ELEKTRONIKA IR ELEKTROTECHNIKA, ISSN 1392-1215, VOL. 20, NO. 10, 2014

1Abstract—A typical broadcast authenticationcommunication within information distribution systems ischaracterised by plain text communication between nodes,which do not mutually authenticate. Although, theauthentication of every incoming message seems to be a veryeffective way to mitigate a denial of service type attack, suchprocess results into an increase of end-to-end delay. To mitigatethis drawback, the broadcast authentication protocols havebeen proposed. This paper introduces a new improved delayand resource enhanced DREAM (IDARED) scheme, which isbased on the DoS resistant efficient authentication mechanism(DREAM) and which provides lower latency results achievedby several parameters optimisation and a split verificationqueue concept for the end-to-end management data traffic inthe next generation femtocell (NGF).

Index Terms—Authentication, femtocloud, femtocell,security.

I. INTRODUCTION

The demand for mobile high data rate traffic has beenincreasing as a consequence of a large nomadic populationand the type of applications to be utilised. Therefore, theefficiency of the evolving 5G networks needs to be enhancedin terms of spectrum, energy, cost and security. Thesedemands can be solved by leveraging femtocells, which areconsidered by several mobile operators and differentstandards such as mobile WiMAX (IEEE 802.16m) andLTE-Advanced [1], [2].

Network technologies develop very fast as well as dataservices provided via mobile data networks. As a result, thetotal available end user bandwidth increases and the end-to-end delay decreases enabling the delay sensitive services(such as broadcast audio/video streams) to be provided tothe customers via mobile networks. The emerging cloudcomputing technology enables new services (e.g. computingresources, storage) to be delivered. However, besides suchservices, complex challenges emerge. These are related toconfidentiality, integrity and availability of the transmitteddata and applications. Such mission-critical broadcast datastreams require confidentiality and need to be protected fromeavesdropping, replay attacks, malicious denial of service(DoS) attacks and other threats.

Although not fully standardised yet, secure groupprotocols were proposed to resolve the previously mentionedchallenges [3], [4]. In addition, a DoS resistant efficient

Manuscript received March 19, 2014; accepted September 19, 2014.

authentication mechanism (DREAM) [5] was designed todeal with DoS types of attacks with the emphasis on the end-to-end delay.

As the mechanisms were defined generally, the specificapplication in femtocell cloud (femtocloud) environmentwill be further analysed within the scope of this paper, whichintroduces a new authentication improved delay andresource enhanced DREAM (IDARED) scheme that is basedon the DREAM. The IDARED provides lower latencyresults for end-to-end data traffic, mainly achieved by splitverification queue concept and optimisation of severalparameters to improve user experience on latency anddownload/upload speed, thus covering requirements definedby the TROPIC project [6].

Any device connected to the global Internet network iscontinuously exposed to various types of threats. Veryfrequently, viruses, worms and malicious attacks jeopardisehome as well as business devices [7]. However, appliancesin non-Internet based networks are endangered as well. Forinstance, sensor networks, which are located in premises ofa specific company and which are not connected to theInternet, can become a target of several damaging networkattacks, where DoS is the most malicious type of attack. Thecomprehensive taxonomy of possible cyber-attacks isdiscussed in [8].

Due to these threats, an active approach to security is veryimportant in the terms of data encryption, key distributioncomplex systems, authentication, authorisation, andaccounting. A typical broadcast authenticationcommunication within information systems is characterisedby plain text communication between nodes, which do notmutually authenticate. Consequently, this represents thepossibility where an attacker can theoretically reach thewhole group of receivers with a malicious intention. Toprovide the respective access control key distribution,authentication of data sources, and streams non-repudiation,broadcast authentication protocols were designed. Eventhough there is a slight difference in the terms broadcast andmulticast definition, the common attribute is that therealways exist a group of receivers, no matter the amount ofgroup members is equal to all or only a few members of thenetwork. From the technical perspective, the communicationis one-to-many or many-to-many [4].

Although the key management schemes are designed toexchange keys within group members to protect the trafficfrom different types of network attacks, they are not ready to

Broadcast Security in Future Mobile NetworksM. Rohlik1, T. Vanek1

1Department of Telecommunication Engineering, Faculty of Electrical Engineering,Czech Technical University in Prague,

Technicka 2, 166 27 Prague 6, Czech Republicmatej.rohlik@fel.cvut.cz

http://dx.doi.org/10.5755/j01.eee.20.10.6392

69

ELEKTRONIKA IR ELEKTROTECHNIKA, ISSN 1392-1215, VOL. 20, NO. 10, 2014

cope with malicious network threats as the denial of service(DoS) type attacks. In [9], the authors analysed sensornetwork layers (as per ISO/OSI model) and possible DoSdefences and confirmed that the limited resources of nodesmake digital-signature schemes impractical andauthentication poses serious difficulties.

II. SECURITY OF BROADCAST COMMUNICATION

Broadcast authentication is an essential service indistributed sensor networks. Because of the large number ofsensor nodes and the broadcast nature of wirelesscommunication, it is usually desirable for the base stations tobroadcast commands and data to the sensor nodes. Theauthenticity of such commands and data is critical for thenormal operation as well. Due to the resource constraints onsensor nodes and possible node compromises, broadcastauthentication in wireless sensor networks is by no meansa trivial problem [10].

In a unicast environment, the data authentication can beachieved using an elementary mechanism, where thetransmitter and the message recipient share a secret(symmetric) key to compute a message authentication code(MAC). However, the common symmetric authenticationmethod does not work in broadcast environment; becauseevery recipient of the given message can impersonate thesender and forge the message (source transmitter MAC keyis known). Therefore, an asymmetric algorithm based ondigital signatures is necessary for such purpose [11].

In broadcast networks, it is essential to authenticatea single transmitter to more than one receiver. The firstpossible solution is a hop-by-hop authentication of everymessage. Unfortunately, once a huge amount of messagesapproaches a specific node (e.g. a DoS attack situation), theauthentication of every packet brings increases the totaldelay from the end-to-end perspective. None of the currentlyapplied broadcast security protocols does effectively dealwith DoS type attacks and does minimise the end-to-enddelay to prevent the overall energy depletion [12].Therefore, this research work provides enhanced frameworkbased on DoS resistant efficient authentication mechanism(DREAM) [5] approach.

A. Design of DREAMBesides DoS, the DREAM mitigates the DDoS impact by

involving more stations in the verification process (seeFigure 1). The DREAM can operate in two modes: normaland secure. In the secure mode, every incoming message isauthenticated by the network node before being sent to theoutgoing interface, whereas in the normal mode, some of themessages are sent directly to the outgoing interface withoutbeing authenticated.

This approach mitigates a potential single point of failurein the whole network since there is not a single dedicatednode where the authentication occurs, but distributed amongthe neighbours. The protocol functionality is influenced bythe following parameters [13]: HT – number of nodes that message passed withoutauthentication. For such each node, the parameter isincremented by one. When the packet is authenticated, HTis set to zero.

NBR – number of neighbours. K – maximum number of nodes, that can message passwithout authentication. b – expected number of neighbours in unity distancefrom the source. c – expected number of neighbours in unity distancefrom the last node that forwards the message.

ModeSetupVerification

Oncesent ,send to theVerificationQueue

RAND >Prob

CheckValidity

MessageReceived

Set ProbProb = b/NBR

MessageDropped

Invalid:Source I DorSequenceNumber orForwarder ID

Valid:Source I DorSequenceNumber orForwarder ID

Check

ModeSecure

Norm al

CheckSourceID

Set ProbProb = 2c/NBR

HT=0HT++

Message Forwarding

0<= HT <K HT>=K

HT= 0

CheckRAND

truefalse

true

false

ForwardMessage

MessageForwarded

true false

Verify

Message

Set Mode

CheckCTR

falsetrue

CTR > Threshold

Secure

Norm al

Mode

Mode

Count t heNumberof I nvalidMessages

ModifyCounter CTR

CTR--CTR++

CheckHTValue

Source ID not Forwarder ID

(Source is not my Neighbour )

Message Verification

Message ParametersVerification

If n ot previouslyforwardedbased on

RAND >Prob,forward themessage

Source ID = Forwarder ID

(Source is my Neighbour )

Verified

?

Fig. 1. Model of the DREAM protocol.

The node decides to authenticate/forward the messageaccording to the result of (1), when the packet comesdirectly from a neighbour, the neighbour has been verified,or the parameter HT = 0. The node decides toauthenticate/forward the message as per (2), in case themessage did not come from a direct neighbour, theneighbour has not been verified, or the parameter HT > 0:

Rand ,bNBR (1)

2Rand ,cNBR

(2)

where Rand is a random number generated by every nodefor every message in the range of 0 and 1 with the uniformdistribution.

This approach enables to save energy resources of thenetwork devices especially when they are under attack [5].The emphasis on minimal energy consumption is common aswell as the security and DoS resistance for both the sensornetworks and femtocells designs [14]–[16].

70

ELEKTRONIKA IR ELEKTROTECHNIKA, ISSN 1392-1215, VOL. 20, NO. 10, 2014

B. FemtocellsThe femtocell is a very low-power wireless network

located indoors sharing the licensed wireless spectrum withthe macrocell and is connected through a backhaul link,based on the well-known Internet protocol (IP), to themobile operator core network. Unlike the optimiseddeployment of macrocell base stations, the femtocell homeevolved NodeBs (HeNBs) are designed for use without anysupervision of the macrocell [17].

The security aspects of HeNB communication were partof the FREEDOM project [18]. Even though, severalsecurity models have been recently proposed, the security iscurrently a critical and unsolved challenge of cloudtechnology which requires to be standardised. The emergingtechnology enables to deliver computing as a service,commonly known as the cloud computing. Such deploymentintroduces a network cloud in the femtocell environment. Todistinguish the current femtocell from the previouslydescribed approach, it is designated as the next generationfemtocell (NGF) in this paper. The authors in [19] use theNGF term in a more general way as they consider it as thefuture technology but they do not discuss any specificoptions nor the cloud feature at all.

ServingGateway

UE

MobilityManagement

EntityUE

UE

Internet

FemtocellCloud

EvolvedPacketCore

SeGW

HeNB

HeNB

HeNB

Fig. 2. The next generation femtocell deployment (Femtocell Cloud).

The HeNBs are commonly connected to the mobileoperator network via secured tunnels to the security gateway(SeGW). However, in the NGF deployment the HeNBs areinterconnected and enabled to communicate among them aswell – direct HeNB-to-HeNB connectivity (see Fig. 2). TheHeNBs do have connectivity to respective resources (datastorages, database servers, and other servers) based on theservice offered by the mobile operator [20].

From the previous discussion can be seen that the sensornetworks and future mobile environments address analogoussecurity, energy consumption, and parameter requirements.Therefore, this paper introduces a possible DREAM-basedmethod how to deal with security (mainly DoS resistance),minimise end-to-end delay of valid messages, and savecomputing time (decrease energy consumption) byoptimising the architecture of the DREAM.

III. SELECTED RESULTS

This section deals with selected results of theaccomplished simulations. Based on these results, the usageconditions of the proposed model are discussed. Theoptimisation details and the new proposed latency efficientDoS resistant authentication mechanism IDARED areintroduced. As the power efficiency of newly designedsolutions is an important feature of contemporary solutions,

the efficiency of energy sources utilisation estimation isoutlined. However, the specific optimisation measure wasnot provided in this case and the limitations were clarifiedaccordingly. Both schemes, the DREAM and the IDAREDare confronted with respect to the end-to-end delay andsecurity perspective.

A. Mathematical Model of the DREAMBased on the probability decision ((1) and (2)), the

DREAM produces two flows of messages – the first flow ofmessages to be authenticated and the second flow to beforwarded prior sending out the outgoing interface. Theprobability a message will be authenticated prior forwardingPauth can be obtained, when the number of authenticatedmessages is divided by the total amount of messages.Analogically, the Pfwd can be obtained. Thus, the validity offormula (3) is apparent

1 .auth fwdP P (3)

Reference data were obtained from [5] and the arrival andservice rates were estimated as exponential. Although, theλ = λn + λm offered to the network node is known (normaluser data arrival rate is denoted as λn and the malicious userdata arrival rate as λm), the DREAM produces two flows ofmessages: messages to be delivered to the authenticationqueue λauth and messages to be forwarded λfwd. Basically, thisprocess depends on parameters b, c, and K.

Assuming, that the forwarding probability p is the same ineach hop (from the transmitter to the last node to receive themessage) and the number of hops in a row is NHR, theprobability Pfwd a message will be forwarded after passingNHR hops can be determined as per formula (4)

1 2 ,NHRfwd NHRP p p p p (4)

where 1 2 NHRp p p p Although the existence ofan unauthenticated message can be limited by the Kparameter, the probability a message can travel several hopsin a row without being verified is mainly determined by theC and B parameters (which are the normalized b and cparameters discussed further, see formulae (6) and (7), as theapplicable range of values of the K parameter is strictlylimited by the B and C parameters. For instance, it is notbeneficial to set the K > 5 (if C = 0.5) as the probability, amessage will travel five or more hops, is below one per cent(the bigger the K, the nearer to zero), and this is negligiblefrom both, the security and the end to end delay perspective.Assuming, the K parameter represents the number of hops ina row a message can travel without authentication (K =NHR), the respective limit values of the K parameter can becalculated analogically (see results for selected values of Cin Fig. 3).

For a comparison purpose, the simulations wereaccomplished for the specific case where b = c. The resultsconfirmed that the examined probabilities are mainlyinfluenced by the b and c parameters and the influence of theK parameter was negligible (see Fig. 4).

The authors of the DREAM proposed b and c parameters

71

ELEKTRONIKA IR ELEKTROTECHNIKA, ISSN 1392-1215, VOL. 20, NO. 10, 2014

to control the random mechanism behaviour. Oncea message is received directly from a neighbouring node, theDREAM uses the b parameter. The c parameter is used inthe rest of the nodes to affect the authenticate-first toforward-first ratio. Let the frequency of nodes, in which theb parameter is chosen (direct neighbours of the originaltransmitter), is denoted as fb. The frequency of nodes, inwhich the c parameter is chosen, is denoted as fc.

NHR [-]2 4 6 8 10 12 14 16 18 20

0.0

0.1

0.2

0.3

0.4

0.5

0.6

0.7

0.8

0.9

1.0

C=1.0C=0.9C=0.8C=0.7C=0.6C=0.5C=0.4C=0.3C=0.2C=0.1C=0.0

P auth[-]

Fig. 3. Message authentication probability.

b=c [-]0.0 0.2 0.4 0.6 0.8 1.0 1.2 1.4 1.6 1.8 2.0

0.0

0.1

0.2

0.3

0.4

0.5

0.6

0.7

0.8

0.9

1.0K=1

K=2

K=3

K=4

K=5

K=6

K=7

K=8

P auth[-]

Fig. 4. Influence of the K parameter on message authentication probability.

The probability a message will be authenticated (andforwarded) can be estimated, as the relative frequency ofutilisation of both parameters, which were examined in therelatively high amount of iterations. To be able to expressthe Pauth dependence on b and c parameters, the relativefrequencies fb and fc were taken into account. Assuming therelatively high amount of iterations, the relative frequencieswere considered as equal to the respective probabilitiespb → fb and pc → fc of influence of the specific parameter.This behaviour was addressed by the application ofa weighted arithmetic mean as per equation (5)

,b cauth

b c

p B p CP

p p

(5)

where B and C are normalised b and c parameters as per (6)and (7). It is apparent, that b is used to increase the

authentication probability in the “one hop node” distancefrom the transmitter, and such probability is twice higherthan for c:

B 1 1 ,max

b bb NBR

(6)

2C 1 1 .max

c cc NBR

(7)

The course of Pauth was examined as a function of both theb parameter and the c parameter. However, as per theoriginal paper [5], the results were highlighted for a specialcase, where b = c, for further comparison.

To address the utilisation factors of both parameters inreal networks, the weighted arithmetic mean was applied atfirst. Since the previous step is independent on the networktopology (assuming the 400 nodes topology), severalapproximation tests were accomplished to minimise thedifference between the theoretical and real physical networktopology. The result authP is corresponding to the gridnetwork represented by formula (8) and exponentialdependency (Fig. 5).

Fig. 5. Influence of parameters on authentication probability.

( ,)NBRauth authP EDS P (8)

where EDS is the entropy of degree sequence and NBR is themean number of neighbours. The complete authP can beexpressed as per (9).

21 1.

NBR

b c

authb c

b cp pNBR NBRP EDS

p p

(9)

B. Operating Conditions of the ModelThe proposed model behaviour (the course of ( )S ) was

studied under normal conditions ( 0m ) as well as in casea network device is under attack, thus being flooded bya huge amount of messages ( 0m ). Compared with [5],the difference between the proposed model and the referencevalues increases with the decreasing value of the

72

ELEKTRONIKA IR ELEKTROTECHNIKA, ISSN 1392-1215, VOL. 20, NO. 10, 2014

c parameter. The difference is above 2 % for c < 0.4 and forapproximately c > 0.4, the difference is below 2 %, whichwas considered as an acceptable tolerance (see Fig. 6).

c=b [-]

E[S][s]

0.0 0.2 0.4 0.6 0.8 1.0 1.2 1.4 1.6 1.8 2.0-0.1

0.0

0.1

0.2

0.3

0.4

0.5

0.6

0.7Dif ference (Normal)

Dif ference (Attack)

Fig. 6. Comparison of sojourn times between the reference and simulatedresults.

c=b, c only [ -]

E[S][s]

0.0 0.2 0.4 0.6 0.8 1.0 1.2 1.4 1.6 1.8 2.00.0

0.2

0.4

0.6

0.8

1.0

1.2

1.4

1.6

1.8Norm alAttackNorm al Opt imisedAttack Optimised

(a)

c=b, c only [ -]

E[S][ms]

0.0 0.2 0.4 0.6 0.8 1.0 1.2 1.4 1.6 1.8 2.00.0

0.5

1.0

1.5

2.0

2.5

3.0Dif ference (Normal)Dif ference (Attack)

(b)Fig. 7. Comparison of sojourn times between the standard (a) andoptimised (b) simulated results.

Further simulations confirmed that the influence of theb parameter is minimal and can be completely omitted in thenew protocol approach. The equation (5) was accordinglymodified, thus only the c parameter was normalised. Thedifference is in the range of milliseconds, which is

negligible, compared to the authentication process in therange of seconds (see Fig. 7).

The decrease is caused by the fact that the b parameter isonly utilised in neighbours of the original transmitter,because N is significantly greater than [ ]NBR and [ ]Degrespectively. Analogous simulations, accomplished fornetworks where N < 100, demonstrated that the 0.05ratioBC . However, the application of femtocells

is considered to contain hundreds or thousands of accesspoints (as the analogy of the base transceiver stations (BTS)known from the GSM networks). Therefore, the newscheme, named IDARED (which is derived from DREAM),is designed to utilise the c parameter only. It will bedemonstrated further that the sojourn time of messagesdelayed by the authentication mechanism can be improvedby the utilisation of a two-queue fork-join system, whenexamined from the end-to-end delay perspective.

IV. MATHEMATICAL MODEL OF THE IDAREDThe DREAM defends a network node from DoS attacks

as per the following mechanism. In the secure mode, all ofthe incoming messages are sent to the verification queuewhere been verified. However, assuming the normal mode,based on the probability (1) and (2), a node decides whetherto send the message to the verification queue or forward themessage to its neighbouring nodes directly (to randomlydecrease the end-to-end delay).

A. Design of the Proposed MechanismEither way, the message is sent to the verification queue

since it needs to be authenticated. Since this queue ismanipulated as per first in, first out (FIFO) queuing way, theverification queue does not recognise, which messages wereforwarded before being sent to the verification queue orwhich were sent directly to the verification queue.

The red-labelled messages (ID2 and ID3) were forwardedprior being sent to the verification queue. The yellow-labelled message (ID1) was determined to be authenticatedfirst (see Fig. 8). The split verification queue design (seeFig. 9) has considered the creation of a new low-priorityqueue. Such queue is dedicated to the verification of allmessages which were sent without prior authentication.

Node2: V erificat ionQueue

Arrival Order : … 3 2 1

Node4 Node5

Node1 Node2 Node3

Sojourn Time:

ID1

ID2 ID3

ID2ID3ID1

E[S ]1 E[S ]2E[S ]3

Arrival Messages:

Fig. 8. Current mechanism of the verification queue.

Considering the split mechanism, the formerauthentication queue was transformed to a high priorityverification queue, as it is determined to authenticate allmessages which are marked as “to be authenticated” prior

73

ELEKTRONIKA IR ELEKTROTECHNIKA, ISSN 1392-1215, VOL. 20, NO. 10, 2014

forwarding and the new proposed scheme (outlined inFig. 10) is now influenced by the c parameter only.

Arrival Order: … 3 2 1

Node4 Node5

Node1 Node2 Node3

SojournTime:

Node2: H ighPriorityVerification Queue

ID1

ID2 ID3

ID1

E[S ]1

Arrival Messages:

Node2: L owPrior ityVerification Queue

Arrival Order: … 3 2 1SojournTime:

ID2ID3

E[S ]2E[S ]3

Arrival Messages:

Fig. 9. Split verification queue mechanism.

Fig. 10. Design of the new proposed mechanism (IDARED).

c [-]

E[S][s]

0.0 0.2 0.4 0.6 0.8 1.0 1.2 1.4 1.6 1.8 2.00.0

0.3

0.6

0.9

1.2

1.5E[S] Improvement (Normal)

E[S] Improvement (Attack)

(a)

c [-]

E[S][%]

0.0 0.2 0.4 0.6 0.8 1.0 1.2 1.4 1.6 1.8 2.00

10

20

30

40

50

60

70

80

90

100E[S] Improvement (Normal)

E[S] Improvement (Attack)

(b)Fig. 11. Results of the IDARED (a) compared to DREAM (b).

Along with the increasing probability a message will beforwarded Pfwd (the increasing c parameter), the

effectiveness of the proposed solution decreases. This iscaused by the fact that λauth (the flow of messages targetingthe high priority authentication queue) rapidly decreases. Asthe probability a message will be forwarded andauthenticated is equal for c = 0.9, the ( )S ) effectiveness isapproximately 25 %– 30% (based on λ). Compared to theDREAM results, the effectiveness of the proposed solutionincreases if the total flow of messages λ increases (seeFig. 11).

B. New Scheme SummaryAs addressed by the IDARED, utilising the c parameter

only, the internal processes are reduced compared to theDREAM (see Algorithm 1). From the power perspective,fewer computations cut down the power dissipation [21].

Compared to the DREAM, the difference is mainly inapplication of the split verification queue concept, where theoriginal verification queue is divided into two queues ofdifferent priorities (see Fig. 12).

Mode SetupVerificati on

Oncesent ,sendto theVerification Queue

RAND> Prob

CheckValidity

MessageReceived

MessageDropped

Invalid:SourceI DorSequenceNumber orForwarder ID

Valid:SourceI DorSequence Number orForwarderID

CheckMode

Secure

Norm al

Set ProbProb=2c/NB R

MessageForward ing

CheckRAND

truefalse

true

false

ForwardMessage

MessageForwarded

Set Mode

CheckCTR

falsetrue

CTR> Threshold

Secure Norm al

Mode

Mode

Countt heNumberofI nvalidMessages

ModifyCounterCTR

CTR--CTR++

MessageV erific ation

MessageParametersVerificati on

If n otpreviouslyforwarded based on

RAND> Prob,forwardthe message

LowPriorityQueue

HighPriori tyQueue

VerifyMessage

true falseVerified?

Fig. 12. Model of the IDARED Mechanism.

Those messages which were forwarded without priorverification are sent to a low priority queue and the rest ofthe messages reach a high priority queue. From the end-to-end perspective, the average delay of messages is decreasedsince those messages, which were already forwarded withoutverification; do not bring an extra delay to the messages inthe high priority verification queue. The sojourn time

74

ELEKTRONIKA IR ELEKTROTECHNIKA, ISSN 1392-1215, VOL. 20, NO. 10, 2014

increases for messages in low priority queue. However, thisintroduces an acceptable drawback of the proposed designsince either way, all messages are verified before these areprocessed by the given network device, only in a differentorder than these arrived.

V. CONCLUSIONS

The presented research is focused on the design of a newlow latency denial of service resistant mechanism ofmessage authentication in a broadcast network.

The broadcast concept is presented as efficient formanagement data traffic of cloud computing services in thenext generation femtocloud which is supposed to provideappropriate means to support high demanding applicationsand is considered to be the part of future 5G networks.

The new IDARED is derived from the DREAM schemewhich means, the mechanism decides, based on a stochasticcondition, whether to authenticate a message priorforwarding or whether to forward it without priorverification. The main advantage of the IDARED over theDREAM, is in application of the split verification queueconcept. This approach enables to decrease the meansojourn time a message spends in the network device andthus, decrease the overall end-to-end delay. The results ofthe accomplished simulations confirmed, that the meansojourn time decreased by approximately 25 – 30% for theIDARED, based on the input message flow and assuming theequal probability a message will be authenticated orforwarded without prior verification.

Another benefit of the IDARED is the lower number ofused parameters and the smaller protocol data unit.Therefore, the designed IDARED scheme can be utilised asa DoS resistant mechanism and can help the mission-criticaldata delivery in cases where any of the network partbecomes a target of a DoS attack in the cloud environmentof the next generation femtocell networks. Real environmenttests and the power efficiency of the proposed approachhave not yet been examined and are a challenge for furtherstudies.

REFERENCES

[1] IEEE, Standard for local and metropolitan area networks part 16: Airinterface for broadband wireless access systems amendment 3:Advanced air interface (IEEE 802.16m), USA, 2011. [Online]Available: http://standards.ieee.org/getieee802/download/802.16m-2011.pdf

[2] H. Holma, A. Toskala, LTE for UMTS: Evolution to LTE-Advanced.United Kingdom: John Wiley & Sons, Ltd., 2011. [Online].Available: http://dx.doi.org/10.1002/9781119992943

[3] X. Zou, B. Ramamurthy, S. S. Magliveras, Secure GroupCommunications Over Data Networks. USA: SpringerScience+Business Media, Inc., 2005.

[4] A. Perrig, J. Tygar, Secure Broadcast Communication: in Wired andWireless Networks. Norwell, MA, USA: Kluwer AcademicPublishers, 2004.

[5] Y. Huang, W. He, K. Nahrstedt, W. Lee, “DoS-resistant broadcast

authentication protocol with low end-to-end delay”, in IEEEINFOCOM Workshops, Phoenix, AZ, USA, 2008, pp. 1–6. [Online]Available: https://dx.doi.org/10.1109/INFOCOM.2008.4544589

[6] TROPIC, Distributed computing, storage and radio resourceallocation over cooperative femtocells, Specific Targeted ResearchProject of the 7th Framework Programme (2012). [Online] Available:http://www.ict-tropic.eu

[7] S. Hansman, R. Hunt, “A taxonomy of network and computerattacks”, Computers & Security, vol. 24, no. 1, pp. 31–43, 2005.[Online] Available: https://dx.doi.org/10.1016/j.cose2004.06.011

[8] K. Harrison, G. White, “A taxonomy of cyber events affectingcommunities”, in 44th Hawaii Int. Conf. System Sciences, (HICSS),2011, pp. 1–9. [Online] Available: https://dx.doi.org/10.1109/HICSS.2011.37

[9] A. Wood, J. Stankovic, “Denial of service in sensor networks”, IEEEComputer, vol. 35, no. 10, pp. 54–62, 2002. [Online] Available:https://dx.doi.org/10.1109/MC.2002.1039518

[10] X. Gan, Q. Li, “A multi-user DoS-containment broadcastauthentication scheme for wireless sensor networks”, in Proc. Int.Conf. Information Technology and Computer Science, (ITCS 2009),2009, pp. 472–475. [Online] Available: https://dx.doi.org/10.1109/ITCS.2009.103

[11] A. Perrig, D. Song, R. Canetti, J. D. Tygar, B. Briscoe, “Timedefficient stream loss-tolerant authentication (TESLA): Multicastsource authentication transform introduction”, Tech. rep., CarnegieMellon University, IBM, University of California, Berkeley, BT,USA, 2005. [Online] Available: http://tools.ietf.org/html/rfc4082

[12] T. Vanek, M. Rohlik, “Analysis of broadcast authenticationmechanism in selected network topologies”, Radioengineering,vol. 20, no. 1, pp. 167–173, 2011. [Online] Available:https://dx.doi.org/10.2298/CSIS110227057Q

[13] T. Vanek, M. Rohlik, “Model of DoS resistant broadcastauthentication protocol in colored Petri net environment”, in Proc.17th Int. Conf. Systems, Signals and Image Processing, (IWSSIP2010), Rio de Janeiro, Brazil, 2010, pp. 264–267. [Online] Available:https://dx.doi.org/10.1145/1288107.1288118

[14] N. Aslam, W. Robertson, W. Phillips, “Performance analysis of WSNclustering algorithms using discrete power control”, IPSI Trans.Internet Research, vol. 5, no. 1, pp. 10–15, 2009.

[15] M. Achir, L. Ouvry, “Power consumption prediction in wirelesssensor networks”, in Proc. 16th ITC Specialist Seminar onPerformance Evaluation of Wireless and Mobile Systems, 2004.[Online] Available: https://dx.doi.org/10.1.1.60.1065

[16] D. Chee, M. Suk Kang, H. Lee, B. C. Jung, “A study on the greencellular network with femtocells”, in Third Int. Conf. Ubiquitous andFuture Networks, (ICUFN 2011), 2011, pp. 235–240. [Online]Available: https://dx.doi.org/10.1109/ICUFN.2011.5949168

[17] D. Di Zenobio, M. Celidonio, L. Pulcini, A. Rufini, “An integratedaccess network infrastructure combining femtocells to existing cablednetworks”, in Wireless Telecommunications Symposium, (WTS2011), 2011, pp. 1–5. [Online] Available: https://dx.doi.org/10.1109/WTS.2011.5960880

[18] FREEDOM, Femtocell-based network enhancement by interferencemanagement and coordination of information for seamlessconnectivity, Specific Targeted Research Project of the 7thFramework Programme, 2011. [Online] Available: http://www.ict-freedom.eu

[19] K.-J. Tsao, S.-C. Shen, T.-C. Hou, “Location-dependent power settingfor next generation femtocell base stations”, in IEEE WirelessCommunications and Networking Conf., (WCNC 2011), pp. 767–772. [Online] Available: https://dx.doi.org/10.1109/WCNC.2011.5779229

[20] T. Vanek, M. Rohlik, “Alternative protocols for femtocell backbonesecurity”, in 4th Joint IFIP Wireless and Mobile Networking Conf.,NJ, USA, 2011, pp. 1–4. [Online] Available: https://dx.doi.org/10.1109/ WMNC. 2011.6097239

[21] K. R. Wadleigh, I. L. Crawford, Software optimization for highperformance computing: creating faster applications. Prentice Hall,2000.

75