Overview

I am a Ph.D. candidate in WiNG (Wireless Networking Group), UCLA Computer Science Department. My advisor is Prof. Songwu Lu. The following is the list of ten research projects that I have been working on during my Ph.D. years. In specific, I am the primary contributor for both design and implementation of SCOPE, TTDD, URSA and UCAN, covering wireless and mobile networking, sensor networking, wireless network security, and hybrid wireless network architecture.

  1. Wireless Mobile Networking   2. Sensor Networking   3. Wireless Network Security   4. Overlay Networks
I worked as a summer intern at Mobile Networking Research Department, Bell-Labs in 2002:

  5. Hybrid 3G/IEEE 802.11 Network Architecture



Projects

SCOPE: Self-coordinating Localized Packet Scheduling in Wireless Ad-hoc Networks
Overview: Distributed packet scheduling in a multihop, wireless ad-hoc network is challenging since there is no centralized management or infrastructure support:
  • Wireless channel is shared among multiple contending nodes in a spatial locality. Location-dependent channel contention complicates the fairness notion.
  • The sender of a flow does not have complete or explicit information regarding the contending flows originated from other nodes. Fair queueing over ad-hoc networks is a distributed problem by nature.
  • The wireless channel capacity is a scarce resource. Spatial channel reuse, i.e., simultaneous transmissions of flows that do not interfere with each other, should be encouraged whenever possible.
In SCOPE, we re-examine the fairness notion in an ad-hoc network using a graph-theoretic formulation called flow contending graph, and extract the fairness requirements that an ad-hoc fair queueing algorithm should possess. We then propose Maximize-Local-Minimum Fair Queueing (MLM-FQ), a novel distributed packet scheduling algorithm where local schedulers self-coordinate their scheduling decisions and collectively achieve fair bandwidth sharing. Further, we propose Enhanced MLM-FQ (EMLM-FQ) to improve the spatial channel reuse and limit the impact of inaccurate scheduling information resulted from collisions.

EMLM-FQ achieves statistical short-term throughput and delay bounds over the shared wireless channel. We evaluate the effectiveness and efficiency of our design through analytical analysis, extensive simulations in ns-2, and our implementation in Mica2 Mote with CC1000 radio. For the simulator and TinyOS codes please email me.

Design Goals: The solution for fair queueing in ad hoc wireless networks must:
  • Be fully distributed, and it involves only local computations using local information only.
  • Exhibit desired global properties, e.g., fairness.
  • Be scalable to potentially large number of nodes high network densities. Besides, the solution should scale well in the presence of frequent node mobility induced topological dynamics.
  • Be efficient. The fair queueing discipline needs to perform a judicious selection of simultaneous transmissions in order to increase wireless channel spatial reuse.
  • Be coordinated among interacting nodes. Fair queueing in ad hoc wireless networks has to be coordinated among neighbors that have contending flows, and this coordination should be conducted in both the time domain and the spatial domain.
Our Approaches:
  • Distributed fair queueing via approximating a centralized model (Desired global property -> Centralized model -> Localized algorithms to approximate the centralized model):
    • WFQ with lookahead window to enable channel spatial reuse;
    • Adaptive solution to the dynamic graph coloring problem;
  • Self-coordinating approach to distributed fair queuing (Desired global property -> Mapping to local property -> Localized model -> Localized algorithms to realize the local model):
    • Maximizing local minimum in the flow contending graph;
    • Table-driven, backoff-based distributed implementation within CSMA/CA MAC paradigm.
People: Journal Publications:
  • Haiyun Luo, Jerry Cheng and Songwu Lu, "Self-coordinating Localized Fair Queueing in Wireless Ad Hoc Networks," IEEE Transactions on Mobile Computing, Vol. 3, No. 1, pp. 86-98, January-March 2004. PDF
  • Haiyun Luo, Songwu Lu, Vaduvur Bharghavan, Jerry Cheng and Gary Zhong, "A Packet Scheduling Approach to QoS Support in Multihop Wireless Networks," to appear in ACM Journal of Mobile Networks and Applications (MONET), Special Issue on QoS in Heterogeneous Wireless Networks, Vol. 9, Issue 3, June 2004. PDF
Talk:
  • Haiyun Luo, ACM MOBICOM 2000, "A New Model for Packet Scheduling in Multihop Wireless Networks," PDF
Conference Publications:
  • Jerry Cheng, Gary Zhong, Haiyun Luo and Songwu Lu, "Providing Packet-level Quality of Services in Multihop Wireless Networks," SPIE ITCOM (International Symposium on the Convergence of Information Technologies and Communications) 2001, Invited Paper, Denver, CO, August 2001. PDF
  • Haiyun Luo, Paul Medvedev, Jerry Cheng and Songwu Lu, "A Self-Coordinating Approach to Distributed Fair Queueing in Ad Hoc Wireless Networks," IEEE INFOCOM 2001, Anchorage, AK, April 2001. PDF
  • Haiyun Luo and Songwu Lu, "Achieving Fair Service in Large-Scale Multiple Access Networks," IEEE MMT (Multiaccess, Mobility and Teletraffic for Wireless Communications) 2000 , Invited Paper, Hwak's Cay Resort, FL, December 2000. PDF
  • Haiyun Luo and Songwu Lu, "A Topology-Independent Fair Queueing Model in Ad Hoc Wireless Networks," IEEE ICNP (International Conference on Network Protocols) 2000, Osaka, Japan, November 2000. PDF
  • Haiyun Luo, Songwu Lu and Vaduvur Bharghavan, "A New Model for Packet Scheduling in Multihop Wireless Networks," ACM MOBICOM (International Conference on Mobile Computing and Networking) 2000, Boston, MA, August 2000. PDF
Posters:
  • Haiyun Luo, Jerry Cheng, Paul Medvedev, Gary Zhong and Songwu Lu, "Distributed Packet Scheduling in Ad Hoc Wireless Networks," presented in the 2001 Annual UCLA Computer Science Department Research Review, April 27, 2001. PDF


TRACK: TCP PeRformance in Ad-hoC networKs
Overview: Our study of TCP over ad-hoc multihop wireless networks reveals the following interesting results:
  • There exists an optimal value for TCP congestion window size, at which the TCP throughput is maximized. However, TCP does not stabilize around this optimal point, but typically grows its window much larger, leading to decreased throughput and increased packet loss.
  • Network overload is mainly signified by wireless link congestion. As long as the buffer size at each node/router is reasonable (e.g., larger than 10 packets in typical settings), buffer overflow-induced packet loss is rare and packet drops due to link-layer contention dominate. Link-layer drops offer the first sign for network overload.
  • Multihop wireless links collectively demonstrate graceful drop behaviors, similar to Random Early Detection (RED), i.e., the drop probability grows gradually as the network load increases. However, Unfortunately, the link-layer drop probability is insufficient to keep the TCP window size around the optimal point.
We model and analyze the link contention behavior, based on which we propose Link RED that fine-tunes the link-layer packet dropping probability to stabilize the TCP window size around the optimal point. We further devise Adaptive Pacing to better coordinate channel access along the packet forwarding path. Our simulations in ns-2 demonstrate 5% to 30% improvement of TCP throughput using the proposed two techniques.

People: Journal Publication:
  • Zhenghua Fu, Haiyun Luo, Petros Zerfos, Songwu Lu, Lixia Zhang, Mario Gerla "The Impact of Multihop Wireless Channel on TCP Performance," to appear in IEEE Transactions on Mobile Computing. PDF
Conference Publications:
  • Zhenghua Fu, Petros Zerfos, Haiyun Luo, Songwu Lu, Lixia Zhang and Mario Gerla, "The Impact of Multihop Wireless Channel on TCP Throughput and Loss," IEEE INFOCOM 2003, San Francisco, California, March 2003. PDF
  • Zhenghua Fu, Petros Zerfos, Haiyun Luo, Songwu Lu, Lixia Zhang and Mario Gerla, "On TCP performance in multihop wireless networks," UCLA WiNG Technical Report, 2002. PDF


DIRAC: Distributed Software Router Architecture for Mobile Computing Environment
Routers are expected to play an important role in the IP-based wireless data network. Although a substantial number of techniques have been proposed to improve wireless network performance under dynamic wireless channel conditions and host mobility, a system support framework is still missing.

DIRAC is a flexible software-based router system that is designed for wireless networks to facilitate the implementation and evaluation of various channel-adaptive and mobility-aware protocols. DIRAC adopts a distributed architecture that is composed of two parts: a Router Core (RC) shared by the wireless subnets, and a Router Agent (RA) at each access point/base station. RAs expose wireless link-layer information to the RC and enforce the control commands issued by the RC. This approach allows the router to make adaptive decisions based on link-layer information feedback. It also permits the router to enforce its policies (e.g., policing) more effectively through underlying link-layer mechanisms.

DIRAC is implemented as Click software modules, using off-the-shelf wireless hardware and commodity PC. We implement under DIRAC the prototypes of three wireless network services: link-layer assisted fast handover, channel-adaptive scheduling, and link-layer enforced policing. Our implementation and experiments show that our distributed wireless router provides a flexible framework, which enables advanced network-layer wireless services that are adaptive to channel conditions and host mobility.

People: Conference Publications:
  • Petros Zerfos, Gary Zhong, Jerry Cheng, Haiyun Luo, Songwu Lu and Jeffrey Jia-ru Li, "DIRAC: A Software-based Wireless Router System," ACM MOBICOM (International Conference on Mobile Computing and Networking) 2003, San Diego, California, September 2003. PDF
Links:


TTDD: Two-tier Data Dissemination in Large-scale Sensor Networks
Sink mobility brings new challenges to large scale sensor networking. It suggests that information about mobile sinks locations be continuously propagated through the sensor field to keep all sensor nodes updated with the direction of forwarding future data reports. Unfortunately frequent location updates from multiple sinks can lead to both frequent collisions in sensor transmissions as well excessive drain of sensors' limited battery power supply.

We propose TTDD: a Two-Tier Data Dissemination approach that provides scalable and efficient data delivery to multiple mobile sinks. Each data source in TTDD proactively builds a grid structure which enables mobile sinks to continuously receive data on the move by flooding queries within a local cell only. TTDD's design exploits the fact that sensor nodes are both stationary and location-aware, to construct and maintain the grid structures with low overhead. We evaluate TTDD performance through ns-2 simulations and compare with existing data dissemination protocols for sensor networks such as Directed Diffusion, Declarative Routing Protocol and GRAB. Our results show that TTDD handles mobile sinks efficiently with comparable performance for stationary sinks.

Please email for the ns-2 simulation codes.

People: Journal Publications:
  • Haiyun Luo, Fan Ye, Jerry Cheng, Songwu Lu and Lixia Zhang, "TTDD: Two-tier Data Dissemination in Large-scale Wireless Sensor Networks," to appear in ACM Journal of Mobile Networks and Applications (MONET), Special Issue on ACM MOBICOM. PDF
Talk:
  • Haiyun Luo, ACM MOBICOM 2002, "TTDD: A Two-tier Data Dissemination Model for Large-scale Wireless Sensor Networks," PowerPoint Show, PDF
Conference Publication:
  • Fan Ye, Haiyun Luo, Jerry Cheng, Songwu Lu and Lixia Zhang, "A Two-tier Data Dissemination Model for Large-scale Wireless Sensor Networks," ACM MOBICOM (International Conference on Mobile Computing and Networking) 2002, Atlanta, Georgia, September 2002. PDF


SEF: Statistical En-route Filtering in Large Sensor Networks
Detection and early dropping of false data reports injected by attackers are important to avoid false alarms, and conserve the en-route sensors' limited battery energy and wireless channel bandwidth. This problem, however, is challenging since sensors are usually un-attended: an attacker can physically capture and obtain the security information stored in them. Recent work that provides message authentication is insufficient since false data reports can still be injected through compromised nodes.

We propose Statistical En-route Filtering (SEF) that filters injected false reports en-route as they are forwarded toward the data collection unit. SEF leverages the scale of the sensor network and the redundancy in sensor node deployment. In order to differentiate false data reports injected from compromised nodes, SEF relies on the collective efforts from both the sensors that generate data reports, and the sensors along data dissemination paths. SEF uses computationally efficient one-way hash functions for cryptographic computation to conserve the computation resources of small sensor nodes. In order to minimize the communication overhead and the corresponding energy consumption, we uses Bloom filter to compress the MACs while enabling en-route verification of the compressed MACs. Through analysis and extensive simulations, we show that with an overhead of 14 bytes per report, SEF is able to drop 80~90% false reports injected through a compromised node within 10 hops.

People: Journal Submission:
  • Fan Ye, Haiyun Luo, Songwu Lu and Lixia Zhang, "Statistical En-route Filtering of Injected False Data in Sensor Networks," December 2003. PDF
Conference Publications:
  • Fan Ye, Haiyun Luo, Songwu Lu and Lixia Zhang, "Statistical En-route Detection and Filtering of Injected False Data in Sensor Networks," IEEE INFOCOM 2004, Hong Kong, China, Mar. 2004. PDF
  • Fan Ye, Haiyun Luo, Songwu Lu and Lixia Zhang, "Dropping False Reports Injected by Compromised Nodes in Large Sensor Networks," ACM SENSYS (Conference on Embedded Networked Sensor Systems) 2003, Poster and 2-page Extended Abstract, Los Angeles, California, November 2003. PDF


LDK: Location-dependent Key Management for Sensor Networks
Existing sensor security mechanisms provide little protection when some nodes are compromised and their secret keys breached. Compromised nodes can authenticate false data reports about non-existent events to the user. The fidelity of sensing reports can be destroyed by a few compromised nodes. Besides, attackers can simply blast the sensor network with false data reports through compromised nodes, therefore effectively break down the whole system.

To secure sensing report generation against these attacks, we explore the "location-awareness" of sensors to develop a new security mechanism called Location Dependent Keys (LDK). In LDK, keys are not bound with the identities, but with the locations of nodes. LDK confines the impact of compromised nodes to their geographical locality, since an attacker can only launch attacks, e.g., injecting false data reports, from the location where victim sensor nodes are compromised.

LDK further constrains the possibility of false positives by leveraging the sensing redundancy. At the same time, it eliminates false negatives and ensures that data reports for real events are generated and delivered to the user in spite of the disruption from compromised nodes.

We implement the design in Mica2 motes, and evaluate its performance through both experiments and simulations. Our preliminary results show that LDK generates reports securely and efficiently.

People:


URSA: Ubiquitous and Robust Access Control for Mobile Ad-Hoc Networks
Restricting network access of routing and packet forwarding to well-behaving nodes, and denying access from misbehaving nodes are critical for the proper functioning of a mobile ad-hoc network where cooperation among all networking nodes is usually assumed. However, the lack of a network infrastructure, the dynamics of the network topology and node membership, and the potential attacks from inside the network by malicious and/or non-cooperative selfish nodes make the conventional network access control mechanisms not applicable.

We propose URSA, a ubiquitous and robust access control solution for mobile ad-hoc networks. URSA implements ticket certification services through multiple-node consensus and fully localized instantiation, and uses tickets to identify and grant network access to well-behaving nodes. In URSA, no single node monopolizes the access decision or is completely trusted, and multiple nodes jointly monitor a local node and certify/revoke its ticket. Furthermore, URSA ticket certification services are fully localized into each node's neighborhood to ensure service ubiquity and resilience.

We propose a fully distributed version of the polynomial secret sharing algorithm as the cryptographic foundation for URSA. We implement URSA using the GNU-PG package and demonstrate its feasibility in low-end portable devices such as PDA. We evaluate the scalability through ns-2 simulations show that our design effectively enforces access control in the highly dynamic, mobile ad-hoc network.

People: Journal Publications:
  • Haiyun Luo, Jiejun Kong, Petros Zerfos, Songwu Lu and Lixia Zhang, "URSA: Ubiquitous and Robust Access Control for Mobile Ad-Hoc Networks," to appear in IEEE/ACM Transactions on Networking, October 2004. PDF
  • Hao Yang, Haiyun Luo, Fan Ye, Songwu Lu and Lixia Zhang, "Security in Mobile Ad-Hoc Wireless Networks: Challenges and Solutions," to appear in IEEE Wireless Communications Magazine, invited submission
Conference Publications:
  • Haiyun Luo, Jiejun Kong, Petros Zerfos, Songwu Lu and Lixia Zhang, "Self-securing Ad Hoc Wireless Networks," IEEE ISCC (IEEE Symposium on Computers and Communications) 2002, Italy, July 2002
  • Jiejun Kong, Petros Zerfos, Haiyun Luo, Songwu Lu and Lixia Zhang, "Providing Robust and Ubiquitous Security Support for Mobile Ad-Hoc Networks," IEEE ICNP (International Conference on Network Protocols) 2001, Riverside, CA, November 2001. PDF
Posters:
  • Hao Yang, Gary Zhong, Jiejun Kong, Haiyun Luo and Songwu Lu, "SCAN: SeCurity for Ad Hoc Networks," presented in the 2002 Annual UCLA Computer Science Department Research Review, April 26, 2002. PDF
  • Haiyun Luo, Petros Zerfos, Jiejun Kong, Dimitris Voutsas and Songwu Lu, "Security for Infrastructureless Mobile Networks," presented in the 2001 Annual UCLA Computer Science Department Research Review, April 27, 2001. PDF


Adaptive Security for Multi-layer Ad-hoc Networks
Secure communication is critical in military environments where the network infrastructure is vulnerable to various attacks and compromises. A conventional centralized solution breaks down when the security servers are destroyed by the enemies. In this project we design and evaluate a security framework for multi-layer ad-hoc wireless networks with unmanned aerial vehicles (UAV). In battlefields, the framework adapts to the contingent damages on network infrastructure.

Depending on the availability of network infrastructure, our design is composed of two modes. In infrastructure mode, security services, specifically the authentication services, are implemented on UAVs that feature low overhead and flexible managements. When the UAVs fail or are destroyed, our system seamlessly switches to infrastructureless mode, a backup mechanism that maintains comparable security services among the surviving units. In the infrastructureless mode, the security services are localized to each node's vicinity to comply with the ad-hoc communication mechanism in the scenario.

People: Journal Publications:
  • Jiejun Kong, Haiyun Luo, Kaixin Xu, Daniel Lihui Gu, Mario Gerla and Songwu Lu, "Adaptive Security for Multi-layer Ad-hoc Networks," John Wiley InterScience Press, Wireless Communications and Mobile Computing, Special Issue on Mobile Ad Hoc Networking, pp. 533-547, Vol. 2, Issue 5, 2002. PDF
Posters:
  • Jiejun Kong, Kaixin Xu, Haiyun Luo, Daniel Lihui Gu, Mario Gerla and Songwu Lu, "Secure Mobile UAV-MBN Network," presented in the 2001 Annual UCLA Computer Science Department Research Review, April 27, 2001. PDF


HOURS: Hierarchical Overlays Using Randomized Structure
Hierarchical systems have been widely used to provide scalable distributed services in the Internet. However, its service accessibility is vulnerable to DoS attacks in an open service hierarchy due to its low connectivity. During DoS attacks, ensuring high degree of service accessibility for each surviving node, regardless of the failures of other nodes that are directly under DoS attacks, is challenging due to two reasons. First, the attackers can exploit the hierarchy topology information to launch topology-aware large-scale DoS attacks. Second, because the service is open, it is hard to adopt solutions that are based on user authentication.

Our solution is to establish rich yet unpredictable connectivity in the hierarchy using HOURS (Hierarchical Overlays Using Randomized Structure). The base design of HOURS explores two ideas: hierarchical overlays and randomized overlays. In this design, each node guides its children to form an overlay network. Within an overlay, each node keeps a few random pointers to other sibling nodes as well as their children. This way, HOURS augments the service hierarchy with hierarchical overlays and enriches the connectivity. When certain nodes are under DoS attacks, the queries are forwarded cross the overlays to bypass these attacked nodes.

People: Publications:
  • Hao Yang, Haiyun Luo, Yang Yi, Songwu Lu, Lixia Zhang, "HOURS: Achieving DoS Resilience in an Open Service Hierarchy," to appear in DSN (International Conference on Dependable Systems and Networks) 2004, Florence, Italy, June 2004. PDF


UCAN: A Unified Cellular Ad-hoc Network
In third-generation (3G) wireless data networks, mobile users experiencing poor channel quality usually have low data-rate connections with the base-station. Providing service to low data-rate users is required for maintaining fairness, but at the cost of reducing the cell's aggregate throughput.

We propose the Unified Cellular and Ad-Hoc Network (UCAN) architecture for enhancing cell throughput, while maintaining fairness. In UCAN, a mobile client has both 3G cellular link and IEEE 802.11-based peer-to-peer links. The 3G base station forwards packets for destination clients with poor channel quality to proxy clients with better channel quality. The proxy clients then use an ad-hoc network composed of other mobile clients and IEEE 802.11 wireless links to forward the packets to the appropriate destinations, thereby improving cell throughput.

We refine the 3G base station scheduling algorithm so that the throughput gains of active clients are distributed proportional to their average channel rate, thereby maintaining fairness. With the UCAN architecture in place, we propose novel greedy and on-demand protocols for proxy discovery and ad-hoc routing that explicitly leverage the existence of the 3G infrastructure to reduce complexity and improve reliability. We further propose a secure crediting mechanism to motivate users to participate in relaying packets for others. Through extensive simulations with HDR and IEEE 802.11b, we show that the UCAN architecture can improve individual user's throughput by up to 310% and the aggregate throughput of the HDR downlink by up to 60%.

For the ns-2 simulation codes of the UCAN architecture please email me.

People: Journal Submission:
  • Haiyun Luo, Ramachandran Ramjee, Prasun Sinha, Li Li, Songwu Lu, "UCAN: Unified Cellular and Ad-Hoc Network," Dec 2003. PDF
Talk:
  • Haiyun Luo, ACM MOBICOM 2003, "UCAN: A Unified Cellular and Ad-Hoc Network Architecture," PowerPoint Show, PDF
Conference Publications:
  • Haiyun Luo, Ramachandran Ramjee, Prasun Sinha, Li Li and Songwu Lu, "UCAN: A Unified Cellular and Ad-Hoc Network Architecture," ACM MOBICOM (International Conference on Mobile Computing and Networking) 2003, San Diego, California, September 2003. PDF