This document provides updates to IEEE Std 802.16's MIB for the MAC, PHY and asso- ciated management procedures in order to accommodate recent extensions to the standard.

IEEE Standard for Local and Metropolitan Area Networks Part 16: Air Interface for Fixed Broadband Wireless Access Systems Draft Amendment: Management Information Base Extensions

VANET security surveys

Increase in system capacity and data rates can be achieved efficiently in a wireless system by getting the transmitter and receiver closer to each other. Femtocells deployed in the macrocell significantly improve the indoor coverage and provide better user experience. The femtocell base station called as Femtocell Access Point (FAP) is fully user deployed and hence reduces the infrastructure, maintenance and operational cost of the operator while at the same time providing good Quality of Service (QoS) to the end user and high network capacity gains. However, the mass deployment of femtocell faces a number of challenges, among which interference management is of much importance, as the fundamental limits of capacity and achievable data rates mainly depends on the interference faced by the femtocell network. To cope with the technical challenges including interference management faced by the femtocells, researchers have suggested a variety of solutions. These solutions vary depending on the physical layer technology and the specific scenarios considered. Furthermore, the cognitive capabilities, as a functionality of femtocell have also been discussed in this survey. This article summarises the main concepts of femtocells that are covered in literature and the major challenges faced in its large scale deployment. The main challenge of interference management is discussed in detail with its types in femtocells and the solutions proposed over the years to manage interference have been summarised. In addition an overview of the current femtocell standardisation and the future research direction of femtocells have also been provided.

Interference Management in Femtocells

Wireless Sensor Networks (WSNs) constitute one of the most promising third-millennium technologies and have wide range of applications in our surrounding environment. The reason behind the vast adoption of WSNs in various applications is that they have tremendously appealing features, e.g., low production cost, low installation cost, unattended network operation, autonomous and longtime operation. WSNs have started to merge with the Internet of Things (IoT) through the introduction of Internet access capability in sensor nodes and sensing ability in Internet-connected devices. Thereby, the IoT is providing access to huge amount of data, collected by the WSNs, over the Internet. Hence, the security of IoT should start with foremost securing WSNs ahead of the other components. However, owing to the absence of a physical line-of-defense, i.e., there is no dedicated infrastructure such as gateways to watch and observe the flowing information in the network, security of WSNs along with IoT is of a big concern to the scientific community. More specifically, for the application areas in which CIA (confidentiality, integrity, availability) has prime importance, WSNs and emerging IoT technology might constitute an open avenue for the attackers. Besides, recent integration and collaboration of WSNs with IoT will open new challenges and problems in terms of security. Hence, this would be a nightmare for the individuals using these systems as well as the security administrators who are managing those networks. Therefore, a detailed review of security attacks towards WSNs and IoT, along with the techniques for prevention, detection, and mitigation of those attacks are provided in this paper. In this text, attacks are categorized and treated into mainly two parts, most or all types of attacks towards WSNs and IoT are investigated under that umbrella: “Passive Attacks” and “Active Attacks”. Understanding these attacks and their associated defense mechanisms will help paving a secure path towards the proliferation and public acceptance of IoT technology.

/pdf/security-of-the-internet-of-things-vulnerabilities-attacks-5f8nyperis.pdf

Security of the Internet of Things: Vulnerabilities, Attacks, and Countermeasures

High demands for broadband mobile wireless communications and the emergence of new wireless multimedia applications constitute the motivation to the development of broadband wireless access technologies in recent years. The Long Term Evolution/System Architecture Evolution (LTE/SAE) system has been specified by the Third Generation Partnership Project (3GPP) on the way towards fourth-generation (4G) mobile to ensure 3GPP keeping the dominance of the cellular communication technologies. Through the design and optimization of new radio access techniques and a further evolution of the LTE systems, the 3GPP is developing the future LTE-Advanced (LTE-A) wireless networks as the 4G standard of the 3GPP. Since the 3GPP LTE and LTE-A architecture are designed to support flat Internet Protocol (IP) connectivity and full interworking with heterogeneous wireless access networks, the new unique features bring some new challenges in the design of the security mechanisms. This paper makes a number of contributions to the security aspects of the LTE and LTE-A networks. First, we present an overview of the security functionality of the LTE and LTE-A networks. Second, the security vulnerabilities existing in the architecture and the design of the LTE and LTE-A networks are explored. Third, the existing solutions to these problems are classically reviewed. Finally, we show the potential research issues for the future research works.

A Survey on Security Aspects for LTE and LTE-A Networks

The growing importance of Web traffic on the Internet makes it important that we have accurate traffic models in order to plan and provision. In this paper we present a Web traffic model designed to assist in the evaluation and engineering of shared communication networks. Because the model is behavioral we can extrapolate the model to assess the effect of changes in protocols, the network or user behavior. The increasing complexity of Web traffic has required that we base our model on the notion of a Web-request, rather a Web page. A Web-request results in the retrieval of information that might consist of one or more Web pages. The parameters of our model are derived from an extensive trace of Web traffic. Web-requests are identified by analyzing not just the TCP header in the trace but also the HTTP headers. The effect of Web caching is incorporated into the model. The model is evaluated by comparing independent statistics from the model and from the trace. The reasons for differences between the model and the traces are given.

A behavioral model of Web traffic

The goal of 3GPP Long Term Evolution/System Architecture Evolution (LTE/SAE) is to move mobile cellular wireless technology into its fourth generation. One of the unique challenges of fourth-generation technology is how to close a security gap through which a single compromised or malicious device can jeopardize an entire mobile network because of the open nature of these networks. To meet this challenge, handover key management in the 3GPP LTE/SAE has been designed to revoke any compromised key(s) and as a consequence isolate corrupted network devices. This paper, however, identifies and details the vulnerability of this handover key management to what are called desynchronization attacks; such attacks jeopardize secure communication between users and mobile networks. Although periodic updates of the root key are an integral part of handover key management, our work here emphasizes how essential these updates are to minimizing the effect of desynchronization attacks that, as of now, cannot be effectively prevented. Our main contribution, however, is to explore how network operators can determine for themselves an optimal interval for updates that minimizes the signaling load they impose while protecting the security of user traffic. Our analytical and simulation studies demonstrate the impact of the key update interval on such performance criteria as network topology and user mobility.

/pdf/security-analysis-of-handover-key-management-in-4g-lte-sae-2dok9sun30.pdf

Security Analysis of Handover Key Management in 4G LTE/SAE Networks

Machine-type communication (MTC) takes advantage of millions of devices being connected to each other in sensing our environment. A third-generation partnership project has been actively considering MTC as an enabler for ubiquitous computing and context-aware services. Until recently, we have not yet known how to productively manage the signaling traffic from these MTC devices because authentication requirements may impose such large signaling loads that they overwhelm the radio access of 4G cellular networks. This paper proposes the design of an efficient security protocol for MTC. This protocol is designed to be compatible with the incumbent system by being composed of only symmetric cryptography. Efficiency is attained by aggregating many authentication requests into a single one. The security and performance of the new design are evaluated via formal verification and theoretical analysis. Implementation of the proposed protocol in a real LTE-A network is provided through a feasibility analysis undertaken to prove the practicability of the protocol. Based on these evaluations, we contend that the proposed protocol is practical in terms of security and performance for MTC in LTE-Advanced.

/pdf/a-group-based-security-protocol-for-machine-type-499d8f8rui.pdf

A group-based security protocol for machine-type communications in LTE-advanced

Demand for the femtocell is largely credited to the surge in a more always best connected communication conscious public. 3GPP define new architecture and security requirement for Release 9 to deal with femtocell, Home eNode B referred as HeNB. In this paper, we analyze the HeNB security with respect to mutual authentication, access control, and secure key agreement. Our analysis pointed out that a number of security vulnerabilities have still not been addressed and solved by 3GPP technical specification. These include eavesdropping, man-in-the-middle attack, compromising subscriber access list, and masquerading as valid HeNB. To the best of our knowledge, any related research studying HeNB security was not published before. Towards this end, this paper proposes an improved authentication and key agreement mechanism for HeNB which adapts proxy-signature and proxy-signed proxy-signature. Through our elaborate analysis, we conclude that the proposed not only prevents the various security threats but also accomplishes minimum distance from user-tolerable authentication delay.

Building Femtocell More Secure with Improved Proxy Signature

We propose Authentication and Key Agreement (AKA) for Machine Type Communications (MTC) in LTE-Advanced. This protocol is based on an idea of grouping devices so that it would reduce signaling congestion in the access network and overload on the single authentication server. We verified that this protocol is designed to be secure against many attacks by using a software verification tool. Furthermore, performance evaluation suggests that this protocol is efficient with respect to authentication overhead and handover delay.

Hyoung-Kee Choi

Papers

A behavioral model of Web traffic

Security Analysis of Handover Key Management in 4G LTE/SAE Networks

A group-based security protocol for machine-type communications in LTE-advanced

Building Femtocell More Secure with Improved Proxy Signature

A group-based security protocol for Machine Type Communications in LTE-Advanced