Project Activities and Publications

In 2017, a broad survey was conducted covering several IoT related areas including the currently available IoT technologies such as IoT hubs, IoT operating systems, and associated transport and security mechanisms and protocols. A number of students (Mrs. Elizabeth Liri of UCR, Ms. Wen Cai of RPI, Mr. Prateek Singh of RPI and Mr. Abdulrahman bin Rabiah of UCR) and the PIs collaborated on understanding the available technologies as well as their advantages and limitations.

Prof. Kar and Prof. Ramakrishnan and their teams are working together to evaluate the advantages and deficiencies of transport protocols currently meant for use in IoT environments.Investigation into the performance of the existing IoT transport protocols under varying scenarios is ongoing and Mrs. Elizabeth Liri of UCR and Mr. Prateek Singh of RPI are involved in this research.

Abstract - Billions of IoT devices (both constrained and non constrained) will be in use in the near future. Constrained IoT devices are limited in memory, bandwidth and power and typically use batteries which are expensive and may be hard to replace depending on where the devices are deployed. With such devices, a common goal is to maximize device lifetime while ensuring data quality and different approaches have been taken to achieve this. Our work focusses on the transport layer as one area with the potential to help achieve this goal. At the transport layer, IoT protocols such as MQTT and CoAP that are used in multiple applications today utilize either full reliability e.g. MQTT over TCP transport or no reliability e.g. CoAP over UDP. IoT protocols may provide additional reliability at the application layer but this requires each application developer to provide this and depending on the IoT application the reliability requirements may vary over time. Rather than relying on IoT protocols to provide their own reliability at the application layer we propose an Adaptive Reliability Transport (ART) protocol which allows IoT applications to dynamically adjust the required reliability. This allows the constrained devices to only use more reliable delivery as abnormal phenomena is detected thus resulting in more efficient energy use without affecting data quality.

Abstract - Constrained Application Protocol (CoAP) and Message Queue Telemetry Transport (MQTT) are two IoT application layer protocols that are seeing increased attention and industry deployment. CoAP uses a request-response model and runs over UDP, while MQTT follows a publish-subscribe model running over TCP. For more constrained IoT devices, MQTTSensor Networks (MQTT-SN) provides a UDP-based transport between the sensor and an MQTT-SN gateway, while using TCP between that gateway and the MQTT broker. Quick UDP Internet Connections (QUIC) is a new protocol and although not originally designed for IoT devices, some design features such as reduced connection establishment time may be useful in an IoT environment. Each of these protocols seeks optimizations in features and implementation complexity based on application domains rather than having the full flexibility and adaptability of traditional transport protocols such as TCP. We investigate and analyze four protocols, namely, CoAP, MQTT, MQTT-SN and QUIC, to understand the overhead of obtaining data from an IoT device at a sink to potentially disseminate this data downstream. These constrained IoT devices often operate under challenging, varying network conditions, and it is important to understand the limitations of the protocols in such conditions. Thus, we evaluate the performance of these protocols under varying loss, delay and disruption conditions to identify the most effective environment for their operation and understand the limitations of their dynamic range. Results show that with non-confirmable CoAP a more adaptive wait timer is required; and a more streamlined QUIC protocol may be a potential alternative IoT protocol.

Recognizing that security is an important constituent of IoT communication, as part of the IoT Nets project a study and evaluation of security paradigms and protocols for IoT communication is being performed. In 2017, much of the necessary groundwork has been completed to enable the design of protocols to address the deficiencies of existing transport protocols and associated security mechanisms. Mr. Prateek Singh of RPI, Mr. Abdulrahman Bin Rabiah of UCR and Mrs. Elizabeth Liri of UCR have been involved in this work and significant progress has been made towards enhancing the understanding of the IoT protocols – particularly at the transport, security and network layers. Some results of this research are listed below.

Abstract - Security in IoT environments is critical, as there are many situations where IoT devices provide sensory infor- mation that needs to be shared securely. However, providing authenticated and secure communication for IoT devices can be a challenge. IoT devices have many constraints, including limitations in computation, power, memory and energy. Moreover, they often have to go through a gateway/sink to connect to the network. For secure communication to the rest of the network, the IoT device needs to trust the gateway/sink, and this requires a means for the device to authenticate the gateway and vice-versa. We also seek to support secure communication even when the IoT device and gateway are disconnected from the rest of the network. In this paper, we provide a lightweight authentication and key exchange protocol for such IoT environments where the IoT device and gateway are communicating over a wireless channel. Our protocol depends on each pair of devices having two unique keys, a master key and an initial session key, provided at configuration time. The session key is constantly changing, and is used as the key for exchanging frames securely during a session. The protocol is lightweight and uses only symmetric-key cryptog- raphy and Hashed Message Authentication Code (HMAC)-based key derivation function (HKDF) to provide authentication, key exchange, confidentiality and message integrity. The protocol does not depend on any Trusted Third Party (TTP), and is a good fit for disconnected IoT environments. The keys are never exchanged over the network, providing perfect forward secrecy. The protocol is efficient in the amount of computation required, memory and energy usage.

The current cellular architecture and protocols are complex, with a number of different entities (mobile device, base station, the packet gateways and mobility management) involved in setting up forwarding state for every session, and every flow ('bearer') with the use of a tunnel between the eNB and the S&P-Gateway. The incoming wave of IoT devices will require a re-thinking of the cellular architecture and its control protocols. PI Ramakrishnan and Ph.D. student, Mr. Ali Mohammadkhan at UCR have been working on re-architecting the Evolved Packet Core (EPC) for cellular networks and designing a new control plane protocol for future cellular networks that eliminate the use of GTP Tunnels.

CleanG, a simplified software-based architecture for the Evolved Packet Core (EPC) and a simplified control plane protocol for cellular networks that exploits Network Function Virtualization  has been proposed to provide the simplified EPC architecture with dynamic management of capacity for the control plane to adapt to changing workloads The CleanG design also uses a simplified control plane protocol that substantially reduces the number of messages exchanged to support the different control events (network attachment, mobility, idle-to-active transition) in the cellular network.

Abstract - With the rapid increase in the number of users and changing pattern of network usage, cellular networks will continue to be challenged meeting bandwidth and latency requirements. A significant contributor to latency and overhead in cellular networks is the complex control-plane involving many message exchanges across multiple components in the packet core, base station, and user equipment. We propose CleanG, a new packet core architecture and significantly more efficient control-plane protocol, that exploits the capabilities of modern-day Network Function Virtualization (NFV) platforms. In CleanG, we have consolidated the core components into a set of virtual network functions on an NFV platform. With the elastic scalability offered by NFV, the data and control sub-components of the core functions can scale, adapting to workload demand. CleanG eliminates the use of GPRS Tunneling Protocol (GTP) Tunnels for data packets and the associated complex protocol for coordination across multiple, distributed components for setting up and managing them, as specified in the 3rd Generation Partnership Project (3GPP) architecture and protocol standard, while retaining similar essential functionality for security, mobility, and air-interface resource management. Measurements on our testbed show that CleanG substantially reduces both control and data plane latency, and significantly increases system capacity

Abstract - The 5G cellular network's packet core architecture has adopted concepts of software-based networking to improve scale and flexibility. In this paper, we investigate potential improvements to the current architecture, the protocols for the 5G control plane and backhaul network to achieve signaling efficiencies, improve user experience, performance, scalability, and support low-latency communications.

Abstract - As demand for wireless mobile connectivity continues to explode, cellular network infrastructure capacity requirements continue to grow. While 5G tries to address capacity requirements at the radio layer, the load on the cellular core network infrastructure (called Enhanced Packet Core (EPC)) stresses the network infrastructure. Our work examines the architecture, protocols of current cellular infrastructures and the workload on the EPC. We study the challenges in dimensioning capacity and review the design alternatives to support the significant scale up desired, even for the near future. We breakdown the workload on the network infrastructure into its components-signaling event transactions; database or lookup transactions and packet processing. We quantitatively show the control plane and data plane load on the various components of the EPC and estimate how future 5G cellular network workloads will scale. This analysis helps us to understand the scalability challenges for future 5G EPC network components. Other efforts to scale the 5G cellular network take a system view where the control plane is separated from the data path and is terminated on a centralized SDN controller. The SDN controller configures the data path on a widely distributed switching infrastructure. Our analysis of the workload informs us on the feasibility of various design alternatives and motivates our efforts to develop our clean-slate approach, called CleanG.

Abstract - Cellular networks play a dominant role in how we communicate. But, the current cellular architecture and protocols are overly complex. The 'control plane' protocol includes setting up explicit tunnels for every session and exchanging a large number of packets among the different entities (mobile device, base station, the packet gateways and mobility management) to ensure state is exchanged in a consistent manner. This limits scalability. As we evolve to having to support an increasing number of users, cell-sites (e.g., 5G) and the consequent mobility, and the incoming wave of IoT devices, a re-thinking of the architecture and control protocols is required. In this work we propose CleanG, a simplified software-based architecture for the Mobile Core Network (MCN) and a simplified control protocol for cellular networks. Network Function Virtualization enables dynamic management of capacity in the cloud to support the MCN of future cellular networks. We develop a simplified protocol that substantially reduces the number of control messages exchanged to support the various events, while retaining the current functionality expected from the network. CleanG, we believe will scale better and have lower latency.

PI Ramakrishnan and Ph.D. student, Mr. Aditya Dhakal are investigating the use of machine learning algorithms for home monitoring systems. Part of the exploration process has involved the use of in-network machine learning functions to assist in the monitoring and to provide low latency.

Abstract - Monitoring of residences and businesses can be effectively performed using machine learning algorithms. As sensors and devices used for monitoring become more complex, having humans process the information to detect intrusions would be expensive and difficult to scale. We propose an automated home/business monitoring system which resides on edge servers performing online learning on streaming data coming from homes and businesses in the neighborhood. The edge servers run Open-NetVM, a Network Function Virtualization (NFV) platform, and host multiple machine learning applications instantiated on demand. This enables us to serve a set of customers in the neighborhood on a timely basis, permitting customization and learning of the behavior of each home. We combine the results of the multiple classifiers, with each classifier examining a distinct feature related to a distinct sensor, to finally infer whether the entry is a normal one or an intrusion. Our results show that our system is able to classify intrusions better than basing the decision on a single classifier, thus reducing false alarms. We have also shown that our system can effectively scale and monitor thousands of homes.