Our 2006 program featured ten research projects, as well as a short course on computer networking and security and several workshops thorughout the summer research experience. The program culminated with the NJIT Summer Research Symposium at which students participating in this and other summer research programs presented posters describing their projects. Below is a list of the projects, participating students and mentors, and links to the poster presentations.
Click on a topic to view the introduction to the project
- 1. Low-Rate Denial of Service Attack Detection and Prevention details
Mentor: Prof. Nirwan Ansari
Research Scholar: John C. Stille, North Carolina State University poster
The integrity of the Internet has been seriously threatened by Denial of Service (DoS) attacks, especially its advanced variants, Distributed Denial of Service (DDoS) attacks. Even high-profile sites can be the victims of DDoS attacks. A tip-of-the-iceberg victim list includes Yahoo, CNN, EBay, Amazon (in Feb. 2000), Domain Name Service (DNS) root servers (in Oct. 2002), and SCO (in Dec. 2003). According to one recent survey, the financial loss due to computer crimes and security threats accounted from a total of 223 respondents in 2002 is more than $455,000,000. Owing to the stateless property of the Internet and prevalence of the attack tools, it is easy for a hacker, or even a kid, to launch an attack. This may explain why DDoS attacks are rampant in the Internet.
IP traceback is a mechanism to tackle DoS and DDoS attacks. Unlike other techniques, which are contrived to detect attacks or mitigate the lethal impacts on the victim, IP traceback can trace attack flows from the victim back to the attack sources so that the attacker(s) may be located and prosecuted. This benefit makes IP traceback an attractive solution because it can deter the attackers.
Many proposals for IP traceback have been proposed in recent years. Each proposal possesses different benefits and drawbacks because it is designed based on its own assumptions. Therefore, most schemes are effective only for certain DDoS attacks. The key point here is to make the right assumptions. For example, we believe that the paramount feature of a sound scheme is the support of partial deployment. This is determined by the extreme complexity of the Internet and the cooperative and competitive relationships among ISPs. To evaluate different schemes, it is important to simulate the complex topologies of the real Internet using ns-2, and test the defending effects of each scheme. Such a study will be helpful to guide the successful design of a sound traceback scheme in the future.
- 2. Simulations of Frequency Selective Surfaces details
Mentor: Prof. Haim Grebel
Research Scholar: Lubaba Islam, Polytechnic University poster
Bandwidth limitations turned the attention of the wireless community to Ultra Wide Bandwidth (UWB) systems. Unlike prevailing systems, UWB employs short temporal pulses much like optical pulses. FCC regulations limit these pulses to the frequency region of 3.1 to 10.6 GHz with equivalent pulse duration of about 140 picoseconds.
To acquaint students with modern upcoming challenges in high-speed large bandwidth systems, we are developing a time domain UWB communications link. The system will be based on a commercial link originally developed for the fiber optics community and will be adapted for our use. The system is composed of a transmitter and receiver; the transmitter accepts 16 channels at 155 MB/s each, serializes them, and sends the combined bandwidth (2.5 GB/s) to the receiver. The receiver unit demultiplexes the combined bandwidth and distributes it among 16 channels, each carrying signals at 155 MB/s.
The aim of the project is to build a complete communication link which simulates information transfer between two computers, one serving as the data generator and the other as a data receptor. With the help of in-house designed commuter cards, the student will develop a unique and repetitive word sequence for each channel which then will be sent via the first computer to the transmitter unit. The received data will be compared to the transmitted messages in each channel pair to estimate the bit error rate (BER). In a second task, we use a commercial BER tester to verify the previous estimation. The transmitter part of the BER unit will send a quasi-random sequence of signals at 155 MB/s to each of the channels of the transmitter unit while checking the output of each receiver channel for errors.
- 3. Security Information Management with Frame Based Attack Representation and First Order Reasoning details
Mentor: Prof. Edwin Hou
Research Scholar: Andrew Hofmaier, New Jersey Institute of Technology poster
An intrusion detection system (IDS) is one of the front line defense systems that a network administrator can deploy to guard against network attacks. However, the volume of information generated by an IDS is typically enormous, making it difficult to analyze. Furthermore, the attack scenarios can be hidden within large set of logs and messages which hinder the identification of the attack. One solution to this problem is to automate the search for clues in the logs and build a semantic network that describes the various attack scenarios. This provides a quick way to identify network attacks and analyze the attack scenario. This project will use the Principal-subordinate Consequence Tagging Case Grammar to build the semantic network.
- 4. Ad Hoc Networking and its Security Applications details
Mentor: Prof. Mengchu Zhou
Research Scholar: Raul Garcia, Universidad Metropolitana de Cupey poster
The increasing availability of wireless technologies presents a great opportunity for the automotive industry. Vehicles are no longer isolated systems since their communications with the outside world enable completely new types of applications. Major carmakers are rolling out infrastructure-based low bandwidth wireless services supporting automotive applications. These applications are a combination of telecommunication and computation, such as route planning using GPS signals or remote diagnostics using data from sensors built into vehicles. In vehicle-to-vehicle communication, network topology may change randomly and rapidly as vehicle positions constantly change. Therefore, centralized control by a base station is not feasible, and autonomous decentralized control is required. Ad hoc networks formed by rapidly deployable, short-range wireless devices, possibly based on IEEE 802.11 wireless LAN standard, are well suited for moving vehicles. Their deployment on individual vehicles doesn’t require any infrastructure; also, ad hoc routing adapts to node mobility. Dissemination of messages directly between two cars (single hop) or by passing messages through several cars (multihop) can enable new applications, such as accident warning systems.
With ad hoc networks deployed on moving vehicles, network partitions due to limited radio range become inevitable when the traffic density is low, such as at night, or when only a limited number of vehicles carry wireless devices. However, it is still possible to deliver messages along vehicles moving on highways in spite of sparse density; for example, vehicles can relay messages in a store-and-forward fashion. This project uses Network Simulator (NS2) developed at University of California at Berkeley, and CORSIM for highway vehicles to simulate ad hoc network and analyze their security properties under various routing and security schemes. Such studies will help one gain deeper understanding of ad hoc network in the vehicular applications and lead commercially successful implementations in the area of intelligent transportation systems. This project is undertakin in conjunction with project #7 (see below).
- 5. Statistical Characteristics of MIMO Systems details
Mentor: Prof. Ali Abdi
Research Scholar: Dunxu Hu, Essex County College poster
Wireless channels are complex propagation environments. For efficient design of communication protocols among subscribers or nodes of a wireless network, accurate channel models should be developed. Specifically, the distribution of the transmitted signal power in a network and its statistical characteristics, which depend on the propagation environment, significantly affect the network performance and need to be well understood.
In this project, using extensive sets of collected indoor and outdoor channel data, statistical characteristics of the propagated power are investigated, including the power outage probability, power spatial and temporal correlation distances, and dependence of all these on the geometry of the environment. The impact of the developed models on some network performance metrics is studied.
- 6. Fault-tolerant Switches for Reliable Networks details
Mentors: Prof. Roberto Rojas-Cessa
Research Scholar: Laura Cabreja, New Jersey Institute of Technology poster
In high-speed and high-capacity networks, system reliability is critical to avoid the loss of huge amounts of information and the re-transmission of traffic, or the triggering of some other means for data recovery that consumes network resources and time. In a packet switch or Internet router, the shared resources, such as the switch fabric, must be fault-tolerant to avoid switch collapse due to a fault occurrence. Furthermore, it is essential to count on fault-tolerant switches to avoid traffic from re-transmission that may affect the fragile flow control, congestion control, and scheduling mechanisms.
As networks undergo hostilities from unexpected traffic congestion and network attacks, Internet routers are required to work at their maximum working capabilities. These situations can make a switch crash and diagnosis difficult and costly in a switch without fault-tolerant measures against a wide diversity of faults.
As a response to this challenge, this research project consists of a study of high-capacity packet switches with scalable fault-tolerant capabilities to produce highly reliable switches. This challenge is divided into several parts: 1) the study of scalable and high-performance packet switches, 2) the study of fast and efficient fault-detection and recovery schemes, and 3) the implementation of programmable switch prototypes. Our study on scalable fault-tolerant capabilities addresses fault-detection schemes that can concurrently and quickly detect faulty planes in a high-capacity switch. The detection schemes presented use user’s data to test the functioning of the switch fabric, and to locate the fault at the plane level. A fault-detection and location system roughly contains three parts: a detection scheme, a statistical database to register fault occurrences, and the fault-tolerant manager to determine when a switch part is considered faulty and the time when the replacement or recovery of the faulty part is performed.
- 7. Event-Based Transmission of Video in Mobile Ad-Hoc Networks details
Mentor:Prof. Mengchu Zhou
Research Scholar: Philip Miller, Harvey Mudd College poster
The increasing availability of wireless technologies presents a great opportunity for the automotive industry. Vehicles are no longer isolated systems since their communications with the outside world enable completely new types of applications. Major carmakers are rolling out infrastructure-based low bandwidth wireless services supporting automotive applications. Such applications are a combination of telecommunication and computation, such as route planning using GPS signals or remote diagnostics using data from sensors built into vehicles. In vehicle-to-vehicle communication, network topology may change randomly and rapidly as vehicle positions constantly change. Therefore, centralized control by a base station is not feasible, and autonomous decentralized control is required. Ad hoc networks formed by rapidly deployable, short-range wireless devices, possibly based on IEEE 802.11 wireless LAN standard, are well suited for moving vehicles. Their deployment on individual vehicles doesn’t require any infrastructure; also, ad hoc routing adapts to node mobility. Dissemination of messages directly between two cars (single hop) or by passing messages through several cars (multihop) can enable new applications, such as accident warning systems.
With ad hoc networks deployed on moving vehicles, network partitions due to limited radio range become inevitable when the traffic density is low, such as at night, or when only a limited number of vehicles carry wireless devices. However, it is still possible to deliver messages along vehicles moving on highways in spite of sparse density; for example, vehicles can relay messages in a store-and-forward fashion. This project intends to use Network Simulator (NS2) developed at University of California at Berkeley and CORSIM for highway vehicles to simulate ad hoc network and analyze their security properties under various routing and security schemes. Such studies will help one gain deeper understanding of ad hoc network in the vehicular applications and lead commercially successful implementations in the area of intelligent transportation systems. This project is undertakin in conjunction with project #4 (see above).
- 8. Binary Orthogonal Codes for Multiuser Communications details
Mentor: Prof. Ali Akansu
Research Scholar: Fabian Lopez, New Jersey Institute of Technology poster
Spread spectrum radio techniques including code division multiple access (CDMA) modulation technique have become popular in commercial wireless communications applications. In the physical layer of a multiuser communications system, these techniques assign unique binary orthogonal user codes to each user radio within the coverage in order to achieve the multiplexing of the same channel resources by many users. On the top of the orthogonality property of these user codes, their autocorrelation and cross-correlation features dictate the bit error rate (BER) performance of the system.
- 9. Automatic Power Transmission Monitoring for Wireless Ad-Hoc Networks details
Mentor: Prof. Swades De
Research Scholar: Daryl Siu, Seattle Pacific University poster
This project involves experimentation with the power control features in 802.11 WLAN (wireless local area network) cards. Currently, WLAN is being used widely in academic campus areas and many hotspot locations, such as coffee shops, airports, and conference centers. Some WLAN cards (e.g., Cisco Aeronet PCM 350) have the provision for multilevel transmit power control. However, in practice, they transmit only at a fixed (maximum) power. Moreover, although wireless nodes (e.g., laptops) have the provision for operating in ad hoc (multi-hop wireless) mode, in practice they operate in single-hop mode to connect directly to a nearby 802.11 access point. The goals of this project are (i) to explore how to use the multi-level transmit power control features, and (ii) to study the associated benefits, such as power savings and interference control, in single-hop as well multi-hop mode of operation.
- 10. IRC Channel Recommender details
Mentor: Prof. Constantine (Dinos) Manikopoulos
Research Scholar: Etan Bukiet, Cornell University poster
We propose to design, build and test the Locally Enforced Global Trust (LEGT) method and tool in order to solve the challenging problem of provisioning strong authentication and trust in the MANET environment. LEGT is a known-key authentication method using the Public Key Infrastructure (PKI) and X509 digital certificates, adapted for the Ad-Hoc environment. The LEGT design is described in brief below; here, our MANETs are composed of clusters or neighborhoods. These clusters maybe just neighborhood nodes, or they may be formed as a matter of course when using the Cluster Based Routing Protocol, CBRP. In real life, they could be different sections of organizations or troop groupings. Each group or cluster has a specific group key pair
Welcome | About the Program | Research Projects | Personnel | Application | General Information | Contact Information | 2006 Program | 2007 Program