment of real time services such as IP Voice services over satellites. Voice over IP is a new technology and has the potential to revolutionise telephone communications within the modern enterprise, and promises new integrated services and lower costs. This paper examines the challenges of providing IP telephony, multiparty conference service and using IP multicast to distribute voice conferencing packets over Geostationary satellites. Also this paper analyses the delays in setting/joining audio conferences and proposes to reduce the H.323 signalling messages in order to reduce the audio conference signalling delays.

HS Cruickshank (2008)A Link Adaptive Transport Protocol for Multimedia Streaming Applications in Multi Hop Wireless Networks, In: Pringer Mobile Networks and ApplicationsVolume(DOI: 1)Numberpp. 246-258 Springer

ransport layer performance in multi hop wireless networks has been greatly challenged by the intrinsic characteristics of these networks. In particular, the nature of congestion, which is mainly due to medium contention in multi hop wireless networks, challenges the performance of traditional transport protocols in such networks. In this paper, we first study the impact of medium contention on transport layer performance and then propose a new transport protocol for improving quality of service performance in multi hop wireless networks. Our proposed protocol, Link Adaptive Transport Protocol provides a systemic way of controlling transport layer offered load for multimedia streaming applications, based on the degree of medium contention information received from the network. Simulation results show that the proposed protocol provides an efficient scheme to improve quality of service performance metrics, such as end-to-end delay, jitter, packet loss rate, throughput smoothness and fairness for media streaming applications. In addition, our scheme requires few overhead and does not maintain any per-flow state table at intermediate nodes. This makes it less complex and more cost effective.

Haitham Cruickshank, Michael Howarth, S Iyengar, Zhili Sun, L Claverotte (2005)Securing multicast in DVB-RCS satellite systems, In: IEEE WIRELESS COMMUNICATIONS12(5)pp. 38-45 IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC, 445 HOES LANE, PISCATAWAY, NJ 08855 USA

While TV broadcasting is probably the best known application of satellite technology, satellite service providers are now expanding their services to include Internet data transmission. Consequently, security of satellite data is becoming an important issue. This article examines the current DVB-RCS security standard and identifies the principal gaps in the provision of secure multicast over DVB-RCS. The main contribution of this article is a proposal for adapting the current DVB-RCS two-way satellite standard to provide secure multicast services over satellites.

Yue Cao, Zhili Sun, Haitham Cruickshank, Fang Yao (2014)Approach-and-Roam (AaR): A Geographic Routing Scheme for Delay/Disruption Tolerant Networks, In: IEEE Transactions on Vehicular Technology63(1)pp. 266-281 Institute of Electrical and Electronics Engineers (IEEE)

Considering that delay/disruption-tolerant networks (DTNs) suffer from a large variation of network topology, geographic routing is an alternative scheme that utilizes real-time geographic information instead of network topology information. However, the real-time geographic information of mobile destination is likely unavailable due to sparse network density. With this in mind, we propose a geographic routing scheme by relying on historical geographic information to estimate the movement range of destination. The idea is to make efficient message replication toward this estimated range via the proposed Approach Phase to reduce routing overhead. Meanwhile, the effective message replication within this range is guaranteed via the proposed Roam Phase to increase the message delivery ratio. We further propose a novel scheme to handle the local maximum problem for geographic routing in sparse networks. Simulation results obtained assuming the maps of three real world cities, namely, Helsinki, Finland; Karlsruhe, Germany; and Manhattan, New York City, USA, show an advantage of the proposed Approach-and-Roam (AaR) over the compared algorithms in terms of delivery ratio, average delivery latency, and overhead ratio.

MN Mumtaz Bhutta, Haitham Cruickshank, Zhili Sun (2016)Public-key infrastructure validation and revocation mechanism suitable for delay/disruption tolerant networks, In: IET Information Security

Public-key infrastructure (PKI) is based on public-key certificates and is the most widely used mechanism for trust and key management. However, standard PKI validation and revocation mechanisms are considered major reasons for its unsuitability for delay/disruption tolerant networking (DTN). DTN requires mechanism to authenticate messages at each node before forwarding it in the network. So, certificate revocation lists (CRLs) being distributed in DTN network will need to be authenticated and validated for issuer certificate authority (CA) at each node. In this study, the authors propose new validation and revocation mechanism which is compliant with DTN semantics and protocols. This study also proposes a new design for CRL in compliance with standard PKI X.509 standard to make the proposed mechanism easy to implement for DTN. The new designed CRL is of reduced size as it contains fewer entries as compared with standard X.509 CRL and also arranges the revocation list in the form of hash table (map) to increase the searching efficiency.

Y Chotikapong, Haitham Cruickshank, Z Sun (2001)Evaluation of TCP and internet traffic via low earth orbit satellites, In: IEEE Personal Communications8(3)pp. 28-34

The prospect of the Internet as the fastest growing satellite communication application coupled with satellite-based multimedia networks has generated a high level of interest in the performance of TCP over satellite systems. This article presents the network architecture for supporting services based on TCP/IP over satellite. It discusses the key factors that influence TCP performance over satellite links, and compares the benefits and disadvantages of low earth orbit and geostationary earth orbit satellites. The article also discusses the feasibility of using LEO satellites to support and expand the Internet. It presents studies of the TCP behavior over a GEO satellite system and LEO satellite constellation based on computer simulations, where two typical Internet applications are taken into consideration: FTP file transfer and Web browsing. The results show that TCP performs much better over the LEO satellite constellation than over the GEO system; even the standard TCP over LEO is better than enhanced TCP over GEO.

Philip Asuquo, Haitham Cruickshank, Chibueze Pascal Anyigor Ogah, Ao Lei, Zhili Sun (2018)A Distributed Trust Management Scheme for Data Forwarding in Satellite DTN Emergency Communications, In: IEEE Journal on Selected Areas in Communications36(2)pp. 246-256 Institute of Electrical and Electronics Engineers (IEEE)

Satellite Communications can be used when other communication systems are either destroyed or overloaded. Observation satellites and Delay/Disruption Tolerant Networks are technologies that can be interconnected to provide emergency communication for disaster recovery operations. DTNs use a store-carry-forward mechanism to forward messages through intermediary nodes to the destination node. The reliability of relaying messages through multi-hop nodes poses a significant problem in DTNs due to lack of consistent connectivity. These network characteristics make DTNs to heavily rely on the cooperation of neighbouring nodes for the successful delivery of packets. However, the presence of malicious or selfish nodes will have a great impact on the network performance. In this paper, we design a decentralised trust management scheme (DTMS) to filter out malicious nodes in DTNs. First, the number of forwarding evidence are combined with the energy consumption rate of the nodes to formulate direct trust. Then, a recommendation trust is computed from the indirect trust, recommendation credibility and recommendation familiarity. Recommendation credibility and familiarity improve the overall recommendation trust by filtering out dishonest recommendations. A comparative analysis of DTMS is performed against a Cooperative Watchdog Scheme (CWS), Recommendation Based Trust Model (RBTM) and Spray & Wait protocol. The results show that DTMS can effectively deal with malicious behaviours in DTNs including trust related attacks.

Zhili Sun, T Ors, Haitham Cruickshank, Barry Evans (1996)Implementation of ATM over satellite for broadband services, In: IEEE Colloquium (Digest)(224)

It has been recognised that satellites can play very important role in supporting B-ISDN services based on ATM technology. There have been several projects to exploit ATM over satellite for broadband services since 1992. These include the European RACE II CATALYST project which developed a satellite ATM demonstrator and the EPSRC project which studied the interconnection of Broadband ATM Islands via satellite. In a broadband network environment, ATM over satellite can be used for inter-network connections as transit link and for terminal access as access link. For transit link a small number of earth stations require a high bit rate link. Static bandwidth reservation based on estimated fixed rates provide a simple solution. However for terminal access a large number of terminals require low bit rate links. Since the traffic is expected to have large fluctuations, a dynamic reservation system is a more efficient but complex solution. Dynamic reservation Time Division Multiple Access (TDMA) appears to be the best solutions, as it takes advantage of the flexibility and statistical multiplexing capabilities of ATM and supports all traffic classes. The paper shows that ATM over satellite can implement a flexible and efficient bandwidth resource management mechanisms which allows the satellite link to be configured to meet the requirements of broadband services from low bit rate to high bit rate. © 1996 The Institution of Electrical Engineers. Printed and published by the IEE.

The approach currently being taken by ETSI (BSM) to standardisation for Multicast PIM-SM protocols is described. This paper describes methods, architectures and adaptations to support IP-multicast services efficiently across IP-based broadband multimedia satellite systems. The final objective is to arrive at a consensus for a standard on this subject.

M Alshamrani, HS Cruickshank, Z Sun, V Fami, B Elmasri, E Danish (2013)Signaling Performance for SIP over IPv6 Mobile Ad-Hoc Network (MANET)., In: ISMpp. 231-236 IEEE Computer Society
X Yu, P Navaratnam, K Moessner, H Cruickshank (2015)Distributed Resource Reservation in Hybrid MAC With Admission Control for Wireless Mesh Networks, In: IEEE TRANSACTIONS ON VEHICULAR TECHNOLOGY, VOL. 64, NO. 12, DECEMBER 2015
Haitham Cruickshank, Z Sun, F Carducci, A Sanchez (2001)Analysis of IP voice conferencing over EuroSkyWay satellite system, In: IEE PROCEEDINGS-COMMUNICATIONS148(4)pp. 202-206 IEE-INST ELEC ENG
Chibueze Pascal Anyigor Ogah, Haitham Cruickshank, Philip Asuquo, Ao Lei, Zhili Sun (2017)Experimental Privacy Analysis and Characterization for Disconnected VANETs, In: Wireless and Satellite Systems186pp. 119-129

Intelligent Transport Systems (ITS) are special applications of Vehicular Ad-hoc Networks (VANETs) for road safety and efficient traffic management. A major challenge for ITS and VANETs in all its flavours is ensuring the privacy of vehicle drivers and the transmitted location information. One attribute of ITS during its early roll-out stage especially in rural areas and challenged environments is low vehicle density and lack of end-to-end connectivity akin to the attribute of Vehicular Delay Tolerant Networks (VDTNs). This means that contact duration between network entities such as vehicles and road-side units (RSUs) are short-lived. Three popular solutions are the use of pseudonyms, mix-zones, and group communication. Privacy schemes based on the mix-zone technique abound for more conventional VANETs. A critical privacy analysis of such scenarios will be key to the design of privacy techniques for intermittent networks. We are not aware of any work that analyse the privacy problem in intermittent VANTEs. In this paper, we add our voice to efforts to characterize the privacy problem in disconnected VANETs.

G Ansa, Haitham Cruickshank, Zhili Sun (2011)A proactive DOS filter mechanism for delay tolerant networks, In: Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering: Personal Satellite Services71pp. 213-226

Denial of Service (DOS) attacks are a major threat faced by all types of networks. The effect of DOS in a delay tolerant network (DTN) is even more aggravated due to the scarcity of resources. Perpetrators of DOS attacks in DTN-like environments look beyond the objective of rendering a target node useless. The aim of an attacker is to cause a network-wide degradation of resources, service and performance. This can easily be achieved by exhausting node or link resources and partitioning the network. In this paper we seek to provide a proactive approach in making the DTN authentication process robust against DOS. Our aim is to make security protocols which provide mandatory DTN security services resilient to DOS attacks. The overall objective is to make it hard to launch a DOS attack and ensure the availability of DTN services. A DTN-cookie mechanism has been proposed to quickly identify and filter out illegitimate traffic.

A Jamalipour, M Marchese, HS Cruickshank, J Neale, SN Verma, AM Bush (2004)Guest editorial - Broadband IP networks via satellites - Part II, In: IEEE JOURNAL ON SELECTED AREAS IN COMMUNICATIONS22(3)pp. 433-437 IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC
L Fan, C Baudoin, L Liang, A Yun, G Fairhurst, A Sathiaseelan, I Melhus, S Iyengar, JA Guerra, A Ramos, D Perez, R Castellot, E Callejo, MC de Domingo, Haitham Cruickshank, Z Sun (2007)The SATSIX architecture for next-generation satellite systems with IPv6 and DVB, In: 25th AIAA International Communications Satellite Systems Conference

Broadband satellite will play an important role to provide universal broadband access for the users. In order to lower the cost, the next-generation satellite systems should support IPv6 and seamlessly integrate with terrestrial networks, including wireless local loops. In this paper, a novel network architecture has been proposed as a potential solution to the above problem. Based on the proposed overall network and functional architecture, we have emphasised and presented different aspects of the advanced IPv6-enable networking techniques, such as QoS, multicast, security and mobility. The transport protocols can be used in this network architecture are also studied. © 2007 by SATSIX.

A Jamalipour, M Marchese, HS Cruickshank, J Neale, SN Verma (2004)Broadband IP networks via satellites - Part I, In: IEEE JOURNAL ON SELECTED AREAS IN COMMUNICATIONS22(2)pp. 213-217 IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC
Y Chotikapong, Haitham Cruickshank, Zhili Sun, Barry Evans (2000)Network architecture and performance evaluation of broadband satellite systems, In: IEEE INTERNATIONAL CONFERENCE ON NETWORKS 2000 (ICON 2000), PROCEEDINGSpp. 488-488
Ao Lei, Haitham Cruickshank, Y Cao, Philip Asuquo, Chibueze Pascal Anyigor Ogah, Zhili Sun (2017)Blockchain-Based Dynamic Key Management for Heterogeneous Intelligent Transportation Systems, In: Internet of Things Journal4(6)pp. 1832-1843 IEEE

As modern vehicle and communication technologies advanced apace, people begin to believe that Intelligent Transportation System (ITS) would be achievable in one decade. ITS introduces information technology to the transportation infrastructures and aims to improve road safety and traffic efficiency. However, security is still a main concern in Vehicular Communication Systems (VCS). This can be addressed through secured group broadcast. Therefore, secure key management schemes are considered as a critical technique for network security. In this paper, we propose a framework for providing secure key management within the heterogeneous network. The security managers (SMs) play a key role in the framework by capturing the vehicle departure information, encapsulating block to transport keys and then executing rekeying to vehicles within the same security domain. The first part of this framework is a novel network topology based on a decentralised blockchain structure. The blockchain concept is proposed to simplify the distributed key management in heterogeneous VCS domains. The second part of the framework uses the dynamic transaction collection period to further reduce the key transfer time during vehicles handover. Extensive simulations and analysis show the effectiveness and efficiency of the proposed framework, in which the blockchain structure performs better in term of key transfer time than the structure with a central manager, while the dynamic scheme allows SMs to flexibly fit various traffic levels.

M Alshamrani, HS Cruickshank, Z Sun, V Fami, B Elmasri (2013)Evaluation of SIP Signalling and QoS for VoIP over MANETs Reactive Routing Protocols., In: NGMASTpp. 105-110 IEEE
Y Sheng, H Cruickshank, AD Pragad, P Pangalos, AH Aghvami (2008)An Integrated QoS, Security and Mobility Framework for Delivering Ubiquitous Services Across All IP-based Networks, In: 2008 IEEE 19TH INTERNATIONAL SYMPOSIUM ON PERSONAL, INDOOR AND MOBILE RADIO COMMUNICATIONSpp. 2371-2375
Haitham Cruickshank, S Iyengar, Michael Howarth, Zhili Sun (2002)Securing satellite communications
Chibueze Pascal Anyigor Ogah, Haitham Cruickshank, Philip Asuquo, Ao Lei, Zhili Sun (2017)Delay Tolerant Revocation Scheme for Delay Tolerant VANETs (DTRvS), In: Digital Communication. Towards a Smart and Secure Future Internet766pp. 143-164 Springer International Publishing

This article discusses an effective revocation scheme for disconnected Delay Tolerant Vehicular Ad hoc Networks (VANETs). Malicious vehicles can exhibit various misbehaviour such as dropping packets due to selfish reasons. Selfishness can be due to the need to conserve limited resources such as energy and bandwidth. This forces vehicles to either drop all or some of the packets they receive. This is particularly obtainable in multi-hop forwarding networks where packets are routed from one vehicle to another towards their destination. When some packets are dropped, the usefulness of the system is not fully realised since it affects the quality of information available to vehicles for making driving decisions such as road manoeuvres. Additionally, packet dropping can degrade the routing efficiency of the system. In extreme cases of misbehaviour, it is important to stop such vehicles from further participation in network communication. One way of achieving this is through revocation. However, it is important to establish mechanisms for identifying such vehicles before blacklisting them for revocation. Our objective here is to address the question of how much we can use a trust-based scheme where vehicles cannot always be expected to follow normal protocols for revocation. Revocation or suspension of misbehaving vehicles is essential to avoid havoc and possible economic damage.

Z Luo, Zhili Sun, Haitham Cruickshank (2007)Modelling and simulation study of TCP performance with link layer retransmission and fragmentation for satellite-UMTS networks, In: Recent Advances in Modeling and Simulation Tools for Communication Networks and Servicespp. 137-155

Satellite-based Universal Mobile Telecommunications System (S-UMTS) is used to provide all kinds of Transmission Control Protocol/ Internet Protocol (TCP/IP) based Internet services for global end users. However, due to the high propagation delay and high bit error rates over satellite links, the TCP performance degrades considerably and affects many qualities of TCP based services. In this work, we focus on studying the TCP performance in S-UMTS using radio link control (RLC) with fragmentation and retransmission mechanisms. Analytical and simulation studies have been carried out to study this cross-layer problem. Two scenarios have been studied, i.e., the satellite operates in either transparent mode or with onboard processor (OBP) mode. The results indicate that the TCP performance can be enhanced substantially by employing the relay function using OBP and appropriate configurations of RLC parameters, thus providing useful information to the design the next generation communication satellite with onboard processing.

Haitham Cruickshank, L Liang, L Fan, Zhili Sun, S Iyengar, M Mazzella (2008)Link layer security design for IPv6 over satellite DVB networks, In: ICT-MobileSummit 2008 Conference Proceedings

There is growing interest in providing multimedia and broadband access over satellites. However there are several technical challenges need to be addressed. One challenge is security in terms of understanding threats and providing an effective security system. This paper presents a security solution for the Unidirectional Lightweight Encapsulation (ULE). The security header extensions are presented together with detailed transmitter and receiver processing. Finally, the implementation of this solution is shown over the SATSIX project satellite emulator platform.

A Ahmad, S Mirzadeh, H Cruickshank, H Afifi (2017)Efficient Physical Layer Encryption for LDR Sensor Networks
M Ali, L Liang, Zhili Sun, Haitham Cruickshank (2009)SIP Signalling and QoS for VoIP over IPv6 DVB-RCS Satellite Networkspp. 419-423

With the rapid development of the Internet, new technologies and applications are emerging. One of the important applications is voice over IP. Satellites are playing an important role to provide VoIP services with their global coverage and onboard processing ability over IP networks. Satellite network environment, generally characterized by large delay and erroneous link, is considered to be unfriendly to VoIP. The performance of VoIP is adversely influenced by these demerits. The performance metrics of VoIP are signaling, bandwidth, delay, jitter and packet loss. Signaling plays a key role in call establishment and rest of the parameters signifies the quality of service (QoS). In this paper, the performance related issues of SIP-based VoIP over current, IPv4, and next generation, IPv6 satellites is studied. A comparative analysis is performed for different voice codecs. The experimentation is carried out on the satellite network testbed at Centre for Communication Systems Research (CCSR) at University of Surrey. The results show that delay, jitter and packet loss are quite comparable for both current and next generation satellites. SIP signaling performs poorly in IPv6 as compared to IPv4. IPv6 can be adapted for VoIP over next generation satellites, but with some modifications for SIP signaling.

H Johnson, Haitham Cruickshank, Zhili Sun (2013)Providing Authentication in Delay/Disruption Tolerant Networking (DTN) Environment, In: 4th International ICST Conference, PSATS 2012,52pp. 189-196

DTN environment is characterized by intermittent connectivity, high/variable delay, heterogeneity, high error rate and asymmetric data rate amongst others. These characteristics accounts for the poor behavior of Internet protocols in this environment. To address these problems, DTN was conceived and designed together with specialized protocols to carry out its services. Its emergence called for a new concept in security that was considered at the design stage. The main aim of this paper is to propose a traditional cryptography based authentication scheme that does not depend on network administrator’s availability during post network authentication communication and facilitates bundle processing by the recipient in the absence of connectivity. In this paper, we present and discuss the system model, the proposed credential and the propose authentication scheme. A simulation framework is developed for the implementation of the proposed and referenced schemes. From the simulation results, the proposed scheme was observed to be independent of network administrator’s availability during post network authentication communication and facilitates bundle processing in the absence of connectivity.

Haitham Cruickshank, L Liang, L Fan, Zhili Sun, M Mazzella (2008)A ULE Security Approach for Satellite Networks on PLATINE Testbed

The satellite network does not have the IP layer where the IPsec [2][3] is designed for. Therefore, a new algorithm is needed to secure the satellite link at link layer or physical layer. This paper will give a short analysis on the advantages and disadvantages of the MPEG-2 TS encryption and present an approach trying to use the extension header of Unidirectional Lightweight Encapsulation (ULE) [6] Protocol Data Unit (PDU) to provide the efficient security solution for satellite networks. This approach is just above the MPEG-2 TS layer and makes the link security as a part of the encapsulation layer. Thanks to a test bed platform named PLATINE developed by France partners and contributed by other partners within the SATSIX project on which the DVB-S and DVB-RCS have been implemented. The Unidirectional Lightweight Encapsulation (ULE) [6] mechanism working together with MPEG 2 Transport Stream (TS) as a part of the encapsulation in PLATINE is for the transport of IPv6 (& IPv4) Datagrams and other network protocol packets directly over the ISO MPEG-2 Transport Stream as TS Private Data. The proposed security approach is implemented within PLATINE to provide integrated security with ULE protocol at the link layer. The approach is based on the security requirements Internet draft [1]

Haitham Cruickshank, Michael Howarth, S Iyengar, Zhili Sun, L Claverotte (2005)Securing multicast in DVB-RCS satellite systems, In: IEEE Wireless Communications Magazine12(5)pp. 38-45 IEEE

Whilst TV broadcasting is probably the best-known application of satellite technology, satellite service providers are now expanding their services to include Internet data transmission. Consequently, security of satellite data is becoming an important issue. This article examines the current DVB-RCS security standard and identifies the principal gaps in the provision of secure multicast over DVB-RCS. The main contribution of this article is a proposal for adapting the current DVB-RCS two-way satellite standard to provide secure multicast services over satellites.

M Alshamrani, HS Cruickshank, Z Sun, B Elmasri, V Fami (2013)Evaluation of SIP Signalling and QoS for VoIP over OLSR MANET Routing Protocol., In: UKSimpp. 699-706
Wee Hock Desmond Ng, Zhili Sun, Haitham Cruickshank (2005)Group Key Management with Network Mobility, In: 13th IEEE International Conference on Networks jointly held with the 7th IEEE Malaysia International Conference on Communications, Proceedings 1 and 22pp. 716-721 Institute of Electrical and Electronics Engineers

Secure multicast communication is important for both wired and wireless applications. For groups with frequent join or depart requests, a distributed architecture that partitions the group members into several areas is preferred. Inside each area, scalable algorithms such as Logical Key Hierarchy (LKII) can be used to update the group key. However, these algorithms do not consider mobile members traveling in a Mobile Network as a whole. In this paper, we proposed two group key management schemes, which treat mobile members traveling in a Mobile Network as a whole. Both schemes try to reduce the communication costs when the Mobile Network moves in or out of the area. Simulation results show significant reduction in communications costs even for small number of mobile members in the Mobile Network.

N Bhutta, G Ansa, E Johnson, N Ahmad, M AlSiyabi, Haitham Cruickshank (2009)Security analysis for Delay/Disruption Tolerant satellite and sensor Networkspp. 385-389

In the last few years, Delay/Disruption Tolerant Networking has grown to a healthy research topic because of its suitability for challenged environments characterized by heterogeneity, long delay paths and unpredictable link disruptions. This paper presents a DTN security architecture that focuses on the requirements for lightweight key management; lightweight AAA-like architecture for authentication/authorisation; resilience to Denial of Service attacks and user anonymity.

N Ahmad, Haitham Cruickshank, Zhili Sun, M Asif (2011)Pseudonymised Communication in Delay Tolerant Networkspp. 1-6

Privacy, Anonymity, pseudonymity are the debatable terms which on one angle restrict the rights but on other angle open doors for malacious activity.This paper propses design for a pseudonymised communication which is optimal solution for the privacy issues, where the real identity is hidden from the outside world by using blind signature in a different way of group commmunication.The protocol is deployed and analysed in extreme environment of Delay Tolerant Networks (DTN), which is overlay on the top of traditional Internet which provides end to end connectivity and charactarised with long delay and disruption. A telemedicine application of rural area network is explored to provide source anonymity.The protocol is finally analysed using Dolev Yao model with two different cases and it preserves the orignal identity of the node.

M Alshamrani, Haitham Cruickshank, Z Sun, B Elmasri, VH Tafreshi (2012)SIP-based internetwork system between future IP networks and ZigBee based Wireless Personal Area Networks (WPAN), In: 2012 4th Computer Science and Electronic Engineering Conference, CEEC 2012 - Conference Proceedingspp. 206-211

The internetwork system between Future IP Networks and ZigBee Wireless Networks has two main approaches; the SIP Proxy Based approach, and the ZigBee Stack Based approach. Because of the dynamic nature of the ZigBee devices, both approaches need to be improved to support the connectivity system and the Quality of Service (QoS) for different types of sensing and actuating applications. This paper proposes an initial design for a modified version of SIP (Mod-SIP) for ZigBee Stack Based approach. In addition, the paper introduces the Combined Approach which is an enhanced internetwork system used to provide more reliable and flexible connectivity system between ZigBee WPANs, and the IP clouds. An initial design and simulation efforts on OPNET implemented to study the current approaches and compare it with the proposed approaches. It shows that the SIP Proxy Based approach is not efficient for Future IP Networks applications as it has a high rate of End-to-End delays because of the lack of flexibility between SIP signaling system and the ZigBee WPANs. The initial investigations shown that the Combined approach can provide more reliable connectivity system with the support for the QoS for different types of instantaneous applications such as VoIP and video conferencing. © 2012 IEEE.

L Audah, Zhili Sun, Haitham Cruickshank (2016)End-to-end QoS evaluation of IP over LEO/GEO satellites constellations for FTP, In: Proceedings of 5th International Conference on Signal Processing and Communication Systems

This paper presents studies for the end-to-end QoS of IP over integrated terrestrial and Next Generation Satellite Network (NGSN) using FTP. We compare between LEO and GEO satellites constellations for the QoS parameters (i.e. delay, jitter, loss rate and throughput) of file transfer from a remote server in London and a remote client in Boston. We model the file transfer with multiple connections and file size variation according to Exponential and Pareto distributions respectively. We create the scenario with error model to simulate transmission loss environment using the NS-2 simulation software. A Differentiated Services (Diffserv) queue interface is placed in the server side to regulate the traffic flows across the narrow bandwidth of the satellite links. The results showed the performance evaluation and presented a good comparison of the QoS parameters involved in the data transfer across LEO and GEO satellites systems.

Y Cao, Haitham Cruickshank, Zhili Sun (2011)A Routing Framework for Delay Tolerant Networks Based on Encounter Anglepp. 2231-2236

The concept of Delay Tolerant Networks (DTNs) has been utilized for wireless sensor networks, mobile ad hoc networks, interplanetary networks, pocket switched networks and suburb networks for developing region. Because of these application prospects, DTNs have received attention from academic community. Whereas only a few state of the art routing algorithms in DTNs address the problem of aborted messages due to the insufficient encounter duration. In order to reduce these aborted messages, we propose a routing framework which consists of two optional routing functions. Specifically, only one of them is activated according to the encounter angle between pairwise nodes. Besides, the copies of the undelivered message carried by most of the nodes in the network are more likely to be cleared out after successful transfer, which reduces the number of unnecessary transmissions for message delivery. By means of the priority for message transmission and deletion in case of the limited network resource, the proposed algorithm achieves the high delivery ratio with low overhead as well as less number of aborted messages due to the insufficient encounter duration, thus is more energy efficient.

N Bhutta, HS Cruickshank (2013)A New Dynamic Multilayer IPSec Protocol, In: 4th International ICST Conference, PSATS 2012 Personal Satellite Services52pp. 119-129
I Melhus, L Fan, F Arnal, C Baudoin, F Nivor, T Gayraud, P Berthout, G Fairhurst, A Fiaschetti, A Pietrabissa, L Pimpinella, L Lei, Haitham Cruickshank, Zhili Sun (2008)Cross-layer Optimization in the Next-generation Broadband Satellite Systems

Next-generation broadband satellite systems will have the capability to provide cost-effective universal broadband access for the users. In order to meet users’ requirements on high quality multimedia services, many enhancements have to be made on the existing satellite technologies. One of the promising methods is the introduction of cross-layer design. There are several advantages of a layered approach since modularity, robustness and ease of designs are achieved without difficulty. However the properties of the different layers have substantial interdependencies and a modularised design may therefore be suboptimal with regards to performance and availability in a hybrid satellite and mobile wireless environment. In this paper, we will carry out a review of the cross-layer design in satellite systems. Based on this, a cross-layer architecture for the next-generation broadband satellite system is proposed. The proposed cross-layer architecture has two main components: QoS and resource management and mobility management. In each component, the cross-layer techniques that have been used are described in details.

HS Cruickshank, G Giambene, M Berioli, R Mort (2009)BSM Integrated PEP with Cross-Layer Improvements, In: Satellite and Space Communications, 2009. IWSSC 2009.pp. 52-56

The future development of broadband satellite systems providing services based on the Internet Protocol (IP) needs to be stimulated by means of common standards. This paper presents the ETSI BSM PEP terminal architecture and PEP usage scenarios. In addition this paper shows the benefits of cross-layer improvements, where the TCP traffic sent by STs through an NCC/Gateway that acts as a PEP-spoofer on ACKs going in the opposite direction.

Zhili Sun, D He, L Liang, Haitham Cruickshank (2004)Internet QoS and traffic modelling, In: IEE PROCEEDINGS-SOFTWARE151(5)pp. 248-255

Telecommunications networks have migrated from circuit based telephony services to packet based broadband network services. Merging with computer networks, they are being integrated with non-real-time data services on classical Internet integrated multimedia services, including real time voice, video and services on the new generation Internet. Thus, the concepts and requirements of quality of service (QoS) and traffic modelling have also been changed significantly. However, real time services such as voice and video are inelastic, as the transmission bandwidth, transmission time and QoS requirements need to be kept within strict limits and hence are not flexible. On the other hand, elastic services such as file transfer and Web surf are much relaxed with QoS and network resource requirements. Networks need to meet the requirements of both types of services by providing different classes of network services, including best effort service at one end of the spectrum, guaranteed service on the other end, and some others in between, with controlled traffic load. Traffic modelling is one of the important aspects to be considered to meet QoS requirements of services and efficient utilisation of network resources. The paper discusses important QoS issues, techniques for measurement and analysing Internet traffic, and new trends and methodology for Internet traffic modelling. It also presents the results based on the measured Internet traffic to validate the new model and the potential of the model to capture the characteristics of traffic for the Internet.

L Audah, Zhili Sun, Haitham Cruickshank (2012)Comparative Evaluation QoS of FTP over LEO and GEO Satellite Networks with Diffserv Architecture, In: Journal of Communication and Computer (JCC)9(12)pp. 1383-1394 David Publishing Company

This paper presents studies for the end-to-end QoS of IP over integrated terrestrial and Next Generation Satellite Network (NGSN) using FTP. We compare between LEO and GEO satellites constellations for the QoS parameters (i.e. delay, jitter, loss rate and throughput) of file transfer from a remote server in London and a remote client in Boston. We model the file transfer with multiple connections and file size variation according to Exponential and Pareto distributions respectively. We create the scenario with error model to simulate transmission loss environment using the NS-2 simulation software. A Differentiated Services (Diffserv) queue interface is placed in the server side to regulate the traffic flows across the narrow bandwidth of the satellite links. The results showed the performance evaluation and presented a good comparison of the QoS parameters involved in the data transfer across LEO and GEO satellites systems.

There are a variety of satellite applications that require application intelligence at intermediate devices for their proper functioning e.g. satellite networks using (Performance Enhancing Proxies, PEPs), real time streaming applications like SIP, H.323 and peer-to-peer applications. Interworking between PEPs and security system has been researched in the past. Multi-layer IPSec (ML-IPSec) resolves the conflict between end-to-end security in standard IPSec and working of PEPs. This paper presents the concept and detailed design of ML-IPSec by breaking the IP datagram into three zones while enabling the intermediate nodes to access the TCP header and HTTP header information. The paper also presents an efficient interworking scheme between ML-IPSec and secure IP multicast using the Logical Key Hierarchy for key distribution.

L Liang, Z Sun, Haitham Cruickshank (2005)Relative QoS optimization for multiparty online gaming in DiffServ networks, In: IEEE COMMUNICATIONS MAGAZINE43(5)pp. 75-83 IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC, 445 HOES LANE, PISCATAWAY, NJ 08855 USA

Real-time interactive multimedia multiparty communication is becoming a vital part of modern Internet services. As one of its applications, online gaming attracts a huge group of fans playing over the Internet. It has new requirements for relative QoS. This article gives a brief introduction to these new QoS requirements, and then presents an algorithm to satisfy these requirements in the differentiated services network for client-server-topology-based online gaming services. Our simulation results show that this algorithm can provide optimized relative QoS support for online gaming as an example of multiparty communications.

MNM Bhutta, H Cruickshank, J Ashworth, M Moseley (2012)Redesigning of IPSec for interworking with satellite performance enhancing proxies, In: Proceedings of the 2011 6th International ICST Conference on Communications and Networking in China, CHINACOM 2011pp. 1104-1109

Performance Enhancing Proxies (PEPs) are used in satellite networks for better performance of the TCP/IP applications. Multi-layer IPSec (ML-IPSec) resolves the conflict between end-to-end security in standard IPSec and working of PEPs. This paper presents the concept and detailed design of ML-IPSec by breaking the IP datagram into three zones while enabling the intermediate nodes to access the TCP header and HTTP header information. The paper also presents an efficient interworking scheme between ML-IPSec and secure IP multicast using the Logical Key Hierarchy for key distribution. © 2011 IEEE.

M Al-Fares, Z Sun, HS Cruickshank (2010)Reliable Routing Protocol for Wireless Sensor Network, In: Intelligent Automation and Computer Engineering(16) Springer Verlag

Intelligent Automation and Computer Engineering offers the state of the art of tremendous advances in intelligent automation and computer engineering and also ...

HS Cruickshank (2012)An Energy‐Efficient Technique to Combat DOS Attacks in Delay Tolerant Networks, In: ICST Transactions on Ubiquitous Environments journal12(1-3) ICST

A delay tolerant network is a highly constrained networking environment which is low in resources such as memory, bandwidth and battery power. In opportunistic DTNs, nodes cooperatively forward packets for each other through the carry-store-and-forward paradigm. Opportunistic data forwarding can be abused by an adversary by injecting spurious packets in order to waste the resources of the network. To guard against such attacks, it is important to authenticate packets at intermediate nodes. Packet authentication in itself comes with overheads such as computation cost and energy consumption which can be exploited by an attacker to mount a denial of service attack. We propose the use of light-weight DTN-cookies to protect this vital security service from such malicious exploitation. We show through simulations that our proposed mechanisms can improve network performance and save considerable amount of power even in the presence of attackers.

Y Miao, Zhili Sun, Ning Wang, Haitham Cruickshank (2015)Comparison Studies of MANET-Satellite and MANET-Cellular Networks Integrations, In: 2015 International Conference on Wireless Communications and Signal Processing (WCSP)pp. 1899-1903

A mobile ad hoc network (MANET) is a self-configuring infrastructure-less network. Taking advantage of spontaneous and infrastructure-less behavior, MANET can be integrated with satellite network to provide world-wide communication for emergency and disaster relieve services and can also be integrated with cellular network for mobile data offloading. To achieve different purposes, different architecture of integrated system, protocols and mechanisms are designed. For emergency services, ubiquitous and robust communications are of paramount importance. For mobile data offloading services, emphasis is amount of offloaded data, limited storage and energy of mobile devices. It is important to study the common features and distinguish of the architecture and service considerations for further research in the two integrated systems. In this paper, we study common issues and distinguish between two systems in terms of routing protocol, QoS provision, energy efficiency, privacy protection and resource management. The future research can benefit from taking advantage of the similarity of two systems and address the relevant issues.

YF Hu, M Berioli, P Pillali, HS Cruickshank, G Giambene, K Kotsopoulos, W Guo, PML Chan (2010)Broadband Satellite Multimedia, In: IET Communications4(13)pp. 1519-1531 IET

The broadband satellite multimedia (BSM) architecture standardised by ETSI defines a satellite independent service access point (SI-SAP) interface layer that separates the satellite independent features of the upper layers from the satellite dependant features of the lower layers, and provides a mechanism to carry IP-based protocols over these satellite dependent lower layers. This enables interoperability at the IP layer between satellite systems of different physical and link layers technologies that fully comply with the SI-SAP concept. This study reviews past and current standardisation activities including the BSM quality of service (QoS) architecture, security architecture, network management that have been carried out by the ETSI Technical Committee-Satellite Earth Stations and Systems (TC-SES)/BSM working group and looking into the future to extend current SI-SAP functions that can enhance existing QoS provision and security management capabilities as well as proposing a mobility management architecture that complies with the IEEE 802.21 media independent handover framework to support BSM mobility and to allow integration of satellite networks with fixed and mobile network infrastructures. A service-based network management architecture is also proposed to allow management flexibility and integration of business and operation support functions, paving the way for satellite integration into the Internet of the future.

MN Mumtaz Bhutta, Haitham Cruickshank, Zhili Sun (2017)A New Public-Key Infrastructure (PKI) Validation and Revocation Mechanism Suitable for Delay/Disruption Tolerant Networks (DTN), In: IET Information Security11(1)pp. 16-22

Public Key Infrastructure (PKI) is based on public key certificates and is the most widely used mechanism for trust and key management. However, standard PKI Validation and Revocation mechanisms are considered major reasons for its unsuitability for Delay/Disruption Tolerant Networking (DTN). DTN requires mechanism to authenticate messages at each node before forwarding it in the network. So, Certificate Revocation Lists (CRLs) being distributed in DTN network will need to be authenticated and validated for issuer CA at each node. In this paper we propose new Validation and Revocation mechanism which is compliant with DTN semantics and protocols. The paper also proposes a new design for CRL in compliance with standard PKI X.509 standard to make the proposed mechanism easy to implement for DTN. The new designed CRL is of reduced size as it contains fewer entries as compared to standard X.509 CRL and also arranges the revocation list in the form of Hash Table (Map) to increase the searching efficiency.

G Fairhurst, A Sathiaseelan, HS Cruickshank, C Baudoin (2009)Transport Challenges Facing a Next Generation Hybrid Satellite Internet, In: International Journal of Satellite Communications and Networking (IJSCN)

This paper considers the transport layer implications by assuming a position where satellite networks form one integrated component of a hybrid Internet architecture. It reviews the key role of transport protocols in providing a reliable and robust end-to-end Internet service. A history of TCP protocol evolution from a satellite perspective is followed by focussing on the role of protocol-enhancing proxies in satellite systems and how these have impacted the introduction of new Internet transport techniques. Current transport research issues are identified and related to two new architectural approaches to highlight the expected performance benefits and derive the implications on the design of geostationary satellite Internet systems as the network evolves toward a next-generation Internet.

M Al-Siyabi, H Cruickshank, Z Sun, G Ansa (2011)Fairness and satisfaction model for DTN applications using various transportation means, In: Lecture Notes in Computer Science: Wired/Wireless Internet Communications6649pp. 446-457

Delay Tolerant Network suffers from lack of resources and disconnected contact nature. In DTN, all possible methods are used to transmit data including the physical transportations means. Aircrafts in commercial routes have been proposed to carry data from ground users along their flying routes. Delivery probability is compared when using aircrafts, buses and ferries. Results show that aircrafts provide higher delivery probability which is up to 62% better compared with buses and ferries. Furthermore, when there is lack of resources, it is difficult to satisfy all users’ demands for traffic. We propose a Fairness and Satisfaction (FS) model to enhance the users’ satisfaction during DTN limited and scarce resources. Various scenarios are tested for the FS model through intense simulations. FS model, when implemented, will improve user’s satisfaction up to 18 % and DTN fairness up to 20 % compared with the same scenario lacking the model.

MHZ Sun, HS Cruickshank, Z Sun (2014)An Efficient, Scalable Key Transport Scheme (ESKTS) for Delay/Disruption Tolerant Networks, In: Wireless Networks20(6)pp. 1597-1609 Springer Verlag

In the past, security protocols including key transport protocols are designed with the assumption that there are two parties communication with each other and an adversary tries to intercept this communication. In Delay/Disruption Tolerant Networking (DTN), packet delivery relies on intermediate parties in the communication path to store and forward the packets. DTN security architecture requires that integrity and authentication should be verified at intermediate nodes as well as at end nodes and confidentiality should be maintained for end communicating parties. This requires new security protocols and key management to be defined for DTN as traditional end-to-end security protocols will not work with DTN. To contribute towards solving this problem, we propose a novel Efficient and Scalable Key Transport Scheme (ESKTS) to transport the symmetric key generated at a DTN node to other communicating body securely using public key cryptography and proxy signatures. It is unique effort to design a key transport protocol in compliance with DTN architecture. ESKTS ensures that integrity and authentication is achieved at hop-by-hop level as well as end-to-end level. It also ensures end-to-end confidentiality and freshness for end communicating parties. This scheme provides a secure symmetric key transport mechanism based on public key cryptography to exploit the unique bundle buffering characteristics of DTN to reduce communication and computation cost .

CPA Ogah, Haitham Cruickshank, Zhili Sun, Philip Asuquo, Ganesh Chandrasekaran, Y Cao, Masoud Al Tawqi (2016)Privacy-Enhanced Group Communication for Vehicular Delay Tolerant Networks, In: Proceedings of 2015 9th International Conference on Next Generation Mobile Applications, Services and Technologiespp. 193-198

Vehicular Delay Tolerant Networking (VDTN) is a special instance of Vehicular Ad hoc Networking (VANET) and in particular Delay Tolerant Networking (DTN) that utilizes infrastructure to enhance connectivity in challenged environments. While VANETs assume end-to-end connectivity, DTNs and VDTNs do not. Such networks are characterized by dynamic topology, partitioning due to lack of end-to-end connectivity, and opportunistic encounters between nodes. Notably, VDTNs enhances the capabilities DTNs to provide support for delay and intermittent connectivity. Hence, they can easily find applicability in the early stages of the deployment of vehicular networks characterized by low infrastructure deployment as is obtainable in rural areas and in military communications. Privacy implementation and evaluation is a major challenge in VDTNs. Group communication has become one of the well discussed means for achieving effective privacy and packet routing in ad hoc networks including VDTNs. However, most existing privacy schemes lack flexibility in terms of the dynamics of group formation and the level of privacy achievable. Again, it is difficult to evaluate privacy for sparse VDTNs for rural area and early stages of deployment. This paper reports on an improved privacy scheme based on group communication scheme in VDTNs. We analyze the performance of our model in terms of trade-off between privacy and performance based on delivery overhead and message delivery ratio using simulations. While this is a work in progress, we report that our scheme has considerable improvement compared to other similar schemes described in literature.

Zhili Sun, B Cheng, Haitham Cruickshank, Barry Evans (2000)BISANTE - Traffic evaluation tool for broadband satellite networks, In: COLLECTION OF THE 18TH AIAA INTERNATIONAL COMMUNICATIONS SATELLITE SYSTEMS CONFERENCE AND EXHIBIT, TECHNICAL PAPERS, VOLS 1 AND 2pp. 1090-1097
M Ali, L Liang, Z Sun, H Cruickshank (2009)Evaluation of SIP Signaling and QoS for VoIP over Satellite Networks, In: 2009 IEEE INTERNATIONAL CONFERENCE ON COMMUNICATIONS, VOLS 1-8pp. 5104-5108
M Asif, Zhili Sun, Haitham Cruickshank, N Ahmad (2011)QoS provisioning in contention aware MANETs using flow-aware admission control protocol, In: Proceedings of the IADIS International Conferences - Informatics 2011, Wireless Applications and Computing 2011, Telecommunications, Networks and Systems 2011, Part of the IADIS, MCCSIS 2011pp. 99-106

The popularity of MANET based applications is on the rise by the day and this includes the use of multimedia application over MANETs. The existing routing protocols provide best effort service, but do not provide any guarantee of Quality of Service (QoS) provisioning. Admission control based approach is desirable and plays a vital role in maintaining QoS for MANET-based applications. In this paper, we present a novel Flow-Aware Admission Control (FAAC) protocol that will maintain guaranteed throughput to the applications requiring QoS. FAAC protocol is designed to utilize the caching mechanism of the Dynamic Source Routing (DSR) protocol. It will be implemented in two stages: the first stage is searching the cache for untested paths from source to destinations and initiating the route search before checking the nodes resources. The second stage will include checking of local and carrier sensing neighbors' resources. The protocol is implemented using C++ within NS-2 simulation environment and validated to check the effect of newly admitting traffic over admitted data traffic. The newly arrival traffic was blocked when there is no enough network resources to support the existing and newly arrival traffic. © 2011 IADIS.

L Caviglione, N Celandroni, M Collina, Haitham Cruickshank, G Fairhurst, E Ferro, A Gotta, M Luglio, C Roseti, ASA Salam, R Secchi, Zhili Sun, A Vanelli-Coralli (2015)A deep analysis on future web technologies and protocols over broadband GEO satellite networks., In: Int. J. Satellite Communications Networking33(5)5pp. 451-472 Wiley

The goal of this work was to understand the direction of the emerging web technologies and to evaluate their expected impact on satellite networking. Different aspects have been analysed using both real satellite testbeds and emulation platforms in different test sites in Europe. This analysis included an evaluation of those HTTP/2.0 specifications, which were implemented and released as open-source code in the experimental release of the SPDY protocol. SPDY performance was evaluated over satellite testbeds in order to understand the expected interaction with performance-enhancing proxies (including scenarios with a SPDY proxy at a satellite gateway), the impact of security and the effect of satellite capacity allocation mechanisms. The analysis also considered the impact of application protocols and the delay induced by end-system networks, such as a satellite-connected WiFi network. Copyright © 2015 John Wiley & Sons, Ltd.

L Liang, S Iyengar, Haitham Cruickshank, Z Sun, C Kulatunga, G Fairhurst (2009)Security for FLUTE over Satellite Networks, In: 2009 WRI INTERNATIONAL CONFERENCE ON COMMUNICATIONS AND MOBILE COMPUTING: CMC 2009, VOL 3pp. 485-491
Y Cao, Zhili Sun, Ning Wang, Haitham Cruickshank, N Ahmad (2013)A reliable and efficient geographic routing scheme for delay/disruption tolerant networks, In: IEEE Wireless Communications Letters2(6)pp. 603-606

The research in this letter focuses on geographic routing in Delay/Disruption Tolerant Networks (DTNs), by considering sparse network density. We explore the Delegation Forwarding (DF) approach to overcome the limitation of the geometric metric which requires mobile node moving towards destination, with the Delegation Geographic Routing (DGR) proposed. Besides, we handle the local maximum problem of DGR, by considering nodal mobility and message lifetime. Analysis and evaluation results show that DGR overcomes the limitation of the algorithm based on the given geometric metric. By overcoming the limited routing decision and handling the local maximum problem, DGR is reliable for delivering messages before expiration lifetime. Meanwhile, the efficiency of DGR regarding low overhead ratio is contributed by utilizing DF. © 2013 IEEE.

Haitham Cruickshank, Michael Howarth, S Iyengar, Zhili Sun (2003)Key management and multi-layer IPSEC for satellite multicast
Haitham Cruickshank, Zhili Sun, BG Evans (2000)THESEUS approach to open stock exchange trading based on Pan-European broadband networks and satellite links, In: GLOBECOM '00: IEEE GLOBAL TELECOMMUNICATIONS CONFERENCE, VOLS 1- 3pp. 1349-1353
Xin Yang, Zhili Sun, Y Miao, Haitham Cruickshank (2016)QoS Routing for MANET and Satellite Hybrid Network to Support Disaster Relives and Management, In: Proceedings of the 2016 IEEE 83rd Vehicular Technology Conference (VTC Spring)

Communication technologies are very important for disaster management. Satellite network’s advantage of large coverage and Mobile Ad hoc Network’s (MANET) advantage of high flexibility could be ideal for disaster management. In this paper, the authors propose a novel scheme for providing reliable wireless communications in disaster sites with a hybrid network of terrestrial MANET and satellite network. In comparison with normal wireless routing approaches, i.e. AODV and AOMDV, the proposed scheme could achieve higher packet delivery ratio, higher throughput and lower delay; meanwhile it could also balance traffic loads at gateways to maximum satellite links’ utilization.

Lukman Audah, Zhili Sun, Haitham Cruickshank (2017)QoS based Admission Control using Multipath Scheduler for IP over Satellite Networks, In: International Journal of Electrical and Computer Engineering7(6)pp. 2958-2969 Institute of Advanced Engineering and Science

This paper presents a novel scheduling algorithm to support quality of service (QoS) for multiservice applications over integrated satellite and terrestrial networks using admission control system with multipath selection capabilities. The algorithm exploits the multipath routing paradigm over LEO and GEO satellites constellation in order to achieve optimum end-to-end QoS of the client-server Internet architecture for HTTP web service, file transfer, video streaming and VoIP applications. The proposed multipath scheduler over the satellite networks advocates load balancing technique based on optimum time-bandwidth in order to accommodate the burst of application traffics. The method tries to balance the bandwidth load and queue length on each link over satellite in order to fulfil the optimum QoS level for each traffic type. Each connection of a traffic type will be routed over a link with the least bandwidth load and queue length at current time in order to avoid congestion state. The multipath routing scheduling decision is based on per connection granularity so that packet reordering at the receiver side could be avoided. The performance evaluation of IP over satellites has been carried out using multiple connections, different file sizes and bit-error-rate (BER) variations to measure the packet delay, loss ratio and throughput.

Y Yang, Y Zhou, Zhili Sun, Haitham Cruickshank (2013)Heuristic scheduling algorithms for allocation of virtualized network and computing resources, In: Journal of Software Engineering and Applications6(1)pp. 1-13 Scientific Research Publishing

Cloud computing technology facilitates computing-intensive applications by providing virtualized resources which can be dynamically provisioned. However, user’s requests are varied according to different applications’ computation abil- ity needs. These applications can be presented as meta-job of user’s demand. The total processing time of these jobs may need data transmission time over the Internet as well as the completed time of jobs to execute on the virtual ma- chine must be taken into account. In this paper, we presented V-heuristics scheduling algorithm for allocation of virtu- alized network and computing resources under user’s constraint which applied into a service-oriented resource broker for jobs scheduling. This scheduling algorithm takes into account both data transmission time and computation time that related to virtualized network and virtual machine. The simulation results are compared with three different types of heuristic algorithms under conventional network or virtual network conditions such as MCT, Min-Min and Max-Min. e evaluate these algorithms within a simulated cloud environment via an abilene network topology which is real physical core network topology. These experimental results show that V-heuristic scheduling algorithm achieved significant performance gain for a variety of applications in terms of load balance, Makespan, average resource utilization and total processing time.

Philip Asuquo, Haitham Cruickshank, Zhili Sun, Ganesh Chandrasekaran (2016)Analysis of DoS Attacks in Delay Tolerant Networks for Emergency Evacuation., In: Proceedings of 2015 9th International Conference on Next Generation Mobile Applications, Services and Technologiespp. 228-233

In the event of a disaster, there is a severe damage/destruction to physical infrastructures such as telecommunication and power lines which result in the disruption of communication in this areas. For such scenarios, Delay Tolerant Network (DTN) provides an alternative means of communication. In Delay Tolerant Networks (DTNs), a message from a source node may be delivered to the destination node despite the non-existence of an infrastructure and an end-to-end connectivity. However DTNs are susceptible to security threats such as DoS attacks targeted at disrupting relayed packets or dropping critical packets during a disaster rescue operation. DoS attacks consist of blackhole, grayhole, wormhole, packet flooding attacks etc. The scope of this paper is to study the impacts of blackhole and packet flooding attacks in a post disaster communication network using DTN. Various performance metrics in DTN have been used to study the impacts of different DoS attacks in DTN and a comprehensive analysis is presented.

M Ali, L Liang, Zhili Sun, Haitham Cruickshank, P Thompson, T Bouquentar, N Alagha (2010)End-to-end QoS Measurement over a DVB-RCS Satellite Network, In: Personal Satellite Services43pp. 130-144

Satellites play an important role in the future network due to their wide area coverage and for providing connectivity in remote regions of the world. This paper presents the end-to-end quality of service (QoS) measurements taken employing a European Space Agency (ESA) testbed over DVB-RCS infrastructure, in collaboration with University of Surrey, UK. The applications chosen for these experiments are file transfer (FTP), web browsing (HTTP) and video streaming. File transfer and web browsing require reliable transport mechanism as a corrupted bit will hinder the intact data delivery. Therefore, these applications use transmission control protocol (TCP) as the transport protocol. TCP involves a three way handshake, which introduces extra delay during data transfer. Video streaming is a real time application. It is time-sensitive and requires lesser reliability compared to FTP and Web services. Hence, it employs user datagram protocol (UDP) at the transport layer, which do not offer any guarantee of reliable data delivery but timely. The parameters that have been used to evaluate quality of service (QoS) are packet delivery time, file download time, round trip delay, packet sizes and packet loss. The paper presented measurement results and comparative analysis of the QoS of the applications over the DVB-RCS testbed.

Haitham Cruickshank, A Sanchez, Z Sun, B Carro (2001)Voice over IP over satellite links, In: ICECS 2001: 8TH IEEE INTERNATIONAL CONFERENCE ON ELECTRONICS, CIRCUITS AND SYSTEMS, VOLS I-III, CONFERENCE PROCEEDINGSpp. 473-476
Haitham Cruickshank, S Iyengar, L Fan, Z Sun, JA Guerra, M Mezzalla (2007)Secure composite satellite IP multicast architecture for heterogeneous groups, In: 2007 PROCEEDINGS OF THE 16TH IST MOBILE AND WIRELESS COMMUNICATIONS, VOLS 1-3pp. 494-498
WHD Ng, MP Howarth, Zhili Sun, Haitham Cruickshank (2007)Dynamic balanced key tree management for secure multicast communications, In: IEEE Transactions on Computers56(5)pp. 590-605
Zhili Sun, Yichao Yang, Yanbao Zhou, Haitham Cruickshank (2016)Agent-Based Resource Management for Mobile Cloud, In: Web-Based Services: Concepts, Methodologies, Tools, and Applicationspp. 290-306 IGI Global

Mobile cloud computing is a new computing paradigm to integrate cloud computing technology into the mobile environment. It takes full advantages of cloud computing with great potential to transform a large part of the IT industry. The objectives of mobile cloud computing are to meet user demand, efficiently utilize a pool of resources, including mobile network, storage, and computation resources, and optimize energy on mobile devices. Here, the authors review the current mobile cloud computing technologies, highlight the main issues and challenges for the future development, and focus on resource management. Then, combining the current agent architectures and resource optimization strategies, they present an agent-based resource management to deal with multiple data and computation intensive applications of user demand. The chapter offers a promising solution of selecting the best service provider and efficiently utilizing mobile network resources given the user's request constraint.

G Ansa, HS Cruickshank, Z Sun, M Al-Siyabi (2011)A DOS-resilient design for delay tolerant networks., In: IWCMCpp. 424-429
V Heydari Fami Tafreshi, E Ghazisaeedi, Haitham Cruickshank, Zhili Sun (2014)Integrating IPsec within OpenFlow Architecture for Secure Group Communication, In: ZTE CommunicationsVol. 1(No. 2)pp. 41-49 ZTE Corporation

Network security protocols such as IPsec have been used for many years to ensure robust end⁃to⁃end communication and are impor⁃ tant in the context of SDN. Despite the widespread installation of IPsec to date, per⁃packet protection offered by the protocol is not very compatible with OpenFlow and flow⁃like behavior. OpenFlow architecture cannot aggregate IPsec⁃ESP flows in transport mode or tunnel mode because layer⁃3 information is encrypted and therefore unreadable. In this paper, we propose using the Secu⁃ rity Parameter Index (SPI) of IPsec within the OpenFlow architecture to identify and direct IPsec flows. This enables IPsec to con⁃ form to the packet⁃based behavior of OpenFlow architecture. In addition, by distinguishing between IPsec flows, the architecture is particularly suited to secure group communication.

Philip Asuquo, Haitham Cruickshank, Chibueze Pascal Anyigor Ogah, Ao Lei, Zhili Sun (2016)A collaborative trust management scheme for emergency communication using delay tolerant networks, In: Proceedings of the 8th Advanced Satellite Multimedia Systems Conference and the 14th Signal Processing for Space Communications Workshop (ASMS/SPSC), 2016

Delay Tolerant Network (DTN) comprises of nodes with small and limited resources including power and memory capacity. We propose the use of DTN as an alternate means of communication for the dissemination of emergency information in a post-disaster evacuation operation. We investigate the performance of DTN in providing emergency communication support services under packet dropping attacks. We consider internally motivated attacks where the nodes that are part of the emergency rescue team are compromised with malicious behaviours thereby dropping packets to disrupt the message dissemination during the evacuation operation. A way to mitigating malicious behaviour and improve network performance of DTN is to use incentives in exchanging information between nodes. Unlike existing schemes, we consider the Basic Watchdog Detection System which detects and acts against misbehaving nodes to reduce their overall impact on the network performance. We design a Collaborative Trust Management Scheme (CTMS) which is based on the Bayesian detection watchdog approach to detect selfish and malicious behaviour in DTN nodes. We have evaluated our proposed CTMS through extensive simulations and compared our results with the other existing schemes. Our evaluations show that the use of adequate collaborative strategies between well behaved nodes could improve the performance of Watchdog schemes taking into account the delivery ratio, routing cost and the message delay from the source node to the destination node.

Y Miao, Zhili Sun, Ning Wang, Y Cao, Haitham Cruickshank (2016)Time Efficient Data Collection with Mobile Sink and vMIMO Technique in Wireless Sensor Networks, In: IEEE Systems Journal12(1)pp. 639-647 IEEE

Data collection is a fundamental yet challenging task of Wireless Sensor Networks (WSN) to support a variety of applications, due to the inherent distinguish characteristics for sensor networks, such as limited energy supply, self-organizing deployment and QoS requirements for different applications. Mobile sink and virtual MIMO (vMIMO) techniques can be jointly considered to achieve both time efficient and energy efficient for data collection. In this paper, we aim to minimize the overall data collection latency including both sink moving time and sensor data uploading time. We formulate the problem and propose a multihop weighted revenue (MWR) algorithm to approximate the optimal solution. To achieve the trade-off between full utilization of concurrent uploading of vMIMO and the shortest moving tour of mobile sink, the proposed algorithm combines the amount of concurrent uploaded data, the number of neighbours, and the moving tour length of sink in one metric for polling point selection. The simulation results show that the proposed MWR effectively reduces total data collection latency in different network scenarios with less overall network energy consumption.

Michael Howarth, S Iyengar, Zhili Sun, Haitham Cruickshank (2004)Dynamics of key management in secure satellite multicast, In: IEEE JOURNAL ON SELECTED AREAS IN COMMUNICATIONS22(2)pp. 308-319 IEEE

Security is an important concern in today's information age and particularly so in satellite systems, where eavesdropping can be easily performed. This paper addresses efficient key management for encrypted multicast traffic transmitted via satellite. We consider the topic of encrypting traffic in large multicast groups, where the group size and dynamics have a significant impact on the network load. We consider life cycle key management costs of a multicast connection, and show for a logical key hierarchy (LKH) how member preregistration and periodic admission reduces the initialization cost, and how the optimum outdegree of a hierarchical tree varies with the expected member volatility and rekey factor. This improves network utilization, but encryption at the network layer can pose problems on satellite links. We, therefore, propose and analyze an interworking solution between multilayer Internet protocol security (IPSEC) and LKH that also reduces key management traffic while enabling interworking with performance enhancing modules used on satellite links.

Y Sheng, HS Cruickshank, M Moseley, J Ashworth (2013)Security Architecture for Satellite Services over Cryptographically Heterogeneous Networks, In: PERSONAL SATELLITE SERVICES, PSATS 2013123pp. 102-114

This paper presents the QoS performance evaluation studies of IP over integrated terrestrial and Next Generation Satellite Network (NGSN) for HTTP web, file transfer, video streaming and VoIP applications. We compare the QoS parameters (e.g. delay, loss ratio and throughput) of the multiservice applications over Ka-Sat like satellite and the ITU-R standard Hypothetical Reference Digital Path (HRDP). We model the multiservice applications with multiple connections, different files sizes and connection durations variations. We simulate the network scenario with error model for the transmission loss environment using NS-2. A Differentiated Services (Diffserv) queue interface is used in the terrestrial network to regulate and differentiate the traffic flows while a priority queue is used as the satellite on-board-processing unit (OBP). The results showed a better top-down comparison of the QoS parameters involved in each application service across GEO satellite and the standard terrestrial digital data link.

Haitham Cruickshank, S Iyengar, L Fan, Zhili Sun, RJ Mort, M Mezzalla (2008)Secure multicast in the broadband satellite multimedia networks, In: IP NETWORKING OVER NEXT-GENERATION SATELLITE SYSTEMSpp. 329-369
Z Sun, HS Cruickshank (2015)Guest Editorial: Security, privacy and trust in future networks and mobile computing., In: J. Inf. Sec. Appl.20(C)pp. 1-2 Journal of Information Security and Applications

With the boom of Internet, IP-based applications such as WWW and multimedia have become an essential part of our everyday life, and there is an ever-increasing demand for accessing high-speed Internet services anywhere, anytime and all the times. This trend unavoidably has huge impacts on the design of the next-generation future networks. However, security, privacy and trust systems can be obstacles in the presence of a global and heterogeneous future networks.

M Al-Siyabi, HS Cruickshank, Z Sun (2011)DTN QoS metrics and fair resources management model., In: CCECEpp. 704-707
L Fan, C Baudoin, F Rodriguez, A Ramos, JA Guerra, B de la Cuesta, G Fairhurst, A Sathiaseelan, P Berthou, T Gayraud, L Liang, A Yun, E Callejo, I Melhus, S Iyengar, Haitham Cruickshank, Z Sun (2008)SATSIX: A network architecture for next-generation DVB-RCS systems, In: IP NETWORKING OVER NEXT-GENERATION SATELLITE SYSTEMSpp. 103-125
L Liang, H Cruickshank, Z Sun, C Kulatunga, G Fairhurst (2008)TESLA with FLUTE over satellite networks, In: 2008 IEEE INTERNATIONAL CONFERENCE ON COMMUNICATIONS, PROCEEDINGS, VOLS 1-13pp. 1915-1919
M Alshamrani, HS Cruickshank, Z Sun (2014)A Cross-Layer Approach to Enhance the Call Setup Performance of SIP-Based VoIP over AODV MANET., In: Eighth International Conference on Next Generation Mobile Apps, Services and Technologies (NGMAST), 2014pp. 241-247 IEEE

The implementation of SIP signaling over MANET is still a challenging issue, as many routing factors affect SIP performance. Node mobility and dynamic hop number changes between nodes are considered the main routing problems within MANET routing protocols. RFC 6076 proposed end-to-end performance metrics for SIP signaling to provide a standardized method of evaluating SIP performance over different platforms, however, no benchmarking values for these metrics have been proposed yet. In this paper, a cross-layer system designed to enhance the call setup performance of SIP-based VoIP over AODV-based MANET is proposed. The approach used is to employ the SIP performance metric to enhance the call setup time by adjusting the Time-To-Live (TTL) parameter and the Route Request (RREQ) message retries for the AODV route request messages to support the reach ability ratio of SIP INVITE and re-INVITE messages to reduce the call setup time of SIP-based VoIP. The study investigated the Session Request Delay performance metric of SIP signaling as part of the SIP over MANET simulation efforts. Both the call setup time and the number of SIP calls over random waypoint mobility models were enhanced by applying instantaneous modifications to the TTL parameter and RREQ retries, increasing the delivery ratio of route discovery messages to about 35-40% compared with the classic AODV routing protocol.

Haitham Cruickshank, Zhili Sun, S Velentzas (1997)Securing user, control and management planes in ATM networks, In: NETWORKS: THE NEXT MILLENNINUM - THE IEEE SINGAPORE INTERNATIONAL CONFERENCE ON NETWORKS 1997, IEEE SICON'97pp. 101-115
Zhili Sun, Haitham Cruickshank, S Iyengar, Michael Howarth, L Claverotte, J de la Plaza (2002)IP multicast over satellites - technology challenges
S Iyengar, Haitham Cruickshank, L Duquerroy, Zhili Sun, C Baudoin (2008)ULE link layer security for DVB networks, In: IP NETWORKING OVER NEXT-GENERATION SATELLITE SYSTEMSpp. 287-308
M Al-Fares, Zhili Sun, Haitham Cruickshank (2009)High Survivable Routing Protocol in Self Organizing Wireless Sensor Network, In: IAENG International Journal of Computer Science36(2)pp. 147-156 International Association of Engineers

Wireless Sensor Network (WSN) is one of the major research areas in computer network field today. The function of WSN in this paper is to provide sensing services in an un-attended harsh environment. Sensed data need to be delivered to the base station and to cope with the network unreliability problem. Few routing protocol takes into consideration of this problem. It is a great challenge of the hierarchical routing protocol to provide network survivability through redundancy features. In this paper, a short literature review of the existing routing protocol is carried out. Then a novel hierarchical routing protocol, which addresses network survivability and redundancy issues, is introduced. Initial analysis shows promising results of the proposed protocol comparing with LEACH, which is a well known protocol as benchmark. Finally, conclusion was drawn based on the research and future direction for further research is identified.

MNM Bhutta, L Liang, Haitham Cruickshank, Zhili Sun, G Fairhurst, C Kulatunga (2009)Integration of TESLA and FLUTE over satellite networks, In: International Workshop on Satellite and Space Communications, 2009. IWSSC 2009.pp. 135-139

Multicast research has explored the security challenges faced in group communications. Multicast transport and multicast security need to work in close collaboration to realise a multicast service. However, there has been comparatively little work to combine the two technologies. In this paper the authors is presenting an example of partially integrating timed efficient stream loss-tolerant authentication (TESLA) protocol and the file delivery over unidirectional transport (FLUTE) protocol. The security concern raised by the proposed algorithm is analysed for satellite network. The proposed algorithm was implemented on a testbed with multicast tunnel between University of Surrey and University of Aberdeen and the results are presented in this paper.

Y Cao, Zhili Sun, Ning Wang, Maryam Riaz, Haitham Cruickshank, X Liu (2015)Geographic-Based Spray-and-Relay (GSaR): An efficient routing scheme for DTNs, In: IEEE Transactions on Vehicular Technology64(4)pp. 1548-1564 IEEE

In this paper, we design and evaluate the proposed geographic-based spray-and-relay (GSaR) routing scheme in delay/disruption-tolerant networks. To the best of our knowledge, GSaR is the first spray-based geographic routing scheme using historical geographic information for making a routing decision. Here, the term spray means that only a limited number of message copies are allowed for replication in the network. By estimating a movement range of destination via the historical geographic information, GSaR expedites the message being sprayed toward this range, meanwhile prevents that away from and postpones that out of this range. As such, the combination of them intends to fast and efficiently spray the limited number of message copies toward this range and effectively spray them within range, to reduce the delivery delay and increase the delivery ratio. Furthermore, GSaR exploits delegation forwarding to enhance the reliability of the routing decision and handle the local maximum problem, which is considered to be the challenges for applying the geographic routing scheme in sparse networks. We evaluate GSaR under three city scenarios abstracted from real world, with other routing schemes for comparison. Results show that GSaR is reliable for delivering messages before the expiration deadline and efficient for achieving low routing overhead ratio. Further observation indicates that GSaR is also efficient in terms of a low and fair energy consumption over the nodes in the network.

Haitham Cruickshank, Z Sun (2009)IWSSC 2009 welcome message from the technical program chairs, In: Proceedings of the 2009 6th International Symposium on Wireless Communication Systems, ISWCS'09pp. 40-?
Z Luo, Z Sun, Haitham Cruickshank (2007)On-board link layer relay mechanism to enhance TCP in satellite IP networks, In: 2007 16th IST Mobile and Wireless Communications Summit

Transmission Control Protocol (TCP) over satellite IP networks has attracted many researchers' interests for many years because the TCP performance degrades considerably due to the high propagation delay and high bit error rates in satellite links. Many proposals have been produced to enhance TCP performance in satellite IP networks, which are mostly involved of modifying system's architecture or TCP protocol stack. In this paper, we propose a novel on-board link layer relay mechanism. We use both analytical and simulation means to compare the traditional bent-pipe scenario and our on-board link layer relay mechanism. The numerical and simulation results indicate that the TCP performance can be enhanced substantially by employing our on-board link layer relay mechanism.

Y Cao, Ning Wang, Zhili Sun, Haitham Cruickshank (2015)A Reliable and Efficient Encounter-Based Routing Framework for Delay/Disruption Tolerant Networks, In: IEEE SENSORS JOURNAL15(7)pp. 4004-4018 IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC

This paper addresses delay/disruption tolerant networking routing under a highly dynamic scenario, envisioned for communication in vehicular sensor networks (VSNs) suffering from intermittent connection. Here, we focus on the design of a high-level routing framework, rather than the dedicated encounter prediction. Based on an analyzed utility metric to predict nodal encounter, our proposed routing framework considers the following three cases. First, messages are efficiently replicated to a better qualified candidate node, based on the analyzed utility metric related to destination. Second, messages are conditionally replicated if the node with a better utility metric has not been met. Third, messages are probabilistically replicated if the information in relation to destination is unavailable in the worst case. With this framework in mind, we propose two routing schemes covering two major technique branches in literature, namely: 1) encounter-based replication routing and 2) encounter-based spraying routing. Results under the scenario applicable to VSNs show that, in addition to achieving high delivery ratio for reliability, our schemes are more efficient in terms of a lower overhead ratio. Our core investigation indicates that apart from what information to use for encounter prediction, how to deliver messages based on the given utility metric is also important.

Zhili Sun, M Ali, L Liang, Haitham Cruickshank (2011)Optimization of SIP Session Setup for VoIP over DVB-RCS Satellite Networks, In: International Journal of Satellite Communications Policy and Management1(1)pp. 55-76 Inderscience

With the proliferation of the internet, voice over IP has penetrated in both terrestrial and satellite networks. One of the popular protocols responsible for its widespread usage is SIP. SIP is the signalling protocol responsible for the session establishment and termination. By default, it uses UDP as the transport layer protocol. As UDP is an unreliable protocol, the retransmission of the SIP messages is managed by the application layer, using exponential backoff algorithm. In this paper, this retransmission algorithm is studied in satellite environment. Based on the shortcomings of this algorithm, a new algorithm is proposed. The performance of the new algorithm is tested and evaluated on the satellite network testbed at Centre for Communication Systems Research (CCSR), University of Surrey. The results show that the performance of the new algorithm is better than the basic one, in terms of number of retransmissions of SIP messages and their bandwidth consumption, in addition to reduction in call setup time.

MNM Bhutta, H Cruickshank, M Moseley, J Ashworth (2017)A New Dynamic Multilayer IPSec Protocol”, PSATS 2012, March 2012, In: 4th International ICST Conference on Personal Satellite Services
Haitham Cruickshank, Zhili Sun, Z Fan (2001)Universal serial bus implementation in an integrated access chip for ISDN systems, In: IEE PROCEEDINGS-COMMUNICATIONS148(4)pp. 207-211 IEE-INST ELEC ENG
Z Luo, Z Sun, Haitham Cruickshank (2007)TCP throughput enhancement via link layer relay in multi-hop satellite IP networks, In: 2007 INTERNATIONAL WORKSHOP ON SATELLITE AND SPACE COMMUNICATIONS, IWSSC '07, CONFERENCE PROCEEDINGSpp. 104-108
L Audah, Zhili Sun, Haitham Cruickshank (2012)QoS simulation and analysis of HTTP over LEO satellite constellation, In: Journal of Communications and Networking

In this paper, we present an end-to-end QoS simulation studies on internetworking of remote LAN and long range communications over LEO-Iridium satellites constellation taking SuperJARING network in Malaysia as an example. A macro level network simulation scenario based on actual network topology in Malaysia is implemented as Diffserv network model using the network simulator-2 (NS-2). Web traffic (HTTP) is used as the internet traffic models in the simulation analysis. All simulations are carried out in error-free and link-loss environment. In error-free simulations, the accumulative network traffic loads are varied from 20%, 50% and 80% while in linkloss environment simulations only 20% traffic load is used with bit error rate (BER) varied from 1x10-5, 1x10-4 and 2x10-4. We compare the empirical TCP throughput traces with analytical model for validation. The results show clearly that QoS can be achieved with IP Diffserv over satellites constellation like Iridium.

Haitham Cruickshank, Z Sun (2009)Welcome message from the Technical Program Chairs, In: IWSSC'09 - 2009 International Workshop on Satellite and Space Communications - Conference Proceedings
Michael Howarth, S Iyengar, Zhili Sun, Haitham Cruickshank (2004)Dynamics of key management in secure satellite multicast, In: IEEE JOURNAL ON SELECTED AREAS IN COMMUNICATIONS22(2)pp. 308-319 IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC, 445 HOES LANE, PISCATAWAY, NJ 08855 USA

Security is an important concern in today's information age and particularly so in satellite systems, where eavesdropping can be easily performed. This paper addresses efficient key management for encrypted multicast traffic transmitted via satellite. We consider the topic of encrypting traffic in large multicast groups, where the group size and dynamics have a significant impact on the network load. We consider life cycle key management costs of a multicast connection, and show for a logical key hierarchy (LKH) how member preregistration and periodic admission reduces the initialization cost, and how the optimum outdegree of a hierarchical tree varies with the expected member volatility and rekey factor. This improves network utilization, but encryption at the network layer can pose problems on satellite links. We, therefore, propose and analyze an interworking solution between multilayer Internet protocol security (IPSEC) and LKH that also reduces key management traffic while enabling interworking with performance enhancing modules used on satellite links.

L Ao, C Ogah, Philip Asuquo, Haitham Cruickshank, Zhili Sun (2016)A Secure Key Management Scheme for Heterogeneous Secure Vehicular Communication Systems, In: ZTE Communications14(S0)pp. 21-31 ZTE Corporation

Abstract Intelligent transportation system (ITS) is proposed as the most effective way to improve road safety and traffic efficiency. However, the future of ITS for large scale transportation infrastructures deployment highly depends on the security level of vehicular communication systems (VCS). Therefore, security key management schemes are considered as a critical research topic for network security. In this paper, we propose a framework for providing secure key management within heterogeneous network. The security managers (SMs ) Play a key role in the framework by retrieving the vehicle departure information, encapsulating block to transport keys and then executing rekeying to vehicles within the same security domain. The first part of this framework is a novel Group Key Management (GKM) scheme basing on (LP) of vehicles to depart current VCS region. Vehicle's LP factor is introduced into GKM scheme to achieve a more efficient rekeying scheme and less rekeying costs. The second component of the framework using the blockchain concept to simplify the distributed key management in Heterogeneous VCS domains. Extensive simulations and analysis are provided to show the effectiveness and efficiency of the proposed framework: Our GKM results demonstrate that probability-based BR reduces rekeying cost compared to the benchmark scheme, while the blockchain decreases the time cost of key transmission over heterogeneous networks.

Y Cao, Zhili Sun, Ning Wang, F Yao, Haitham Cruickshank (2013)Converge-and-diverge: A geographic routing for delay/disruption-tolerant networks using a delegation replication approach, In: IEEE Transactions on Vehicular Technology62(5)pp. 2339-2343

Routing in delay/disruption-tolerant networks (DTNs) is without the assumption of contemporaneous end-to-end connectivity to relay messages. Geographic routing is an alternative approach using real-time geographic information instead of network topology information. However, if considering the mobility of destination, its real-time geographic information is often unavailable due to sparse network density in DTNs. Using historical geographic information to overcome this problem, we propose the converge-and-diverge (CaD) by combining two routing phases that depend on the proximity to the movement range estimated for destination. The key insight is to promote message replication converging to the edge of this range and diverging to the entire area of this range to achieve fast delivery, given limited message lifetime. Furthermore, the concept of delegation replication (DR) is explored to overcome the limitation of routing decisions and the local maximum problem. Evaluation results under the Helsinki city scenario show an improvement of CaD in terms of delivery ratio, average delivery latency, and overhead ratio. Since geographic routing in DTNs has not received much attention, apart from the design of CaD, our novelty also focuses on exploring DR to overcome the limitation of routing decision and the local maximum problem, in addition to enhancing efficiency, as DR originally intended. © 1967-2012 IEEE.

Michael Howarth, S Iyengar, Haitham Cruickshank, Zhili Sun (2002)Security systems for multicast data transfer over satellite
VHF Tafreshi, Haitham Cruickshank, Zhili Sun (2014)Architecture for satellite services over cryptographically heterogeneous networks with application into smart grid, In: Proceedings of the 2014 7th Advanced Satellite Multimedia Systems Conference and the 13th Signal Processing for Space Communications Workshop (ASMS/SPSC)pp. 411-418

The rapid growth in the demand for Future Internet services with many emerging group applications has driven the development of satellite, which is the preferred delivery mechanism due to its wide area coverage, multicasting capability and speed to deliver affordable future services. Nevertheless, security has been one of the obstacles for both satellite services as well as smart grid group applications, especially with logical/geographical/cryptographic domains spanning heterogeneous networks and regions. In this paper, adaptive security architecture is implemented to protect satellite services for smart grid group applications. The focus is on key management and policy provisioning. Leveraging Group Domain of Interpretation (GDOI) as the standard for smart grid centralized key/policy management architecture, a single Domain of Interpretation (DOI) is deployed and evaluated critically in terms of the added protocol signaling overhead on the satellite system for a fixed-network scenario. This also partially realizes the growing trend towards the use of TCP/IP technology for smart grid applications.

Y Cao, Z Sun, N Ahmad, H Cruickshank (2012)A Mobility Vector Based Routing Algorithm for Delay Tolerant Networks Using History Geographic Information, In: 2012 IEEE WIRELESS COMMUNICATIONS AND NETWORKING CONFERENCE (WCNC)
L Wood, Haitham Cruickshank, Zhili Sun (2017)Supporting group applications via satellite constellations with multicast, In: IEE Conference Publication no.I 451pp. 190-194

Here, the networking aspects of the broadband satellite constellations are discussed, and the suitability of the constellations for multicast is assessed.

Satellites had been successful in the past due to their wide area coverage and speedy deployment of new services especially in remote regions of Europe and the rest of the world. The future development of broadband satellite systems providing services based on the Internet Protocol (IP) needs to be stimulated by means of common standards. This paper presents the ETSI BSM PEP architecture which includes the satellite terminal and gateway protocol stacks and security configurations for successful PEP implementations

M Noisternig, B Collini-Nocker, P Pillai, L Liang, HS Cruickshank (2009)Transmitter and Receiver Processing Specification for a Unified ULE Security Extensionpp. 115-119

The Unidirectional Lightweight Encapsulation (ULE) protocol has been defined for efficient transport of IPv4/6 and other protocols over the MPEG-2 Transport Stream (TS). The proliferation of this technology on the mass market may benefit from a security solution protecting against potential threats such as eavesdropping, as well as masquerading, modification of messages, and replay attacks, similar to 802.11 security. A unified ULE security extension header format has been proposed previously by the authors. This paper discusses in detail the processing required for transmitters and receivers supporting this security extension for ULE.

LM Audah, Z Sun, HS Cruickshank (2011)QoS Evaluation of HTTP over Satellites., In: CyberCpp. 177-182
MS Al-Fares, Zhili Sun, Haitham Cruickshank (2009)A hierarchical routing protocol for survivability in wireless sensor network (WSN), In: Proceedings of the International MultiConference of Engineers and Computer Scientists 2009 Vol Ipp. 262-268

Wireless Sensor Network (WSN) is one of the major research areas in computer network field today. The function of WSN in this paper is to provide sensing services in an un-attended harsh environment. Sensed data need to be delivered to the sink and to cope with the network unreliability problem. Few routing protocol takes into consideration of this problem. It is a great challenge of the hierarchical routing protocol to provide network survivability and redundancy features. In this paper, a short literature review of the existing routing protocol is carried out. Then a novel hierarchical routing protocol, which addresses network survivability and redundancy issues, is introduced. Initial analysis shows promising results of the proposed protocol over LEACH. Finally, conclusion was drawn based on the research and future direction for further research is identified.

WHD Ng, Haitham Cruickshank, Zhili Sun (2006)Scalable balanced batch rekeying for secure group communication, In: COMPUTERS & SECURITY25(4)pp. 265-273 ELSEVIER ADVANCED TECHNOLOGY, OXFORD FULFILLMENT CENTRE THE BOULEVARD, LANGFORD LANE, KIDLINGTON, OXFORD OX5 1GB, OXON, ENGLAND

Secure group communication is important for applications such as pay-per-view. Other authors have proposed the key tree approach to distribute a shared group key in a way such that the rekeying cost scales linearly with the logarithm of the group size for a join or depart request. The efficiency of the key tree approach depends critically on whether the key tree remains balanced. Periodic rebalancing can be used to balance the key tree whenever it becomes unbalanced but this adds extra costs to the network. In this paper, we present two Merging Algorithms suitable for batch join events. As the multicast session consists of other events as well, we then show how we can extend our algorithms into existing work to minimise the maximum difference in height without adding extra network costs. Simulation results show our Merging Algorithms not only balance the key tree but their rekeying costs are lower compared to existing algorithms. (C) 2006 Elsevier Ltd. All rights reserved.

Michael Howarth, Haitham Cruickshank, Zhili Sun (2001)Unicast and multicast IP error performance over an ATM satellite link, In: IEEE COMMUNICATIONS LETTERS5(8)pp. 340-342 IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC
M Alshamrani, Haitham Cruickshank, Zhili Sun (2015)SIP Signaling and QoS for ROHC Based Next Generation MANETs Reactive Routing Protocols, In: Proceedings of the 8th EUROSIM Congress on Modelling and Simulation (EUROSIM 2013)pp. 591-599

In this paper, an evaluation of SIP signaling and voice QoS for SIP based VoIP using GSM voice codec system over IPv6 MANETs with Static, and Random mobility models. This evaluation study considered two types of reactive routing protocols, AODV and DSR. The study examined IPv4, IPv6, and Robust Header Compression (ROHC) as a compression/decompression system for IPv6 headers. The evaluation results show that SIP signaling and VoIP traffic are acting poorly over IPv6 even when applying ROHC. In general, AODV has low performance over different types of Random mobility models for MANET nodes, while DSR shows better performance with Static mobility models and bad performance with Random mobility models. When using ROHC for TCP traffic, a level of enhanced performance had shown for SIP based VoIP calls over IPv6 MANET. However ROHC still has longer delays and poor performance compared with SIP based VoIP over IPv4 MANET. Therefore, the SIP signaling for IPv6 MANET reactive protocols require further enhancements for SIP/TCP registration and retransmission timers to be able to employ the capabilities of IPv6 and ROHC system for SIP based VoIP and real-time applications over MANET.

M Annoni, G Boiero, N Salis, Haitham Cruickshank, Michael Howarth, Zhili Sun (2002)Interworking between multi-layer IPSEC and secure multicast services over GEO satellites
S Kittiperachol, Zhili Sun, Haitham Cruickshank (2008)Evaluation of TCP variants and bandwidth on demand over next generation satellite network, In: 2008 International Workshop on Satellite and Space Communications, IWSSC'08, Conference Proceedingspp. 3-7 IEEE

The Internet has become an important part of day to day activities. There is hardly a day without using Internet, such as reading Emails and articles as well as enjoying music and video. Thus, it is very important for the Internet to be provided to anyone anywhere. Terrestrial network has been the underlying infrastructure for the Internet. However, terrestrial network by itself cannot always satisfy all of the growing demands for the Internet, particularly in the remote areas. Thus, the deployment of the Next Generation Satellite Network (NGSN) is needed to fill in the gap and break the digital divide. This paper evaluates how the performances of TCP over NGSN with dynamic bandwidth allocation mechanism. The TCP used in this work is a real-world TCP based on both Linux and Window Vista implementations which have been integrated into a network simulator, INET. The study reveals that the TCP performances in terms of utilization and robustness, friendliness and fairness, and user's perceived Quality of Service are clearly affected by the dynamic bandwidth allocation mechanism. ©2008 IEEE.

A Leung, Y Sheng, HS Cruickshank (2007)The security challenges for mobile ubiquitous services., In: Inf. Sec. Techn. Report123pp. 162-171
Y Cao, Haitham Cruickshank, Zhili Sun (2011)Asymmetric spray and multi-forwarding for delay tolerant networks, In: Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering: Personal Satellite Services71(6)pp. 199-212

The framework of Delay Tolerant Networks (DTNs) has received an extensive attention from academic community because of its application ranging from Wireless Sensor Networks (WSNs) to interplanetary networks. It has a promising future in military affairs, scientific research and exploration. Due to the characteristic of long delay, intermittent connectivity and limited network resource, the traditional routing algorithms do not perform well in DTNs. In this paper, our proposed algorithm is based on an asymmetric spray mechanism combining with the concept of message classes. For each message class, a corresponding forwarding queue is designed and these queues are scheduled according to their priorities. Together with other designed assistant functions, our proposed algorithm outperforms other state of the art algorithms in terms of delivery ratio, overhead ratio, average latency as well as energy consumption.

S Kittiperachol, Zhili Sun, Haitham Cruickshank (2008)Performance evaluation of on-board QoS support for multiservice applications on the integrated Next Generation Satellite-terrestrial network, In: 2008 4th Advanced Satellite Mobile Systems - Proceedings, ASMS 2008pp. 311-316

Next Generation Satellite Network (NGSN) possesses unique characteristics; large coverage area, quick deployment, native broadcasting/multicasting capability, multiple spotbeams, high bandwidth and on-broad processor (OBP). These features enable NGSN to play an important role in providing ubiquitous global Next Generation Internet (NGI). The original Internet is restricted mainly to terrestrial network and supports only best effort service. NGI is to support multiservice applications with service differentiation and extending Internet access beyond the reach of terrestrial network. Based on the integrated satelliteterrestrial network, a main infrastructure for global ubiquitous Internet is envisaged and Internet applications can be accessed anywhere anytime. However, one of the key successes depends mainly on the capabilities of the satellite OBP. Without it, the preservation of end-to-end (e2e) service differentiation has to be dealt with at ground hub stations, thus increasing e2e delay. This paper studies the impacts of different on-board queueing schemes on the quality of multiservice applications on NGI and suggests that the quality of multiservice applications is generally enhanced if the on-board service differentiation is supported. © 2008 IEEE.

S Kittiperachol, Zhili Sun, Haitham Cruickshank (2009)Integration of Linux TCP and Simulation: Verification, Validation and Application, In: Journal of Networks49pp. 819-836 ACADEMY PUBLISHER

Network simulator has been acknowledged as one of the most flexible means in studying and developing protocol as it allows virtually endless numbers of simulated network environments to be setup and protocol of interest to be fine-tuned without requiring any real-world complicated and costly network experiment. However, depending on researchers, the same protocol of interest can be developed in different ways and different implementations may yield the outcomes that do not accurately capture the dynamics of the real protocol. In the last decade, TCP, the protocol on which the Internet is based, has been extensively studied in order to study and reevaluate its performance particularly when TCP based applications and services are deployed in an emerging Next Generation Network (NGN) and Next Generation Internet (NGI). As a result, to understand the realistic interaction of TCP with new types of networks and technologies, a combination of a real-world TCP and a network simulator seems very essential. This work presents an integration of real-world TCP implementation of Linux TCP/IP network stack into a network simulator, called INET. Moreover, verification and validation of the integrated Linux TCP are performed within INET framework to ensure the validity of the integration. The results clearly confirm that the integrated Linux TCP displays reasonable and consistent dynamics with respect to the behaviors of the real-world Linux TCP. Finally, to demonstrate the application of the INET with Linux TCP extension, algorithms of other Linux TCP variants and their dynamic over a large-bandwidth long-delay network are briefly presented.