Computer Science Building, Room 151
The Internet recently passed an historic inflection point, with the number of broadband wireless/mobile devices surpassing the number of wired PCs and servers connected to the Internet. Smartphones, laptops, tablets, machine-to-machine (M2M) devices, and other portable devices have penetrated our daily lives. According to Cisco, by 2016, wired devices will account for only 39% of IP traffic, with the remaining traffic produced by wireless/mobile devices. This proliferation of wireless/mobile devices is profoundly changing many of the characteristics of network applications protocols, and operation, and posing fundamental challenges to the Internet architecture. In light of this new trend, this thesis focuses on forensics and mobility management challenges in wireless/mobile network environments.
The first half of this thesis addresses two network forensic challenges that arise due to the broadcast nature of wireless communications. In the first network forensic challenge, we examine a mechanism to detect anomalous forwarding behaviors such as packet dropping, and packet reordering, and to identify the source of forwarding-behavior attacks that can disrupt a wireless ad hoc network. Our mechanism employs witness nodes that can overhear transmissions made by nearby wireless network nodes. In the second challenge, we investigate a method for gathering network-based evidence, based on constraints imposed by current U.S. law, for remotely disambiguating a sender's network access type (wired versus wireless); such a technique could be used to locate a sender inside a building. We discuss several factors that might affect our classification results and identify the scenarios in which residential network access type can be accurately determined.
The second half of this thesis takes a more global and network-level point of view on mobility management and delves into a clean-state approach to designing a future Internet architecture that considers mobility as a first-order property. Before discussing architectural design issues, we present a measurement and modeling study of user transitioning among points of attachment to today's Internet. These transitions could result from a user's physical mobility or a stationary ``multi-homed" user's changing his/her devices or NICs. This research provides insights and implications regarding control-plane workload for a mobility management architecture. Our measurement results to date show that users spend the majority of their time attached to a small number of networks, and that a surprisingly large number of users access two networks contemporaneously. In the last part of our thesis research, we design techniques for efficiently handling group mobility in the MobilityFirst architecture; MobilityFirst uses a flat, globally unique name, binding a flat name to its network location via a logically centralized name and location resolution server. Using the empirical model from our measurement study as well as more abstract models of user mobility, we evaluate our group mobility management techniques.
Advisor: James Kurose