Placeholder image for staff profiles

Dr Haitham Cruickshank


Senior Lecturer
+44 (0)1483 686007
02 CII 01

Biography

Biography

I worked in ICS (formerly CCSR) since January 1996 on several European research projects in the ACTS, ESPRIT, Ten-Telecom and IST programmes. My main research interests are network security, satellite network architectures, VoIP and IP conferencing over satellites. I am currently working in several FP6 projects such as SATLIFE, EuroNGI, and SATNEX. I also teach in the Data and Internet Networking and satellite communication courses at University of Surrey.

I am a chartered engineer and corporate member of the IEE in UK. Alsom am a member of the Satellite and Space Communications Committee of the IEEE ComSoc. I am active in the ETSI BSM (Broadband Satellite Multimedia) and the IETF MSEC groups.

In addition, I am Vice Chair of the COST 272 activity, which is part of the European COST research programme, here is a photo with my COST 272 colleagues.

My publications

Publications

Caini C, Cruickshank HS, Farrell S, Marchese M (2011) Delay- and Disruption - Tolerant Networking (DTN): An Alternative Solution for Future Satellite Networking Applications, IEEE Special Issue on Aerospace Communications and Networking in the Next Two Decades: Current Trends and Future Perspectives 99 (11) pp. 1980-1997 IEEE
Satellite communications are characterized by long delays, packet losses, and sometimes intermittent connectivity and link disruptions. The TCP/IP stack is ineffective against these impairments and even dedicated solutions, such as performance enhancing proxies (PEPs), can hardly tackle the most challenging environments, and create compatibility issues with current security protocols. An alternative solution arises from the delay- and disruption-tolerant networking (DTN) architecture, which specifies an overlay protocol, called bundle protocol (BP), on top of either transport protocols (TCP, UDP, etc.), or of lower layer protocols (Bluetooth, Ethernet, etc.). The DTN architecture provides long-term information storage on intermediate nodes, suitable for coping with disrupted links, long delays, and intermittent connectivity. By dividing the end-to-end path into multiple DTN hops, in a way that actually extends the TCP-splitting concept exploited in most PEPs, DTN allows the use of specialized protocols on the satellite (or space) links. This paper discusses the prospects for use of DTN in future satellite networks. We present a broad DTN overview, to make the reader familiar with the characteristics that differentiate DTN from ordinary TCP/IP networking, compare the DTN and PEP architectures and stacks, as a preliminary step for the subsequent DTN performance assessment carried out in practical LEO/GEO satellite scenarios. DTN security is studied next, examining the advantages over present satellite architectures, the threats faced in satellite scenarios, and also open issues. Finally, the relation between DTN and quality of service (QoS) is investigated, by focusing on QoS architectures and QoS tools and by discussing the state of the art of DTN research activity in modeling, routing, and congestion control.
Al-Fares M, Sun Z, Cruickshank HS (2009) A hierarchical routing protocol for survivability in wireless sensor network (WSN), Proceedings of the International MultiConference of Engineers and Computer Scientists 2009 Vol I pp. 262-268
Wireless Sensor Network (WSN) is one of the major research areas in computer network field today. The function of WSN in this paper is to provide sensing services in an un-attended harsh environment. Sensed data need to be delivered to the sink and to cope with the network unreliability problem. Few routing protocol takes into consideration of this problem. It is a great challenge of the hierarchical routing protocol to provide network survivability and redundancy features. In this paper, a short literature review of the existing routing protocol is carried out. Then a novel hierarchical routing protocol, which addresses network survivability and redundancy issues, is introduced. Initial analysis shows promising results of the proposed protocol over LEACH. Finally, conclusion was drawn based on the research and future direction for further research is identified.
Cruickshank HS, Howarth MP, Iyengar S, Sun Z (2003) Key management and multi-layer IPSEC for satellite multicast,
Lei A, Cruickshank H, Cao Y, Asuquo P, Anyigor Ogah C, Sun Z (2017) Blockchain-Based Dynamic Key Management for
Heterogeneous Intelligent Transportation Systems,
Internet of Things Journal 4 (6) pp. 1832-1843 IEEE
As modern vehicle and communication technologies
advanced apace, people begin to believe that Intelligent
Transportation System (ITS) would be achievable in one decade.
ITS introduces information technology to the transportation
infrastructures and aims to improve road safety and traffic
efficiency. However, security is still a main concern in Vehicular
Communication Systems (VCS). This can be addressed through
secured group broadcast. Therefore, secure key management
schemes are considered as a critical technique for network
security. In this paper, we propose a framework for providing
secure key management within the heterogeneous network. The
security managers (SMs) play a key role in the framework by
capturing the vehicle departure information, encapsulating block
to transport keys and then executing rekeying to vehicles within
the same security domain. The first part of this framework is
a novel network topology based on a decentralised blockchain
structure. The blockchain concept is proposed to simplify the
distributed key management in heterogeneous VCS domains.
The second part of the framework uses the dynamic transaction
collection period to further reduce the key transfer time during
vehicles handover. Extensive simulations and analysis show the
effectiveness and efficiency of the proposed framework, in which
the blockchain structure performs better in term of key transfer
time than the structure with a central manager, while the dynamic
scheme allows SMs to flexibly fit various traffic levels.
Asif M, Sun Z, Cruickshank HS, Ahmad N (2011) QoS provisioning in contention aware MANETs using flow-aware admission control protocol, Proceedings of the IADIS International Conferences - Informatics 2011, Wireless Applications and Computing 2011, Telecommunications, Networks and Systems 2011, Part of the IADIS, MCCSIS 2011 pp. 99-106
The popularity of MANET based applications is on the rise by the day and this includes the use of multimedia application over MANETs. The existing routing protocols provide best effort service, but do not provide any guarantee of Quality of Service (QoS) provisioning. Admission control based approach is desirable and plays a vital role in maintaining QoS for MANET-based applications. In this paper, we present a novel Flow-Aware Admission Control (FAAC) protocol that will maintain guaranteed throughput to the applications requiring QoS. FAAC protocol is designed to utilize the caching mechanism of the Dynamic Source Routing (DSR) protocol. It will be implemented in two stages: the first stage is searching the cache for untested paths from source to destinations and initiating the route search before checking the nodes resources. The second stage will include checking of local and carrier sensing neighbors' resources. The protocol is implemented using C++ within NS-2 simulation environment and validated to check the effect of newly admitting traffic over admitted data traffic. The newly arrival traffic was blocked when there is no enough network resources to support the existing and newly arrival traffic. © 2011 IADIS.
Cruickshank H, Sun Z (2000) Analysis of IP voice conferencing over geostationary satellite systems, IEEE Colloquium (Digest) (17) pp. 5-10
Satellites are foreseen to be complementary to the future terrestrial networks in deploying multimedia communication systems. The use of Geostationary multi-beams and On-Board Processing (OBP) provides a great opportunity for the speedy deployment of real time services such as IP Voice services over satellites. Voice over IP is a new technology and has the potential to revolutionise telephone communications within the modern enterprise, and promises new integrated services and lower costs. This paper examines the challenges of providing IP telephony, multiparty conference service and using IP multicast to distribute voice conferencing packets over Geostationary satellites. Also this paper analyses the delays in setting/joining audio conferences and proposes to reduce the H.323 signalling messages in order to reduce the audio conference signalling delays.
Cruickshank HS, Sun Z (2009) IWSSC 2009 welcome message from the technical program chairs, Proceedings of the 2009 6th International Symposium on Wireless Communication Systems, ISWCS'09
Sun Z, He D, Cruickshank HS, Liang L, Sanchez A, Miguel C, Schena V, Tocci C, Carro B (2004) Scalable architecture and evaluation for multiparty conferencing over satellite links, IEEE JOURNAL ON SELECTED AREAS IN COMMUNICATIONS 22 (3) pp. 594-605 IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC, 445 HOES LANE, PISCATAWAY, NJ 08855 USA
This paper describes the architecture of a proposed multiparty conferencing system for satellites. Different conferencing models are discussed and compared. A session initiation protocol (SIP)-based conference signaling model and an extension to protocol-independent multicast sparse mode that supports quality-of-service (QoS) in DiffServ networks are proposed, as particularly suitable for multiparty conferencing applications over satellite links. The paper also presents key issues and potential solutions of scalable QoS multicast services for multiparty conferences over satellite. End-to-end QoS parameters for voice and video are measured and analyzed on a prototype.
Hu YF, Berioli M, Pillali P, Cruickshank HS, Giambene G, Kotsopoulos K, Guo W, Chan PML (2010) Broadband Satellite Multimedia, IET Communications 4 (13) pp. 1519-1531 IET
The broadband satellite multimedia (BSM) architecture standardised by ETSI defines a satellite independent service access point (SI-SAP) interface layer that separates the satellite independent features of the upper layers from the satellite dependant features of the lower layers, and provides a mechanism to carry IP-based protocols over these satellite dependent lower layers. This enables interoperability at the IP layer between satellite systems of different physical and link layers technologies that fully comply with the SI-SAP concept. This study reviews past and current standardisation activities including the BSM quality of service (QoS) architecture, security architecture, network management that have been carried out by the ETSI Technical Committee-Satellite Earth Stations and Systems (TC-SES)/BSM working group and looking into the future to extend current SI-SAP functions that can enhance existing QoS provision and security management capabilities as well as proposing a mobility management architecture that complies with the IEEE 802.21 media independent handover framework to support BSM mobility and to allow integration of satellite networks with fixed and mobile network infrastructures. A service-based network management architecture is also proposed to allow management flexibility and integration of business and operation support functions, paving the way for satellite integration into the Internet of the future.
Mort R, Cruickshank HS (2009) Multicast Architecture for PIM-SM in Broadband Satellite Multimedia Systems,
The approach currently being taken by ETSI
(BSM) to standardisation for Multicast PIM-SM protocols is described. This paper describes methods, architectures and adaptations to support IP-multicast services efficiently across IP-based broadband multimedia satellite systems. The final objective is to arrive at a consensus for a standard on this subject.
Cruickshank HS, Giambene G, Berioli M, Mort R (2009) BSM Integrated PEP with Cross-Layer Improvements, Satellite and Space Communications, 2009. IWSSC 2009. pp. 52-56 IEEE
The future development of broadband satellite
systems providing services based on the Internet Protocol (IP) needs to be stimulated by means of common standards. This
paper presents the ETSI BSM PEP terminal architecture and PEP usage scenarios. In addition this paper shows the benefits of
cross-layer improvements, where the TCP traffic sent by STs through an NCC/Gateway that acts as a PEP-spoofer on ACKs going in the opposite direction.
Fairhurst G, Sathiaseelan A, Cruickshank HS, Baudoin C (2009) Transport Challenges Facing a Next Generation Hybrid Satellite Internet, International Journal of Satellite Communications and Networking (IJSCN)
This paper considers the transport layer implications by assuming a position where satellite networks form one integrated component of a hybrid Internet architecture. It reviews the key role of transport protocols in providing a reliable and robust end-to-end Internet service. A history of TCP protocol evolution from a satellite perspective is followed by focussing on the role of protocol-enhancing proxies in satellite systems and how these have impacted the introduction of new Internet transport techniques. Current transport research issues are identified and related to two new architectural approaches to highlight the expected performance benefits and derive the implications on the design of geostationary satellite Internet systems as the network evolves toward a next-generation Internet.
Mort R, Berioli M, Cruickshank HS (2008) Network Management Architectures for Broadband,
The approach currently being taken by ETSI
(BSM) in defining future open standards for network management architecture for IP-based broadband multimedia satellite systems is described. This work has recently begun
and the final objective is to arrive at a consensus for an architecture which meets the requirements of compatibility and interworking with external networks (e.g. within the NGN)
and is flexible enough to meet different operators needs.
Cruickshank HS, Sun Z, Evans B (2000) THESEUS approach to open stock exchange trading based on Pan-European broadband networks and satellite links, GLOBECOM '00: IEEE GLOBAL TELECOMMUNICATIONS CONFERENCE, VOLS 1- 3 pp. 1349-1353
Alshamrani M, Cruickshank H, Sun Z, Elmasri B, Fami V (2013) Evaluation of SIP signalling and QoS for VoIP Over OLSR MANET routing protocol, Proceedings - UKSim 15th International Conference on Computer Modelling and Simulation, UKSim 2013 pp. 699-706
This paper evaluates the SIP based VoIP applications over the Optimized Link State Routing protocol (OLSR) as a proactive routing protocol for Mobile Ad Hoc Networks (MANET) using Static, Uniform, and Random mobility models. The evaluation considered PCM, LQS, IPTelephony, and GSM voice codecs to study the SIP signaling performance and the voice Quality of Service (QoS) for VoIP calls over OLSR MANET. The simulation efforts performed in OPNET Modeler 17.1. The results show that VoIP over OLSR MANET has good performance over Static and Uniform mobility models while it has variable performance with Random models. SIP signaling has large delays compared with the voice signaling which reduce the VoIP performance and increases the call's duration. In addition, GSM and LQS based VoIP calls have an acceptable level of QoS while PCM and IPTelephony based VoIP calls have a low level of QoS over different types of mobility models. Furthermore, the location and the mobility of SIP server affect the number of hops and the SIP signaling performance between the different parties of the VoIP call. © 2013 IEEE.
Ahmad A, Mirzadeh S, Cruickshank H, Afifi H (2008) Efficient Physical Layer Encryption for LDR Sensor Networks,
Cao Y, Cruickshank H, Sun Z (2011) Asymmetric spray based routing for delay tolerant networks, IEEE Vehicular Technology Conference
The framework of Delay Tolerant Networks (DTNs) has recently received an extensive attention and widely implemented, ranging from Wireless Sensor Networks (WSNs) to Interplanetary Networks. It has been applied in military communication, scientific research and exploration. Due to the characteristic of long delay, intermittent disruption, limitation of buffer space and energy, the traditional routing algorithms in the Internet do not perform well in DTNs. Since most of the existing DTN routing algorithms are based on the replication mechanism to achieve the high delivery ratio. In this paper, we propose an asymmetric spray algorithm based on the limited number of replication with the consideration of utility metric. In addition, we also design an adaptive replication function to optimize the dropped messages due to the insufficient encounter duration. Simulation results show the effectiveness of our asymmetric spray approach. In combination with the other designed functions, our proposed algorithm achieve a better performance than the state of the art algorithms. © 2011 IEEE.
Jamalipour A, Marchese M, Cruickshank HS, Neale J, Verma SN (2004) Broadband IP networks via satellites - Part I, IEEE JOURNAL ON SELECTED AREAS IN COMMUNICATIONS 22 (2) pp. 213-217 IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC
Bhutta N, Cruickshank HS, Caviglione L, Davoli F (2009) Security in Peer-to-Peer Applications and Remote Instrumentation over Satellite: A Scenario Including Public Protection and Disaster Relief (PPDR),
Remote Instrumentation Services (RIS) are an important
component in PPDR applications, where heterogeneous
devices can be present, ranging from measurement
instrumentation and environmental sensors to telemedicine
equipment. The presence of high disruption and absence of
communication infrastructure might represent satellite
network the only access possibility to remote areas. This
paper focuses on examining the security and networking
issues in satellite p2p, remote instrumentation services, and
the related PPDR applications; also it highlights the security
issues which rise due to high disruption, disconnectivity, and
deployment of heterogeneous.
Aircrafts in commercial routes have been proposed in some previous work as a novel DTN bundle carriers [1]. Satellites can be one of the hops in this application. DTN suffers from intermittent disconnections, long delays and has scarce resources. It is a challenge to control the admission to these resources to provide better QoS and ensure optimum resource utilisation. Furthermore, providing fairness to different users who compete to access limited and scarce resources makes the solution even harder. In this paper, we propose a fair novel admission control model for DTN aircrafts applications based on feedback history logging of past admissions. This model will locally estimate the resources and provide fair admissions for users within a group of users in the same area. We will show an analysis of aircrafts fair admission control design for both aircraft initiated and user initiated approaches, which will provide integrated service per flow basis. The paper also presents the initial simulation model using a modified version of DTN2 emulator and DTNperf_2 performance monitoring tool.
Asuquo PM, Cruickshank HS, Sun Z, Chandrasekaran G (2016) Analysis of DoS Attacks in Delay Tolerant Networks for Emergency Evacuation., Proceedings of 2015 9th International Conference on Next Generation Mobile Applications, Services and Technologies pp. 228-233
In the event of a disaster, there is a severe damage/destruction to physical infrastructures such as telecommunication and power lines which result in the disruption of communication in this areas. For such scenarios, Delay Tolerant Network (DTN) provides an alternative means of communication. In Delay Tolerant Networks (DTNs), a message from a source node may be delivered to the destination node despite the non-existence of an infrastructure and an end-to-end connectivity. However DTNs are susceptible to security threats such as DoS attacks targeted at disrupting relayed packets or dropping critical packets during a disaster rescue operation. DoS attacks consist of blackhole, grayhole, wormhole, packet flooding attacks etc. The scope of this paper is to study the impacts of blackhole and packet flooding attacks in a post disaster communication network using DTN. Various performance metrics in DTN have been used to study the impacts of different DoS attacks in DTN and a comprehensive analysis is presented.
Melhus I, Fan L, Arnal F, Baudoin C, Nivor F, Gayraud T, Berthout P, Fairhurst G, Fiaschetti A, Pietrabissa A, Pimpinella L, Lei L, Cruickshank H, Sun Z (2008) Cross-layer Optimization in the Next-generation Broadband Satellite Systems,
Next-generation broadband satellite systems will have the capability to provide cost-effective universal broadband access for the users. In order to meet users? requirements on high quality multimedia services, many enhancements have to be made on the existing satellite technologies. One of the promising methods is the introduction of cross-layer design. There are several advantages of a layered approach since modularity, robustness and ease of designs are achieved without difficulty. However the properties of the different layers have substantial interdependencies and a modularised design may therefore be suboptimal with regards to performance and availability in a hybrid satellite and mobile wireless environment. In this paper, we will carry out a review of the cross-layer design in satellite systems. Based on this, a cross-layer architecture for the next-generation broadband satellite system is proposed. The proposed cross-layer architecture has two main components: QoS and resource management and mobility management. In each component, the cross-layer techniques that have been used are described in details.
Cruickshank H, Howarth M, Iyengar S, Sun Z, Claverotte L (2005) Securing multicast in DVB-RCS satellite systems, IEEE WIRELESS COMMUNICATIONS 12 (5) pp. 38-45 IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC, 445 HOES LANE, PISCATAWAY, NJ 08855 USA
While TV broadcasting is probably the best known application of satellite technology, satellite service providers are now expanding their services to include Internet data transmission. Consequently, security of satellite data is becoming an important issue. This article examines the current DVB-RCS security standard and identifies the principal gaps in the provision of secure multicast over DVB-RCS. The main contribution of this article is a proposal for adapting the current DVB-RCS two-way satellite standard to provide secure multicast services over satellites.
Mirzadeh S, Cruickshank H, Tafazolli R (2008) An efficient key management solution for personal network federations, Proceedings - The 2nd International Conference on Mobile Ubiquitous Computing, Systems, Services and Technologies, UBICOMM 2008 pp. 401-406
Liang L, Cruickshank H, Sun Z, Kulatunga C, Fairhurst G (2008) TESLA with FLUTE over satellite networks, 2008 IEEE INTERNATIONAL CONFERENCE ON COMMUNICATIONS, PROCEEDINGS, VOLS 1-13 pp. 1915-1919 IEEE
Cao Y, Sun Z, Cruickshank H, Yao F (2014) Approach-and-Roam (AaR): A Geographic Routing Scheme for Delay/Disruption Tolerant Networks, IEEE TRANSACTIONS ON VEHICULAR TECHNOLOGY 63 (1) pp. 266-281 IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC
Ansa G, Criuckshank H, Sun Z, Al-Siyabi M (2011) A DOS-resilient design for delay tolerant networks, IWCMC 2011 - 7th International Wireless Communications and Mobile Computing Conference pp. 424-429
Packet injection by an attacker can trigger flooding-based DOS attacks. This paper seeks to provide a simple and robust approach to protect the access control, data integrity and sender authentication security services in resource-constrained delay tolerant networks. The aim is to make security protocols providing these mandatory security services resilient to resource exhaustion DOS attacks. To achieve this we propose a hierarchical design based on the use of light-weight and hard to forge cookies. The DOS defense mechanism can proactively identify and discard attack bundles. Compromised insider nodes are identified and isolated. © 2011 IEEE.
Alshamrani M, Cruickshank HS, Sun Z, Ansa G, Alshahwan F (2016) SIP Signaling Implementations and Performance Enhancement over MANET: A Survey, International Journal of Advanced Computer Science and Applications 7 (5) pp. 191-202 The Science and Information (SAI) Organization
The implementation of the Session Initiation Protocol (SIP)-based Voice over Internet Protocol (VoIP) and multimedia over MANET is still a challenging issue. Many routing factors affect the performance of SIP signaling and the voice Quality of Service (QoS). Node mobility in MANET causes dynamic changes to route calculations, topology, hop numbers, and the connectivity status between the correspondent nodes. SIP-based VoIP depends on the caller?s registration, call initiation, and call termination processes. Therefore, the SIP signaling performance has an important role for the overall QoS of SIP-based VoIP applications for both IPv4 and IPv6 MANET. Different methods have been proposed to evaluate and benchmark the performance of the SIP signaling system. However, the efficiency of these methods vary and depend on the identified performance metrics and the implementation platforms. This survey examines the implementation of the SIP signaling system for VoIP applications over MANET and highlights the available performance enhancement methods.
Bhutta N, Cruickshank HS (2013) A New Dynamic Multilayer IPSec Protocol, 4th International ICST Conference, PSATS 2012 Personal Satellite Services 52 pp. 119-129 Springer Berlin Heidelberg
Audah L, Sun Z, Cruickshank HS (2010) End-to-End QoS Evaluation of IP-Diffserv Network over LEO Satellite Constellation,
In this paper, we present an end-to-end QoS simulation studies on internetworking of remote LAN and long range communications over LEO-Iridium satellites constellation taking SuperJARING network in Malaysia as an example. A macro level network simulation scenario based on actual network topology in Malaysia is implemented as Diffserv network model using the Network Simulator-2 (NS-2). Web traffic (HTTP) is used as the internet traffic models in the simulation analysis. All simulations are carried out in error-free and link-loss environment. In error-free simulations, the accumulative network traffic loads are varied from 20%, 50% and 80% while in link-loss environment simulations only 20% traffic load is used with bit error rate (BER) varied from 1x10-5, 1x10-4 and 2x10-4. The results show clearly that QoS can be achieved with IP Diffserv over satellites constellation like Iridium.
Caviglione L, Celandroni N, Collina M, Cruickshank HS, Fairhurst G, Ferro E, Gotta A, Luglio M, Roseti C, Salam A, Secchi R, Sun Z, Vanelli-Coralli A (2015) A deep analysis on future web technologies and protocols over broadband GEO satellite networks., Int. J. Satellite Communications Networking 33 (5) 5 pp. 451-472 Wiley
The goal of this work was to understand the direction of the emerging web technologies and to evaluate their expected impact on satellite networking.

Different aspects have been analysed using both real satellite testbeds and emulation platforms in different test sites in Europe. This analysis included an evaluation of those HTTP/2.0 specifications, which were implemented and released as open-source code in the experimental release of the SPDY protocol. SPDY performance was evaluated over satellite testbeds in order to understand the expected interaction with performance-enhancing proxies (including scenarios with a SPDY proxy at a satellite gateway), the impact of security and the effect of satellite capacity allocation mechanisms. The analysis also considered the impact of application protocols and the delay induced by end-system networks, such as a satellite-connected WiFi network. Copyright © 2015 John Wiley & Sons, Ltd.

Navaratnam P, Cruickshank H, Tafazolli R (2007) A Link Adaptive Transport Protocol for Multimedia Streaming Applications in Multi Hop Wireless Networks, Proceedings of the 3rd international conference on Mobile multimedia communications ICST
Al-Fares M, Sun Z, Cruickshank HS (2010) Reliable Routing Protocol for Wireless Sensor Network, In: Ao S-I, Castillo O, Huang X (eds.), Intelligent Automation and Computer Engineering 16 Springer Verlag
Intelligent Automation and Computer Engineering offers the state of the art of tremendous advances in intelligent automation and computer engineering and also ...
Kittiperachol S, Sun Z, Cruickshank HS (2009) Integration of Linux TCP and Simulation: Verification, Validation and Application, Journal of Networks 4 (9) pp. 819-836 Academy Publisher
Network simulator has been acknowledged as
one of the most flexible means in studying and developing protocol as it allows virtually endless numbers of simulated network environments to be setup and protocol of interest to be fine-tuned without requiring any real-world complicated and costly network experiment. However, depending on researchers, the same protocol of interest can be developed in different ways and different implementations may yield the outcomes that do not accurately capture the dynamics of the real protocol. In the last decade, TCP, the protocol on which the Internet is based, has been extensively studied in order to study and reevaluate its performance particularly when TCP based
applications and services are deployed in an emerging Next Generation Network (NGN) and Next Generation Internet (NGI). As a result, to understand the realistic interaction of TCP with new types of networks and technologies, a combination of a real-world TCP and a network simulator seems very essential. This work presents an integration of real-world TCP implementation of Linux TCP/IP network stack into a network simulator, called INET. Moreover, verification and validation of the integrated Linux TCP are performed within INET framework to ensure the validity of the integration. The results clearly confirm that the integrated Linux TCP displays reasonable and consistent dynamics with respect to the behaviors of the real-world Linux TCP. Finally, to demonstrate the application of the INET with Linux TCP extension, algorithms of other Linux TCP variants and their dynamic over a large-bandwidth long-delay network are briefly presented.
Liang X, Ong FLC, Pillai P, Chan PML, Mancuso V, Koltsidas G, Pavlidou F-N, Caviglione L, Ferro E, Gotta A, Cruickshank HS, Iyengar S, Fairhurst G (2007) Fusion of digital television, broadband Internet and mobile communications - Part II: Future service scenarios., Int. J. Satellite Communications Networking 25 4 pp. 409-440
Hu YF, Berioli M, Pillai P, Cruickshank H, Giambene G, Kotsopoulos K, Guo W, Chan PML (2010) Broadband satellite multimedia, IET Communications 4 (13) pp. 1519-1531
The broadband satellite multimedia (BSM) architecture standardised by ETSI defines a satellite independent service access point (SI-SAP) interface layer that separates the satellite independent features of the upper layers from the satellite dependant features of the lower layers, and provides a mechanism to carry IP-based protocols over these satellite dependent lower layers. This enables interoperability at the IP layer between satellite systems of different physical and link layers technologies that fully comply with the SI-SAP concept. This study reviews past and current standardisation activities including the BSM quality of service (QoS) architecture, security architecture, network management that have been carried out by the ETSI Technical Committee-Satellite Earth Stations and Systems (TC-SES)/BSM working group and looking into the future to extend current SI-SAP functions that can enhance existing QoS provision and security management capabilities as well as proposing a mobility management architecture that complies with the IEEE 802.21 media independent handover framework to support BSM mobility and to allow integration of satellite networks with fixed and mobile network infrastructures. A service-based network management architecture is also proposed to allow management flexibility and integration of business and operation support functions, paving the way for satellite integration into the Internet of the future. © 2010 The Institution of Engineering and Technology.
Cao Y, Sun Z, Wang N, Yao F, Cruickshank HS (2013) Converge-and-diverge: A geographic routing for delay/disruption-tolerant networks using a delegation replication approach, IEEE Transactions on Vehicular Technology 62 (5) pp. 2339-2343
Routing in delay/disruption-tolerant networks (DTNs) is without the assumption of contemporaneous end-to-end connectivity to relay messages. Geographic routing is an alternative approach using real-time geographic information instead of network topology information. However, if considering the mobility of destination, its real-time geographic information is often unavailable due to sparse network density in DTNs. Using historical geographic information to overcome this problem, we propose the converge-and-diverge (CaD) by combining two routing phases that depend on the proximity to the movement range estimated for destination. The key insight is to promote message replication converging to the edge of this range and diverging to the entire area of this range to achieve fast delivery, given limited message lifetime. Furthermore, the concept of delegation replication (DR) is explored to overcome the limitation of routing decisions and the local maximum problem. Evaluation results under the Helsinki city scenario show an improvement of CaD in terms of delivery ratio, average delivery latency, and overhead ratio. Since geographic routing in DTNs has not received much attention, apart from the design of CaD, our novelty also focuses on exploring DR to overcome the limitation of routing decision and the local maximum problem, in addition to enhancing efficiency, as DR originally intended. © 1967-2012 IEEE.
Noisternig M, Collini-Nocker B, Pillai P, Liang L, Cruickshank HS (2009) Transmitter and Receiver Processing Specification for a Unified ULE Security Extension, pp. 115-119 IEEE
The Unidirectional Lightweight Encapsulation (ULE) protocol has been defined for efficient transport of IPv4/6 and other
protocols over the MPEG-2 Transport Stream (TS). The proliferation of this technology on the mass market may benefit from a
security solution protecting against potential threats such as eavesdropping, as well as masquerading, modification of messages, and
replay attacks, similar to 802.11 security. A unified ULE security extension header format has been proposed previously by the authors.
This paper discusses in detail the processing required for transmitters and receivers supporting this security extension for ULE.
Cao Y, Cruickshank HS, Sun Z (2011) Asymmetric spray and multi-forwarding for delay tolerant networks, Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering: Personal Satellite Services 71 (6) pp. 199-212
The framework of Delay Tolerant Networks (DTNs) has received an extensive attention from academic community because of its application ranging from Wireless Sensor Networks (WSNs) to interplanetary networks. It has a promising future in military affairs, scientific research and exploration. Due to the characteristic of long delay, intermittent connectivity and limited network resource, the traditional routing algorithms do not perform well in DTNs. In this paper, our proposed algorithm is based on an asymmetric spray mechanism combining with the concept of message classes. For each message class, a corresponding forwarding queue is designed and these queues are scheduled according to their priorities. Together with other designed assistant functions, our proposed algorithm outperforms other state of the art algorithms in terms of delivery ratio, overhead ratio, average latency as well as energy consumption.
Cao Y, Sun Z, Wang N, Riaz M, Cruickshank H, Liu X (2015) Geographic-Based Spray-and-Relay (GSaR): An efficient routing scheme for DTNs, IEEE Transactions on Vehicular Technology 64 (4) pp. 1548-1564 IEEE
In this paper, we design and evaluate the proposed geographic-based spray-and-relay (GSaR) routing scheme in delay/disruption-tolerant networks. To the best of our knowledge, GSaR is the first spray-based geographic routing scheme using historical geographic information for making a routing decision. Here, the term spray means that only a limited number of message copies are allowed for replication in the network. By estimating a movement range of destination via the historical geographic information, GSaR expedites the message being sprayed toward this range, meanwhile prevents that away from and postpones that out of this range. As such, the combination of them intends to fast and efficiently spray the limited number of message copies toward this range and effectively spray them within range, to reduce the delivery delay and increase the delivery ratio. Furthermore, GSaR exploits delegation forwarding to enhance the reliability of the routing decision and handle the local maximum problem, which is considered to be the challenges for applying the geographic routing scheme in sparse networks. We evaluate GSaR under three city scenarios abstracted from real world, with other routing schemes for comparison. Results show that GSaR is reliable for delivering messages before the expiration deadline and efficient for achieving low routing overhead ratio. Further observation indicates that GSaR is also efficient in terms of a low and fair energy consumption over the nodes in the network.
Sheng Y, Cruickshank HS, Moseley M, Ashworth J (2013) Security Architecture for Satellite Services over Cryptographically Heterogeneous Networks., PSATS 123 pp. 102-114 Springer
Alshamrani M, Cruickshank H, Sun Z, Fami V, Elmasri B, Danish E (2013) Signaling performance for SIP over IPv6 mobile Ad-Hoc network (MANET), Proceedings - 2013 IEEE International Symposium on Multimedia, ISM 2013 pp. 231-236
The unstable nature of MANETs over different types of wireless topologies and mobility models affects the Quality of Service (QoS) for real time applications such as Voice over IP (VoIP). One of the most efficient signaling systems for VoIP applications is the Session Initiation Protocol (SIP) which is mainly used to initiate, manage, and terminate VoIP calls over different types of IP based network systems. As a part of upgrading to Next Generation Network, MANETs will be considering IPv6 for different types of applications and devices. Therefore, SIP signaling over IPv6 MANETs needs to be investigated with different QoS performance metrics such as bandwidth, packet loss, delay and jitter. In this paper, an evaluation of SIP signaling is conducted for SIP based VoIP calls using GSM voice codec system over MANETs with Static, Uniform, and Random mobility models. This evaluation considered AODV as a reactive routing protocol and OLSR as a proactive routing protocol over both IPv4 as well as IPv6. The evaluation study of SIP signaling examined call setup time, number of active calls, number of rejected calls and calls duration. The results of this study show that, in general, IPv4 has better performance over different types of mobility models, while IPv6 upholds longer delays and poor performance over Random mobility models. © 2013 IEEE.
Navaratnam P, Cruickshank H, Tafazolli R (2008) A link adaptive transport protocol for multimedia streaming applications in multi hop wireless networks, MOBILE NETWORKS & APPLICATIONS 13 (3-4) pp. 246-258 SPRINGER
Asif M, Sun Z, Cruickshank H, Ahmad N (2011) Flow aware admission control-multipath protocol with multiple constraints (FAAC-MM) for assurance of multiple QoS metrics in MANETs, 2011 18th IEEE Symposium on Communications and Vehicular Technology in the Benelux, SCVT 2011
The emergence of MANET supported applications and the subsequent widespread acceptance is facilitated by the development and availability of cheap wireless Wi-Fi devices. Its anticipated role as an integral part of future communication environment accounts for why support for QoS should be an essential requirement rather than an additional feature. Provisioning of QoS to MANET-based applications will not be possible without Admission Control and QoS-aware routing protocols. It is on this premise that Flow-Aware Admission Control (FAAC) protocol is designed to improve the throughput and delay assurance of MANET-based applications. Real time applications require multiple guaranteed QoS metrics like throughput, delay, jitter etc. The work presented in this paper is an extension of our designed FAAC protocol to improve the provisioning of multiple QoS metrics in many mobile scenarios. The source node is designed to maintain more than a single path to each destination with the reliability of the routes maintained through nodes disjointness. Each route must fulfil the throughput and delay requirement of the application. The designed FAAC-Multipath protocol with multiple constraints (FAAC-MM) is equipped with the intermediate route repair mechanism to enable the intermediate node to carry out route repair locally without contacting the source node. With an effective QoS violation detection and route maintenance mechanism, the protocol reduces the frequency of route discovery thus leading to a significant reduction in QoS disruption. We have illustrated the effectiveness of FAAC-MM with the state of the art admission control protocols. Simulation results show the effectiveness of the FAAC-MM protocol in terms of high throughput, low delay, low packet loss and session dropping ratio. © 2011 IEEE.
Asif M, Sun Z, Cruickshank H (2009) Admission control protocols in Mobile Ad Hoc Networks provisioning QoS, Proceedings of the 6th International Conference on Frontiers of Information Technology, FIT '09
Mobile nodes communicate on error prone wireless channel in Mobile Ad Hoc Networks. It is very challenging to provide Quality of Service to data flows due to unpredictable topology and lack of centralized control. Admission Control is a crucial component of the system providing Quality of Service. It is the job of Admission Control to decide whether to admit a flow or not on the basis of available resources ensuring that the Quality of Service of the previously admitted sessions must not be affected. In this paper we will review different contention aware admission control protocol, which plays in important role in provisioning Quality of Service. Copyright 2009 ACM.
Cruickshank HS (2010) Satellite Communications: from PEPs to DTN, pp. 62-67 IEEE
Disruption-Tolerant Networking represents an innovative way to cope with satellite communications impairments. In this view, the paper presents an in-depth analysis of implications of a DTN approach to satellite communications, focusing on these fundamental aspects: network architecture, security, and Quality of Service (QoS). For each topic, commonalities and differences between DTN and Performance Enhancing Proxies (PEPs) are highlighted, to show that the DTN architecture can be seen as a promising evolution of PEPs, at present the most widely adopted architecture. The analysis shows that DTN can effectively improve PEPs functionalities in the presence of intermittent and disruptive channels and/or a high level of network heterogeneity. In particular, DTN offers the possibility to operate with intermittent channels, a better resilience to channel disruptions, the possibility to implement both end-to-end and hop-by-hop security, and a greater flexibility in the use of advanced QoS techniques
Ali M, Liang L, Sun Z, Cruickshank H (2009) Evaluation of SIP signaling and QoS for VoIP over satellite networks, IEEE International Conference on Communications
In satellite networks, voice over IP performance is degraded by long delays and low bandwidth. Both call setup time and quality of service (QoS) for voice calls are affected. Separate studies have been undertaken for these performance metrics. In this paper, we have carried out experiments using different voice codecs to evaluate SIP call setup time and QoS parameters together. The experiments are performed on the satellite network testbed at Centre for Communication Systems Research (CCSR) at University of Surrey. The results present a comparison of different codecs, highlighting their performance. ©2009 IEEE.
Alshamrani M, Cruickshank H, Sun Z, Fami V, Elmasri B (2013) Evaluation of SIP signalling and QoS for VoIP over MANETs reactive routing protocols, International Conference on Next Generation Mobile Applications, Services, and Technologies pp. 105-110
In Mobile Ad Hoc Networks (MANET), delays and bandwidth limitations of the wireless network system adversely affect the performance of the Voice over IP (VoIP). The calls setup time and the voice Quality of service (QoS) of VoIP calls depend on the routing protocol, the mobility model, and the number of hops between the call parties. Number of research efforts used to study the performance metrics of VoIP over MANET with even proactive, reactive, or hybrid routing protocols. In this paper, an evaluation of SIP signaling and voice QoS for SIP based VoIP calls using GSM voice codec over MANETs with Static, Uniform, and Random mobility models. This evaluation considered three types of reactive routing protocols: DSR, AODV, and TORA over IPv4. For SIP signaling, the evaluation examined the call setup time, the number of active calls, the number of rejected calls, and the calls duration. For voice QoS, the evaluation studied the End-to-End Delay, the sent traffic and the received traffic of VoIP calls. The evaluation results show that AODV has the best performance over different types of mobility models, then DSR with Static and Uniform mobility models, while TORA has long delays and poor performance over all mobility models. This evaluation helps to improve the performance of VoIP applications over MANETs by studying the most appropriate reactive routing protocol over different types of mobility models. © 2013 IEEE.
Al-Fares MS, Sun Z, Cruickshank H (2009) A reliable multi-hop hierarchical routing protocol in Wireless Sensor Network (WSN), ITNG 2009 - 6th International Conference on Information Technology: New Generations pp. 1604-1605
Today, Wireless Sensor Network (WSN) is considered as one of the major research areas in computer network field. One of the many WSN functions is to provide sensing services in an unattended harsh environment. Sensed data need to be delivered to the data collection centre and to cope with the reliable network problem. Different routing protocols have been developed to deal with this problem. It is still a great challenge of the hierarchical routing protocol to operate efficiently in the presence of node failure. There for, a novel hierarchical routing protocol that addresses network survivability and redundancy issues is studied. Simulation results show superiority of the proposed protocol over the existing protocols. © 2009 IEEE.
Cao Y, Sun Z, Ahmad N, Cruickshank H (2012) A mobility vector based routing algorithm for delay tolerant networks using history geographic information, IEEE Wireless Communications and Networking Conference, WCNC pp. 2757-2762
The concept of Delay Tolerant Networks (DTNs) are proposed to facilitate communication in challenged mobile wireless networks using the Store-Carry-Forward (SCF) routing behavior. In this paper, our motivation is to take advantage of geographic routing since it routes message without the knowledge about network topology by using realtime location information, overcoming the challenge of large network topology variation in DTNs. Different from traditional geographic algorithms, our approach only adopts history geographic information due to the difficulty to obtain the realtime location of destination, suffering from sparse network density and high mobility. The key insight of our algorithm is to separate message replication depending on the proximity to the movement range estimated for destination, followed by the proposed scheduling methodology for prioritized transmission between each phase as well as anti-diffusion function for redundancy reduction. Simulation results under the Helsinki city scenario show an improvement comparing with two well known geographic approaches in DTNs, considering delivery ratio, average latency as well as overhead ratio. © 2012 IEEE.
Sheng Y, Cruickshank H, Pragad AD, Pangalos P, Aghvami AH (2008) An Integrated QoS, Security and Mobility Framework for Delivering Ubiquitous Services Across All IP-based Networks, 2008 IEEE 19TH INTERNATIONAL SYMPOSIUM ON PERSONAL, INDOOR AND MOBILE RADIO COMMUNICATIONS pp. 2371-2375 IEEE
Al-Siyabi M, Cruickshank H, Sun Z (2011) DTN QoS metrics and fair resources management model, Canadian Conference on Electrical and Computer Engineering pp. 000704-000707
Delay Tolerant Network (DTN) works in challenging conditions where delays are highly expected and links disconnections are very likely. Quality of service (QoS) provisioning in this kind of environment is important. Some of the traditional QoS metrics of bit rate, delay, jitter, packet dropping probability and/or bit error rate are applicable metrics but we think that there are other important metrics affecting the DTN QoS. The highest resource managements will ensure maximum resource utilizations which can be estimated by measuring the network delivery effectiveness. Furthermore, the limited resources will lead to congestion which can be tolerated by fair resource distribution. Therefore, two additional DTN QoS metrics are explored, namely the delivery probability and the fairness index which we think is more practical metrics for DTN. We propose a fair resource management model (FRMM) which will enhance the DTN QoS by providing better delivery probability and higher fairness index compared with same scenario lacking our model. The simulation results show improvements by up to 40 % in the delivery probability and up to 30% in the fairness index. © 2011 IEEE.
Tafreshi VHF, Cruickshank H, Sun Z (2013) Byzantine Robustness for future inter-domain routing security through integrated management plane, Proceedings of the 2013 IFIP/IEEE International Symposium on Integrated Network Management, IM 2013 pp. 820-823
Border Gateway Protocol (BGP) is the de-facto interdomain routing protocol exploited in the Internet today. Future Internet will not serve as a trustworthy vehicle for communication without overcoming BGP security challenges. While security should be a built-in element of any good design, it seems to be an arduous add-on process for BGP. The protocol suffers from the Byzantine Failure whence a legitimate node simply misbehaves. Currently, no systematic method determines whether the received information from an Autonomous System (AS) is valid or not in a global scale. This is due to the absence of an integrated managerial plane operating upon the control plane in our minds. We propose a hybrid method by an overlay network with a global, shared view of the address space ownership performing over the highly-connected ASes merely for the veracity check of the BGP origins. Subsequently, by breaking the hop-by-hop paradigm of BGP with the aid of our introduced management plane, we reach a level of Byzantine Robustness in which the risk pertaining to BGP prefix hijacking as a severe instance of Byzantine attacks is mitigated to a large extent. © 2013 IFIP.
Johnson E, Cruickshank H, Sun Z (2011) Managing access control in delay/disruption tolerant networking (DTN) environment, 2011 4th IFIP International Conference on New Technologies, Mobility and Security, NTMS 2011 - Proceedings
The rapid growth in network heterogeneity, applications complexity, services and size due to increase number of users, have introduced more challenges in access control management in traditional networks. The emerging nature of Delay/Disruption Tolerant Networking (DTN) and its design assumptions like long delay, intermittent connectivity, asymmetric data rates etc make access control management even more challenging. The conflict of these assumptions with that of the Internet means the existing access control management systems can either not be implemented or implemented with modifications. The reference DTN environment includes but not limited to wireless, deep space and sensor-based networks. In this paper, our focus is on access control in DTN taking into consideration the long/variable delay, frequent disruption and heterogeneity. We proposed a framework that allows participating entities in the DTN environment to act as policy enforcers and also make independent access control decisions in the absence of connectivity. We present our proposed framework with description and analysis, and give direction for future work.
There are a variety of satellite applications that require application intelligence at intermediate devices for their proper functioning e.g. satellite networks using (Performance Enhancing Proxies, PEPs),
real time streaming applications like SIP, H.323 and peer-to-peer applications. Interworking between PEPs and security system has been researched in the past. Multi-layer IPSec (ML-IPSec) resolves the conflict between end-to-end security in standard IPSec and working of PEPs. This paper presents
the concept and detailed design of ML-IPSec by breaking the IP datagram into three zones while
enabling the intermediate nodes to access the TCP header and HTTP header information. The paper also presents an efficient interworking scheme between ML-IPSec and secure IP multicast using the Logical Key Hierarchy for key distribution.
Asif M, Sun Z, Cruickshank H, Ahmad N (2011) QoS assurance in MANETs using flow aware admission control - Multipath protocol, Conference Proceedings of the IEEE International Performance, Computing, and Communications Conference
The emergence of MANET supported applications and the subsequent widespread acceptance is facilitated by the development and availability of cheap wireless Wi-Fi devices. It is on this premise that Flow-Aware Admission Control (FAAC) protocol is designed to improve the throughput assurance of MANET-based applications. The work presented in this paper is an extension of our designed FAAC protocol to guarantee the provisioning of QoS in many mobile scenarios. The source node is designed to maintain multiple paths to each destination with the reliability of the routes maintained through nodes disjointness. The designed FAAC-Multipath protocol is equipped with the intermediate route repair mechanism to enable the intermediate node to carry out route repair locally without contacting the source node. We have illustrated the effectiveness of FAAC-Multipath with the state of the art admission control protocols. © 2011 IEEE.
Ali M, Liang L, Sun Z, Cruickshank HS (2011) Optimization of SIP Session Setup for VoIP over DVB-RCS Satellite Networks, International Journal of Satellite Communications Policy and management (IJSCPM) 1 (1) pp. 55-76 Inderscience
With the proliferation of the internet, voice over IP has penetrated in both terrestrial and satellite networks. One of the popular protocols responsible for its widespread usage is SIP. SIP is the signalling protocol responsible for the session establishment and termination. By default, it uses UDP as the transport layer protocol. As UDP is an unreliable protocol, the retransmission of the SIP messages is managed by the application layer, using exponential backoff algorithm. In this paper, this retransmission algorithm is studied in satellite environment. Based on the shortcomings of this algorithm, a new algorithm is proposed. The performance of the new algorithm is tested and evaluated on the satellite network testbed at Centre for Communication Systems Research (CCSR), University of Surrey. The results show that the performance of the new algorithm is better than the basic one, in terms of number of retransmissions of SIP messages and their bandwidth consumption, in addition to reduction in call setup time.
Liang L, Sun Z, Cruickshank H (2010) IP Performance over GEO Satellite Networks: Performance Measurements and Evaluations of IP Multiparty Multimedia Communications over GEO Satellite Networks, Lambert Academic Publishing AG & Co. KG
Audah L, Sun Z, Cruickshank H (2011) QoS evaluation of HTTP over satellites, Proceedings - 2011 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery, CyberC 2011 pp. 177-182
This paper presents the studies for the end-to-end QoS of IP over integrated terrestrial and Next Generation Satellite Network (NGSN) using HTTP web application. We compare between Big-LEO and EuroSkyWay like satellites constellations for the QoS parameters (e.g. delay, loss ratio, throughput and connection duration) of request-response HTTP connections from a remote server in London and a remote client in Boston. We model the HTTP request-response with multiple connections and response files sizes variations. We create the network scenario with error model to simulate the transmission loss environment using NS-2 simulation software. A Differentiated Services (Diffserv) queue interface is placed in the terrestrial network on the server side to regulate and differentiate the traffic flows across the narrow bandwidth of the satellite links. The results showed a good performance evaluation comparison of the QoS parameters involved in the HTTP web communications across LEO and GEO satellite systems. © 2011 IEEE.
Cao Y, Cruickshank H, Sun Z (2011) A routing framework for Delay Tolerant Networks based on encounter angle, IWCMC 2011 - 7th International Wireless Communications and Mobile Computing Conference pp. 2231-2236
The concept of Delay Tolerant Networks (DTNs) has been utilized for wireless sensor networks, mobile ad hoc networks, interplanetary networks, pocket switched networks and suburb networks for developing region. Because of these application prospects, DTNs have received attention from academic community. Whereas only a few state of the art routing algorithms in DTNs address the problem of aborted messages due to the insufficient encounter duration. In order to reduce these aborted messages, we propose a routing framework which consists of two optional routing functions. Specifically, only one of them is activated according to the encounter angle between pairwise nodes. Besides, the copies of the undelivered message carried by most of the nodes in the network are more likely to be cleared out after successful transfer, which reduces the number of unnecessary transmissions for message delivery. By means of the priority for message transmission and deletion in case of the limited network resource, the proposed algorithm achieves the high delivery ratio with low overhead as well as less number of aborted messages due to the insufficient encounter duration, thus is more energy efficient. © 2011 IEEE.
Audah L, Sun Z, Cruickshank HS (2012) QoS simulation and analysis of HTTP over LEO satellite constellation, Journal of Communications and Networking
In this paper, we present an end-to-end QoS simulation studies on internetworking of remote LAN and long range communications over LEO-Iridium satellites constellation taking SuperJARING network in Malaysia as an example. A macro level network simulation scenario based on actual network topology in Malaysia is implemented as Diffserv network model using the network simulator-2 (NS-2). Web traffic (HTTP) is used as the internet traffic models in the simulation analysis. All simulations are carried out in error-free and link-loss environment. In error-free simulations, the accumulative network traffic loads are varied from 20%, 50% and 80% while in linkloss environment simulations only 20% traffic load is used with bit error rate (BER) varied from 1x10-5, 1x10-4 and 2x10-4. We compare the empirical TCP throughput traces with analytical model for validation. The results show clearly that QoS can be achieved with IP Diffserv over satellites constellation like Iridium.
Ali M, Liang L, Sun Z, Cruickshank HS (2009) FRAMEWORK FOR END-TO-END QOS MEASUREMENT OVER DVB-RCS NETWORK, 27th IET and AIAA International Communications Satellite Systems Conference (ICSSC 2009)
Satellites are popular due to their wide area coverage and for providing connectivity in remote regions of the world. The future development of satellite systems providing services based on the Internet Protocol (IP) needs to be validated on a real satellite network. This paper presents the end-to-end quality of service (QoS) measurements taken at European Space Agency (ESA) testbed over DVB-RCS infrastructure. The applications chosen for these experiments are file transfer (FTP), web browsing (HTTP), video streaming and P2P filesharing. File transfer, web browsing and P2P file-sharing require reliable transport mechanism as a corrupted bit will hinder the intact data delivery. Therefore, these applications use transmission control protocol (TCP) as the transport protocol. TCP involves a three way handshake, which introduces extra delay during data transfer. Video streaming is a real time application, so, it is time-sensitive and requires lesser reliability compared to the other three applications. Hence, it employs user datagram protocol (UDP) at the transport layer, which do not offer any guarantee of reliable data delivery but is fast. The parameters that have been used to evaluate quality of service (QoS) are packet timestamps, file download time, round trip delay, packet sizes and packet loss rate. Also similar applications and results will be measured from a satellite emulation testbed, PLATINE. It is based on Linux operating system, in which most of the DVB-S and DVBRCS satellite network functions have been implemented. These functions include network topology configuration, Quality of Service (QoS), Demand Assigned Multiple Access (DAMA), traffic encapsulation using both Asynchronous Transfer mode (ATM) and ULE/MPEG, satellite network entities configuration and support for both IPv4 and IPv6. The paper concludes with the comparative analysis of the QoS of the applications in both real and emulation environments.
Ong FLC, Liang X, Pillai P, Chan PML, Koltsidas G, Pavlidou F-N, Ferro E, Gotta A, Cruickshank HS, Iyengar S, Fairhurst G, Mancuso V (2007) Fusion of digital television, broadband Internet and mobile communications - Part I: Enabling technologies., Int. J. Satellite Communications Networking 25 4 pp. 363-407
Al-Fares M, Sun Z, Cruickshank HS (2009) High Survivable Routing Protocol in Self Organizing Wireless Sensor Network, IAENG International Journal of Computer Science 36 (2) pp. 147-156 International Association of Engineers
Wireless Sensor Network (WSN) is one of the major research areas in computer network field today. The function of WSN in this paper is to provide sensing services in an un-attended harsh environment. Sensed data need to be delivered to the base station and to cope with the network unreliability problem. Few routing protocol takes into consideration of this problem. It is a great challenge of the hierarchical routing protocol to provide network survivability through redundancy features. In this paper, a short literature review of the existing routing protocol is carried out. Then a novel hierarchical routing protocol, which addresses network survivability and redundancy issues, is introduced. Initial analysis shows promising results of the proposed protocol comparing with LEACH, which is a well known protocol as benchmark. Finally, conclusion was drawn based on the research and future direction for further research is identified.
Cruickshank HS, Sun Z, Carducci F, Sanchez A (2001) Analysis of IP voice conferencing over EuroSkyWay satellite system, IEE PROCEEDINGS-COMMUNICATIONS 148 (4) pp. 202-206 IEE-INST ELEC ENG
Ali M, Liang L, Sun Z, Cruickshank H, Thompson P, Audah LM, Bouquentar T, Alagha N, Sithamparanathan K, Marchese M, Ruggieri M, Bisio I (2010) End-to-End QoS Measurement over a DVB-RCS Satellite Network, PERSONAL SATELLITE SERVICES 43 pp. 130-144 SPRINGER-VERLAG BERLIN
Yu X, Navaratnam P, Moessner K, Cruickshank H (2015) Distributed Resource Reservation in Hybrid MAC With Admission Control for Wireless Mesh Networks, IEEE TRANSACTIONS ON VEHICULAR TECHNOLOGY 64 (12) pp. 5891-5903 IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC
Miao Y, Sun Z, Wang N, Cruickshank HS (2015) Comparison Studies of MANET-Satellite and MANET-Cellular Networks Integrations, 2015 International Conference on Wireless Communications and Signal Processing (WCSP) pp. 1899-1903
A mobile ad hoc network (MANET) is a self-configuring infrastructure-less network. Taking advantage of spontaneous and infrastructure-less behavior, MANET can be integrated with satellite network to provide world-wide communication for emergency and disaster relieve services and can also be integrated with cellular network for mobile data offloading. To achieve different purposes, different architecture of integrated system, protocols and mechanisms are designed. For emergency services, ubiquitous and robust communications are of paramount importance. For mobile data offloading services, emphasis is amount of offloaded data, limited storage and energy of mobile devices. It is important to study the common features and distinguish of the architecture and service considerations for further research in the two integrated systems. In this paper, we study common issues and distinguish between two systems in terms of routing protocol, QoS provision, energy efficiency, privacy protection and resource management. The future research can benefit from taking advantage of the similarity of two systems and address the relevant issues.
Mirzadeh S, Cruickshank H, Tafazolli R (2014) Secure Device Pairing: A Survey, IEEE COMMUNICATIONS SURVEYS AND TUTORIALS 16 (1) pp. 17-40 IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC
Ali M, Liang L, Sun Z, Cruickshank H (2010) Evaluation of transport protocols for SIP signaling over IPv6 DVB-RCS satellite networks, Proceedings of the 2010 7th International Symposium on Wireless Communication Systems, ISWCS'10 pp. 800-804
With the proliferation of the Internet, voice over IP and multimedia communication become more and more important. One of the protocol that facilitated this development is Session Initiation Protocol (SIP). SIP is a signaling protocol which manages the session establishment and termination. It can be based on UDP or TCP at the transport layer. In this paper, the strengths and weaknesses of SIP over UDP and TCP are analyzed in satellite environment. The performance issues of SIP related to transport layer over the next generation protocol, IPv6, are studied. The experimentation is carried out on the satellite network testbed at Centre for Communication Systems Research (CCSR), University of Surrey. The results show that SIP performance on UDP is better than on TCP. SIP over TCP, requires more retransmissions due to the congestion control and flow control mechanisms of TCP, resulting in larger call setup time and bandwidth consumption. © 2010 IEEE.
Audah L, Sun Z, Cruickshank H (2011) QoS evaluation of multiservice applications over integrated satellite-terrestrial networks, International Congress on Ultra Modern Telecommunications and Control Systems and Workshops
This paper presents the QoS performance evaluation studies of IP over integrated terrestrial and Next Generation Satellite Network (NGSN) for HTTP web, file transfer, video streaming and VoIP applications. We compare the QoS parameters (e.g. delay, loss ratio and throughput) of the multiservice applications over Ka-Sat like satellite and the ITU-R standard Hypothetical Reference Digital Path (HRDP). We model the multiservice applications with multiple connections, different files sizes and connection durations variations. We simulate the network scenario with error model for the transmission loss environment using NS-2. A Differentiated Services (Diffserv) queue interface is used in the terrestrial network to regulate and differentiate the traffic flows while a priority queue is used as the satellite on-board-processing unit (OBP). The results showed a better top-down comparison of the QoS parameters involved in each application service across GEO satellite and the standard terrestrial digital data link. © 2011 HTE.
Cruickshank HS (2012) An Energy?Efficient Technique to Combat DOS Attacks in Delay Tolerant Networks, ICST Transactions on Ubiquitous Environments journal 12 (1-3) ICST
A delay tolerant network is a highly constrained networking environment which is low in resources such as memory,
bandwidth and battery power. In opportunistic DTNs, nodes cooperatively forward packets for each other through the
carry-store-and-forward paradigm. Opportunistic data forwarding can be abused by an adversary by injecting spurious
packets in order to waste the resources of the network. To guard against such attacks, it is important to authenticate packets
at intermediate nodes. Packet authentication in itself comes with overheads such as computation cost and energy
consumption which can be exploited by an attacker to mount a denial of service attack. We propose the use of light-weight
DTN-cookies to protect this vital security service from such malicious exploitation. We show through simulations that our
proposed mechanisms can improve network performance and save considerable amount of power even in the presence of
attackers.
Cruickshank HS, Liang L, Pillai P, Noisternig M, Collini-Nocker B, Fairhurst G (2009) Unified Link Layer Security Design for IP Encapsulation using Unidirectional Lightweight Encapsulation over Satellites, 27th IET and AIAA International Communications Satellite Systems Conference Proceedings
There is growing interest in providing multimedia and broadband access over satellites. However there are several
technical challenges need to be addressed. One challenge is security in terms of understanding threats and providing an effective security system. Also this paper presents a ULE
security solution using ULE mandatory extension headers. The design issues and choices are discussed. The detailed security header format is described together with processing
sequence in both transmitter and receiver sides.
Sheng Y, Cruickshank H (2008) Security Mechanisms for Delivering Ubiquitous Services in Next Generation Mobile Networks, 2008 IEEE 19TH INTERNATIONAL SYMPOSIUM ON PERSONAL, INDOOR AND MOBILE RADIO COMMUNICATIONS pp. 2366-2370 IEEE
The concept of Delay Tolerant Networks (DTNs) has been utilized for wireless sensor networks, mobile ad hoc networks, interplanetary networks, pocket switched networks and suburb networks for developing region. Because of these application prospects, DTNs have received attention from academic community. Whereas only a few state of the art routing algorithms in DTNs address the problem of aborted messages due to the insufficient encounter duration. In order to reduce these aborted messages, we propose a routing framework which consists of two optional routing functions. Specifically, only one of them is activated according to the encounter angle between pairwise nodes. Besides, the copies of the undelivered message carried by most of the nodes in the network are more likely to be cleared out after successful transfer, which reduces the number of unnecessary transmissions for message delivery. By means of the priority for message transmission and deletion in case of the limited network resource, the proposed algorithm achieves the high delivery ratio with low overhead as well as less number of aborted messages due to the insufficient encounter duration, thus is more energy efficient.
Ansa G, Johnson E, Cruickshank HS, Sun Z (2010) Mitigating Denial of Service Attacks in Delay-and Disruption-Tolerant Networks., PSATS 43 pp. 221-234 Springer
Kittiperachol, Sun Z, Cruickshank HS (2008) Evaluation of TCP Variants and Bandwidth on Demand over Next Generation Satellite Network,
the Internet has become an important part of day
to day activities. There is hardly a day without using Internet, such as reading Emails and articles as well as enjoying music and
video. Thus, it is very important for the Internet to be provided to anyone anywhere. Terrestrial network has been the underlying
infrastructure for the Internet. However, terrestrial network by itself cannot always satisfy all of the growing demands for the
Internet, particularly in the remote areas. Thus, the deployment of the Next Generation Satellite Network (NGSN) is needed to fill
in the gap and break the digital divide. This paper evaluates how the performances of TCP over NGSN with dynamic bandwidth
allocation mechanism. The TCP used in this work is a real-world TCP based on both Linux and Window Vista implementations which have been integrated into a network simulator, INET. The
study reveals that the TCP performances in terms of utilization and robustness, friendliness and fairness, and user?s perceived
Quality of Service are clearly affected by the dynamic bandwidth allocation mechanism.
Leung A, Sheng Y, Cruickshank H (2007) The security challenges for mobile ubiquitous services, Information Security Technical Report 12 (3) pp. 162-171
It is envisaged that in future mobile ubiquitous environments, users will be able to seamlessly, search, access and consume a rich offering of services and content from an array of Service/Content Providers, whilst they are on the move, anytime, anywhere. Unfortunately, this new computing paradigm also brings along new and unique security challenges. Novel security solutions are therefore required. But, in order for appropriate security solutions to be devised, all possible security threats must first be thoroughly analysed, and the corresponding security requirements be identified. In this paper, we examine the security issues germane to a mobile ubiquitous environment. We then suggest some possible solutions which may be employed to address these security issues. Open research issues are also highlighted. © 2007 Elsevier Ltd. All rights reserved.
Ansa G, Cruickshank HS, Sun Z (2011) A proactive DOS filter mechanism for delay tolerant networks, Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering: Personal Satellite Services 71 pp. 213-226
Denial of Service (DOS) attacks are a major threat faced by all types of networks. The effect of DOS in a delay tolerant network (DTN) is even more aggravated due to the scarcity of resources. Perpetrators of DOS attacks in DTN-like environments look beyond the objective of rendering a target node useless. The aim of an attacker is to cause a network-wide degradation of resources, service and performance. This can easily be achieved by exhausting node or link resources and partitioning the network. In this paper we seek to provide a proactive approach in making the DTN authentication process robust against DOS. Our aim is to make security protocols which provide mandatory DTN security services resilient to DOS attacks. The overall objective is to make it hard to launch a DOS attack and ensure the availability of DTN services. A DTN-cookie mechanism has been proposed to quickly identify and filter out illegitimate traffic.
Luo Z, Sun Z, Cruickshank HS (2007) TCP throughput enhancement via link layer relay in multi-hop satellite IP networks, 2007 INTERNATIONAL WORKSHOP ON SATELLITE AND SPACE COMMUNICATIONS, IWSSC '07, CONFERENCE PROCEEDINGS pp. 104-108
Ng W, Cruickshank HS, Sun Z (2006) Scalable balanced batch rekeying for secure group communication, COMPUTERS & SECURITY 25 (4) pp. 265-273 ELSEVIER ADVANCED TECHNOLOGY, OXFORD FULFILLMENT CENTRE THE BOULEVARD, LANGFORD LANE, KIDLINGTON, OXFORD OX5 1GB, OXON, ENGLAND
Secure group communication is important for applications such as pay-per-view. Other authors have proposed the key tree approach to distribute a shared group key in a way such that the rekeying cost scales linearly with the logarithm of the group size for a join or depart request. The efficiency of the key tree approach depends critically on whether the key tree remains balanced. Periodic rebalancing can be used to balance the key tree whenever it becomes unbalanced but this adds extra costs to the network. In this paper, we present two Merging Algorithms suitable for batch join events. As the multicast session consists of other events as well, we then show how we can extend our algorithms into existing work to minimise the maximum difference in height without adding extra network costs. Simulation results show our Merging Algorithms not only balance the key tree but their rekeying costs are lower compared to existing algorithms. (C) 2006 Elsevier Ltd. All rights reserved.
Liang L, Bhutta M, Cruickshank H, Sun Z, Kulatunga C, Fairhurst G (2009) Integration of TESLA and FLUTE over Satellite Networks,
Multicast research has explored the security challenges faced in group communications. Multicast transport and multicast security need to work in close collaboration to realise a multicast service. However, there has been comparatively little work to combine the two technologies. In this paper the authors is presenting an example of partially integrating Timed Efficient Stream Loss-Tolerant Authentication (TESLA) protocol and the File Delivery over Unidirectional Transport (FLUTE) protocol. The security concern raised by the proposed algorithm is analysed for satellite network. The proposed algorithm was implemented on a testbed with multicast tunnel between University of Surrey and University of Aberdeen and the results are presented in this paper.
Liang L, Sun Z, Cruickshank HS (2005) Relative QoS optimization for multiparty online gaming in DiffServ networks, IEEE COMMUNICATIONS MAGAZINE 43 (5) pp. 75-83 IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC, 445 HOES LANE, PISCATAWAY, NJ 08855 USA
Real-time interactive multimedia multiparty communication is becoming a vital part of modern Internet services. As one of its applications, online gaming attracts a huge group of fans playing over the Internet. It has new requirements for relative QoS. This article gives a brief introduction to these new QoS requirements, and then presents an algorithm to satisfy these requirements in the differentiated services network for client-server-topology-based online gaming services. Our simulation results show that this algorithm can provide optimized relative QoS support for online gaming as an example of multiparty communications.
Ao L, Ogah C, Asuquo PM, Cruickshank HS, Sun Z (2016) A Secure Key Management Scheme for Heterogeneous Secure Vehicular Communication Systems, ZTE Communications 14 (S0) pp. 21-31 ZTE Corporation
Abstract Intelligent transportation system (ITS) is proposed as the most effective way to improve road safety and traffic efficiency. However, the future of ITS for large scale transportation infrastructures deployment highly depends on the security level of vehicular communication systems (VCS). Therefore, security key management schemes are considered as a critical research topic for network security. In this paper, we propose a framework for providing secure key management within heterogeneous network. The security managers (SMs ) Play a key role in the framework by retrieving the vehicle departure information, encapsulating block to transport keys and then executing rekeying to vehicles within the same security domain. The first part of this framework is a novel Group Key Management (GKM) scheme basing on (LP) of vehicles to depart current VCS region. Vehicle's LP factor is introduced into GKM scheme to achieve a more efficient rekeying scheme and less rekeying costs. The second component of the framework using the blockchain concept to simplify the distributed key management in Heterogeneous VCS domains. Extensive simulations and analysis are provided to show the effectiveness and efficiency of the proposed framework: Our GKM results demonstrate that probability-based BR reduces rekeying cost compared to the benchmark scheme, while the blockchain decreases the time cost of key transmission over heterogeneous networks.
Tafreshi V, Cruickshank HS, Sun Z (2014) Architecture for satellite services over cryptographically heterogeneous networks with application into smart grid, Proceedings of the 2014 7th Advanced Satellite Multimedia Systems Conference and the 13th Signal Processing for Space Communications Workshop (ASMS/SPSC) pp. 411-418
The rapid growth in the demand for Future Internet services with many emerging group applications has driven the development of satellite, which is the preferred delivery mechanism due to its wide area coverage, multicasting capability and speed to deliver affordable future services. Nevertheless, security has been one of the obstacles for both satellite services as well as smart grid group applications, especially with logical/geographical/cryptographic domains spanning heterogeneous networks and regions. In this paper, adaptive security architecture is implemented to protect satellite services for smart grid group applications. The focus is on key management and policy provisioning. Leveraging Group Domain of Interpretation (GDOI) as the standard for smart grid centralized key/policy management architecture, a single Domain of Interpretation (DOI) is deployed and evaluated critically in terms of the added protocol signaling overhead on the satellite system for a fixed-network scenario. This also partially realizes the growing trend towards the use of TCP/IP technology for smart grid applications.
Ogah C, Cruickshank HS, Sun Z, Asuquo PM, Chandrasekaran G, Cao Y, Al Tawqi M (2016) Privacy-Enhanced Group Communication for Vehicular Delay Tolerant Networks, Proceedings of 2015 9th International Conference on Next Generation Mobile Applications, Services and Technologies pp. 193-198
Vehicular Delay Tolerant Networking (VDTN) is a special instance of Vehicular Ad hoc Networking (VANET) and in particular Delay Tolerant Networking (DTN) that utilizes infrastructure to enhance connectivity in challenged environments. While VANETs assume end-to-end connectivity, DTNs and VDTNs do not. Such networks are characterized by dynamic topology, partitioning due to lack of end-to-end connectivity, and opportunistic encounters between nodes. Notably, VDTNs enhances the capabilities DTNs to provide support for delay and intermittent connectivity. Hence, they can easily find applicability in the early stages of the deployment of vehicular networks characterized by low infrastructure deployment as is obtainable in rural areas and in military communications. Privacy implementation and evaluation is a major challenge in VDTNs. Group communication has become one of the well discussed means for achieving effective privacy and packet routing in ad hoc networks including VDTNs. However, most existing privacy schemes lack flexibility in terms of the dynamics of group formation and the level of privacy achievable. Again, it is difficult to evaluate privacy for sparse VDTNs for rural area and early stages of deployment. This paper reports on an improved privacy scheme based on group communication scheme in VDTNs. We analyze the performance of our model in terms of trade-off between privacy and performance based on delivery overhead and message delivery ratio using simulations. While this is a work in progress, we report that our scheme has considerable improvement compared to other similar schemes described in literature.
Fan L, Baudoin C, Liang L, Yun A, Fairhurst G, Sathiaseelan A, Melhus I, Iyengar S, Guerra J, Ramos A, Perez D, Castellot R, Callejo E, de Domingo M, Cruickshank HS, Sun Z (2007) The SATSIX architecture for next-generation satellite systems with IPv6 and DVB, 25th AIAA International Communications Satellite Systems Conference
Broadband satellite will play an important role to provide universal broadband access for the users. In order to lower the cost, the next-generation satellite systems should support IPv6 and seamlessly integrate with terrestrial networks, including wireless local loops. In this paper, a novel network architecture has been proposed as a potential solution to the above problem. Based on the proposed overall network and functional architecture, we have emphasised and presented different aspects of the advanced IPv6-enable networking techniques, such as QoS, multicast, security and mobility. The transport protocols can be used in this network architecture are also studied. © 2007 by SATSIX.
Kittiperachol S, Sun Z, Cruickshank HS (2008) Performance evaluation of on-board QoS support for multiservice applications on the integrated Next Generation Satellite-terrestrial network, 2008 4th Advanced Satellite Mobile Systems - Proceedings, ASMS 2008 pp. 311-316
Next Generation Satellite Network (NGSN) possesses unique characteristics; large coverage area, quick deployment, native broadcasting/multicasting capability, multiple spotbeams, high bandwidth and on-broad processor (OBP). These features enable NGSN to play an important role in providing ubiquitous global Next Generation Internet (NGI). The original Internet is restricted mainly to terrestrial network and supports only best effort service. NGI is to support multiservice applications with service differentiation and extending Internet access beyond the reach of terrestrial network. Based on the integrated satelliteterrestrial network, a main infrastructure for global ubiquitous Internet is envisaged and Internet applications can be accessed anywhere anytime. However, one of the key successes depends mainly on the capabilities of the satellite OBP. Without it, the preservation of end-to-end (e2e) service differentiation has to be dealt with at ground hub stations, thus increasing e2e delay. This paper studies the impacts of different on-board queueing schemes on the quality of multiservice applications on NGI and suggests that the quality of multiservice applications is generally enhanced if the on-board service differentiation is supported. © 2008 IEEE.
Sun Z, Cruickshank HS, Liang L, Sánchez A, Miguel C (2002) IP based multimedia conference over satellite, 20th AIAA International Communication Satellite Systems Conference and Exhibit
Significant research and development have been carried out recently in Voice over IP (VoIP) to integrate Internet data services and telephony services based on Public Switched Telephone Network (PSTN). Satellites have been used for many years to provide long distance telephone services and have today an increasing portion of their capacities used to carry IP packets for Internet services. Therefore, convergence of voice and data is happening not only in terrestrial communication links, but also in satellite networks. With their global coverage and reach to remote areas, satellites are well positioned to enable growth of VoIP services. In addition to telephone and Internet services, satellite can also be used for multimedia conference services due to the broadcasting capability. This paper presents the studies of these topics as results of the VIP-TEN project on IP telephony and the ICEBERGS projects on multimedia conference over satellite. © 2002 by the author(s). Published by the American Institute of Aeronautics and Astronautics, Inc., with permission.
Fan L, Cruickshank HS, Sun Z (2008) IP networking over next-generation satellite systems, Springer Verlag
In addition, the book covers hot-button issues such as security, architecture improvement, resource allocation, video networking, and service integration.
Cruickshank HS, Sanchez A, Sun Z, Carro B (2001) Voice over IP over satellite links, ICECS 2001: 8TH IEEE INTERNATIONAL CONFERENCE ON ELECTRONICS, CIRCUITS AND SYSTEMS, VOLS I-III, CONFERENCE PROCEEDINGS pp. 473-476
Luo Z, Sun Z, Cruickshank HS (2007) Modelling and simulation study of TCP performance with link layer retransmission and fragmentation for satellite-UMTS networks, Recent Advances in Modeling and Simulation Tools for Communication Networks and Services pp. 137-155
Satellite-based Universal Mobile Telecommunications System (S-UMTS) is used to provide all kinds of Transmission Control Protocol/ Internet Protocol (TCP/IP) based Internet services for global end users. However, due to the high propagation delay and high bit error rates over satellite links, the TCP performance degrades considerably and affects many qualities of TCP based services. In this work, we focus on studying the TCP performance in S-UMTS using radio link control (RLC) with fragmentation and retransmission mechanisms. Analytical and simulation studies have been carried out to study this cross-layer problem. Two scenarios have been studied, i.e., the satellite operates in either transparent mode or with onboard processor (OBP) mode. The results indicate that the TCP performance can be enhanced substantially by employing the relay function using OBP and appropriate configurations of RLC parameters, thus providing useful information to the design the next generation communication satellite with onboard processing.
Alfares M, Sun Z, Cruickshank HS (2010) Intelligent Automation and Computer Engineering, In: Ao S, Castillo O, Huang X (eds.), Intelligent Automation and Computer Engineering (16) pp. 205-216 Springer Verlag
Intelligent Automation and Computer Engineering offers the state of the art oftremendous advances in intelligent automation and computer engineering and also ...
Chotikapong Y, Cruickshank HS, Sun Z (2001) Evaluation of TCP and internet traffic via low earth orbit satellites, IEEE Personal Communications 8 (3) pp. 28-34
The prospect of the Internet as the fastest growing satellite communication application coupled with satellite-based multimedia networks has generated a high level of interest in the performance of TCP over satellite systems. This article presents the network architecture for supporting services based on TCP/IP over satellite. It discusses the key factors that influence TCP performance over satellite links, and compares the benefits and disadvantages of low earth orbit and geostationary earth orbit satellites. The article also discusses the feasibility of using LEO satellites to support and expand the Internet. It presents studies of the TCP behavior over a GEO satellite system and LEO satellite constellation based on computer simulations, where two typical Internet applications are taken into consideration: FTP file transfer and Web browsing. The results show that TCP performs much better over the LEO satellite constellation than over the GEO system; even the standard TCP over LEO is better than enhanced TCP over GEO.
Cruickshank HS, Iyengar S, Howarth MP, Sun Z, Zeppenfeldt F, Kenny G (2003) Secure IP multicast over satellites,
Alshamrani M, Cruickshank HS, Sun Z (2015) SIP Signaling and QoS for ROHC Based Next Generation MANETs Reactive Routing Protocols, Proceedings of the 8th EUROSIM Congress on Modelling and Simulation (EUROSIM 2013) pp. 591-599
In this paper, an evaluation of SIP signaling and voice QoS for SIP based VoIP using GSM voice codec system over IPv6 MANETs with Static, and Random mobility models. This evaluation study considered two types of reactive routing protocols, AODV and DSR. The study examined IPv4, IPv6, and Robust Header Compression (ROHC) as a compression/decompression system for IPv6 headers. The evaluation results show that SIP signaling and VoIP traffic are acting poorly over IPv6 even when applying ROHC. In general, AODV has low performance over different types of Random mobility models for MANET nodes, while DSR shows better performance with Static mobility models and bad performance with Random mobility models. When using ROHC for TCP traffic, a level of enhanced performance had shown for SIP based VoIP calls over IPv6 MANET. However ROHC still has longer delays and poor performance compared with SIP based VoIP over IPv4 MANET. Therefore, the SIP signaling for IPv6 MANET reactive protocols require further enhancements for SIP/TCP registration and retransmission timers to be able to employ the capabilities of IPv6 and ROHC system for SIP based VoIP and real-time applications over MANET.
Yang X, Sun Z, Miao Y, Cruickshank HS (2016) QoS Routing for MANET and Satellite Hybrid Network to Support Disaster Relives and Management, Proceedings of the 2016 IEEE 83rd Vehicular Technology Conference (VTC Spring)
Communication technologies are very important for disaster management. Satellite network?s advantage of large coverage and Mobile Ad hoc Network?s (MANET) advantage of high flexibility could be ideal for disaster management. In this paper, the authors propose a novel scheme for providing reliable wireless communications in disaster sites with a hybrid network of terrestrial MANET and satellite network. In comparison with normal wireless routing approaches, i.e. AODV and AOMDV, the proposed scheme could achieve higher packet delivery ratio, higher throughput and lower delay; meanwhile it could also balance traffic loads at gateways to maximum satellite links? utilization.
Audah L, Sun Z, Cruickshank HS (2012) Comparative Evaluation QoS of FTP over LEO and GEO Satellite Networks with Diffserv Architecture, Journal of Communication and Computer (JCC) 9 (12) pp. 1383-1394 David Publishing Company
This paper presents studies for the end-to-end QoS of IP over integrated terrestrial and Next Generation Satellite Network (NGSN) using FTP. We compare between LEO and GEO satellites constellations for the QoS parameters (i.e. delay, jitter, loss rate and throughput) of file transfer from a remote server in London and a remote client in Boston. We model the file transfer with multiple connections and file size variation according to Exponential and Pareto distributions respectively. We create the scenario with error model to simulate transmission loss environment using the NS-2 simulation software. A Differentiated Services (Diffserv) queue interface is placed in the server side to regulate the traffic flows across the narrow bandwidth of the satellite links. The results showed the performance evaluation and presented a good comparison of the QoS parameters involved in the data transfer across LEO and GEO satellites systems.
Security of satellite data is becoming an important issue. The DVB (TV broadcasting) Conditional Access system used in satellite broadcasting has however been surrounded by controversy for many years due to the spread of counterfeit smart cards, and this paper examines the weaknesses of current DVB-S security. We provide an alternative solution to secure multicast services over satellites using IPSEC and a group key management system called GSAKMP.
Sun Z, Howarth MP, Cruickshank HS, Iyengar S, Claverotte L (2003) Networking issues in IP multicast over satellite, INTERNATIONAL JOURNAL OF SATELLITE COMMUNICATIONS AND NETWORKING 21 (4-5) pp. 489-507
This paper describes the issues that arise when using satellites for IP multicast, with the emphasis on multicast protocols and how their implementation depends on the satellite communications platform. Various link layer standards such as DVB-S, DVB-RCS and ATM can be used in satellites with on-board processing, and applied to meet user and network requirements for IP multicast. The paper provides an overview of the networking issues and their interactions. Specifically, we show how multicast networking protocols have to be modified to take into account the satellite link characteristics: these protocols include IGMP, multicast routing protocols and reliable multicast protocols. We also discuss how security systems support IP multicast.
Wood L, Cruickshank HS, Sun Z Supporting group applications via satellite constellations with multicast, IEE Conference Publication no.I 451 pp. 190-194
Here, the networking aspects of the broadband satellite constellations are discussed, and the suitability of the constellations for multicast is assessed.
Cao Y, Sun Z, Wang N, Cruickshank HS, Ahmad N (2013) A reliable and efficient geographic routing scheme for delay/disruption tolerant networks, IEEE Wireless Communications Letters 2 (6) pp. 603-606
The research in this letter focuses on geographic routing in Delay/Disruption Tolerant Networks (DTNs), by considering sparse network density. We explore the Delegation Forwarding (DF) approach to overcome the limitation of the geometric metric which requires mobile node moving towards destination, with the Delegation Geographic Routing (DGR) proposed. Besides, we handle the local maximum problem of DGR, by considering nodal mobility and message lifetime. Analysis and evaluation results show that DGR overcomes the limitation of the algorithm based on the given geometric metric. By overcoming the limited routing decision and handling the local maximum problem, DGR is reliable for delivering messages before expiration lifetime. Meanwhile, the efficiency of DGR regarding low overhead ratio is contributed by utilizing DF. © 2013 IEEE.
Johnson H, Cruickshank HS, Sun Z (2013) Providing Authentication in Delay/Disruption Tolerant Networking (DTN) Environment, 4th International ICST Conference, PSATS 2012, 52 pp. 189-196
DTN environment is characterized by intermittent connectivity, high/variable delay, heterogeneity, high error rate and asymmetric data rate amongst others. These characteristics accounts for the poor behavior of Internet protocols in this environment. To address these problems, DTN was conceived and designed together with specialized protocols to carry out its services. Its emergence called for a new concept in security that was considered at the design stage. The main aim of this paper is to propose a traditional cryptography based authentication scheme that does not depend on network administrator?s availability during post network authentication communication and facilitates bundle processing by the recipient in the absence of connectivity. In this paper, we present and discuss the system model, the proposed credential and the propose authentication scheme. A simulation framework is developed for the implementation of the proposed and referenced schemes. From the simulation results, the proposed scheme was observed to be independent of network administrator?s availability during post network authentication communication and facilitates bundle processing in the absence of connectivity.
Ahmad N, Cruickshank HS, Sun Z, Asif M (2011) Pseudonymised Communication in Delay Tolerant Networks, pp. 1-6
Privacy, Anonymity, pseudonymity are the debatable terms which on one angle restrict the rights but on other angle open doors for malacious activity.This paper propses design for a pseudonymised communication which is optimal solution for the privacy issues, where the real identity is hidden from the outside world by using blind signature in a different way of group commmunication.The protocol is deployed and analysed in extreme environment of Delay Tolerant Networks (DTN), which is overlay on the top of traditional Internet which provides end to end connectivity and charactarised with long delay and disruption. A telemedicine application of rural area network is explored to provide source anonymity.The protocol is finally analysed using Dolev Yao model with two different cases and it preserves the orignal identity of the node.
Cao Y, Cruickshank H, Sun Z (2011) Active congestion control based routing for opportunistic delay tolerant networks, IEEE Vehicular Technology Conference
Opportunistic Networks (ONs) utilize the communication opportunity with a hop-by-hop behavior, and implement communication between encountered nodes based on the Storeand- Forward routing pattern. This approach, which is totally different from the traditional communication model, has received extensive interests from academic community. We consider the ONs are a type of Delay Tolerant Networks (DTNs) since their routing behavior are quite same regardless of the bundle layer protocol. Until currently, a set of congestion control mechanisms have been proposed in Deterministic DTNs, which is mainly implemented in the network with limited mobility or the static network with scheduled disruption interval. However, regarding the networks with large topology variation, known as Opportunistic DTNs, to design a congestion control mechanism is difficult. In this paper, we propose an active congestion control based routing algorithm that pushes the selected message before the congestion happens. In order to predict the future congestion situation, a corresponding estimation function is designed and our proposed algorithm works based on two asynchronous routing functions, which are scheduled according to the decision of estimation function. Simulation results show our proposed algorithm efficiently utilizes the distributed storage to achieve a quite low overhead ratio and also performs well in the realistic scenario. © 2011 IEEE.
Jamalipour A, Marchese M, Cruickshank HS, Neale J, Verma SN, Bush AM (2004) Guest editorial - Broadband IP networks via satellites - Part II, IEEE JOURNAL ON SELECTED AREAS IN COMMUNICATIONS 22 (3) pp. 433-437 IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC
Al-Siyabi M, Cruickshank H, Sun Z, Ansa G (2011) Fairness and satisfaction model for DTN applications using various transportation means, Lecture Notes in Computer Science: Wired/Wireless Internet Communications 6649 pp. 446-457
Delay Tolerant Network suffers from lack of resources and disconnected contact nature. In DTN, all possible methods are used to transmit data including the physical transportations means. Aircrafts in commercial routes have been proposed to carry data from ground users along their flying routes. Delivery probability is compared when using aircrafts, buses and ferries. Results show that aircrafts provide higher delivery probability which is up to 62% better compared with buses and ferries. Furthermore, when there is lack of resources, it is difficult to satisfy all users? demands for traffic. We propose a Fairness and Satisfaction (FS) model to enhance the users? satisfaction during DTN limited and scarce resources. Various scenarios are tested for the FS model through intense simulations. FS model, when implemented, will improve user?s satisfaction up to 18 % and DTN fairness up to 20 % compared with the same scenario lacking the model.
Satellites had been successful in the past due to their wide area coverage and speedy deployment of new services especially in remote regions of Europe and the rest of the world. The future development of broadband satellite systems providing services based on the Internet Protocol (IP) needs to be stimulated by means of common standards. This paper presents the ETSI BSM PEP architecture which includes the satellite terminal and gateway protocol stacks and security configurations for successful PEP implementations
Bhutta N, Ansa G, Johnson E, Ahmad N, AlSiyabi M, Cruickshank HS (2009) Security analysis for Delay/Disruption Tolerant satellite and sensor Networks, pp. 385-389 IEEE
In the last few years, Delay/Disruption Tolerant
Networking has grown to a healthy research topic because of its suitability for challenged environments characterized by heterogeneity, long delay paths and unpredictable link
disruptions. This paper presents a DTN security architecture that focuses on the requirements for lightweight key management; lightweight AAA-like architecture for authentication/authorisation; resilience to Denial of Service attacks and user anonymity.
Al-Siyabi M, Cruickshank H, Sun Z (2010) Quality of service provisioning for delay tolerant network by implementing admission control model for aircrafts bundles data transmission, IWCMC 2010 - Proceedings of the 6th International Wireless Communications and Mobile Computing Conference pp. 706-710
The notion of Quality of Service (QoS) in Delay Tolerant Network (DTN) is different due to the challenging nature of DTN which might suffer from intermittent disconnections and long delays. DTN has scarce resources; therefore, controlling the admissions to these resources is important to best share them among the users according to each user privilege. This paper presents the requirements for QoS in DTN and identifies the DTN flow characteristics metrics. The control and managements of these metrics will enhance DTN QoS. Also this paper proposes an Admission Control model based on local information of the node resource in order to avoid network congestion and enhance network performance. Copyright © 2010 ACM.
Bhutta MNM, Cruickshank HS, Sun Z (2014) An Efficient, Scalable Key Transport Scheme (ESKTS) for Delay/Disruption Tolerant Networks, Wireless Networks 20 (6) pp. 1597-1609
In the past, security protocols including key transport protocols are designed with the assumption that there are two parties communication with each other and an adversary tries to intercept this communication. In Delay/Disruption Tolerant Networking (DTN), packet delivery relies on intermediate parties in the communication path to store and forward the packets. DTN security architecture requires that integrity and authentication should be verified at intermediate nodes as well as at end nodes and confidentiality should be maintained for end communicating parties. This requires new security protocols and key management to be defined for DTN as traditional end-to-end security protocols will not work with DTN. To contribute towards solving this problem, we propose a novel Efficient and Scalable Key Transport Scheme (ESKTS) to transport the symmetric key generated at a DTN node to other communicating body securely using public key cryptography and proxy signatures. It is unique effort to design a key transport protocol in compliance with DTN architecture. ESKTS ensures that integrity and authentication is achieved at hop-by-hop level as well as end-to-end level. It also ensures end-to-end confidentiality and freshness for end communicating parties. This scheme provides a secure symmetric key transport mechanism based on public key cryptography to exploit the unique bundle buffering characteristics of DTN to reduce communication and computation cost. © 2014 Springer Science+Business Media New York.
Lukman A, Sun Z, Cruickshank HS (2010) End-to-End QoS Evaluation of IP-Diffserv Network over LEO Satellite Constellation, Personal Satellite Services 43 pp. 99-113
In this paper, we present an end-to-end QoS simulation studies on
internetworking of remote LAN and long range communications over LEOIridium
satellites constellation taking SuperJARING network in Malaysia as an
example. A macro level network simulation scenario based on actual network
topology in Malaysia is implemented as Diffserv network model using the
Network Simulator-2 (NS-2). Web traffic (HTTP) is used as the internet traffic
models in the simulation analysis. All simulations are carried out in error-free
and link-loss environment. In error-free simulations, the accumulative network
traffic loads are varied from 20%, 50% and 80% while in link-loss environment
simulations only 20% traffic load is used with bit error rate (BER) varied from
1x10-5, 1x10-4 and 2x10-4. The results show clearly that QoS can be achieved
with IP Diffserv over satellites constellation like Iridium.
Ali M, Liang L, Sun Z, Cruickshank HS, Thompson P, Bouquentar T, Alagha N (2010) End-to-end QoS Measurement over a DVB-RCS Satellite Network, Personal Satellite Services 43 pp. 130-144
Satellites play an important role in the future network due to their wide area coverage and for providing connectivity in remote regions of the world. This paper presents the end-to-end quality of service (QoS) measurements taken employing a European Space Agency (ESA) testbed over DVB-RCS infrastructure, in collaboration with University of Surrey, UK. The applications chosen for these experiments are file transfer (FTP), web browsing (HTTP) and video streaming. File transfer and web browsing require reliable transport mechanism as a corrupted bit will hinder the intact data delivery. Therefore, these applications use transmission control protocol (TCP) as the transport protocol. TCP involves a three way handshake, which introduces extra delay during data transfer. Video streaming is a real time application. It is time-sensitive and requires lesser reliability compared to FTP and Web services. Hence, it employs user datagram protocol (UDP) at the transport layer, which do not offer any guarantee of reliable data delivery but timely. The parameters that have been used to evaluate quality of service (QoS) are packet delivery time, file download time, round trip delay, packet sizes and packet loss. The paper presented measurement results and comparative analysis of the QoS of the applications over the DVB-RCS testbed.
Kittiperachol S, Sun Z, Cruickshank HS (2008) Evaluation of TCP variants and bandwidth on demand over next generation satellite network, 2008 International Workshop on Satellite and Space Communications, IWSSC'08, Conference Proceedings pp. 3-7 IEEE
The Internet has become an important part of day to day activities. There is hardly a day without using Internet, such as reading Emails and articles as well as enjoying music and video. Thus, it is very important for the Internet to be provided to anyone anywhere. Terrestrial network has been the underlying infrastructure for the Internet. However, terrestrial network by itself cannot always satisfy all of the growing demands for the Internet, particularly in the remote areas. Thus, the deployment of the Next Generation Satellite Network (NGSN) is needed to fill in the gap and break the digital divide. This paper evaluates how the performances of TCP over NGSN with dynamic bandwidth allocation mechanism. The TCP used in this work is a real-world TCP based on both Linux and Window Vista implementations which have been integrated into a network simulator, INET. The study reveals that the TCP performances in terms of utilization and robustness, friendliness and fairness, and user's perceived Quality of Service are clearly affected by the dynamic bandwidth allocation mechanism. ©2008 IEEE.
Bhutta M, Liang L, Cruickshank H, Sun Z, Fairhurst G, Kulatunga C (2009) Integration of TESLA and FLUTE over satellite networks, International Workshop on Satellite and Space Communications, 2009. IWSSC 2009. pp. 135-139
Multicast research has explored the security challenges faced in group communications. Multicast transport and multicast security need to work in close collaboration to realise a multicast service. However, there has been comparatively little work to combine the two technologies. In this paper the authors is presenting an example of partially integrating timed efficient stream loss-tolerant authentication (TESLA) protocol and the file delivery over unidirectional transport (FLUTE) protocol. The security concern raised by the proposed algorithm is analysed for satellite network. The proposed algorithm was implemented on a testbed with multicast tunnel between University of Surrey and University of Aberdeen and the results are presented in this paper.
Audah L, Sun Z, Cruickshank HS End-to-end QoS evaluation of IP over LEO/GEO satellites constellations for FTP, Proceedings of 5th International Conference on Signal Processing and Communication Systems
This paper presents studies for the end-to-end QoS of
IP over integrated terrestrial and Next Generation Satellite
Network (NGSN) using FTP. We compare between LEO and
GEO satellites constellations for the QoS parameters (i.e. delay,
jitter, loss rate and throughput) of file transfer from a remote
server in London and a remote client in Boston. We model the
file transfer with multiple connections and file size variation
according to Exponential and Pareto distributions respectively.
We create the scenario with error model to simulate transmission
loss environment using the NS-2 simulation software. A
Differentiated Services (Diffserv) queue interface is placed in the
server side to regulate the traffic flows across the narrow
bandwidth of the satellite links. The results showed the
performance evaluation and presented a good comparison of the
QoS parameters involved in the data transfer across LEO and
GEO satellites systems.
Anyigor Ogah C, Cruickshank HS, Asuquo PM, Lei A, Sun Z (2017) Delay Tolerant Revocation Scheme for Delay Tolerant VANETs (DTRvS), Communications in Computer and Information Science 766 pp. 143-164 Springer International Publishing
This article discusses an effective revocation scheme for disconnected Delay Tolerant Vehicular Ad hoc Networks (VANETs). Malicious vehicles can exhibit various misbehaviour such as dropping packets due to selfish reasons. Selfishness can be due to the need to conserve limited resources such as energy and bandwidth. This forces vehicles to either drop all or some of the packets they receive. This is particularly obtainable in multi-hop forwarding networks where packets are routed from one vehicle to another towards their destination. When some packets are dropped, the usefulness of the system is not fully realised since it affects the quality of information available to vehicles for making driving decisions such as road manoeuvres. Additionally, packet dropping can degrade the routing efficiency of the system. In extreme cases of misbehaviour, it is important to stop such vehicles from further participation in network communication. One way of achieving this is through revocation. However, it is important to establish mechanisms for identifying such vehicles before blacklisting them for revocation. Our objective here is to address the question of how much we can use a trust-based scheme where vehicles cannot always be expected to follow normal protocols for revocation. Revocation or suspension of misbehaving vehicles is essential to avoid havoc and possible economic damage.
Anyigor Ogah C, Cruickshank H, Asuquo P, Lei A, Sun Z (2017) Experimental Privacy Analysis and Characterization for Disconnected VANETs, 8th International Conference, WiSATS 2016, Cardiff, UK, September 19-20, 2016, Proceedings 186 pp. 119-129
Intelligent Transport Systems (ITS) are special applications of Vehicular Ad-hoc Networks (VANETs) for road safety and efficient traffic management. A major challenge for ITS and VANETs in all its flavours is ensuring the privacy of vehicle drivers and the transmitted location information. One attribute of ITS during its early roll-out stage especially in rural areas and challenged environments is low vehicle density and lack of end-to-end connectivity akin to the attribute of Vehicular Delay Tolerant Networks (VDTNs). This means that contact duration between network entities such as vehicles and road-side units (RSUs) are short-lived. Three popular solutions are the use of pseudonyms, mix-zones, and group communication. Privacy schemes based on the mix-zone technique abound for more conventional VANETs. A critical privacy analysis of such scenarios will be key to the design of privacy techniques for intermittent networks. We are not aware of any work that analyse the privacy problem in intermittent VANTEs. In this paper, we add our voice to efforts to characterize the privacy problem in disconnected VANETs.
Audah L, Sun Z, Cruickshank H (2017) QoS based Admission Control using Multipath Scheduler for IP over Satellite Networks, International Journal of Electrical and Computer Engineering 7 (6) pp. 2958-2969 Institute of Advanced Engineering and Science
This paper presents a novel scheduling algorithm to support quality of service (QoS) for multiservice applications over integrated satellite and terrestrial networks using admission control system with multipath selection capabilities. The algorithm exploits the multipath routing paradigm over LEO and GEO satellites constellation in order to achieve optimum end-to-end QoS of the client-server Internet architecture for HTTP web service, file transfer, video streaming and VoIP applications. The proposed multipath scheduler over the satellite networks advocates load balancing technique based on optimum time-bandwidth in order to accommodate the burst of application traffics. The method tries to balance the bandwidth load and queue length on each link over satellite in order to fulfil the optimum QoS level for each traffic type. Each connection of a traffic type will be routed over a link with the least bandwidth load and queue length at current time in order to avoid congestion state. The multipath routing scheduling decision is based on per connection granularity so that packet reordering at the receiver side could be avoided. The performance evaluation of IP over satellites has been carried out using multiple connections, different file sizes and bit-error-rate (BER) variations to measure the packet delay, loss ratio and throughput.
Cao Y, Sun Z, Cruickshank H, Yao F (2014) Approach-and-Roam (AaR): A Geographic Routing Scheme for Delay/Disruption Tolerant Networks, IEEE Transactions on Vehicular Technology 63 (1) pp. 266-281 Institute of Electrical and Electronics Engineers (IEEE)
Considering that delay/disruption-tolerant networks (DTNs) suffer from a large variation of network topology, geographic routing is an alternative scheme that utilizes real-time geographic information instead of network topology information. However, the real-time geographic information of mobile destination is likely unavailable due to sparse network density. With this in mind, we propose a geographic routing scheme by relying on historical geographic information to estimate the movement range of destination. The idea is to make efficient message replication toward this estimated range via the proposed Approach Phase to reduce routing overhead. Meanwhile, the effective message replication within this range is guaranteed via the proposed Roam Phase to increase the message delivery ratio. We further propose a novel scheme to handle the local maximum problem for geographic routing in sparse networks. Simulation results obtained assuming the maps of three real world cities, namely, Helsinki, Finland; Karlsruhe, Germany; and Manhattan, New York City, USA, show an advantage of the proposed Approach-and-Roam (AaR) over the compared algorithms in terms of delivery ratio, average delivery latency, and overhead ratio.
Sun Z, Yang Y, Zhou Y, Cruickshank HS (2016) Agent-Based Resource Management for Mobile Cloud, In: Web-Based Services: Concepts, Methodologies, Tools, and Applications pp. 290-306 IGI Global
Mobile cloud computing is a new computing paradigm to integrate cloud computing technology into the mobile environment. It takes full advantages of cloud computing with great potential to transform a large part of the IT industry. The objectives of mobile cloud computing are to meet user demand, efficiently utilize a pool of resources, including mobile network, storage, and computation resources, and optimize energy on mobile devices. Here, the authors review the current mobile cloud computing technologies, highlight the main issues and challenges for the future development, and focus on resource management. Then, combining the current agent architectures and resource optimization strategies, they present an agent-based resource management to deal with multiple data and computation intensive applications of user demand. The chapter offers a promising solution of selecting the best service provider and efficiently utilizing mobile network resources given the user's request constraint.
Cruickshank HS, Sun Z, Velentzas S (1997) Securing user, control and management planes in ATM networks, NETWORKS: THE NEXT MILLENNINUM - THE IEEE SINGAPORE INTERNATIONAL CONFERENCE ON NETWORKS 1997, IEEE SICON'97 pp. 101-115
Sun Z, Cruickshank HS (2015) Guest Editorial: Security, privacy and trust in future networks and mobile computing., J. Inf. Sec. Appl. 20 (C) pp. 1-2 Journal of Information Security and Applications
With the boom of Internet, IP-based applications such as WWW and multimedia have become an essential part of our everyday life, and there is an ever-increasing demand for accessing high-speed Internet services anywhere, anytime and all the times. This trend unavoidably has huge impacts on the design of the next-generation future networks. However, security, privacy and trust systems can be obstacles in the presence of a global and heterogeneous future networks.
Melhus I, Fan L, Cruickshank H, Arnal F, Baudoin C, Nivor F, Gayraud T, Rodriguez F, Pietrabissa A, Lei L, Sun Z (2008) Cross-layer optimization in the next-generation broadband satellite systems, 26th AIAA International Communications Satellite Systems Conference, ICSSC
Cruickshank H, Howarth M, Iyengar S, Sun Z, Claverotte L (2005) Securing multicast in DVB-RCS satellite systems, IEEE Wireless Communications Magazine 12 (5) pp. 38-45 IEEE
Whilst TV broadcasting is probably the best-known application of satellite technology, satellite service providers are now expanding their services to include Internet data transmission. Consequently, security of satellite data is becoming an important issue. This article examines the current DVB-RCS security standard and identifies the principal gaps in the provision of secure multicast over DVB-RCS. The main contribution of this article is a proposal for adapting the current DVB-RCS two-way satellite standard to provide secure multicast services over satellites.
This paper presents the QoS performance evaluation studies of IP over integrated terrestrial and Next Generation Satellite Network (NGSN) for HTTP web, file transfer, video streaming and VoIP applications. We compare the QoS parameters (e.g. delay, loss ratio and throughput) of the multiservice applications over Ka-Sat like satellite and the ITU-R standard Hypothetical Reference Digital Path (HRDP). We model the multiservice applications with multiple connections, different files sizes and connection durations variations. We simulate the network scenario with error model for the transmission loss environment using NS-2. A Differentiated Services (Diffserv) queue interface is used in the terrestrial network to regulate and differentiate the traffic flows while a priority queue is used as the satellite on-board-processing unit (OBP). The results showed a better top-down comparison of the QoS parameters involved in each application service across GEO satellite and the standard terrestrial digital data link.
Sun Z, Cruickshank HS, Iyengar S, Howarth MP, Claverotte L, de la Plaza J (2002) IP multicast over satellites - technology challenges,
Kittiperachol S, Sun Z, Cruickshank HS (2009) Integration of Linux TCP and Simulation: Verification, Validation and Application, Journal of Networks 4 9 pp. 819-836 ACADEMY PUBLISHER
Network simulator has been acknowledged as one of the most flexible means in studying and developing protocol as it allows virtually endless numbers of simulated network environments to be setup and protocol of interest to be fine-tuned without requiring any real-world complicated and costly network experiment. However, depending on researchers, the same protocol of interest can be developed in different ways and different implementations may yield the outcomes that do not accurately capture the dynamics of the real protocol. In the last decade, TCP, the protocol on which the Internet is based, has been extensively studied in order to study and reevaluate its performance particularly when TCP based applications and services are deployed in an emerging Next Generation Network (NGN) and Next Generation Internet (NGI). As a result, to understand the realistic interaction of TCP with new types of networks and technologies, a combination of a real-world TCP and a network simulator seems very essential. This work presents an integration of real-world TCP implementation of Linux TCP/IP network stack into a network simulator, called INET. Moreover, verification and validation of the integrated Linux TCP are performed within INET framework to ensure the validity of the integration. The results clearly confirm that the integrated Linux TCP displays reasonable and consistent dynamics with respect to the behaviors of the real-world Linux TCP. Finally, to demonstrate the application of the INET with Linux TCP extension, algorithms of other Linux TCP variants and their dynamic over a large-bandwidth long-delay network are briefly presented.
Fan L, Baudoin C, Rodriguez F, Ramos A, Guerra J, de la Cuesta B, Fairhurst G, Sathiaseelan A, Berthou P, Gayraud T, Liang L, Yun A, Callejo E, Melhus I, Iyengar S, Cruickshank HS, Sun Z (2008) SATSIX: A network architecture for next-generation DVB-RCS systems, IP NETWORKING OVER NEXT-GENERATION SATELLITE SYSTEMS pp. 103-125
Sun Z, Ors T, Cruickshank H, Evans B (1996) Implementation of ATM over satellite for broadband services, IEEE Colloquium (Digest) (224)
It has been recognised that satellites can play very important role in supporting B-ISDN services based on ATM technology. There have been several projects to exploit ATM over satellite for broadband services since 1992. These include the European RACE II CATALYST project which developed a satellite ATM demonstrator and the EPSRC project which studied the interconnection of Broadband ATM Islands via satellite. In a broadband network environment, ATM over satellite can be used for inter-network connections as transit link and for terminal access as access link. For transit link a small number of earth stations require a high bit rate link. Static bandwidth reservation based on estimated fixed rates provide a simple solution. However for terminal access a large number of terminals require low bit rate links. Since the traffic is expected to have large fluctuations, a dynamic reservation system is a more efficient but complex solution. Dynamic reservation Time Division Multiple Access (TDMA) appears to be the best solutions, as it takes advantage of the flexibility and statistical multiplexing capabilities of ATM and supports all traffic classes. The paper shows that ATM over satellite can implement a flexible and efficient bandwidth resource management mechanisms which allows the satellite link to be configured to meet the requirements of broadband services from low bit rate to high bit rate. © 1996 The Institution of Electrical Engineers. Printed and published by the IEE.
Cao Y, Wang N, Sun Z, Cruickshank H (2015) A Reliable and Efficient Encounter-Based Routing Framework for Delay/Disruption Tolerant Networks, IEEE SENSORS JOURNAL 15 (7) pp. 4004-4018 IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC
This paper addresses delay/disruption tolerant networking routing under a highly dynamic scenario, envisioned for communication in vehicular sensor networks (VSNs) suffering from intermittent connection. Here, we focus on the design of a high-level routing framework, rather than the dedicated encounter prediction. Based on an analyzed utility metric to predict nodal encounter, our proposed routing framework considers the following three cases. First, messages are efficiently replicated to a better qualified candidate node, based on the analyzed utility metric related to destination. Second, messages are conditionally replicated if the node with a better utility metric has not been met. Third, messages are probabilistically replicated if the information in relation to destination is unavailable in the worst case. With this framework in mind, we propose two routing schemes covering two major technique branches in literature, namely: 1) encounter-based replication routing and 2) encounter-based spraying routing. Results under the scenario applicable to VSNs show that, in addition to achieving high delivery ratio for reliability, our schemes are more efficient in terms of a lower overhead ratio. Our core investigation indicates that apart from what information to use for encounter prediction, how to deliver messages based on the given utility metric is also important.
Liang L, Cruickshank HS, Sun Z ULE security implementation in PLATINE,
Satellites are expected to play an essential role in bridging the ?digital divide?; satellite networks are likely to be the only way to provide broadband services to regions that cannot be economically reached by terrestrial networks, in particular the more remote regions of Europe and the rest of the world. Security can be a problem for such global services. This paper presents a link layer security solution and how it is implemented for the Unidirectional Lightweight Encapsulation (ULE). A satellite testbed is constructed where the ULE security implementation is validated. The experiments results are presented in this paper.
Audah L, Sun Z, Cruickshank H (2011) QoS evaluation of multiservice applications over integrated satellite-terrestrial networks, International Congress on Ultra Modern Telecommunications and Control Systems and Workshops
This paper presents the QoS performance evaluation studies of IP over integrated terrestrial and Next Generation Satellite Network (NGSN) for HTTP web, file transfer, video streaming and VoIP applications. We compare the QoS parameters (e.g. delay, loss ratio and throughput) of the multiservice applications over Ka-Sat like satellite and the ITU-R standard Hypothetical Reference Digital Path (HRDP). We model the multiservice applications with multiple connections, different files sizes and connection durations variations. We simulate the network scenario with error model for the transmission loss environment using NS-2. A Differentiated Services (Diffserv) queue interface is used in the terrestrial network to regulate and differentiate the traffic flows while a priority queue is used as the satellite on-board-processing unit (OBP). The results showed a better top-down comparison of the QoS parameters involved in each application service across GEO satellite and the standard terrestrial digital data link. © 2011 HTE.
Ng W, Howarth M, Sun Z, Cruickshank HS (2007) Dynamic balanced key tree management for secure multicast communications, IEEE Transactions on Computers 56 (5) pp. 590-605
Howarth M, Iyengar S, Sun Z, Cruickshank H (2004) Dynamics of key management in secure satellite multicast, IEEE JOURNAL ON SELECTED AREAS IN COMMUNICATIONS 22 (2) pp. 308-319 IEEE
Security is an important concern in today's information age and particularly so in satellite systems, where eavesdropping can be easily performed. This paper addresses efficient key management for encrypted multicast traffic transmitted via satellite. We consider the topic of encrypting traffic in large multicast groups, where the group size and dynamics have a significant impact on the network load. We consider life cycle key management costs of a multicast connection, and show for a logical key hierarchy (LKH) how member preregistration and periodic admission reduces the initialization cost, and how the optimum outdegree of a hierarchical tree varies with the expected member volatility and rekey factor. This improves network utilization, but encryption at the network layer can pose problems on satellite links. We, therefore, propose and analyze an interworking solution between multilayer Internet protocol security (IPSEC) and LKH that also reduces key management traffic while enabling interworking with performance enhancing modules used on satellite links.
Heydari Fami Tafreshi V, Ghazisaeedi E, Cruickshank HS, Sun Z (2014) Integrating IPsec within OpenFlow Architecture for Secure Group Communication, ZTE Communications Vol. 1 (No. 2) pp. 41-49 ZTE Corporation
Network security protocols such as IPsec have been used for many years to ensure robust endCtoCend communication and are imporC tant in the context of SDN. Despite the widespread installation of IPsec to date, perCpacket protection offered by the protocol is not very compatible with OpenFlow and flowClike behavior. OpenFlow architecture cannot aggregate IPsecCESP flows in transport mode or tunnel mode because layerC3 information is encrypted and therefore unreadable. In this paper, we propose using the SecuC rity Parameter Index (SPI) of IPsec within the OpenFlow architecture to identify and direct IPsec flows. This enables IPsec to conC form to the packetCbased behavior of OpenFlow architecture. In addition, by distinguishing between IPsec flows, the architecture is particularly suited to secure group communication.
Alshamrani M, Cruickshank HS, Sun Z, Elmasri B, Tafreshi V (2012) SIP-based internetwork system between future IP networks and ZigBee based Wireless Personal Area Networks (WPAN), 2012 4th Computer Science and Electronic Engineering Conference, CEEC 2012 - Conference Proceedings pp. 206-211
The internetwork system between Future IP Networks and ZigBee Wireless Networks has two main approaches; the SIP Proxy Based approach, and the ZigBee Stack Based approach. Because of the dynamic nature of the ZigBee devices, both approaches need to be improved to support the connectivity system and the Quality of Service (QoS) for different types of sensing and actuating applications. This paper proposes an initial design for a modified version of SIP (Mod-SIP) for ZigBee Stack Based approach. In addition, the paper introduces the Combined Approach which is an enhanced internetwork system used to provide more reliable and flexible connectivity system between ZigBee WPANs, and the IP clouds. An initial design and simulation efforts on OPNET implemented to study the current approaches and compare it with the proposed approaches. It shows that the SIP Proxy Based approach is not efficient for Future IP Networks applications as it has a high rate of End-to-End delays because of the lack of flexibility between SIP signaling system and the ZigBee WPANs. The initial investigations shown that the Combined approach can provide more reliable connectivity system with the support for the QoS for different types of instantaneous applications such as VoIP and video conferencing. © 2012 IEEE.
Cruickshank HS, Iyengar S, Fan L, Sun Z, Guerra J, Mezzalla M (2007) Secure composite satellite IP multicast architecture for heterogeneous groups, 2007 PROCEEDINGS OF THE 16TH IST MOBILE AND WIRELESS COMMUNICATIONS, VOLS 1-3 pp. 494-498
Sun M, Cruickshank HS, Sun Z (2014) An Efficient, Scalable Key Transport Scheme (ESKTS) for Delay/Disruption Tolerant Networks, Wireless Networks 20 (6) pp. 1597-1609 Springer Verlag
In the past, security protocols including key transport protocols are designed with the assumption that there are two parties communication with each other and an adversary tries to intercept this communication. In Delay/Disruption Tolerant Networking (DTN), packet delivery relies on intermediate parties in the communication path to store and forward the packets. DTN security architecture requires that integrity and authentication should be verified at intermediate nodes as well as at end nodes and confidentiality should be maintained for end communicating parties. This requires new security protocols and key management to be defined for DTN as traditional end-to-end security protocols will not work with DTN. To contribute towards solving this problem, we propose a novel Efficient and Scalable Key Transport Scheme (ESKTS) to transport the symmetric key generated at a DTN node to other communicating body securely using public key cryptography and proxy signatures. It is unique effort to design a key transport protocol in compliance with DTN architecture. ESKTS ensures that integrity and authentication is achieved at hop-by-hop level as well as end-to-end level. It also ensures end-to-end confidentiality and freshness for end communicating parties. This scheme provides a secure symmetric key transport mechanism based on public key cryptography to exploit the unique bundle buffering characteristics of DTN to reduce communication and computation cost .
Johnson E, Ansa G, Cruickshank HS, Sun Z (2010) Access Control Framework for Delay/Disruption Tolerant Networks., PSATS 43 pp. 249-264
Cruickshank HS, Liang L, Fan L, Sun Z, Iyengar S, Mazzella M (2008) Link layer security design for IPv6 over satellite DVB networks, ICT-MobileSummit 2008 Conference Proceedings
There is growing interest in providing multimedia and broadband access over satellites. However there are several technical challenges need to be addressed. One challenge is security in terms of understanding threats and providing an effective security system. This paper presents a security solution for the Unidirectional Lightweight Encapsulation (ULE). The security header extensions are presented together with detailed transmitter and receiver processing. Finally, the implementation of this solution is shown over the SATSIX project satellite emulator platform.
Luo Z, Sun Z, Cruickshank HS (2007) On-board link layer relay mechanism to enhance TCP in satellite IP networks, 2007 16th IST Mobile and Wireless Communications Summit
Transmission Control Protocol (TCP) over satellite IP networks has attracted many researchers' interests for many years because the TCP performance degrades considerably due to the high propagation delay and high bit error rates in satellite links. Many proposals have been produced to enhance TCP performance in satellite IP networks, which are mostly involved of modifying system's architecture or TCP protocol stack. In this paper, we propose a novel on-board link layer relay mechanism. We use both analytical and simulation means to compare the traditional bent-pipe scenario and our on-board link layer relay mechanism. The numerical and simulation results indicate that the TCP performance can be enhanced substantially by employing our on-board link layer relay mechanism.
Alshamrani M, Cruickshank HS, Sun Z (2014) A Cross-Layer Approach to Enhance the Call Setup Performance of SIP-Based VoIP over AODV MANET., Eighth International Conference on Next Generation Mobile Apps, Services and Technologies (NGMAST), 2014 pp. 241-247 IEEE
The implementation of SIP signaling over MANET is still a challenging issue, as many routing factors affect SIP performance. Node mobility and dynamic hop number changes between nodes are considered the main routing problems within MANET routing protocols. RFC 6076 proposed end-to-end performance metrics for SIP signaling to provide a standardized method of evaluating SIP performance over different platforms, however, no benchmarking values for these metrics have been proposed yet. In this paper, a cross-layer system designed to enhance the call setup performance of SIP-based VoIP over AODV-based MANET is proposed. The approach used is to employ the SIP performance metric to enhance the call setup time by adjusting the Time-To-Live (TTL) parameter and the Route Request (RREQ) message retries for the AODV route request messages to support the reach ability ratio of SIP INVITE and re-INVITE messages to reduce the call setup time of SIP-based VoIP. The study investigated the Session Request Delay performance metric of SIP signaling as part of the SIP over MANET simulation efforts. Both the call setup time and the number of SIP calls over random waypoint mobility models were enhanced by applying instantaneous modifications to the TTL parameter and RREQ retries, increasing the delivery ratio of route discovery messages to about 35-40% compared with the classic AODV routing protocol.
Sun Z, Cruickshank HS, Iyengar S, Howarth MP, Claverotte L, Gomez R (2003) IP multicast over satellite,
Yang Y, Zhou Y, Sun Z, Cruickshank HS (2013) Heuristic scheduling algorithms for allocation of virtualized network and computing resources, Journal of Software Engineering and Applications 6 (1) pp. 1-13 Scientific Research Publishing
Cloud computing technology facilitates computing-intensive applications by providing virtualized resources which can be dynamically provisioned. However, user?s requests are varied according to different applications? computation abil- ity needs. These applications can be presented as meta-job of user?s demand. The total processing time of these jobs may need data transmission time over the Internet as well as the completed time of jobs to execute on the virtual ma- chine must be taken into account. In this paper, we presented V-heuristics scheduling algorithm for allocation of virtu- alized network and computing resources under user?s constraint which applied into a service-oriented resource broker for jobs scheduling. This scheduling algorithm takes into account both data transmission time and computation time that related to virtualized network and virtual machine. The simulation results are compared with three different types of heuristic algorithms under conventional network or virtual network conditions such as MCT, Min-Min and Max-Min. e evaluate these algorithms within a simulated cloud environment via an abilene network topology which is real physical core network topology. These experimental results show that V-heuristic scheduling algorithm achieved significant performance gain for a variety of applications in terms of load balance, Makespan, average resource utilization and total processing time.
Annoni M, Boiero G, Salis N, Cruickshank HS, Howarth MP, Sun Z (2002) Interworking between multi-layer IPSEC and secure multicast services over GEO satellites,
Sun Z, He D, Liang L, Cruickshank HS (2004) Internet QoS and traffic modelling, IEE PROCEEDINGS-SOFTWARE 151 (5) pp. 248-255
Telecommunications networks have migrated from circuit based telephony services to packet based broadband network services. Merging with computer networks, they are being integrated with non-real-time data services on classical Internet integrated multimedia services, including real time voice, video and services on the new generation Internet. Thus, the concepts and requirements of quality of service (QoS) and traffic modelling have also been changed significantly. However, real time services such as voice and video are inelastic, as the transmission bandwidth, transmission time and QoS requirements need to be kept within strict limits and hence are not flexible. On the other hand, elastic services such as file transfer and Web surf are much relaxed with QoS and network resource requirements. Networks need to meet the requirements of both types of services by providing different classes of network services, including best effort service at one end of the spectrum, guaranteed service on the other end, and some others in between, with controlled traffic load. Traffic modelling is one of the important aspects to be considered to meet QoS requirements of services and efficient utilisation of network resources. The paper discusses important QoS issues, techniques for measurement and analysing Internet traffic, and new trends and methodology for Internet traffic modelling. It also presents the results based on the measured Internet traffic to validate the new model and the potential of the model to capture the characteristics of traffic for the Internet.
Cruickshank HS, Iyengar S, Howarth MP, Sun Z (2002) Securing satellite communications,
Chotikapong Y, Cruickshank HS, Sun Z, Evans BG (2000) Network architecture and performance evaluation of broadband satellite systems, IEEE INTERNATIONAL CONFERENCE ON NETWORKS 2000 (ICON 2000), PROCEEDINGS pp. 488-488
Cruickshank HS, Liang L, Fan L, Sun Z, Mazzella M (2008) A ULE Security Approach for Satellite Networks on PLATINE Testbed,
The satellite network does not have the IP layer where the IPsec [2][3] is designed for. Therefore, a new algorithm is needed to secure the satellite link at link layer or physical layer. This paper will give a short analysis on the advantages and disadvantages of the MPEG-2 TS encryption and present an approach trying to use the extension header of Unidirectional Lightweight Encapsulation (ULE) [6] Protocol Data Unit (PDU) to provide the efficient security solution for satellite networks. This approach is just above the MPEG-2 TS layer and makes the link security as a part of the encapsulation layer. Thanks to a test bed platform named PLATINE developed by France partners and contributed by other partners within the SATSIX project on which the DVB-S and DVB-RCS have been implemented. The Unidirectional Lightweight Encapsulation (ULE) [6] mechanism working together with MPEG 2 Transport Stream (TS) as a part of the encapsulation in PLATINE is for the transport of IPv6 (& IPv4) Datagrams and other network protocol packets directly over the ISO MPEG-2 Transport Stream as TS Private Data. The proposed security approach is implemented within PLATINE to provide integrated security with ULE protocol at the link layer. The approach is based on the security requirements Internet draft [1]
Iyengar S, Cruickshank HS, Duquerroy L, Sun Z, Baudoin C (2008) ULE link layer security for DVB networks, IP NETWORKING OVER NEXT-GENERATION SATELLITE SYSTEMS pp. 287-308
Miao Y, Sun Z, Wang N, Cao Y, Cruickshank H (2016) Time Efficient Data Collection with Mobile Sink and vMIMO Technique in Wireless Sensor Networks, IEEE Systems Journal 12 (1) pp. 639-647 IEEE
Data collection is a fundamental yet challenging task of Wireless Sensor Networks (WSN) to support a variety of applications, due to the inherent distinguish characteristics for sensor networks, such as limited energy supply, self-organizing deployment and QoS requirements for different applications. Mobile sink and virtual MIMO (vMIMO) techniques can be jointly considered to achieve both time efficient and energy efficient for data collection. In this paper, we aim to minimize the overall data collection latency including both sink moving time and sensor data uploading time. We formulate the problem and propose a multihop weighted revenue (MWR) algorithm to approximate the optimal solution. To achieve the trade-off between full utilization of concurrent uploading of vMIMO and the shortest moving tour of mobile sink, the proposed algorithm combines the amount of concurrent uploaded data, the number of neighbours, and the moving tour length of sink in one metric for polling point selection. The simulation results show that the proposed MWR effectively reduces total data collection latency in different network scenarios with less overall network energy consumption.
Liang L, Iyengar S, Cruickshank HS, Sun Z, Kulatunga C, Fairhurst G (2009) Security for FLUTE over Satellite Networks, 2009 WRI INTERNATIONAL CONFERENCE ON COMMUNICATIONS AND MOBILE COMPUTING: CMC 2009, VOL 3 pp. 485-491
Liang L, Fan L, Cruickshank HS, Sun Z, Baudoin C, Barvaux D (2008) A ULE security approach for satellite networks on PLATINE test bed, 26th AIAA International Communications Satellite Systems Conference, ICSSC
Asuquo PM, Cruickshank HS, Anyigor Ogah C, Lei A, Sun Z (2016) A collaborative trust management scheme for emergency communication using delay tolerant networks, Proceedings of the 8th Advanced Satellite Multimedia Systems Conference and the 14th Signal Processing for Space Communications Workshop (ASMS/SPSC), 2016
Delay Tolerant Network (DTN) comprises of nodes with small and limited resources including power and memory capacity. We propose the use of DTN as an alternate means of communication for the dissemination of emergency information in a post-disaster evacuation operation. We investigate the performance of DTN in providing emergency communication support services under packet dropping attacks. We consider internally motivated attacks where the nodes that are part of the emergency rescue team are compromised with malicious behaviours thereby dropping packets to disrupt the message dissemination during the evacuation operation. A way to mitigating malicious behaviour and improve network performance of DTN is to use incentives in exchanging information between nodes. Unlike existing schemes, we consider the Basic Watchdog Detection System which detects and acts against misbehaving nodes to reduce their overall impact on the network performance. We design a Collaborative Trust Management Scheme (CTMS) which is based on the Bayesian detection watchdog approach to detect selfish and malicious behaviour in DTN nodes. We have evaluated our proposed CTMS through extensive simulations and compared our results with the other existing schemes. Our evaluations show that the use of adequate collaborative strategies between well behaved nodes could improve the performance of Watchdog schemes taking into account the delivery ratio, routing cost and the message delay from the source node to the destination node.
Mumtaz Bhutta M, Cruickshank HS, Sun Z (2017) A New Public-Key Infrastructure (PKI) Validation and Revocation Mechanism Suitable for Delay/Disruption Tolerant Networks (DTN), IET Information Security 11 (1) pp. 16-22
Public Key Infrastructure (PKI) is based on public key certificates and is the most widely used mechanism for trust and key management. However, standard PKI Validation and Revocation mechanisms are considered major reasons for its unsuitability for Delay/Disruption Tolerant Networking (DTN). DTN requires mechanism to authenticate messages at each node before forwarding it in the network. So, Certificate Revocation Lists (CRLs) being distributed in DTN network will need to be authenticated and validated for issuer CA at each node. In this paper we propose new Validation and Revocation mechanism which is compliant with DTN semantics and protocols. The paper also proposes a new design for CRL in compliance with standard PKI X.509 standard to make the proposed mechanism easy to implement for DTN. The new designed CRL is of reduced size as it contains fewer entries as compared to standard X.509 CRL and also arranges the revocation list in the form of Hash Table (Map) to increase the searching efficiency.
Howarth M, Iyengar S, Sun Z, Cruickshank H (2004) Dynamics of key management in secure satellite multicast, IEEE JOURNAL ON SELECTED AREAS IN COMMUNICATIONS 22 (2) pp. 308-319 IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC, 445 HOES LANE, PISCATAWAY, NJ 08855 USA

Security is an important concern in today's information age and particularly so in satellite systems, where eavesdropping can be easily performed. This paper addresses efficient key management for encrypted multicast traffic transmitted via satellite. We consider the topic of encrypting traffic in large multicast groups, where the group size and dynamics have a significant impact on the network load. We consider life cycle key management costs of a multicast connection, and show for a logical key hierarchy (LKH) how member preregistration and periodic admission reduces the initialization cost, and how the optimum outdegree of a hierarchical tree varies with the expected member volatility and rekey factor. This improves network utilization, but encryption at the network layer can pose problems on satellite links. We, therefore, propose and analyze an interworking solution between multilayer Internet protocol security (IPSEC) and LKH that also reduces key management traffic while enabling interworking with performance enhancing modules used on satellite links.

Cruickshank HS, Sun Z, Fan Z (2001) Universal serial bus implementation in an integrated access chip for ISDN systems, IEE PROCEEDINGS-COMMUNICATIONS 148 (4) pp. 207-211 IEE-INST ELEC ENG
Howarth MP, Iyengar S, Cruickshank HS, Sun Z (2002) Security systems for multicast data transfer over satellite,
Sun Z, Cheng B, Cruickshank HS, Evans BG (2000) BISANTE - Traffic evaluation tool for broadband satellite networks, COLLECTION OF THE 18TH AIAA INTERNATIONAL COMMUNICATIONS SATELLITE SYSTEMS CONFERENCE AND EXHIBIT, TECHNICAL PAPERS, VOLS 1 AND 2 pp. 1090-1097
Sun Z, Ali M, Liang L, Cruickshank HS (2011) Optimization of SIP Session Setup for VoIP over DVB-RCS Satellite Networks, International Journal of Satellite Communications Policy and Management 1 (1) pp. 55-76 Inderscience
With the proliferation of the internet, voice over IP has penetrated in both terrestrial and satellite networks. One of the popular protocols responsible for its widespread usage is SIP. SIP is the signalling protocol responsible for the session establishment and termination. By default, it uses UDP as the transport layer protocol. As UDP is an unreliable protocol, the retransmission of the SIP messages is managed by the application layer, using exponential backoff algorithm. In this paper, this retransmission algorithm is studied in satellite environment. Based on the shortcomings of this algorithm, a new algorithm is proposed. The performance of the new algorithm is tested and evaluated on the satellite network testbed at Centre for Communication Systems Research (CCSR), University of Surrey. The results show that the performance of the new algorithm is better than the basic one, in terms of number of retransmissions of SIP messages and their bandwidth consumption, in addition to reduction in call setup time.
Public-key infrastructure (PKI) is based on public-key certificates and is the most widely used mechanism for trust and key management. However, standard PKI validation and revocation mechanisms are considered major reasons for its unsuitability for delay/disruption tolerant networking (DTN). DTN requires mechanism to authenticate messages at each node before forwarding it in the network. So, certificate revocation lists (CRLs) being distributed in DTN network will need to be authenticated and validated for issuer certificate authority (CA) at each node. In this study, the authors propose new validation and revocation mechanism which is compliant with DTN semantics and protocols. This study also proposes a new design for CRL in compliance with standard PKI X.509 standard to make the proposed mechanism easy to implement for DTN. The new designed CRL is of reduced size as it contains fewer entries as compared with standard X.509 CRL and also arranges the revocation list in the form of hash table (map) to increase the searching efficiency.
Ali M, Liang L, Sun Z, Cruickshank HS (2009) SIP Signalling and QoS for VoIP over IPv6 DVB-RCS Satellite Networks, pp. 419-423
With the rapid development of the Internet, new technologies and applications are emerging. One of the important applications is voice over IP. Satellites are playing an important role to provide VoIP services with their global coverage and onboard processing ability over IP networks. Satellite network environment, generally characterized by large delay and erroneous link, is considered to be unfriendly to VoIP. The performance of VoIP is adversely influenced by these demerits. The performance metrics of VoIP are signaling, bandwidth, delay, jitter and packet loss. Signaling plays a key role in call establishment and rest of the parameters signifies the quality of service (QoS). In this paper, the performance related issues of SIP-based VoIP over current, IPv4, and next generation, IPv6 satellites is studied. A comparative analysis is performed for different voice codecs. The experimentation is carried out on the satellite network testbed at Centre for Communication Systems Research (CCSR) at University of Surrey. The results show that delay, jitter and packet loss are quite comparable for both current and next generation satellites. SIP signaling performs poorly in IPv6 as compared to IPv4. IPv6 can be adapted for VoIP over next generation satellites, but with some modifications for SIP signaling.
Cruickshank HS, Sun Z (2009) Welcome message from the Technical Program Chairs, IWSSC'09 - 2009 International Workshop on Satellite and Space Communications - Conference Proceedings
Cruickshank HS, Pan H, Sun Z, Evans BG, Bodin J (1998) THESEUS terminal-access to broadband networks for European stock exchanges, ELECTRONICS & COMMUNICATION ENGINEERING JOURNAL 10 (6) pp. 289-296 IEE-INST ELEC ENG
Cruickshank HS, Iyengar S, Fan L, Sun Z, Mort R, Mezzalla M (2008) Secure multicast in the broadband satellite multimedia networks, IP NETWORKING OVER NEXT-GENERATION SATELLITE SYSTEMS pp. 329-369
Howarth MP, Cruickshank HS, Sun Z (2001) Unicast and multicast IP error performance over an ATM satellite link, IEEE COMMUNICATIONS LETTERS 5 (8) pp. 340-342 IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC
Asuquo P, Cruickshank H, Anyigor Ogah C, Lei A, Sun Z (2018) A Distributed Trust Management Scheme for Data Forwarding in Satellite DTN Emergency Communications, IEEE Journal on Selected Areas in Communications Institute of Electrical and Electronics Engineers (IEEE)
Satellite Communications can be used when
other communication systems are either destroyed or overloaded.
Observation satellites and Delay/Disruption Tolerant
Networks are technologies that can be interconnected
to provide emergency communication for disaster recovery
operations. DTNs use a store-carry-forward mechanism
to forward messages through intermediary nodes to the
destination node. The reliability of relaying messages
through multi-hop nodes poses a significant problem in
DTNs due to lack of consistent connectivity. These network
characteristics make DTNs to heavily rely on the cooperation
of neighbouring nodes for the successful delivery of
packets. However, the presence of malicious or selfish nodes
will have a great impact on the network performance. In
this paper, we design a decentralised trust management
scheme (DTMS) to filter out malicious nodes in DTNs.
First, the number of forwarding evidence are combined
with the energy consumption rate of the nodes to formulate
direct trust. Then, a recommendation trust is computed
from the indirect trust, recommendation credibility and
recommendation familiarity. Recommendation credibility
and familiarity improve the overall recommendation trust
by filtering out dishonest recommendations. A comparative
analysis of DTMS is performed against a Cooperative
Watchdog Scheme (CWS), Recommendation Based Trust
Model (RBTM) and Spray & Wait protocol. The results
show that DTMS can effectively deal with malicious
behaviours in DTNs including trust related attacks.
Both research community and industry believe that Intelligent Transportation System (ITS) would be achievable in the next decade. ITS introduces information technology for the transportation vehicles and infrastructures and aims to improve road safety and traffic efficiency. Vehicular Communication Systems (VCS), provides a platform for the vehicles to exchange messages with network infrastructures (V2I) or other vehicles (V2V). Confidence in these messages can be achieved through secure group messaging. Furthermore, the reliability of ITS highly relies on the security level of VCS. Therefore, secure key management schemes are proposed to enhance network security, which involves two aspects, namely Group Key Management (GKM) and Key Handover which also known as key transfer. The first part manages keys among a communication group within small road area, whereas key handover transfers secret keys from one security domain to another. Three contributions related to secure key management are as follows.

The first contribution focuses on managing group communication keys in an efficient way. The probability-based scheme describes a novel GKM scheme using leaving probabilities of vehicles to optimise the structure of key tree branches. The proposed scheme further decreases rekeying costs and releases network resources.

The second contribution introduces the Distributed Ledger Technology (DLT) structure to simplify the key handover procedures between heterogeneous networks. The central managers are eliminated from the key handover participation list. The key handover data are encapsulated into transactions and the Blockchain is maintained by all the infrastructures distributively.

Finally, the dynamic transaction collection period is replenished to further optimise the performance based on the framework in the second contribution. The collection period varies dynamically to flexibly fit the traffic level on the road. The scheme aims to raise key handover efficiency at peak hours, while reducing the computation burden at off-peak hours.

Asuquo Philip, Cruickshank Haitham, Morley J, Anyigor Ogah Chibueze Pascal, Lei Ao, Hathal Waleed, Bao Shihan, Sun Zhili (2018) Security and Privacy in Location-Based Services for
Vehicular and Mobile Communications: An
Overview, Challenges and Countermeasures,
IEEE Internet of Things IEEE
Location-based Services (LBS) have gained popularity
as a result of the advances in mobile and communication technologies.
LBS provide users with relevant information based on
their location. In spite of the desirable features provided by LBS,
the geographic location of users are not adequately protected.
Location privacy is one of the major challenges in vehicular and
mobile networks. In this article, we analyse the security and
privacy requirements for LBS in vehicular and mobile networks.
Specifically, this paper covers privacy enhancing technologies
and cryptographic approaches that provide location privacy
in vehicular and mobile networks. The different approaches
proposed in literature are compared and open research areas
are identified.
Over the last two decades, the world has witnessed a vast increase in smart phones devices usage, where mobile phone devices have become an integral part of our daily routine. As a result, this has created security issues and lead to an increased dependency on smartphone usage, criminal activities and/or illegal practices. This increase in crimes committed by or via smartphones has made it a necessity for digital forensics experts to come up with reliable tools that can be used to help in extracting data from those smart phones.
Currently mobile forensics work is fragmented and although attempts have been made to develop conceptual frameworks for mobile devices in the past few years, there is however, no common framework adopted to date that meets the needs of the ever changing and expanding world of mobile devices. A comprehensive survey of mobile forensics frameworks in this research revealed that current frameworks tend to focus on targeting specific operating systems, responding to specific issues, or use complicated steps that make it difficult for users to follow. Some are also based on desktop and non-mobile device models. Also, tools analysis was carried out benefitting from NIST guidelines, where areas in which each tool should be tested and how the test should be conducted are specified. The results of the Tools Analysis were not encouraging, and quite surprising that many challenges that existed at the advent of the mobile devices have not been solved.
Without the existence of a generalized Process Based Framework for Mobile Forensics (PBFMF) to provide the appropriate guidelines, steps and procedures to be followed during the digital forensic phases, it will not be as simple as it might appear to extract data in an appropriate way from smart-phones even with the utilisation of the most popular tools. Based on the research and analysis in this thesis, it was clear that there is a need for a set of effective methods to ensure that extracted and examined information from mobile phones devices are not tampered with, accepted by a court of law, or can be relied upon as an undisputed means of proving that something has or has not taken place. A new PBFMF that is platform independent, open architecture, extensible and capable of integrating newer mobile device technologies is presented in this thesis. It formulates a better understanding of the barriers to using forensics tools effectively and appropriately.
Key words: Processed Base Framework, Mobile Forensics Tools, Digital Forensics, Operating Systems, Smart Phones.