Pub Date : 2020-12-11DOI: 10.1109/RoEduNet51892.2020.9324866
Ioan Stan, D. Rosner, Ștefan-Dan Ciocîrlan
With the advancement of containerization technologies and the isolation mechanisms provided by the Linux kernel through features like namespaces and cgroups, a question arises whether total isolation in containers (virtual enclave) can provide an increased level of security in all use cases. In the current paper we aim to explore the idea of unifying the container's user namespace with the host system's user namespace, to validate if this approach may increase the overall security in some areas of use. Such an approach can facilitate the implementation of complex access policies with high granularity and reduce the weak points that can lead to privilege-escalation attacks. We will explore how different containerization engines can be configured to support the user namespace unification and we will see why the Singularity containerization engine is a perfect fit for our purposes. In addition, we will propose a concept architecture for an academic cluster that can natively support the enforcement of a unified user access policy among both: underlying nodes and containers running above.
{"title":"Enforce a Global Security Policy for User Access to Clustered Container Systems via User Namespace Sharing","authors":"Ioan Stan, D. Rosner, Ștefan-Dan Ciocîrlan","doi":"10.1109/RoEduNet51892.2020.9324866","DOIUrl":"https://doi.org/10.1109/RoEduNet51892.2020.9324866","url":null,"abstract":"With the advancement of containerization technologies and the isolation mechanisms provided by the Linux kernel through features like namespaces and cgroups, a question arises whether total isolation in containers (virtual enclave) can provide an increased level of security in all use cases. In the current paper we aim to explore the idea of unifying the container's user namespace with the host system's user namespace, to validate if this approach may increase the overall security in some areas of use. Such an approach can facilitate the implementation of complex access policies with high granularity and reduce the weak points that can lead to privilege-escalation attacks. We will explore how different containerization engines can be configured to support the user namespace unification and we will see why the Singularity containerization engine is a perfect fit for our purposes. In addition, we will propose a concept architecture for an academic cluster that can natively support the enforcement of a unified user access policy among both: underlying nodes and containers running above.","PeriodicalId":140521,"journal":{"name":"2020 19th RoEduNet Conference: Networking in Education and Research (RoEduNet)","volume":"50 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-12-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126949075","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-12-11DOI: 10.1109/RoEduNet51892.2020.9324857
Artur Cepuc, Robert Botez, Ovidiu Crãciun, I. Ivanciu, V. Dobrota
Nowadays, cloud computing has become the go to solution for most enterprises. This has led to the introduction of DevOps techniques in which developers work closely with network engineers in order to ensure fast and reliable deployment of their applications. This paper presents an entire automated pipeline, starting with detecting changes in the Java-based web application source code, creating new resources in the Kubernetes cluster to host this new version and finally deploying the containerized application in AWS. The solution follows DevOps best practices and relies on Jenkins for the Continuous Integration stage. The novelty herein is that we used Ansible for Continuous Deployment thus increasing the scalability and overall ease of use. The solution ensures zero downtime and proves fast, even though it combines six different technologies and requires very few computational resources.
如今,云计算已经成为大多数企业的首选解决方案。这导致了DevOps技术的引入,开发人员与网络工程师密切合作,以确保快速可靠地部署他们的应用程序。本文介绍了一个完整的自动化流程,从检测基于java的web应用程序源代码中的变化开始,在Kubernetes集群中创建新的资源来托管这个新版本,最后在AWS中部署容器化的应用程序。该解决方案遵循DevOps最佳实践,并在持续集成阶段依赖于Jenkins。这里的新颖之处在于我们使用了Ansible for Continuous Deployment,从而增加了可伸缩性和整体易用性。尽管该解决方案结合了六种不同的技术,并且只需要很少的计算资源,但它确保了零停机时间和快速验证。
{"title":"Implementation of a Continuous Integration and Deployment Pipeline for Containerized Applications in Amazon Web Services Using Jenkins, Ansible and Kubernetes","authors":"Artur Cepuc, Robert Botez, Ovidiu Crãciun, I. Ivanciu, V. Dobrota","doi":"10.1109/RoEduNet51892.2020.9324857","DOIUrl":"https://doi.org/10.1109/RoEduNet51892.2020.9324857","url":null,"abstract":"Nowadays, cloud computing has become the go to solution for most enterprises. This has led to the introduction of DevOps techniques in which developers work closely with network engineers in order to ensure fast and reliable deployment of their applications. This paper presents an entire automated pipeline, starting with detecting changes in the Java-based web application source code, creating new resources in the Kubernetes cluster to host this new version and finally deploying the containerized application in AWS. The solution follows DevOps best practices and relies on Jenkins for the Continuous Integration stage. The novelty herein is that we used Ansible for Continuous Deployment thus increasing the scalability and overall ease of use. The solution ensures zero downtime and proves fast, even though it combines six different technologies and requires very few computational resources.","PeriodicalId":140521,"journal":{"name":"2020 19th RoEduNet Conference: Networking in Education and Research (RoEduNet)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-12-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128974125","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-12-11DOI: 10.1109/roedunet51892.2020.9324859
Alin-Bogdan Popa, Iulia-Maria Florea, R. Rughinis
We implement a cryptocurrency portfolio management system based on a convolutional neural network architecture. We train and test several models, each augmented with data from various sources - past market information (price, volume, market capitalization), sentiment information (positive, neutral, negative sentiment scores extracted from online forums), and blockchain technical data (number of blocks and transactions per trading unit, amount paid in fees, block difficulty etc.). We show that augmenting the model with transaction volume history can lead to larger profits and higher Sharpe ratio, and augmenting the model with sentiment information can lead to better risk management.
{"title":"Convolutional Neural Network Portfolio Management System with Heterogeneous Input","authors":"Alin-Bogdan Popa, Iulia-Maria Florea, R. Rughinis","doi":"10.1109/roedunet51892.2020.9324859","DOIUrl":"https://doi.org/10.1109/roedunet51892.2020.9324859","url":null,"abstract":"We implement a cryptocurrency portfolio management system based on a convolutional neural network architecture. We train and test several models, each augmented with data from various sources - past market information (price, volume, market capitalization), sentiment information (positive, neutral, negative sentiment scores extracted from online forums), and blockchain technical data (number of blocks and transactions per trading unit, amount paid in fees, block difficulty etc.). We show that augmenting the model with transaction volume history can lead to larger profits and higher Sharpe ratio, and augmenting the model with sentiment information can lead to better risk management.","PeriodicalId":140521,"journal":{"name":"2020 19th RoEduNet Conference: Networking in Education and Research (RoEduNet)","volume":"2 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-12-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127449526","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-12-11DOI: 10.1109/RoEduNet51892.2020.9324876
Mihaela Ilie, C. Bǎdicǎ
This work is an overview on approaches to avoiding passive node behavior in mobile wireless ad hoc net-work(MANET) with homogeneous nodes routing protocols. MANETs are stand-alone networks composed of individual mobile devices that communicate with each other using their on-board hardware exclusively. Due to limited communication radius, a MANET protocols rely for mobile devices to forward each other's messages. This gives rise to the problem of nodes refusing to spend energy on messages that are foreign to themselves. This paper gathers recent works on providing incentive to the devices to cooperate. We then identify the algorithmic mechanism of Vickery Clarke Groves as the approach that requires the least amount of overhead that can positively provide incentive to mobile devices to cooperate. The main contribution of this paper is the survey on solving passive node behavior, and the experimental evaluation of the impact of passive node behavior on the basic MANET routing protocols.
{"title":"Approaches to Solving the Passive Node Behavior in Mobile Ad Hoc Networking Routing","authors":"Mihaela Ilie, C. Bǎdicǎ","doi":"10.1109/RoEduNet51892.2020.9324876","DOIUrl":"https://doi.org/10.1109/RoEduNet51892.2020.9324876","url":null,"abstract":"This work is an overview on approaches to avoiding passive node behavior in mobile wireless ad hoc net-work(MANET) with homogeneous nodes routing protocols. MANETs are stand-alone networks composed of individual mobile devices that communicate with each other using their on-board hardware exclusively. Due to limited communication radius, a MANET protocols rely for mobile devices to forward each other's messages. This gives rise to the problem of nodes refusing to spend energy on messages that are foreign to themselves. This paper gathers recent works on providing incentive to the devices to cooperate. We then identify the algorithmic mechanism of Vickery Clarke Groves as the approach that requires the least amount of overhead that can positively provide incentive to mobile devices to cooperate. The main contribution of this paper is the survey on solving passive node behavior, and the experimental evaluation of the impact of passive node behavior on the basic MANET routing protocols.","PeriodicalId":140521,"journal":{"name":"2020 19th RoEduNet Conference: Networking in Education and Research (RoEduNet)","volume":"232 2 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-12-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121088368","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-12-11DOI: 10.1109/RoEduNet51892.2020.9324847
M. Csoma, Benjamin Koné, Robert Botez, I. Ivanciu, A. Kora, V. Dobrota
This paper presents a functional solution for the management and orchestration (MANO) of the Network Function Virtualization (NFV), based on Open Source MANO (OSM). Two different Virtual Infrastructure Managers (VIMs) were tested: OpenVIM and OpenStack. Following the European Telecommunications Standards Institute (ETSI) requirements two experimental scenarios were devised: (1) with OpenVIM in test mode: two Ubuntu 16.04.6 virtual machines (VMs), hosted by different physical computers, acted as two virtual infrastructure managers (VIMs); one of them was collocated with Open Source MANO (OSM); (2) with OpenStack as a VIM and OSM running on an Ubuntu 18.04 virtual machine. The experimental results helped us defined some best practices for integrating OSM with both VIMs. In the future, we plan on extending the infrastructure orchestrated by OSM to include an SDN controller and several clouds acting as VIMs.
{"title":"Management and Orchestration for Network Function Virtualization: An Open Source MANO Approach","authors":"M. Csoma, Benjamin Koné, Robert Botez, I. Ivanciu, A. Kora, V. Dobrota","doi":"10.1109/RoEduNet51892.2020.9324847","DOIUrl":"https://doi.org/10.1109/RoEduNet51892.2020.9324847","url":null,"abstract":"This paper presents a functional solution for the management and orchestration (MANO) of the Network Function Virtualization (NFV), based on Open Source MANO (OSM). Two different Virtual Infrastructure Managers (VIMs) were tested: OpenVIM and OpenStack. Following the European Telecommunications Standards Institute (ETSI) requirements two experimental scenarios were devised: (1) with OpenVIM in test mode: two Ubuntu 16.04.6 virtual machines (VMs), hosted by different physical computers, acted as two virtual infrastructure managers (VIMs); one of them was collocated with Open Source MANO (OSM); (2) with OpenStack as a VIM and OSM running on an Ubuntu 18.04 virtual machine. The experimental results helped us defined some best practices for integrating OSM with both VIMs. In the future, we plan on extending the infrastructure orchestrated by OSM to include an SDN controller and several clouds acting as VIMs.","PeriodicalId":140521,"journal":{"name":"2020 19th RoEduNet Conference: Networking in Education and Research (RoEduNet)","volume":"97 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-12-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121205425","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-12-11DOI: 10.1109/roedunet51892.2020.9324877
{"title":"Networking in Education and Research","authors":"","doi":"10.1109/roedunet51892.2020.9324877","DOIUrl":"https://doi.org/10.1109/roedunet51892.2020.9324877","url":null,"abstract":"","PeriodicalId":140521,"journal":{"name":"2020 19th RoEduNet Conference: Networking in Education and Research (RoEduNet)","volume":"11 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-12-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117050540","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-12-11DOI: 10.1109/roedunet51892.2020.9324860
{"title":"[Title page]","authors":"","doi":"10.1109/roedunet51892.2020.9324860","DOIUrl":"https://doi.org/10.1109/roedunet51892.2020.9324860","url":null,"abstract":"","PeriodicalId":140521,"journal":{"name":"2020 19th RoEduNet Conference: Networking in Education and Research (RoEduNet)","volume":"138 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-12-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133536841","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-12-11DOI: 10.1109/RoEduNet51892.2020.9324873
Adrian Cosma, I. Radoi
This paper proposes a method for performing gait-recognition using skeletons extracted from human pose-estimation networks. Gait is a powerful biometric feature that has been used successfully to identify people, even in the presence of confounding factors such as different view angles and carrying/clothing variations. While most methods make use of Gait Energy Images (GEIs), we propose MFINet, a novel method for processing a sequence of skeletons extracted from an available pre-trained human pose estimation network, that incorporates confounding factors in the decision process. Inspired by methods in the area of activity recognition, we used a skeleton image representation (TSSI) in our experiments to capture temporal dynamics, as well as the skeleton spatial structure. Based on an extensive evaluation on the popular gait-recognition CASIA-B dataset, we show that MFINet is performing better than existing state-of-the-art pose-based methods, obtaining an accuracy of over 85% in scenarios with the same angle for both gallery and probe sets.
{"title":"Multi - Task Learning of Confounding Factors in Pose-Based Gait Recognition","authors":"Adrian Cosma, I. Radoi","doi":"10.1109/RoEduNet51892.2020.9324873","DOIUrl":"https://doi.org/10.1109/RoEduNet51892.2020.9324873","url":null,"abstract":"This paper proposes a method for performing gait-recognition using skeletons extracted from human pose-estimation networks. Gait is a powerful biometric feature that has been used successfully to identify people, even in the presence of confounding factors such as different view angles and carrying/clothing variations. While most methods make use of Gait Energy Images (GEIs), we propose MFINet, a novel method for processing a sequence of skeletons extracted from an available pre-trained human pose estimation network, that incorporates confounding factors in the decision process. Inspired by methods in the area of activity recognition, we used a skeleton image representation (TSSI) in our experiments to capture temporal dynamics, as well as the skeleton spatial structure. Based on an extensive evaluation on the popular gait-recognition CASIA-B dataset, we show that MFINet is performing better than existing state-of-the-art pose-based methods, obtaining an accuracy of over 85% in scenarios with the same angle for both gallery and probe sets.","PeriodicalId":140521,"journal":{"name":"2020 19th RoEduNet Conference: Networking in Education and Research (RoEduNet)","volume":"60 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-12-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133467674","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-12-11DOI: 10.1109/RoEduNet51892.2020.9324855
Dorin Moldovan, I. Anghel, T. Cioara, I. Salomie
The classification of the manufacturing processes in processes that pass the in-line testing and processes that fail the in-line testing is a challenging research problem as the manufacturing processes data is characterized by many features that correspond to the different steps of the manufacturing processes. This research article proposes a method in which: (1) the manufacturing processes classification is performed using the Support Vector Machine (SVM) algorithm, (2) the regularization parameter value and the gamma coefficient value of the SVM algorithm are optimized using Horse Optimization Algorithm (HOA), (3) the HOA based SVM results are compared to Particle Swarm Optimization (PSO) based SVM results and Chicken Swarm Optimization (CSO) based SVM results, and (4) the data used in experiments is the open source public dataset SECOM.
{"title":"Machine Learning in Manufacturing: Processes Classification Using Support Vector Machine and Horse Optimization Algorithm","authors":"Dorin Moldovan, I. Anghel, T. Cioara, I. Salomie","doi":"10.1109/RoEduNet51892.2020.9324855","DOIUrl":"https://doi.org/10.1109/RoEduNet51892.2020.9324855","url":null,"abstract":"The classification of the manufacturing processes in processes that pass the in-line testing and processes that fail the in-line testing is a challenging research problem as the manufacturing processes data is characterized by many features that correspond to the different steps of the manufacturing processes. This research article proposes a method in which: (1) the manufacturing processes classification is performed using the Support Vector Machine (SVM) algorithm, (2) the regularization parameter value and the gamma coefficient value of the SVM algorithm are optimized using Horse Optimization Algorithm (HOA), (3) the HOA based SVM results are compared to Particle Swarm Optimization (PSO) based SVM results and Chicken Swarm Optimization (CSO) based SVM results, and (4) the data used in experiments is the open source public dataset SECOM.","PeriodicalId":140521,"journal":{"name":"2020 19th RoEduNet Conference: Networking in Education and Research (RoEduNet)","volume":"44 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-12-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124330391","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-12-11DOI: 10.1109/RoEduNet51892.2020.9324865
Gheorghe Romeo Andreica, Liviu Bozga, Daniel Zinca, V. Dobrota
The issue of information security in the IoT era is an essential aspect for all IoT devices that are connected to the Internet. If the technology is vulnerable, it allows hackers to exploit such systems in order to spy, harm, or disrupt their activity. This paper presents some security issues of a GPS-based monitoring solution for the automotive industry. Some penetration tests using DoS and MITM attacks were launched in an infrastructure with GPS-based data transmission devices and receiving servers. Preliminary countermeasures were suggested, as the Teltonika protocol involved in the initial system did not use encryption.
{"title":"Denial of Service and Man-in-the-Middle Attacks Against IoT Devices in a GPS-Based Monitoring Software for Intelligent Transportation Systems","authors":"Gheorghe Romeo Andreica, Liviu Bozga, Daniel Zinca, V. Dobrota","doi":"10.1109/RoEduNet51892.2020.9324865","DOIUrl":"https://doi.org/10.1109/RoEduNet51892.2020.9324865","url":null,"abstract":"The issue of information security in the IoT era is an essential aspect for all IoT devices that are connected to the Internet. If the technology is vulnerable, it allows hackers to exploit such systems in order to spy, harm, or disrupt their activity. This paper presents some security issues of a GPS-based monitoring solution for the automotive industry. Some penetration tests using DoS and MITM attacks were launched in an infrastructure with GPS-based data transmission devices and receiving servers. Preliminary countermeasures were suggested, as the Teltonika protocol involved in the initial system did not use encryption.","PeriodicalId":140521,"journal":{"name":"2020 19th RoEduNet Conference: Networking in Education and Research (RoEduNet)","volume":"30 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-12-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125974559","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: