IP based voice transmission technology is a flexible, simpler and a cost effective implementation of voice transmission. It provides a real convergence of various networks. This voice transmission technology does not support a quality that is equivalent to digitized voice, which is available in the existing PSTN networks. In addition to this, data network vulnerabilities affect the VOIP service causing a drop in the utilization of voice communication. In this paper, the quality of service for voice calls is ensured with the integration of CAC mechanism with the bandwidth link utilization which makes an estimation of the demanded bandwidth. In terms of security, prevention of ARP cache poisoning attack is achieved by use of the signed MAC address response in local area networks. It makes the network confident that the admitted user is an authorized user and also it verifies that only the authorized users’ information is exchanged over the local area network. Also an approach that makes it difficult for the hacker’s to hack the data exchanged over the quality channel has been proposed.
OPTIMIZING VOIP USING A CROSS LAYER CALL ADMISSION CONTROL SCHEMEIJCNCJournal
This document discusses optimizing VoIP quality over wireless networks using a cross-layer call admission control scheme. It proposes monitoring real-time control protocol reports and data rates at the MAC layer to determine when quality is degraded. When quality degrades due to issues like network congestion or variable transmission rates, the solution is to adapt the packet size or codec type. The proposed scheme is simulated using a wireless campus network model to improve performance.
1. UDP is used for voice and video traffic instead of TCP because TCP introduces delays that break data streams and UDP does not have mechanisms for retransmitting lost packets. TCP is preferred for transmitting data files because it is more reliable and requires lost packets to be retransmitted.
2. To facilitate secure intranet access for remote workers, an enterprise IT department would use VPN and user authentication.
3. The purpose of the Cisco Enterprise Architecture is to divide the network into functional components while still maintaining the concept of Core, Distribution, and Access Layers.
SECURITY IMPLEMENTATION IN MEDIA STREAMING APPLICATIONS USING OPEN NETWORK AD...Journal For Research
Media has been a very important medium for entertainment and communications and the captured media was transmitted in analog form. Media providers do not want their end users to store and duplicate the streamed media because the end user can freely distribute the streamed media without any control from the source. Hence while dealing with media streaming, replay protection and integrity protection are the most important factors. The main aim of this paper is to implement the concept of WebRTC to stream the media between the participating end points which is a powerful tool used to incorporate RTC capabilities into browsers and mobile applications. The aim is to develop a secure media stream from an end point that flows through the Open Network Adapter to the Avaya Media Server (AMS) and is hosted by an application on the Engagement Development Platform. The Open Network Adapter with Avaya Fabric Attach is capable of securing the required flow.
This document proposes a bandwidth degradation technique to reduce call dropping probability in mobile
networks. It aims to dynamically adjust bandwidth allocation to multiple users according to network conditions
to increase utilization. The technique allows for degrading the quality of existing calls to admit new calls
while maintaining quality of service. Key performance metrics analyzed include degradation ratio, degraded
bandwidth, throughput, and propagation delay. The approach is intended to be implemented using MATLAB
to simulate various mobility patterns for verification.
Fast Mobile IPv6 Handover Using Link and Location InformationCSCJournals
This document proposes an improved fast mobile IPv6 handover mechanism using link layer and location information. It introduces using GPS location data from foreign agents to predict handovers in advance. This allows the mobile node and foreign agents to more quickly detect connectivity loss and initiate handover. Simulations show the proposed mechanism reduces handover latency and packet loss compared to the standard mobile IPv6 handover process. Link layer signals and location data allow handovers to begin earlier, improving performance.
The leading method of correspondence is clearly through voice trade. There are essentially two different ways through which voice can be effortlessly communicated on an organization: PSTN (Public Switched Telephone Network) and VoIP (Voice over Internet Protocol).
Mainly represented by SIP, VoIP protocols and implementations contain several vulnerabilities, particularly related to their complexities and in the face of interoperability of telephony equipment’s.
It was by identifying a lack of literature with focus in security and potential vulnerabilities of the SIP Protocol that we propose in this document. We attempt to provide a theoretical analysis from security aspects used by one of the signaling call protocols, Session Initiation Protocol (SIP).
It is intended to lucidly illustrate and identify threats, vulnerabilities, security mechanisms, developed methods and protocols and, finally over time improvements.
WiMAX AND WLAN NETWORKS FOR VOICE OVER IP APPLICATIONDaisyWatson5
AAA Authentication, Authorization and Accounting
ADPCM Adaptive Differential Pulse Coded Modulation
AES-CCM Advanced Encryption Standard Counter with
CBC MAC
AMC Adaptive Modulation and Coding
AP Access point
ARQ Automatic Repeat Request
ASN Access Service Network
AWGN Adaptive White Gaussian Noise
BE Best Effort Service
BPSK Binary Phase Shift Keying
BSS Base Service Set
BWA Broadband Wireless access
CBR Constant Bit Rate
CID Connection Identifier
CS Convergence Sub-layer
CS-ACELP Conjugate Structure Algebraic-Code Excited
Linear Prediction
CSMA/CA Carrier Sense Multiple Access/ Collision
Avoidance
CSN Connectivity Service Network
CCA Clear Channel Assessment
DBPSK Differential Binary Phase Shift Keying
DCF Distributed Coordination Function
DCME Digital Circuit Multiplication Equipment
DHCP Dynamic Host Control Protocol
DL Downlink
DLC Data Link Control Layer
DL-MAP Downlink Map
DOCSIS Data over cable service interface specification
DQPSK Differential Quadrature Phase Shift Keying
DSL Digital Subscriber Line
DSSS Direct Sequence Spread Spectrum
EAP Extensible Authentication Protocol
ertPS extended real time Polling Service
ESS Extended Service Set
FDD Frequency Division Duplexing
FHSS Frequency Hop Spread Spectrum
FTP File Transfer Protocol
GFSK Gaussian Frequency Shift Keying
GRE Generic Routing Encapsulation
IETF-EAP Internet Engineering Task Force-Extensible
Authentication Protocol
IEEE Institute of Electrical and Electronic Engineers
IP Internet Protocol
IR Infra Red
ISI Inter Symbol Interference
ISM Industrial, Scientific and Medical
ITU-T Telecommunication Standardization Sector of the
International Telecommunications Union
LAN Local Area Network
LD-CELP Low-Delay Code Excited Linear Prediction
LLC Logical Link Control
LOS Line Of Sight
MAC Medium Access Control
MAC CPS MAC Common Part Sub-layer
MN Mobile Node
MOS Mean Opinion Score
MS Mobile Station
nrtPS non-real time Polling Service
NSP Network Service Provider
NWG Network Working Group
OFDMA Orthogonal Frequency Division Multiple Access
PC Point coordinator
PCF Point Coordination Function
PHY Physical layer
PLCP Physical Layer Convergence Protocol
PMD Physical Medium Dependent
PMKv2 Privacy and Key Management Protocol version 2
PPP Point to Point Protocol
PSTN Public Switched Telephone Network
PTM Point To Multipoint
PTP Point To Point
QAM Quadrature Amplitude Modulation
QoS Quality of Service
QPSK Quadrature Phase Shift Keying
RLC Radio Link Control
rtPS real time Polling Service
RTS/CTS Request-To-Send/ Clear-To-Send
SDU Service Data Units
SIP Session Initiation Protocol
SISO Single Input Single Output
SONET Synchronous Optical Network
SS Subscriber Station
TDD Time Division Duplexing
Survey on SIP Overload Protection/Control AlgorithmsYang Hong
This document provides a summary and comparison of state-of-the-art SIP overload control algorithms. It first reviews two basic SIP mechanisms and summarizes experimental results showing SIP overload can collapse networks. It then surveys approaches for modeling dynamic SIP network behavior during overload. Finally, it compares different types of SIP overload control solutions and outlines opportunities for managing SIP overload control.
OPTIMIZING VOIP USING A CROSS LAYER CALL ADMISSION CONTROL SCHEMEIJCNCJournal
This document discusses optimizing VoIP quality over wireless networks using a cross-layer call admission control scheme. It proposes monitoring real-time control protocol reports and data rates at the MAC layer to determine when quality is degraded. When quality degrades due to issues like network congestion or variable transmission rates, the solution is to adapt the packet size or codec type. The proposed scheme is simulated using a wireless campus network model to improve performance.
1. UDP is used for voice and video traffic instead of TCP because TCP introduces delays that break data streams and UDP does not have mechanisms for retransmitting lost packets. TCP is preferred for transmitting data files because it is more reliable and requires lost packets to be retransmitted.
2. To facilitate secure intranet access for remote workers, an enterprise IT department would use VPN and user authentication.
3. The purpose of the Cisco Enterprise Architecture is to divide the network into functional components while still maintaining the concept of Core, Distribution, and Access Layers.
SECURITY IMPLEMENTATION IN MEDIA STREAMING APPLICATIONS USING OPEN NETWORK AD...Journal For Research
Media has been a very important medium for entertainment and communications and the captured media was transmitted in analog form. Media providers do not want their end users to store and duplicate the streamed media because the end user can freely distribute the streamed media without any control from the source. Hence while dealing with media streaming, replay protection and integrity protection are the most important factors. The main aim of this paper is to implement the concept of WebRTC to stream the media between the participating end points which is a powerful tool used to incorporate RTC capabilities into browsers and mobile applications. The aim is to develop a secure media stream from an end point that flows through the Open Network Adapter to the Avaya Media Server (AMS) and is hosted by an application on the Engagement Development Platform. The Open Network Adapter with Avaya Fabric Attach is capable of securing the required flow.
This document proposes a bandwidth degradation technique to reduce call dropping probability in mobile
networks. It aims to dynamically adjust bandwidth allocation to multiple users according to network conditions
to increase utilization. The technique allows for degrading the quality of existing calls to admit new calls
while maintaining quality of service. Key performance metrics analyzed include degradation ratio, degraded
bandwidth, throughput, and propagation delay. The approach is intended to be implemented using MATLAB
to simulate various mobility patterns for verification.
Fast Mobile IPv6 Handover Using Link and Location InformationCSCJournals
This document proposes an improved fast mobile IPv6 handover mechanism using link layer and location information. It introduces using GPS location data from foreign agents to predict handovers in advance. This allows the mobile node and foreign agents to more quickly detect connectivity loss and initiate handover. Simulations show the proposed mechanism reduces handover latency and packet loss compared to the standard mobile IPv6 handover process. Link layer signals and location data allow handovers to begin earlier, improving performance.
The leading method of correspondence is clearly through voice trade. There are essentially two different ways through which voice can be effortlessly communicated on an organization: PSTN (Public Switched Telephone Network) and VoIP (Voice over Internet Protocol).
Mainly represented by SIP, VoIP protocols and implementations contain several vulnerabilities, particularly related to their complexities and in the face of interoperability of telephony equipment’s.
It was by identifying a lack of literature with focus in security and potential vulnerabilities of the SIP Protocol that we propose in this document. We attempt to provide a theoretical analysis from security aspects used by one of the signaling call protocols, Session Initiation Protocol (SIP).
It is intended to lucidly illustrate and identify threats, vulnerabilities, security mechanisms, developed methods and protocols and, finally over time improvements.
WiMAX AND WLAN NETWORKS FOR VOICE OVER IP APPLICATIONDaisyWatson5
AAA Authentication, Authorization and Accounting
ADPCM Adaptive Differential Pulse Coded Modulation
AES-CCM Advanced Encryption Standard Counter with
CBC MAC
AMC Adaptive Modulation and Coding
AP Access point
ARQ Automatic Repeat Request
ASN Access Service Network
AWGN Adaptive White Gaussian Noise
BE Best Effort Service
BPSK Binary Phase Shift Keying
BSS Base Service Set
BWA Broadband Wireless access
CBR Constant Bit Rate
CID Connection Identifier
CS Convergence Sub-layer
CS-ACELP Conjugate Structure Algebraic-Code Excited
Linear Prediction
CSMA/CA Carrier Sense Multiple Access/ Collision
Avoidance
CSN Connectivity Service Network
CCA Clear Channel Assessment
DBPSK Differential Binary Phase Shift Keying
DCF Distributed Coordination Function
DCME Digital Circuit Multiplication Equipment
DHCP Dynamic Host Control Protocol
DL Downlink
DLC Data Link Control Layer
DL-MAP Downlink Map
DOCSIS Data over cable service interface specification
DQPSK Differential Quadrature Phase Shift Keying
DSL Digital Subscriber Line
DSSS Direct Sequence Spread Spectrum
EAP Extensible Authentication Protocol
ertPS extended real time Polling Service
ESS Extended Service Set
FDD Frequency Division Duplexing
FHSS Frequency Hop Spread Spectrum
FTP File Transfer Protocol
GFSK Gaussian Frequency Shift Keying
GRE Generic Routing Encapsulation
IETF-EAP Internet Engineering Task Force-Extensible
Authentication Protocol
IEEE Institute of Electrical and Electronic Engineers
IP Internet Protocol
IR Infra Red
ISI Inter Symbol Interference
ISM Industrial, Scientific and Medical
ITU-T Telecommunication Standardization Sector of the
International Telecommunications Union
LAN Local Area Network
LD-CELP Low-Delay Code Excited Linear Prediction
LLC Logical Link Control
LOS Line Of Sight
MAC Medium Access Control
MAC CPS MAC Common Part Sub-layer
MN Mobile Node
MOS Mean Opinion Score
MS Mobile Station
nrtPS non-real time Polling Service
NSP Network Service Provider
NWG Network Working Group
OFDMA Orthogonal Frequency Division Multiple Access
PC Point coordinator
PCF Point Coordination Function
PHY Physical layer
PLCP Physical Layer Convergence Protocol
PMD Physical Medium Dependent
PMKv2 Privacy and Key Management Protocol version 2
PPP Point to Point Protocol
PSTN Public Switched Telephone Network
PTM Point To Multipoint
PTP Point To Point
QAM Quadrature Amplitude Modulation
QoS Quality of Service
QPSK Quadrature Phase Shift Keying
RLC Radio Link Control
rtPS real time Polling Service
RTS/CTS Request-To-Send/ Clear-To-Send
SDU Service Data Units
SIP Session Initiation Protocol
SISO Single Input Single Output
SONET Synchronous Optical Network
SS Subscriber Station
TDD Time Division Duplexing
Survey on SIP Overload Protection/Control AlgorithmsYang Hong
This document provides a summary and comparison of state-of-the-art SIP overload control algorithms. It first reviews two basic SIP mechanisms and summarizes experimental results showing SIP overload can collapse networks. It then surveys approaches for modeling dynamic SIP network behavior during overload. Finally, it compares different types of SIP overload control solutions and outlines opportunities for managing SIP overload control.
This document discusses implementing Voice over IP (VoIP) and IP Multimedia Subsystem services over WiMAX wireless networks. It addresses introducing VoIP and multimedia transmission over wireless, using soft switching for compatibility with WiMAX. It also discusses challenges like ensuring voice quality, security, and E911 support. Finally, it explores services like video on demand that WiMAX networks can provide using IP Media Subsystem technologies.
This document describes a proposed approach called Resource Allocation with Connection Admission Control (RA-CAC) and Adaptive Rate Scheduling (ARS) to improve quality of service for real-time traffic in WCDMA networks. The RA-CAC algorithm determines the optimal number of users to admit while minimizing call rejection rates. The ARS then adjusts transmission rates of admitted sessions based on feedback to better utilize network resources. Simulation results showed this approach increased delivery ratio, throughput and reduced delays compared to other resource allocation methods.
The document analyzes the phenomenon of silent calls (SCs) in mobile networks. Key findings:
1. Measurements of over 50,000 calls found 0.11% experienced a total SC where the receiving party heard silence the entire time.
2. The main causes of total SCs were found to be interference in the radio link and issues during handovers between network technologies.
3. Even with significant loss of speech signal, estimated speech quality was relatively good due to packet loss concealment techniques, with unacceptable quality defined as over 17% loss of speech.
This document discusses providing quality of service (QoS) assurances for multimedia streaming in mobile ad hoc networks (MANETs). It proposes using a dynamically controlled coefficient of variance (CV) to determine the optimal client buffer size at the receiver. The CV is the ratio of the standard deviation to the mean of end-to-end delay for transmitted packet ensembles. Simulation results show that dynamically adjusting the client buffer size based on measured bandwidth variation achieves negligible jitter in video streaming, providing an acceptable viewing experience. The minimum buffer size is determined by simulating video playout and increasing the buffer until there are no playback interruptions due to empty buffers.
Wireless Deauth and Disassociation Attacks explainedDavid Sweigert
This document summarizes a research paper on denial of service (DoS) attacks in wireless mesh networks. It discusses how management frames in wireless networks are unencrypted, allowing attackers to spoof frames and launch DoS attacks like deauthentication and disassociation attacks. It provides details on how these attacks work by spoofing management frames and terminating legitimate connections. It also reviews related work on implementing these attacks using tools and analyzing their impact on network performance. The goal of the research was to implement these attacks on a real wireless mesh testbed and propose a security algorithm to detect such attacks.
In this paper, an improved secure address resoluti
on protocol is presented where ARP spoofing
attack is prevented. The proposed methodology is a
centralised methodology for preventing
ARP spoofing attack. In the proposed model there is
a central server on a network or subnet
which prevents ARP spoofing attack.
This paper develops neural network models that can predict user quality of experience (QoE) for Internet Protocol television (IPTV) applications in real time based on network measurements. The models account for multiple video resolutions, audio/video codecs, and network conditions including jitter, packet loss, and router queuing disciplines. The models were trained using data from objective network simulations and subjective human experiments evaluating mean opinion scores for quality. Evaluation shows the models accurately and quickly predict user QoE for IPTV under different conditions and can be used to monitor network quality in real-time.
This document provides an overview of remote access service (RAS) including its types, components, supported clients, connection types, protocols, and how it works. RAS allows remote users to securely access a corporate network through a remote access server. It describes two main types of RAS - dial-up, which uses analog phone lines, and VPN access, which creates a secure connection over the internet. The document also outlines the various protocols and components involved in establishing and maintaining remote connections.
Wireless Disassociation and Deauthentication AttacksDavid Sweigert
This document proposes a lightweight solution called the "Letter-envelop protocol" to defend against deauthentication/disassociation attacks on 802.11 wireless networks. The protocol uses a one-way hard function based on prime factorization to authenticate management frames. When a device wants to disconnect, it sends the frame along with a "letter" that divides the previously exchanged "envelope" number, proving its identity. The protocol modifies the association process to exchange envelopes without requiring new cryptographic capabilities from legacy devices. Experimental results show the protocol effectively prevents spoofing of disconnect frames.
WIRELESS NETWORKS EC6802 BABU unit 1 & 2 PPTbabuece
WIRELESS NETWORKS EC6802 BABU unit 1 & 2 PPT
BABU M
ASST PROFESSOR
DEPARTMENT OD ELECTRONICS AND COMMUNICATION ENGINEERING
RMK COLLEGE OF ENGINEERING AND TECHNOLOGY
CHENNAI
THIRUVALLUR DISTRICT
A NOVEL ADAPTIVE CACHING MECHANISM FOR VIDEO ON DEMAND SYSTEM OVER WIRELESS M...IJCNCJournal
Video on Demand (VOD) system over the wireless mobile network is a system that provides video services to mobile clients. The main problem with these systems is the high service delay where the mobile clients have to wait to view their favorite movie. The importance of this paper is based on finding a solution on how to reduce the delay time in the VOD system. This paper introduces a novel caching mechanism named
Proxy Server Cache mechanism to tackle the issue of service delay. This delay happens when the broadcasting phase that is related to the first segment is missed by a client from the current broadcasting channels. In this mechanism, the video’s first segment is stored on a server of a stationary proxy type. The
delayed clients will directly acquire the first segment from the proxy server instead of waiting for the following broadcasting channel pertaining to the first segment. The proposed scheme ensuresobtaining the first segment from mobile clients when they arrive. Additionally, the performance of the proposed scheme is validated by applying the VOD system, which can involve the balancing mechanism to retain particular requests through to the local proxy server to provide a fair dissemination for these requests. The obtained result confirms that the proposed scheme reduces the time delay of the system in comparison with the best existing schemes. The results of the average time delay in the Proxy-Cache scheme is 179.2505
milliseconds when 10 clients arrive each minute (Client/minute), the average time delay is 140 milliseconds when the video lengths are 30, 60 and 90. Meanwhile, the failure probability for obtaining the first segment of the video remains zero when the number of arrived requests is set to2, 4, 6, 8 and 10.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
This document provides information about Cisco 640-864 training and exam preparation from Pass4sureexam. It includes 10 sample exam questions and answers related to Cisco network design. Key details include a summer discount of up to 10% on products using coupon code "summer", and that Pass4sureexam offers real exam questions and answers verified by IT professionals, interactive testing environments, and a high 99.6% exam pass rate.
IJERA (International journal of Engineering Research and Applications) is International online, ... peer reviewed journal. For more detail or submit your article, please visit www.ijera.com
Live Streaming With Receiver-Based P2P Multiplexing for Future IPTV NetworkIJMER
International Journal of Modern Engineering Research (IJMER) is Peer reviewed, online Journal. It serves as an international archival forum of scholarly research related to engineering and science education.
International Journal of Modern Engineering Research (IJMER) covers all the fields of engineering and science: Electrical Engineering, Mechanical Engineering, Civil Engineering, Chemical Engineering, Computer Engineering, Agricultural Engineering, Aerospace Engineering, Thermodynamics, Structural Engineering, Control Engineering, Robotics, Mechatronics, Fluid Mechanics, Nanotechnology, Simulators, Web-based Learning, Remote Laboratories, Engineering Design Methods, Education Research, Students' Satisfaction and Motivation, Global Projects, and Assessment…. And many more.
Evaluation of CSSR with Direct TCH Assignment in Cellular NetworksIJERA Editor
Global System for Mobile communication (GSM) operators make use of Key Performance Indicators (KPIs) to appreciate the network performance and evaluate the Quality of Service (QoS) regarding end user perceived quality. KPIs are therefore becoming increasingly important in the context of network rollouts as well as within mature network optimization cycles. The performance of the mobile network is measured based on several counters describing the most important events over a measurement period. The KPIs are derived with the help of these counters using different formulations. Call Setup Success Rate (CSSR) is one of the most important KPIs used by all mobile operators. In Ouagadougou, Burkina-Faso, most of the active workers and remote area farmers rely largely on mobile communication services; the GPRS as data services remain highly competitive with GSM voice services. This paper presents a comparative evaluation of theoretically estimated CSSR to measured CSSR data on a real network with regard to GPRS services. The measured data was obtained from the Nokia Siemens Network (NSN) statistical tool. The results obtained showed significant improvements in areas where sharp drops in CSSR values were recorded for the measured CSSR. Significantly high R square values of close to 1 representing a high predictive ability from the regression analysis of the estimated CSSR were also recorded. It was concluded that the implementation of the CSSR formulation be extended to CSSR measurements to ensure increased subscriber satisfaction.
This document outlines the basic design of a Tier 3 ISP network. It defines key ISP terminology like tiers and points of presence. The project goal is described as providing internet access to 3 departments on campus through a wired or wireless network. The core architecture includes a backbone with a core router connecting to distribution routers that provide access to the departments. The document also covers addressing, routing protocols and how the network would be set up and tested.
This document provides an overview of Mobile IP, including its key requirements, terminology, and technical processes. Mobile IP allows devices to change networks without losing connectivity by updating their location through registration with a home agent. It aims to remain compatible with existing IP standards while providing transparency to higher-level applications and efficiency at scale. The document explains concepts such as home and foreign networks, care-of addresses, agents, registration, tunneling, and optimization techniques.
A Comparative Analysis of the Performance of VoIP Traffic with Different Type...ijcnac
The key QoS parameters for VoIP are delay, jitter and loss. In the Internet, VoIP requires
the underlying packet switched network to minimize the impact of these parameters. A
major contributing factor in this regard is traffic engineering carried out by scheduling
algorithms. This paper studies the behavior of different types of scheduling algorithms on
the delay, jitter and loss QoS parameters. The performance evaluation involves
identifying the scheduling algorithms which are most suitable for VoIP communications.
The result from the analysis also shows the impact of the QoS parameters on VoIP over
the Internet.
The document proposes a WFQ-based dynamic bandwidth allocation framework for mobile WiMAX applications. It uses a packet scheduler scheme, call admission policy, and dynamic bandwidth allocation mechanism. Bandwidth is dynamically allocated based on a BVal parameter, which considers fairness, utilization, and delay bound. Packet scheduling is done in two tiers - the first uses EDF, WFQ, WFQ, and RR for different traffic classes, while the second uses WFQ. This architecture aims to provide quality of service support in a fair manner for different traffic types.
This document discusses implementing Voice over IP (VoIP) and IP Multimedia Subsystem services over WiMAX wireless networks. It addresses introducing VoIP and multimedia transmission over wireless, using soft switching for compatibility with WiMAX. It also discusses challenges like ensuring voice quality, security, and E911 support. Finally, it explores services like video on demand that WiMAX networks can provide using IP Media Subsystem technologies.
This document describes a proposed approach called Resource Allocation with Connection Admission Control (RA-CAC) and Adaptive Rate Scheduling (ARS) to improve quality of service for real-time traffic in WCDMA networks. The RA-CAC algorithm determines the optimal number of users to admit while minimizing call rejection rates. The ARS then adjusts transmission rates of admitted sessions based on feedback to better utilize network resources. Simulation results showed this approach increased delivery ratio, throughput and reduced delays compared to other resource allocation methods.
The document analyzes the phenomenon of silent calls (SCs) in mobile networks. Key findings:
1. Measurements of over 50,000 calls found 0.11% experienced a total SC where the receiving party heard silence the entire time.
2. The main causes of total SCs were found to be interference in the radio link and issues during handovers between network technologies.
3. Even with significant loss of speech signal, estimated speech quality was relatively good due to packet loss concealment techniques, with unacceptable quality defined as over 17% loss of speech.
This document discusses providing quality of service (QoS) assurances for multimedia streaming in mobile ad hoc networks (MANETs). It proposes using a dynamically controlled coefficient of variance (CV) to determine the optimal client buffer size at the receiver. The CV is the ratio of the standard deviation to the mean of end-to-end delay for transmitted packet ensembles. Simulation results show that dynamically adjusting the client buffer size based on measured bandwidth variation achieves negligible jitter in video streaming, providing an acceptable viewing experience. The minimum buffer size is determined by simulating video playout and increasing the buffer until there are no playback interruptions due to empty buffers.
Wireless Deauth and Disassociation Attacks explainedDavid Sweigert
This document summarizes a research paper on denial of service (DoS) attacks in wireless mesh networks. It discusses how management frames in wireless networks are unencrypted, allowing attackers to spoof frames and launch DoS attacks like deauthentication and disassociation attacks. It provides details on how these attacks work by spoofing management frames and terminating legitimate connections. It also reviews related work on implementing these attacks using tools and analyzing their impact on network performance. The goal of the research was to implement these attacks on a real wireless mesh testbed and propose a security algorithm to detect such attacks.
In this paper, an improved secure address resoluti
on protocol is presented where ARP spoofing
attack is prevented. The proposed methodology is a
centralised methodology for preventing
ARP spoofing attack. In the proposed model there is
a central server on a network or subnet
which prevents ARP spoofing attack.
This paper develops neural network models that can predict user quality of experience (QoE) for Internet Protocol television (IPTV) applications in real time based on network measurements. The models account for multiple video resolutions, audio/video codecs, and network conditions including jitter, packet loss, and router queuing disciplines. The models were trained using data from objective network simulations and subjective human experiments evaluating mean opinion scores for quality. Evaluation shows the models accurately and quickly predict user QoE for IPTV under different conditions and can be used to monitor network quality in real-time.
This document provides an overview of remote access service (RAS) including its types, components, supported clients, connection types, protocols, and how it works. RAS allows remote users to securely access a corporate network through a remote access server. It describes two main types of RAS - dial-up, which uses analog phone lines, and VPN access, which creates a secure connection over the internet. The document also outlines the various protocols and components involved in establishing and maintaining remote connections.
Wireless Disassociation and Deauthentication AttacksDavid Sweigert
This document proposes a lightweight solution called the "Letter-envelop protocol" to defend against deauthentication/disassociation attacks on 802.11 wireless networks. The protocol uses a one-way hard function based on prime factorization to authenticate management frames. When a device wants to disconnect, it sends the frame along with a "letter" that divides the previously exchanged "envelope" number, proving its identity. The protocol modifies the association process to exchange envelopes without requiring new cryptographic capabilities from legacy devices. Experimental results show the protocol effectively prevents spoofing of disconnect frames.
WIRELESS NETWORKS EC6802 BABU unit 1 & 2 PPTbabuece
WIRELESS NETWORKS EC6802 BABU unit 1 & 2 PPT
BABU M
ASST PROFESSOR
DEPARTMENT OD ELECTRONICS AND COMMUNICATION ENGINEERING
RMK COLLEGE OF ENGINEERING AND TECHNOLOGY
CHENNAI
THIRUVALLUR DISTRICT
A NOVEL ADAPTIVE CACHING MECHANISM FOR VIDEO ON DEMAND SYSTEM OVER WIRELESS M...IJCNCJournal
Video on Demand (VOD) system over the wireless mobile network is a system that provides video services to mobile clients. The main problem with these systems is the high service delay where the mobile clients have to wait to view their favorite movie. The importance of this paper is based on finding a solution on how to reduce the delay time in the VOD system. This paper introduces a novel caching mechanism named
Proxy Server Cache mechanism to tackle the issue of service delay. This delay happens when the broadcasting phase that is related to the first segment is missed by a client from the current broadcasting channels. In this mechanism, the video’s first segment is stored on a server of a stationary proxy type. The
delayed clients will directly acquire the first segment from the proxy server instead of waiting for the following broadcasting channel pertaining to the first segment. The proposed scheme ensuresobtaining the first segment from mobile clients when they arrive. Additionally, the performance of the proposed scheme is validated by applying the VOD system, which can involve the balancing mechanism to retain particular requests through to the local proxy server to provide a fair dissemination for these requests. The obtained result confirms that the proposed scheme reduces the time delay of the system in comparison with the best existing schemes. The results of the average time delay in the Proxy-Cache scheme is 179.2505
milliseconds when 10 clients arrive each minute (Client/minute), the average time delay is 140 milliseconds when the video lengths are 30, 60 and 90. Meanwhile, the failure probability for obtaining the first segment of the video remains zero when the number of arrived requests is set to2, 4, 6, 8 and 10.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
This document provides information about Cisco 640-864 training and exam preparation from Pass4sureexam. It includes 10 sample exam questions and answers related to Cisco network design. Key details include a summer discount of up to 10% on products using coupon code "summer", and that Pass4sureexam offers real exam questions and answers verified by IT professionals, interactive testing environments, and a high 99.6% exam pass rate.
IJERA (International journal of Engineering Research and Applications) is International online, ... peer reviewed journal. For more detail or submit your article, please visit www.ijera.com
Live Streaming With Receiver-Based P2P Multiplexing for Future IPTV NetworkIJMER
International Journal of Modern Engineering Research (IJMER) is Peer reviewed, online Journal. It serves as an international archival forum of scholarly research related to engineering and science education.
International Journal of Modern Engineering Research (IJMER) covers all the fields of engineering and science: Electrical Engineering, Mechanical Engineering, Civil Engineering, Chemical Engineering, Computer Engineering, Agricultural Engineering, Aerospace Engineering, Thermodynamics, Structural Engineering, Control Engineering, Robotics, Mechatronics, Fluid Mechanics, Nanotechnology, Simulators, Web-based Learning, Remote Laboratories, Engineering Design Methods, Education Research, Students' Satisfaction and Motivation, Global Projects, and Assessment…. And many more.
Evaluation of CSSR with Direct TCH Assignment in Cellular NetworksIJERA Editor
Global System for Mobile communication (GSM) operators make use of Key Performance Indicators (KPIs) to appreciate the network performance and evaluate the Quality of Service (QoS) regarding end user perceived quality. KPIs are therefore becoming increasingly important in the context of network rollouts as well as within mature network optimization cycles. The performance of the mobile network is measured based on several counters describing the most important events over a measurement period. The KPIs are derived with the help of these counters using different formulations. Call Setup Success Rate (CSSR) is one of the most important KPIs used by all mobile operators. In Ouagadougou, Burkina-Faso, most of the active workers and remote area farmers rely largely on mobile communication services; the GPRS as data services remain highly competitive with GSM voice services. This paper presents a comparative evaluation of theoretically estimated CSSR to measured CSSR data on a real network with regard to GPRS services. The measured data was obtained from the Nokia Siemens Network (NSN) statistical tool. The results obtained showed significant improvements in areas where sharp drops in CSSR values were recorded for the measured CSSR. Significantly high R square values of close to 1 representing a high predictive ability from the regression analysis of the estimated CSSR were also recorded. It was concluded that the implementation of the CSSR formulation be extended to CSSR measurements to ensure increased subscriber satisfaction.
This document outlines the basic design of a Tier 3 ISP network. It defines key ISP terminology like tiers and points of presence. The project goal is described as providing internet access to 3 departments on campus through a wired or wireless network. The core architecture includes a backbone with a core router connecting to distribution routers that provide access to the departments. The document also covers addressing, routing protocols and how the network would be set up and tested.
This document provides an overview of Mobile IP, including its key requirements, terminology, and technical processes. Mobile IP allows devices to change networks without losing connectivity by updating their location through registration with a home agent. It aims to remain compatible with existing IP standards while providing transparency to higher-level applications and efficiency at scale. The document explains concepts such as home and foreign networks, care-of addresses, agents, registration, tunneling, and optimization techniques.
A Comparative Analysis of the Performance of VoIP Traffic with Different Type...ijcnac
The key QoS parameters for VoIP are delay, jitter and loss. In the Internet, VoIP requires
the underlying packet switched network to minimize the impact of these parameters. A
major contributing factor in this regard is traffic engineering carried out by scheduling
algorithms. This paper studies the behavior of different types of scheduling algorithms on
the delay, jitter and loss QoS parameters. The performance evaluation involves
identifying the scheduling algorithms which are most suitable for VoIP communications.
The result from the analysis also shows the impact of the QoS parameters on VoIP over
the Internet.
The document proposes a WFQ-based dynamic bandwidth allocation framework for mobile WiMAX applications. It uses a packet scheduler scheme, call admission policy, and dynamic bandwidth allocation mechanism. Bandwidth is dynamically allocated based on a BVal parameter, which considers fairness, utilization, and delay bound. Packet scheduling is done in two tiers - the first uses EDF, WFQ, WFQ, and RR for different traffic classes, while the second uses WFQ. This architecture aims to provide quality of service support in a fair manner for different traffic types.
Choosing the best quality of service algorithm using OPNET simulationIJECEIAES
The concept of quality of service (QoS) is a new computer technology. Previously, there was a slow internet connection to access the sites and it was slow to send information. But now, it requires speeding up the traffic and increasing the efficiency for audio and video. In this study, we discuss the concepts of QoS provided over the network to achieve these goals. This study aims to compare six algorithms to control the QoS, then, the best algorithm will be selected to improve the traffic. These algorithms are named first in first out (FIFO), priority queuing (PQ), custom queuing (CQ), CQ with low latency queuing (LLQ), weighted fair queuing (WFQ), WFQ with low latency queuing (LLQ), so the behavior of these algorithms can be measured. The results obtained by comparing between them using OPNET simulation show that the best algorithm is the priority queuing algorithm, followed by CQ, then CQ with LLQ, then WFQ, then WFQ with LLQ and finally FIFO. All these results are plotted in the form of graphs to show the paths of these algorithms for the single state with an operation time of 5 minutes for each algorithm.
This document discusses VoIP (Voice over Internet Protocol) techniques and challenges. It begins by introducing VoIP as an alternative to traditional PSTN telephone networks that transmits voice over internet and packet-switched networks more cheaply. However, ensuring high quality of service (QoS) with factors like jitter, packet delay/loss, and bandwidth allocation presents major challenges for VoIP systems. The document goes on to describe how VoIP works by carrying voice in RTP packets within IP packets and discusses challenges to VoIP performance and QoS from system capacity, packet loss, delay, jitter, echo, and security.
A Quality of Service Strategy to Optimize Bandwidth Utilization in Mobile Net...IDES Editor
The mobile network that supports network mobility
is an emerging technology. It is also referred as NEMO
(NEtwork MObility). It is more appropriate for mobile
platforms such as car, bus, train, air plane, etc. It is a great
challenge to provide Quality of Service (QoS) in NEMO. QoS
is a set of service requirements to be met by the network.
There are various parameters by which QoS is provided. This
paper concentrates on providing optimum bandwidth for data
traffic. The objective of this paper is to propose a strategy to
use Virtual Circuit (VC) approach in NEMO. It helps to
utilize the bandwidth effectively, to consume minimum time to
transfer the data and also to reduce overload of the mobile
router due to the minimum size of the header. Ultimately, it
gives better results to enhance the QoS in mobile networks.
A SURVEY ON CALL ADMISSION CONTROL SCHEMES IN LTEIJCSES Journal
The growing number of mobile users with diverse applications such as VoIP, video, internet surfing etc. has made LTE networks to adopt a CAC strategy in order to ensure the quality of service (QoS) requirements of these applications. Over the years, several CAC schemes have been proposed to either accept or reject service requests. This paper presents a survey of these schemes under four different classes. The classes are: Bandwidth Reservation (BR), Bandwidth Degradation (BD), BR and BD and Non-BR and Non-BD (NBR-NBD). In each of the classification, the operation procedure, strengths and weaknesses of each scheme has been discussed. Furthermore, a comparative analysis of these schemes is also presented. The analysis provides insight into the challenges in the design of CAC by highlighting open research issues for future directions.
This document analyzes the impact of signaling load on call blocking and dropping in UMTS networks. It calculates the acquisition time for different signaling service types based on message length and transmission rates. It then estimates the maximum number of signaling sessions that can be supported simultaneously within the control interval based on a signal-to-interference ratio analysis. An example traffic scenario is provided to illustrate the benefits of studying how different signaling loads affect network performance. The analysis aims to efficiently allocate radio resources and preserve quality of service for both signaling and user data traffic.
IRJET- Campus-Wide Internet Telephony Design and Simulation using Voice over ...IRJET Journal
This document discusses the design and simulation of a Voice over Internet Protocol (VoIP) system for Adamawa State University in Nigeria using Cisco Packet Tracer. VoIP allows voice calls to be placed over an IP network like the internet rather than a traditional phone network. The proposed VoIP system would allow users across the university's campus to communicate freely using IP phones. The author conducted several simulations of the network architecture in Cisco Packet Tracer to develop a prototype VoIP system for the university. This would provide more flexible communication and help increase information sharing across the university's departments and offices by integrating them into a single network.
Traffic Offloading Solutions: Femto, WiFi and Integrated Femto-WiFiShristi Pradhan
I provide a comprehensive overview on various traffic offloading solutions:
1. Femtocells, which provides the benefits of scalability, automatic configuration and self-optimization.
2. WiFi, widely available in homes and hotspots.
3. Integrating femto and WiFi together to reap the benefits of both femtocell and WiFi technology.
Comparative Analysis of Quality of Service for Various Service Classes in WiM...Editor IJCATR
- The document analyzes the quality of service (QoS) for various service classes in WiMAX networks using the network simulator NS-3. It compares QoS parameters like throughput, packet loss, delay, and jitter for different service classes including UGS, rtPS, nrtPS, and BE when transmitting MPEG-4 video traffic.
- The simulation setup models a WiMAX network with multiple subscriber stations connected to a base station and core network. Video streaming traffic is used to represent real-time variable bitrate applications. Trace files capturing packet information are analyzed using PHP scripts to extract QoS results for comparison of the different service classes.
Quality of service improvement, Handoff Prioritization and Channel utilizatio...IJERA Editor
1. The document discusses call admission control and quality of service improvement techniques for cellular networks. It aims to reduce dropped handoff calls and improve quality of service by reducing grade of service.
2. It proposes prioritizing handoff calls over new calls by using guard channels reserved for handoffs or queuing handoff calls. This reduces the handoff call dropping probability at the cost of increased new call blocking probability.
3. It introduces a call admission control algorithm that considers both new and handoff call quality of service requirements to maximize resource utilization while minimizing the dropping probabilities of both call types.
Investigating the performance of voip over wlan in campus networkAlexander Decker
This document discusses a simulation study of Voice over IP (VoIP) performance over a wireless campus network. The study investigated three factors:
1) Increasing the number of VoIP workstations from 6 to 30, which significantly increased jitter, delay, data dropped and decreased throughput. The network could only support 2-4 VoIP clients.
2) Using different voice coding schemes (G.711, G.723, G.729), which found that G.711 had the lowest jitter and delay but highest data dropped, while G.729 had the highest jitter and delay but lowest data dropped.
3) Increasing clients in video conferencing, which was not explicitly studied but would further degrade performance
Call Admission Control Scheme With Multimedia Scheduling Service in WiMAX Net...Waqas Tariq
WiMAX network introduces a multimedia data scheduling service with different quality of service (QoS) requirements. Transmission opportunities are scheduled by the service according to the types of traffic data for the different connections or users. In the paper, we first propose a uniform definition of QoS level for the multimedia data types in the service. The QoS level of a connection are determined by the type of data of the connection and its allocated resources. Based on these QoS levels, we propose a call admission control (CAC) scheme for the entry admission of a new connection without degrading the network performance and the QoS of ongoing connections. The key idea of this scheme is to regulate the arriving traffic of the network such that the network can work at an optimal point, given under a heavy load traffic. Taking advantage of the simulation experiments, we confirm the fact that the proposed scheme can achieve better trade-off between the overall performance of network system and the QoS level of individual connection.
This document discusses Quality of Service (QoS) schemes in cellular networks. It begins with introducing QoS and why it is needed in cellular networks. It then describes the challenges of providing QoS and what has been achieved so far. The rest of the document is organized by discussing the Universal Mobile Telecommunication System (UMTS) QoS architecture, QoS classes and attributes, different QoS schemes, integrating cellular and wireless local area networks, and concluding with a summary.
NETWORK PERFORMANCE EVALUATION WITH REAL TIME APPLICATION ENSURING QUALITY OF...ijngnjournal
The quality of service is a need in recent computer network developments. The present paper evaluates some characteristics in a proposed network topology such as dropped packets and bandwidth use, using two traffic sources, firstly a VoIP source over an UDP agent, then a CBR traffic source over an UDP agent as well as the previous one. Two possible configurations are proposed, implementing both of them in the Network Simulator, and implementing in one of them differentiated services to compare the results. Statistics results are shown, in both cases showing the accumulative dropped packet number and the throughput in the link, obtaining a reducer number of dropped packets in the stage with differentiated services, and an improvement in the bandwidth use.
Talhunt is a leader in assisting and executing IEEE Engineering projects to Engineering students - run by young and dynamic IT entrepreneurs. Our primary motto is to help Engineering graduates in IT and Computer science department to implement their final year project with first-class technical and academic assistance.
Project assistance is provided by 15+ years experienced IT Professionals. Over 100+ IEEE 2015 and 200+ yester year IEEE project titles are available with us. Projects are based on Software Development Life-Cycle (SDLC) model.
This document provides summaries of 15 networking projects from TTA including the project code, title, description, and reference. The projects cover topics like delay analysis of opportunistic spectrum access MAC protocols, load balancing for network traffic measurement, key exchange protocols for parallel network file systems, anomaly detection in intrusion detection systems, and energy efficient group key agreement for wireless networks. The document provides contact information at the end for obtaining full project papers.
AN ARCHITECTURAL FRAMEWORK FOR DELIVERING SIP-AS MULTIMEDIA SERVICES BASED ON...ijngnjournal
This document proposes and evaluates a new scalable service-oriented architecture for delivering SIP application services based on JADE/OSGi technology. It introduces an architectural framework that uses a JADE multi-agent system implemented on an OSGi platform to provide SIP application services as a service (SIP-AS) over an IMS core network. As a proof of concept, a televoting service was developed and tested on this architecture. Results showed that the televoting service scales well, enabling elasticity and dynamic load balancing of the architecture.
Performance Analysis of Wireless Networks With MDQOSIJERA Editor
In Wireless/Mobile networks various kinds of encoding schemes were used for transmission of data over a bandwidth. The desired quality and generated traffic varies with the requirement with this bandwidth. A generic video telephony may require more than 40 kbps whereas a low motion video telephony may require about 25 kbps for data transmission. From the designing point of view these requirements demands for an alternative resource planning, especially for bandwidth allocation in wireless networks. In wireless network where bandwidth is a scare resource, the system may need to block incoming user if all of the bandwidth has been used to provide highest quality of service to existing users. However this bandwidth resource planning may be unacceptable for larger application. A degradable approach to multiple users can be made on bandwidth allocation to reduce the blocking probability without degrading the quality of service to existing users.
This work aims towards a realization of a wireless/mobile network using W-CDMA multi access technique supporting multilevel quality of services. The bandwidth allocation to multiple users is adjusted dynamically according to the required network condition so as to increase bandwidth utilization. The work analyze the performance deriving the degradation period ratio, mean degradation time and degradation state for the implemented wireless network.The proposed work is aim to implement on Matlab tool for its functional verification considering various mobility patterns
A Proposal for End-to-End QoS Provisioning in Software-Defined NetworksIJECEIAES
This paper describes a framework application for the control plane of a network infras- tructure; the objective is to feature end-user applications with the capability of requesting at any time a customised end-to-end Quality-of-Service profile in the context of dynamic Service-Level-Agreements. Our solution targets current and future real-time applications that require tight QoS parameters, such as a guaranteed end-to-end delay bound. These applications include, but are not limited to, health-care, mobility, education, manufacturing, smart grids, gaming and much more. We discuss the issues related to the previous Integrated Service and the reason why the RSVP protocol for guaranteed QoS did not take off. Then we present a new signaling and resource reservation framework based on the cutting-edge network controller ONOS. Moreover, the presented system foresees the need of considering the edges of the network, where terminal applications are connected to, to be piloted by distinct logically centralised controllers. We discuss a possible inter-domain communication mechanism to achieve the end-to-end QoS guarantee.
Similar to EFFECTIVE VOICE CALLS ADMISSION FOR AUTHORIZED USER IN INTER VOIP NETWORK (20)
Advanced control scheme of doubly fed induction generator for wind turbine us...IJECEIAES
This paper describes a speed control device for generating electrical energy on an electricity network based on the doubly fed induction generator (DFIG) used for wind power conversion systems. At first, a double-fed induction generator model was constructed. A control law is formulated to govern the flow of energy between the stator of a DFIG and the energy network using three types of controllers: proportional integral (PI), sliding mode controller (SMC) and second order sliding mode controller (SOSMC). Their different results in terms of power reference tracking, reaction to unexpected speed fluctuations, sensitivity to perturbations, and resilience against machine parameter alterations are compared. MATLAB/Simulink was used to conduct the simulations for the preceding study. Multiple simulations have shown very satisfying results, and the investigations demonstrate the efficacy and power-enhancing capabilities of the suggested control system.
CHINA’S GEO-ECONOMIC OUTREACH IN CENTRAL ASIAN COUNTRIES AND FUTURE PROSPECTjpsjournal1
The rivalry between prominent international actors for dominance over Central Asia's hydrocarbon
reserves and the ancient silk trade route, along with China's diplomatic endeavours in the area, has been
referred to as the "New Great Game." This research centres on the power struggle, considering
geopolitical, geostrategic, and geoeconomic variables. Topics including trade, political hegemony, oil
politics, and conventional and nontraditional security are all explored and explained by the researcher.
Using Mackinder's Heartland, Spykman Rimland, and Hegemonic Stability theories, examines China's role
in Central Asia. This study adheres to the empirical epistemological method and has taken care of
objectivity. This study analyze primary and secondary research documents critically to elaborate role of
china’s geo economic outreach in central Asian countries and its future prospect. China is thriving in trade,
pipeline politics, and winning states, according to this study, thanks to important instruments like the
Shanghai Cooperation Organisation and the Belt and Road Economic Initiative. According to this study,
China is seeing significant success in commerce, pipeline politics, and gaining influence on other
governments. This success may be attributed to the effective utilisation of key tools such as the Shanghai
Cooperation Organisation and the Belt and Road Economic Initiative.
Low power architecture of logic gates using adiabatic techniquesnooriasukmaningtyas
The growing significance of portable systems to limit power consumption in ultra-large-scale-integration chips of very high density, has recently led to rapid and inventive progresses in low-power design. The most effective technique is adiabatic logic circuit design in energy-efficient hardware. This paper presents two adiabatic approaches for the design of low power circuits, modified positive feedback adiabatic logic (modified PFAL) and the other is direct current diode based positive feedback adiabatic logic (DC-DB PFAL). Logic gates are the preliminary components in any digital circuit design. By improving the performance of basic gates, one can improvise the whole system performance. In this paper proposed circuit design of the low power architecture of OR/NOR, AND/NAND, and XOR/XNOR gates are presented using the said approaches and their results are analyzed for powerdissipation, delay, power-delay-product and rise time and compared with the other adiabatic techniques along with the conventional complementary metal oxide semiconductor (CMOS) designs reported in the literature. It has been found that the designs with DC-DB PFAL technique outperform with the percentage improvement of 65% for NOR gate and 7% for NAND gate and 34% for XNOR gate over the modified PFAL techniques at 10 MHz respectively.
Literature Review Basics and Understanding Reference Management.pptxDr Ramhari Poudyal
Three-day training on academic research focuses on analytical tools at United Technical College, supported by the University Grant Commission, Nepal. 24-26 May 2024
Harnessing WebAssembly for Real-time Stateless Streaming PipelinesChristina Lin
Traditionally, dealing with real-time data pipelines has involved significant overhead, even for straightforward tasks like data transformation or masking. However, in this talk, we’ll venture into the dynamic realm of WebAssembly (WASM) and discover how it can revolutionize the creation of stateless streaming pipelines within a Kafka (Redpanda) broker. These pipelines are adept at managing low-latency, high-data-volume scenarios.
International Conference on NLP, Artificial Intelligence, Machine Learning an...gerogepatton
International Conference on NLP, Artificial Intelligence, Machine Learning and Applications (NLAIM 2024) offers a premier global platform for exchanging insights and findings in the theory, methodology, and applications of NLP, Artificial Intelligence, Machine Learning, and their applications. The conference seeks substantial contributions across all key domains of NLP, Artificial Intelligence, Machine Learning, and their practical applications, aiming to foster both theoretical advancements and real-world implementations. With a focus on facilitating collaboration between researchers and practitioners from academia and industry, the conference serves as a nexus for sharing the latest developments in the field.
KuberTENes Birthday Bash Guadalajara - K8sGPT first impressionsVictor Morales
K8sGPT is a tool that analyzes and diagnoses Kubernetes clusters. This presentation was used to share the requirements and dependencies to deploy K8sGPT in a local environment.
ACEP Magazine edition 4th launched on 05.06.2024Rahul
This document provides information about the third edition of the magazine "Sthapatya" published by the Association of Civil Engineers (Practicing) Aurangabad. It includes messages from current and past presidents of ACEP, memories and photos from past ACEP events, information on life time achievement awards given by ACEP, and a technical article on concrete maintenance, repairs and strengthening. The document highlights activities of ACEP and provides a technical educational article for members.
DEEP LEARNING FOR SMART GRID INTRUSION DETECTION: A HYBRID CNN-LSTM-BASED MODELgerogepatton
As digital technology becomes more deeply embedded in power systems, protecting the communication
networks of Smart Grids (SG) has emerged as a critical concern. Distributed Network Protocol 3 (DNP3)
represents a multi-tiered application layer protocol extensively utilized in Supervisory Control and Data
Acquisition (SCADA)-based smart grids to facilitate real-time data gathering and control functionalities.
Robust Intrusion Detection Systems (IDS) are necessary for early threat detection and mitigation because
of the interconnection of these networks, which makes them vulnerable to a variety of cyberattacks. To
solve this issue, this paper develops a hybrid Deep Learning (DL) model specifically designed for intrusion
detection in smart grids. The proposed approach is a combination of the Convolutional Neural Network
(CNN) and the Long-Short-Term Memory algorithms (LSTM). We employed a recent intrusion detection
dataset (DNP3), which focuses on unauthorized commands and Denial of Service (DoS) cyberattacks, to
train and test our model. The results of our experiments show that our CNN-LSTM method is much better
at finding smart grid intrusions than other deep learning algorithms used for classification. In addition,
our proposed approach improves accuracy, precision, recall, and F1 score, achieving a high detection
accuracy rate of 99.50%.
EFFECTIVE VOICE CALLS ADMISSION FOR AUTHORIZED USER IN INTER VOIP NETWORK
1. International Journal of Network Security & Its Applications (IJNSA), Vol.2, No.4, October 2010
DOI : 10.5121/ijnsa.2010.2416 213
EFFECTIVE VOICE CALLS ADMISSION FOR
AUTHORIZED USER IN INTER VOIP NETWORK
Subashri T1
, Vaidehi V2
1,2
Department of Electronics, MIT Campus, Anna University, Chennai-44
tsubashri@annauniv.edu1
, vaidehi@annauniv.edu2
ABSTRACT
IP based voice transmission technology is a flexible, simpler and a cost effective implementation of voice
transmission. It provides a real convergence of various networks. This voice transmission technology does
not support a quality that is equivalent to digitized voice, which is available in the existing PSTN networks.
In addition to this, data network vulnerabilities affect the VOIP service causing a drop in the utilization of
voice communication. In this paper, the quality of service for voice calls is ensured with the integration of
CAC mechanism with the bandwidth link utilization which makes an estimation of the demanded
bandwidth. In terms of security, prevention of ARP cache poisoning attack is achieved by use of the signed
MAC address response in local area networks. It makes the network confident that the admitted user is an
authorized user and also it verifies that only the authorized users’ information is exchanged over the local
area network. Also an approach that makes it difficult for the hacker’s to hack the data exchanged over the
quality channel has been proposed.
KEYWORDS
Bandwidth link utilization, CACA, LU-CAC, MAC addresses Hash value.
1. INTRODUCTION
With the growing speed of large scale internet industry it is now possible to transmit all real time
data over the internet protocol. The internet protocol plays a major role in the real time services
offered in the internet world. One such technology is voice over internet protocol. Sending
digitized voice over the internet protocol is an approach to make voice call. VOIP is an attractive
technology and it is adopted in home and business environments, because of their cheaper call
rates compared to the PSTN based fixed networks and it also provides greater flexibility in terms
of added features in addition with the existing voice communication techniques. As the IP based
networks do not have CAC mechanisms the new flow would suffer packet loss and/ or significant
delay. To prevent this, QoS is guaranteed for both new and existing calls by the decision making
process of CAC mechanism, introduced in the IP networks. The PSTN network consists of call
admission control mechanism. If the number of calls exceeds the capacity of the links, the request
for new calls will be rejected while all the other calls in progress continue without any problem.
The admission of a voice call is done by the CACA (Call Admission Control Agent) [1]. But in
the case of IP based VOIP networks, this CAC mechanism is not provided, and hence QoS will
not be guaranteed. The traffic which keeps entering the network even beyond the networks
capacity limit consequently causes both the existing and the new flows to suffer packet loss and
/or significant delay [2]. By the CAC mechanism integrated with the call manager, the rejection
of voice calls and QoS is guaranteed. A very important aspect from the corporate point of view
for the lack of success of VOIP technology is its security. VOIP technology is integrated with the
workplace making the hacker’s job easier if packets are routed through unsecured data packets on
a public network.
The transmissions of speech across data networks are mostly vulnerable to attacks. Thus the
attacker poses a threat to the security services which is available in the VOIP network. Different
2. International Journal of Network Security & Its Applications (IJNSA), Vol.2, No.4, October 2010
214
attacks cause several changes towards the secured information. Depending on the kind of attack
several changes have to be made to the security of a network. Some of the security attacks may
prevent use of all the available user resources. Thus all the services and features available to the
enhanced users are destroyed making the purpose of the VOIP communication a failure due to
this security problem. Quality ensured user authentication is very important for VOIP
conversation. Without this verification for authentication, all the calls may get dropped even if the
user resource quality is enhanced. In this paper, an approach which ensures that the authorized
user is able to get the enhanced QoS guaranteed channel for their communication is provided by
the integration of CAC mechanisms with user authentication procedure at the server [3]. This
paper is organised as follows: chapter 2 gives the details of admission of voice calls, chapter 3
presents proposed method for securing ARP cache poisoning and chapter 4 discusses the
experimental results for admission of voice calls using delay analysis and continued by the
verification of prevention of ARP cache poisoning attack. Finally, conclusion is given in the
chapter 5.
2. Admission of voice calls using delay analysis method in differentiated Services
Call manager provides the overall framework for communication within a corporate environment.
Gatekeeper provides address translation and admission control services to the calls. Call manager
and gatekeeper communicate with each other by using the H.323 signalling protocol as shown in
Figure 1. A location defines the topological area connected to other areas by links with a limited
bandwidth that are registered to a call manager. A zone is a collection of H.323 endpoints that
have been registered with the gatekeeper.
Figure 1. Block Diagram of the VOIP system
Call Manager as well as Gatekeeper performs admission control for calls between locations in a
zone or calls between zones, aiming to provide a certain degree of QoS to voice over IP networks.
To call within a zone, only the Call Manager located in the enterprise environment is invoked to
perform CAC. However, for a call traversing multiple zones, not only Call Managers but also the
related Gatekeeper may be involved to perform CAC.
The QoS-provisioning system is integrated into the current VoIP systems to enable both Site
utilization based Call Admission Control (SU-CAC ) and Link Utilization based Call Admission
3. International Journal of Network Security & Its Applications (IJNSA), Vol.2, No.4, October 2010
215
Control (LU-CAC) to be well utilized and supported. With this system, the overhead of resource
reservation at the core routers will be pushed to the agents in the QoS-provisioning system, which
overcomes the weakness of the current VoIP system [2] in applying the LU-CAC, performing
resource allocation to better support the SU- CAC mechanism.
F
igure 2. Block Diagram of QoS Provisioning VoIP system
This VOIP QoS-provisioning system consists of a Call Admission Control Agent (CACA) and
the Integration Component (IC) as shown in Figure 2. The CACA has two modules. They are
Utilization Computation Module and Admission Decision Module. The Integration Component
(IC) integrates CACA with the existing VoIP systems. IC in the VOIP system provides call
signalling process modules to monitor and intercept the call setup signalling from Gatekeeper or
Call- Manager, and retrieves the useful message and passes it to the CACA. Call admission
decision is made by the CACA.
2.1 Components of the QoS-Provisioning System
Figure 3. Components of the QoS-provisioning system
Figure 3 shows the components of QoS provisioning system. The function of QoS manager is to
provide user interface to control and monitor components. It provides registration to the
distributed agents and co- ordination among the distributed agent in the same QoS domain. It co-
operates with the peer QoSMs that belong to other QoS.
There are two sub modules on call admission control agent, namely utilization computation
module, and admission decision making module. Utilization computation module performs
4. International Journal of Network Security & Its Applications (IJNSA), Vol.2, No.4, October 2010
216
deterministic (or) statistical delay analysis to obtain the maximum bandwidth utilization. The
admission control is done with specific CAC mechanism by using the admission decision making
module.
2.2 Existing solutions for call admission control mechanism
It is necessary to frame a methodology for providing absolute differentiated services for real time
applications which can be used to derive delay bounds without specific information on flow
population [6]. S. Wang and D. Xuan authors has proposed a method which employs a utilization
based admission control approach for flow admission which does not require delay computation
at admission time, and hence scalable to larger systems. Static Priority Schedulers [3] in
differentiated service networks assign priorities on a class by class basis, with the same priority
for each class and on each router [5], Thus allowing different routers to assign different priorities
to classes achieving significantly higher utilization bounds in the absolute estimation of
differentiated services[9][12].
As priority assignment has direct impact on the delay performance of individual packets in static-
priority networks, it must be carefully addressed. In the DiffServ domain, applications are
differentiated by their classes. Accordingly, previous studies [4],[7],[8] assume that priorities are
assigned on a class basis only, where all the flows in a class are assigned the same priority
[10],[11]. Generalized priority assignment algorithms, where the flows in a class may be assigned
different priorities and flows from different classes may have the same priority.
A good survey in both absolute and relative differentiated services has been done by authors D.
Xuan and R. Betti in proposed premium service model, which provides equivalent of a dedicated
link between two access routers. It provides absolute differentiated services in priority driven
scheduling networks with two priorities, in which the higher priority is reserved for premium
service [7]. An algorithm which provides both guaranteed statistical rate delay bounds and
address scalability through traffic aggregation and statistical making is described to provide
guaranteed service without per flow state management by using a technique called Dynamic
Packet State (DPS) has been proposed by S. Blake et al[10].
The admission control needs to be explicitly computed to verify delays for the new and exciting
flows for every new flow request. As the number of flow requests increases, this procedure
becomes too expensive [11]. In such cases, UBAC (Utilization Based Admission Control) is used
[1][2]. Although UBAC was primarily proposed for pre-emptive scheduling of periodic tasks on a
simple processor, it is also used for centralized systems. In the case of aggregate scheduling, flow
and population insensitive delay analysis has been done [13]. Lower bounds on these analyses are
a function of network utilization, max hop count and other shaping parameters that are
independent of network topology. A better delay bound is derived in static priority scheduling
network which primarily focuses on real time communication applications within DiffServ
domains. Priority assignment methods for ring network and ATM networks are the two specific
areas of concern within DiffServ domains [11].
It is observed that the existing methods are not capable of meeting the deadline requirement.
Hence this paper proposed, Deterministic delay based method for guaranteeing end to end delay.
2.3 Design of a Call Admission Control Agent (CACA)
5. International Journal of Network Security & Its Applications (IJNSA), Vol.2, No.4, October 2010
217
The Call Admission Control Agent (CACA) is a key component in the QoS- provisioning
system. It consists of two modules. The utilization computation module performs delay analysis
and computes the maximum bandwidth utilization. It usually runs at the configuration time. The
computed utilization will be allocated to LU-CAC mechanism. At the runtime, the admission
decision making module will make an admission decision for each incoming call request, based
on the allocated bandwidth utilization (by the utilization computation module) and the
currently consumed bandwidth. The maximum link utilization is the maximum value of the link
utilization under which the end to end delay can be guaranteed with LU-CAC.
Figure. 4. Utilization verification procedure
The utilization computation module has a sub module called Link Utilization Computation. The
main task of this sub module is to compute the maximum link utilization for LU-CAC by calling
a procedure, named utilization verification procedure. Given the voice traffic model, the network
topology, and the voice traffic deadline requirement, for any input of link utilization U, the worst-
case delay (deterministic case) or delay distribution (statistical case) with deterministic delay
analysis methods is computed as shown in Figure 4. Then, it verifies whether the link is safe or
not for ensuring the end-to-end delay to meet the deadline.
Generally, there are two distinct types of delays suffered by a voice packet from source to
destination: fixed and variable. Fixed delays include propagation delay, transmission delay, and
so on. Variable delays arise from queuing delays in the output buffers. All fixed delays can be
obtained by well-known experimental data or by using existing tools. However, it is difficult to
obtain the variable delays. Therefore, all the calls currently established in the network must be
known in order to compute queuing delays.
2.4 Utilization-based Deterministic Delay Analysis
If the deadline requirement is deterministic, then the worst-case queuing delay dk suffered by any
voice packet and the buffer of output link ‘k’is bounded by
+
−
−
≤ yu
uc
c
d kk
kk
k
k
ρ
σ1
(1)
(2)
6. International Journal of Network Security & Its Applications (IJNSA), Vol.2, No.4, October 2010
218
Where ck is the capacity of the link. σ is the burst size, ρ is the average rate at the entrance of the
network, uk is the utilization of the link. yk is defined as the worst case queuing delay bound
suffered by any packet upstream from layer-k and it is given by,
∑
−
=
=
1
1
^
k
l
lk dy (3)
+= yd kk
r
ρ
σ^
(4)
By using the equation (3) and (4) we get,
ddd kkk
r
^
1
^
1
^
−−
=− (5)
ddd l
k
kk
rr
^)1(^
1
^
)1()1( −
−
+=+= (6)
We know that delay of link dl
^
= r (σ/ρ), therefore, dk
^
, the maximum of worst-case delays
suffered by any voice packet at layer-k link servers, can be bounded as follows,
≤ +
−
ρ
σ
*)1(
1^
rd
k
k
r (7)
yk can be bounded as,
)1()1( )1(
11
1
)1(
1
1
^
−=
+≤≤ +∑∑
−−
=
−
−
=
rdy
kk
l
l
k
l
lk
rr
ρ
σ
(8)
Therefore the maximum end to end delay can be bounded as
( )
ρ
σ)1(
1^
2
1(
−
+
+≤≤
h
h
ee
ryd (9)
2.5 Utilization-Based Statistical Delay Analysis
If the deadline requirement is probabilistic, as in this case, dk is a random variable and Dk is
denoted as its deadline. The violation probability of delay for any voice packet with the highest
priority suffered at the buffer of output link k is bounded by
(10)
7. International Journal of Network Security & Its Applications (IJNSA), Vol.2, No.4, October 2010
219
The end to end deadline violation probability can be bounded as,
(11)
The utilization-based delay analysis techniques shows that, under the given network topology and
traffic model, the queuing delay or deadline violation probability at each output queue depends on
link bandwidth utilization. By limiting the utilization of link bandwidth, the overall delay or
deadline violation probability can be bounded. Given the deadline requirement, with the
utilization-based delay analysis techniques, the maximum link utilization computation can obtain
the maximum link utilization, which will be applied in the LU-CAC mechanism to perform
admission control.
2.6 Site Utilization Computation based CAC (SU-CAC)
The main task of this sub module is to compute the maximum site utilization for SU-CAC. Site
utilization computation SU-CAC mechanism tends to underutilize the network resource while
providing end-to-end delay guarantees. The objective in the maximum site utilization
computation is to optimize the overall site bandwidth utilization. The proposed maximum link
utilization computation will be based on the end to end link maximum utilization computation
and further splitting each maximum link utilization to the pair of sites that share this link. Given
the network topology and the limitation of link, bandwidth is allocated to the voice traffic and the
overall bandwidth utilization to sites is optimized as follows:
Maximize RR u∑ (12)
Subject to R kR k u u≤∈∑ , for each link k (13)
0
Ru ≤ 1
Ru Ru , for each route R (14)
Where ku is the maximum bandwidth of link k allocated to voice traffic R k∈ represents all
routes among any pair of sites R going through link k, Ru is the bandwidth of R allocated to
voice traffic,
0
Ru and 1
Ru are the lower and upper bandwidth bounds for R allocated to voice
traffic. In the above equations, (12) is the overall bandwidth utilization, (13) shows that the
bandwidth preallocation to each pair of sites is being constrained by the link bandwidth
limitation, and (14) is the user requirement for bandwidth preallocation to each pair of sites. This
is a linear programming problem, which can be solved in polynomial time. The output, i.e., the
preallocated bandwidth, will be used as the bandwidth limitation in the SU-CAC mechanism.
3. Proposed Method for Securing ARP Cache Poisoning Attack
Here, an approach for the secured ARP request and response between the client and the server is
proposed. The block diagram of ARP cache prevention architecture is presented in Figure 5.
Client 1 needs the MAC address of the client 2 in the network for making communications. ARP
program in client 1 gives the MAC address of client 2 from its ARP cache table. If client 2’s
address is not found in the ARP cache table, it sends the request to the server and tries to find the
MAC address of client 2. The ARP table contains the IP and MAC address of the clients. The
table is available for the use of the two clients involved in the communication and
8. International Journal of Network Security & Its Applications (IJNSA), Vol.2, No.4, October 2010
220
remains invisible to the other clients. In the server, broadcasting of ARP request results in forged
ARP replies from the hackers, causing false communication between the client and the hacker.
Instead of broadcasting the request to the entire network, the newly created relay agent is used for
processing the secure ARP request and response. Server relay agent takes the responsibility of
sending the request and replying to the client in a secured manner, thereby establishing a proper
user communication between the sender and the receiver.
After the client sends a request, the server relay agent sends a response which is hashed with
SHA-256 algorithm and encrypted using the RSA algorithm. Therefore only the authorised clients
who are all connected to the server relay agent are permitted to exchange these ARP requests
and responses in a secured manner.
Figure 5. Block diagram of ARP cache prevention architecture
Thus the authorized client can decrypt and use this secured response from the server relay agent.
After some time period, if client 1 is no longer communicating with client 2, then the system
delete the entries in the ARP table. So it becomes for eavesdrop to poison the ARP request and
reply. Since the clients can only request the server to give the destination’s MAC address, the
network broadcast overhead of ARP request is also reduced.
4. Experimental results for admission of voice calls using delay analysis method
4.1 Estimation of Queue Bandwidth
Network Simulator 2 is used to simulate the VoIP traffic. By using NS2 the queue bandwidth
between the source and the destination node is simulated. In Figure 6, X axis represents time and
Y axis represents bandwidth in Mbps.
9. International Journal of Network Security & Its Applications (IJNSA), Vol.2, No.4, October 2010
221
Figure 6. Queue bandwidth
4.2 Estimation of Queue size
Queue size is calculated between the source and the destination node. Queue size is the number of
packets waiting in the queue between two nodes. By using the queue size the queuing delay can
be calculated.
Figure 7. Queue Size
When the queuing delay is lesser than or equal to deterministic delay then the utilization will be
safe else the utilization will not be safe. Figure 7 presents the performance of CACA for variation
in queue size. In this Figure, X axis represents queue size and Y axis gives the number of calls
admitted. Figure 8 presents the performance of CACA for variation in queue delay. In this figure
X axis represents time and Y axis gives the number of calls admitted.
X axis- time
Y axis-queue
size
10. International Journal of Network Security & Its Applications (IJNSA), Vol.2, No.4, October 2010
222
Figure 8. Queue Delay
4.3 Admission decision Making Module
The admission decision making module supports both the LU-CAC and the SU-CAC mechanism.
To support the LU-CAC mechanism, the admission decision making module manages the
network topology information and the routing information. There are two tables in supporting this
mechanism: the bandwidth table and routing table. The bandwidth table has the information about
the consumed bandwidth by voice traffic and remaining bandwidth for calls as shown shown in
the Table 1. The routing information can be found in the Table 2.
Once the call request comes, each link along with the call route will be checked to see if there is
sufficient bandwidth available. The call route of the source and destination of the call is stored in
the routing table.
Table 1: Bandwidth table
Table 2 Routing table.
X axis- time
Y axis- queue
delay
11. International Journal of Network Security & Its Applications (IJNSA), Vol.2, No.4, October 2010
223
If all the links along the call route have sufficient bandwidth left, then the CAC module will
admit the call and decreases the available bandwidth for further calls. If sufficient bandwidth is
not available, further calls are rejected. Once the call tears down, bandwidth requested by the call
will be returned to the pool for each link along with the call route.
4.4 Simulation results of estimated and actual link
Figure 9 presents the estimated utilization of the link bandwidth as a function of time obtained
using NS2. The estimated utilization represents the overall utility of link that can be used by the
voice traffic. Figure 10 presents the actual utilization of the link bandwidth as a function of time.
The actual utilization represents the final utility of link for incoming voice traffic through
a CAC mechanism. From the maximum bandwidth utilization it is possible to find whether the
utilization is safe or not. For a period of 0.000 seconds to 0.002 seconds, the link bandwidth is not
allocated to any of the users. .
Figure 9. Estimated Link Utilization
Figure 10. Actual Link Utilization
For a period of 0.18 seconds to 1.00 seconds the users are allowed to use an average of 95%
bandwidth. The estimated utilization of link is obtained by using the utilization based delay
analysis method. The actual utilization represents the final utility of link for incoming voice
traffic through a LU-CAC mechanism. For a period of 0.00 to 0.02 seconds, the link bandwidth is
not used by any of the users. From a period of 0.18 seconds to 1.00 seconds the users are allowed
X axis-time in sec
Y axis -
Bandwidth in
Mbps
12. International Journal of Network Security & Its Applications (IJNSA), Vol.2, No.4, October 2010
224
to use an average of 86.5% of bandwidth out of 95% of bandwidth. Some of the voice calls are
blocked, where the requested bandwidth is more than that of the available bandwidth.
4.5 Packets drop of analysis
For a simulation period of 3000 seconds the total packets dropped is about 0.4% of original
packets and the final utilization is about 88.9%. This is given in the Figure 11. Our utilization-
based delay analysis techniques show that, under the given network topology and traffic model,
the queuing delay or deadline violation probability at each output queue depends on the link
bandwidth utilization. By limiting the utilization of link bandwidth, the overall delay or deadline
violation probability can be bounded. Given the deadline requirement, with the utilization-based
delay analysis techniques, the maximum link utilization can be computed, which will be applied
in the LU-CAC mechanism to perform admission control.
Figure 11 Simulation of packets drop of LU-CAC mechanism
When the maximum link utilization is determined it is given as input to the utilization based delay
analysis block. The Admission Decision Making Module can make the admission decision for the
incoming calls, based on the overall bandwidth and consumed bandwidth.
Figure 12 Deterministic delay estimation
13. International Journal of Network Security & Its Applications (IJNSA), Vol.2, No.4, October 2010
225
Poisson distribution shows the exponential loss of packets (lambda) during call
utilization. The call lifetimes also increases exponentially. The packets are not blocked
for calls with an average lifetime of 180 seconds. Figure 13 presents the call admission
probability as a function of time. It is observed that for a period of 0 to 4 seconds all the
users get admitted offer which of user admission gets reduced due to packet loss.
Figure 14 gives the total packet drops without the CAC mechanism and with the CAC
mechanism. Here Y axis represents the total number of dropped packets and X axis
represents the time in seconds. For a period of 0 to 10 seconds there is no packet drops
with CAC mechanism. But in the other case, the total number of packet drops gets
increased even from zero seconds without CAC mechanism.
0.8
1
0 2 4 6 8 10
Time(sec)
Admission
probability
Figure.13. Probability of call admission as a function of time
Figure.14. Packet drops with and without CAC mechanism
4.6 Performance of authenticated user voice admission procedure in VOIP Network
A call admission control mechanism offers service for 2 calls simultaneously. Due to limitations
in space, only 4 calls are accepted for serving. Assuming with an example that 12 calls are
arriving per day, their arrival pattern is determined to hold possion distribution. The service time
for 2 simultaneous calls is exponentially distributed with µ = 8 calls per day. Hence their average
number of calls in the service station, the average number of calls waiting for service and the
average call lifetime can be calculated using the possion. The increase in performance of
14. International Journal of Network Security & Its Applications (IJNSA), Vol.2, No.4, October 2010
226
authenticated and unauthenticated user’s access to the channel for voice calls are analyzed using
probability based method. For example
Given λ= 12/day P (1) = probability of authenticated user wins all three calls
S=2 and k=4 P (2) = probability of losing all three calls
µ= 8/day P (3) = probability of winning of at least one trial
P`(n)=1-p(n-1)
1
0
0
1 1
[ ( ) ] 1
( ) !( )
S K
N N S
P n n S
Sn S S
λ
λ λ µ
µ µ
−
= =
= + − −∑ ∑
Pn is the probability of nth
trial
P(n) is the probability of winning the trail
E (Nq) = 0 ( ) * (1 )2[1 ( )(1 ) ] 0.4134
!
P S K S K S K S
S
λ ρ
ρ ρ ρ
µ
− − − − − − − = calls (13)
Where ρ= (λ/ µ S)
E (N) average number of calls in the service station
E (W) is average number of calls waiting for service
E (Nq) is the qth
user call process at service station
E (N) =E (Nq) + S -
1
0
( )
S
n
N
S n P
−
=
−∑ = 0.4134 + 2-
1
0
(2 ) n
N
n P
=
−∑ =1.73
E(W)=1/ λ E(N)
S-1
Where λ= µ[S-∑(S-n) Pn = 0.1646 day
N=0
The probability that an authenticated user wins the channel access in CAC procedure against an
unauthenticated user access is found to be 2/5. If each of authenticated and unauthenticated users
makes three separate requests each to CAC mechanisms, then the probability of an authenticated
user to win all three calls or lose all the three calls, or to win atleast one trial conveys the
utilization of bandwidth within a link by an authenticated user. Consider three trails attempted by
two users, the probability of authenticated user to win the first, second and third request
respectively against an unauthenticated user is given below.
P (1) = P (2) =P (3) = (2/5), P (1`) = P (2`) =P (3`) = 1-(2/5) = 3/5. If the probability for first
method is chosen by unauthenticated user then the entire bandwidth of the channel will be
reserved for them.
15. International Journal of Network Security & Its Applications (IJNSA), Vol.2, No.4, October 2010
227
4.7. Verification of ARP cache poisoning attack prevention within LAN
The following steps provide the pseudo code for verification of ARP cache poisoning attack
prevention within LAN:
1. Get the ARP request from client 1 using server relay agent.
2. Broadcast the ARP request to all of its LAN users.
3. Get secured ARP response at the destination and send the destination MAC address to the
sender.
Client to server communication has been simulated by using java socket programming. Clients
send their IP address and MAC address to the corresponding LAN server through a link. The
ARP cache table in the server updates the entries about the client. Any client within the same
LAN can find the MAC and IP addresses of the other clients in the network. ARP request and
response does this processes. Figure 15 shows that the updated entry for two clients in the ARP
cache table in the server. If the IP address of the destination node is known, then the client can
make a request to the server to know the MAC address.
Figure.15. ARP cache table updation Figure.16. Finding MAC address of the for 2
destination within LAN
This action has been explained in the Figure 16. In the client, destination IP address is encrypted
and its hashed code value is determined. Figure 17 shows the exchange of the encrypted IP and
MAC addresses and the figure 18 shows the decryption of these addresses and hence the correct
IP and MAC addresses are obtained after the transmission. Thus the IP and MAC addresses are
secured in the ARP request and response. The transmitted and received hash values are found to
be equal and are displayed. Decryption process is applied to receive response. Verification of the
generated key and received key ensures the secured ARP response for user communication.
Decryption of the secured ARP response provides the destination MAC address to the server. By
comparing the hashed codes of received and the generated values the authentication of the user is
verified.
4.8 Verification procedure of ARP cache poisoning attack prevention on interwork
The following steps provide the pseudo code for verification of ARP cache poisoning attack
prevention between LAN:
1. Get the ARP request from Client1 using server relay agent
2. Broadcast ARP request to all servers.
16. International Journal of Network Security & Its Applications (IJNSA), Vol.2, No.4, October 2010
228
3. Send the secured ARP response from the destination along with MIC (Message Integrity code)
4. Get ARP response from server relay agent 2 for server relay agent 1 along with MIC.
When two users communicate with each other, if a secured VOIP call ARP should exit then cash
poisoning attack should be prevented. For this reason a server relay agent has been created. This
ensures secured ARP request. When broadcast happens Server relay agent additionally cares
about security allowing only encrypted request and encrypted response.
Step 1, client 1 sends the request in encrypted form using RSA and the MIC1. The MIC1 is
generated using a collision-free one-way hash function SHA256. Message digest using SHA 256
is calculated for the encrypted IP address. This statement “Client 1 Server Relay Agent: ARP req
+ MIC 1: (Message Integrity Code 1)” discloses the way of client to server interaction passing
ARP request with message integrity code.
In step 2, once the server relay agent1 in LAN1 receives the request from the Client1, it calculates
the message digest for the received encrypted IP address to create a similar MIC1 (say, MIC1*).
If MIC1= MIC1*, then the request is accepted else it will be rejected. It will check the
corresponding MAC address in its ARP table. The request will be the IP address of the Client1
which is in LAN2. Since the requested MAC address is in some other LAN the server relay agent
cannot reply directly to Client1. Hence the request will be broadcasted to other server relay agent
outside the network. This statement “Server Relay Agent1 broadcast the request to all the servers:
ARP request + MIC 1”discloses about the server broad casting of ARP request to all the servers
to find the destination.
In step 3, the server relay agents in other LANs receive the request and check whether the
corresponding MAC address for the request is there in its ARP table. If suppose server relay
agent2 in LAN2 is having the MAC address for the requested IP address, it will reply to the
server relay agent1 in LAN1. Server relay agent2 of LAN2 will get the public key of server relay
agent1 of LAN1. Then it will encrypt the IP and MAC address and will calculate the message
digest using SHA256 for the encrypted value. The response will be an encrypted value and MIC2
created using SHA256. This statement “Server Relay Agent 2 Server Relay Agent 1 ARP
response + MIC 2”discloses the response of the sever relay 2 for the request of server relay 1.
This response consists of identity of server relay agent 2.
In step 4, the server relay agent1 in LAN1 receives the response from server relay agent2 in
LAN2. It will calculate the message digest for the received encrypted value. Then it checks
whether the calculated message digest and the received message digest are equal. If both are
equal, then it will send the response to the Client1 in LAN1. The response includes
encrypted IP and MAC address and its MIC say MIC3.This statement “Server Relay Agent 1
ARP response + MIC 3” discloses the response of sever relay agent 1 with its own identity.
In step 5, the client receives the response and calculates the message digest for the received MIC
and checks for the equality with the received MIC’s. If both are equal, then it will decrypt the
message and update the ARP table with the received time, else it will discard the reply and start
requesting the server for the MAC address. Finally, the host A sends an acknowledgment. This
statement “A Server Relay Agent 1: ACK” discloses the acknowledgement of server relay1.
4.9 Secured ARP request and ARP response analysis on internetwork
Figure 17 presents simulation of client 1 dialog module exchange with client 2 which gives the
retrieval of client 2 MAC address for connectivity. After the entering destination address, client 1
17. International Journal of Network Security & Its Applications (IJNSA), Vol.2, No.4, October 2010
229
encrypts the destination IP address using RSA algorithm and also encrypted IP address is given to
hash algorithm to generate hash code for clients’ identity.
Figure 17: Finding destination MAC address between 2 clients.
Figure 18 presents the encrypted IP address for the user in LAN1 along with its message integrity
code. Figure 19 and 20 present secured ARP response information exchange with transmission
and reception. Figure 21 presents the comparison of generated and received hash code after the
reception of secured response and Figure 22 presents the updation of destination MAC address by
the sender.
Figure 18: Encryption of destination IP address and hashing of destination IP address.
Figure 19: Secured ARP Response information Figure 20: Reception of secured ARP
exchange from server 2 to server 1. response in server1 from server 2.
18. International Journal of Network Security & Its Applications (IJNSA), Vol.2, No.4, October 2010
230
Figure 21: Comparison of generated and Figure 22: Updation of MAC address by the
received hash Code sender.
In Figure 14, it is shown that in LU-CAC mechanism there is no packet drops below 10 sec.
When a certain number of users try to get the link, only some of them are allowed to get the
bandwidth based on the estimation of maximum utilization of link in the end to end estimation. If
this end to end delay estimation is based on LU-CAC method, then the estimation of maximum
utilization of the link is effectively calculated. The estimated average bandwidth by this method
can be given assurance up to 86.5%. After the authenticated user’s entry into the network area if
he gets connected to unauthenticated user, then the entire bandwidth estimation will be used by
the unauthenticated user. In a wired environment, the user’s connectivity is based on the user’s
MAC address. Mapping IP address to MAC address is done by Address Resolution Protocol.
ARP cache table maintains client’s MAC address on the server cache. If cache table has the
unauthenticated user’s MAC address, there is a possibility of unauthorized user’s voice calls
getting connected. Hence there is reduction in bandwidth utilized by authorized users. To prevent
this problem secured ARP request and secured ARP response is proposed.
Instead of allowing ARP response as such to the server ARP cache table, server allows only the
secured ARP response to be updated by the ARP cache table. Figure 22 and 15 presents the time
taken for detecting secured ARP request and ARP response and the updation of decrypted ARP
response address informations in the ARP cache table. From these figures, the time taken for the
complete secured ARP request and ARP response have been found as 700ns in inter LAN and
500ns within the LAN. So the total time to verify the user’s authentication will not affect the
VoIP packets transmission inside the LAN environment. Hence this method offers the effective
utilization of maximum bandwidth available by only the users who are assured to be
authenticated.
5 Conclusion
By integrating the Call Admission Control Agent (CACA) into the current VoIP system, the
overall system can achieve high resource utilization while invoking relatively low overhead.
In this paper, one of the confidentiality threats viz, ARP cache poisoning attack is considered and
solution to the VOIP network system is proposed. Also, only secured clients are connected to the
server and the server is allowed to provide client’s IP-MAC mapping and their connectivity only
to the intended client on the server’s entry table. To provide message integrity for both client and
the server, cryptographic hash function SHA256 is used. And for providing authentication for
both the ends, RSA public key cryptosystem is used. RSA encrypts the network IP address and
19. International Journal of Network Security & Its Applications (IJNSA), Vol.2, No.4, October 2010
231
client’s MAC address so that only the intended participants are allowed to decrypt and verify
authentication at both ends. If a hacker tries to eavesdrop between the client and server, hacker
cannot generate the message digest value of the client. So the Client’s MAC address cannot be
viewed by the hacker thus making the communication secure.
REFERENCE
[1] S.Wang, D.Xuan, R.Bettai, “Providing Absolute Differentiated services for Real time Application
in Static priority scheduling networks,” IEEE/ACM Trans. Networking, Vol.12, pp.326-339,2004.
[2] S.Wang, D.xuan,R.Betta, and W.zhao, “Differentiated Services with statistical Real Time
Guraratees in static priority scheduling networks,” Proc. IEEE Real time systems symp.Dec.2001.
[3] S.Chong and S.Li, Characterization based connection control for guaranteed services in high speed
networks,” Proc.IEEE Infocom,Apr.1995.
[4] S.Jamin,s.Shenkar,and P.Danzig, “Comparison of measurement basd admission controller-load
service,” Proc. IEEE Infocom,Apr.1997
[6] Christina L.Abad, “An analysis on the schemes for detecting and preventing ARP cache poisoning
attack” IEEE processing ICDCSW’07
[7] R.Siva Kumar,T. Kim, N.Venkitataman and V.Bharghavan, “Acheieveing per flow weighted rate
fairness in a core stateless network, processdings of IEEE ICDCS, march 2000.
[8] K.Nicols, jacobson, L.Zhang, A Two-bit differentiated services architecture for the internet,
Internet Draft, Nov.1997.
[9] R.L.Cruz,SCED+: “Efficient management of quality of service guarantees, Proceedings of IEEE
INFOCOM, March, 1998.
[10] S.Blake, D.Blake, M.Carlson, E.Davies, Z.Wang, and W.Weiss, “An architecture for
differenciated service”, RFC 2474,December 1998.
[11] I.Stocia,H.Zhang, Providing guaranteed without per flow management, proceedings of ACM
SIGCOMM, August 1999.
[12] A.Dailians and A.Bovoupoulis, Real time admission control algorithms with delay and loss
guarantees in ATM networks, IEEE proceedings, IEEE Proceedings of INFOCOM’94, 1994.
[13] G.Agarwal, B.Chen, W.Zhao,and S.Davari, “Guraranteeing Synchronous message deadlines with
times token protocol,”Proc.IEEE Int’1 Conf.Distributed Computing Systems, June 1992.
Authors
V. Vaidehi received her B.E. in Electronics and Communication
Engineering from College of Engineering, Guindy, M.E. in Applied
Electronics and Ph.D. from Madras Institute of Technology,
Chennai. She was a recipient of academic exchange fellowship of
Association of Common wealth Universities. She has carried out
funded projects on Tracking Algorithm for ship borne RADARS —
funded by LRDE; GPS signal simulator — funded by Ministry of Information
Technology; University Micro satellite — funded by ISRO; Semantic Intrusion Detection
System — funded by Xambala Inc. Multi Sensor Data and Image Fusion, Power
optimization in Wireless Sensor Network-funded by TCS. Currently she is a Professor
and Head of Department of Information Technology, Madras Institute of Technology,
Chennai. Her areas of interests are Networking, Parallel processing and Embedded
systems.
20. International Journal of Network Security & Its Applications (IJNSA), Vol.2, No.4, October 2010
232
Ms.T.Subashri received her B.E in Electronics and Communication
Engineering from Thiayagarajar College of Engineering, Madurai,
M.E in Communication Systems from Thiayagarajar College of
Engineering, Kamaraj University, Madurai. Her areas of interests are
Networking, cryptography & Network Security, Communication
Systems. Currently she is pursuing her PhD from Anna University.
hoto