Multi-access edge computing (MEC) enables users to exploit the resources of cloud computing at a base station (BS) in proximity to the users where an MEC server is hosted. While we have advantage of being able to communicate with low latency and small network load in MEC networks, the resources in BSs are limited. One challenge is where to provide users with services from to make efficient use of resources. Furthermore, to enhance the reliability of MEC system, the case that a BS fails needs to be considered. This paper proposes a service placement and user assignment model with preventive start-time optimization against a single BS failure in MEC networks. The proposed model preventively determines the service placement and user assignment in each BS failure pattern to minimize the worst-case penalty which is the largest penalty among all failure patterns. We formulate the proposed model as an integer linear programming problem. We prove that the considered problem is NP-hard. When the problem size becomes large, it may not be solved in a practical computation time. To solve larger size problems, we introduce two algorithms: one is the greedy algorithm with allocation upgrade and the other is with allocation upgrade and preemption. The results show that the introduced algorithms obtain solutions with smaller worst-case penalty than the benchmark in a practical time.
{"title":"Joint service placement and user assignment model in multi-access edge computing networks against base-station failure","authors":"Haruto Taka, Fujun He, Eiji Oki","doi":"10.1002/nem.2233","DOIUrl":"10.1002/nem.2233","url":null,"abstract":"<p>Multi-access edge computing (MEC) enables users to exploit the resources of cloud computing at a base station (BS) in proximity to the users where an MEC server is hosted. While we have advantage of being able to communicate with low latency and small network load in MEC networks, the resources in BSs are limited. One challenge is where to provide users with services from to make efficient use of resources. Furthermore, to enhance the reliability of MEC system, the case that a BS fails needs to be considered. This paper proposes a service placement and user assignment model with preventive start-time optimization against a single BS failure in MEC networks. The proposed model preventively determines the service placement and user assignment in each BS failure pattern to minimize the worst-case penalty which is the largest penalty among all failure patterns. We formulate the proposed model as an integer linear programming problem. We prove that the considered problem is NP-hard. When the problem size becomes large, it may not be solved in a practical computation time. To solve larger size problems, we introduce two algorithms: one is the greedy algorithm with allocation upgrade and the other is with allocation upgrade and preemption. The results show that the introduced algorithms obtain solutions with smaller worst-case penalty than the benchmark in a practical time.</p>","PeriodicalId":14154,"journal":{"name":"International Journal of Network Management","volume":"33 6","pages":""},"PeriodicalIF":1.5,"publicationDate":"2023-04-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"42045703","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Network function virtualization (NFV) is a name of technology for replacing hardware-based network functions with software programs. Virtual network function (VNF) is a software program that replaces the hardware-based network functionality. The replacement of the hardware-based network functions (middleboxes) with software programs promises the on-demand provisioning of network functions and reduces capital and operational expenses of the network. Due to this replaced network can adapt to the different network functions. Network service providers deploy various network services with different objectives, such as reducing the network's active servers and traffic latency or network operational expenses. In this article, a VNF placement problem is studied to optimize the total operating costs of the networks. To solve the VNF placement problem, we proposed an integer linear program (ILP) model, which has been implemented using CPLEX. Although an ILP-based approach gives an optimal solution, it takes a long execution time to find the solution. Due to the long execution time, the ILP-based approach is not suitable for the real-time VNF placement problem. To address this challenge, we proposed a heuristic based on dynamic programming that performs better than the existing approaches. The simulation results of the proposed solution using real-world topologies show that the heuristic approach finds a feasible solution that is only 1 to 1.34 times far from the optimal one. Moreover, experimental results show that the proposed heuristic is 15 to 423 times faster than the ILP.
�
网络功能虚拟化(Network function virtualization, NFV)是一种用软件程序代替基于硬件的网络功能的技术名称。虚拟网络功能(VNF)是一种取代基于硬件的网络功能的软件程序。用软件程序代替基于硬件的网络功能(中间盒),保证了网络功能的按需供应,降低了网络的资本和运营费用。因此,替换后的网络可以适应不同的网络功能。网络服务提供商根据不同的目标部署各种网络服务,例如减少网络的活动服务器和流量延迟或网络运营费用。为了使网络的总运行成本最优,本文研究了VNF的配置问题。为了解决VNF的放置问题,我们提出了一个整数线性规划(ILP)模型,并使用CPLEX实现了该模型。尽管基于ilp的方法提供了最佳解决方案,但需要很长的执行时间才能找到解决方案。由于执行时间长,基于ilp的方法不适合实时VNF放置问题。为了应对这一挑战,我们提出了一种基于动态规划的启发式方法,该方法的性能优于现有方法。仿真结果表明,启发式方法找到的可行解与最优解的距离只有1 ~ 1.34倍。此外,实验结果表明,该启发式算法比常规启发式算法快15 ~ 423倍。
{"title":"Placement of virtual network functions for network services","authors":"Brajesh Kumar Umrao, Dharmendra Kumar Yadav","doi":"10.1002/nem.2232","DOIUrl":"10.1002/nem.2232","url":null,"abstract":"<div>\u0000 \u0000 <p>Network function virtualization (NFV) is a name of technology for replacing hardware-based network functions with software programs. Virtual network function (VNF) is a software program that replaces the hardware-based network functionality. The replacement of the hardware-based network functions (middleboxes) with software programs promises the on-demand provisioning of network functions and reduces capital and operational expenses of the network. Due to this replaced network can adapt to the different network functions. Network service providers deploy various network services with different objectives, such as reducing the network's active servers and traffic latency or network operational expenses. In this article, a VNF placement problem is studied to optimize the total operating costs of the networks. To solve the VNF placement problem, we proposed an integer linear program (ILP) model, which has been implemented using CPLEX. Although an ILP-based approach gives an optimal solution, it takes a long execution time to find the solution. Due to the long execution time, the ILP-based approach is not suitable for the real-time VNF placement problem. To address this challenge, we proposed a heuristic based on dynamic programming that performs better than the existing approaches. The simulation results of the proposed solution using real-world topologies show that the heuristic approach finds a feasible solution that is only 1 to 1.34 times far from the optimal one. Moreover, experimental results show that the proposed heuristic is 15 to 423 times faster than the ILP.</p>\u0000 </div>","PeriodicalId":14154,"journal":{"name":"International Journal of Network Management","volume":"33 6","pages":""},"PeriodicalIF":1.5,"publicationDate":"2023-04-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"44934759","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Dynamic vehicle detection requires the transmission of large amounts of data collected by different types of sensors to the edge computing nodes. This is likely to cause network delays and congestion, affecting the computation of the edge computing nodes and thus posing serious security risks. Therefore, optimizing data transmission between vehicles and edge computing nodes is a new challenge to be addressed in the practical application of edge computing‐based vehicle dynamic detection architectures. The data requirements of VDT for vehicle detection dynamic detection in different environments are considered, the optimization objectives and constraints are analysed, and a deviation detection and greedy algorithm is proposed in this paper to address the problems of long mixed‐integer linear programme solution time and insufficient practical applications, and the performance of the algorithm is evaluated through simulation experiments conducted by simulation of urban mobility, a traffic flow simulation tool, and PreScan, a vehicle simulation test software. The results show that compared with the deviation detection algorithm, the greedy algorithm can reduce the communication overhead by 82.6%–86.2% in all cases and improve the performance by 13.6%–19.5%, which is more suitable for practical applications. The results of this paper contribute to the automation and modernization of vehicle technology management and information transfer.
{"title":"Dynamic management network system of automobile detection applying edge computing","authors":"Xianhong Cao","doi":"10.1002/nem.2231","DOIUrl":"https://doi.org/10.1002/nem.2231","url":null,"abstract":"Dynamic vehicle detection requires the transmission of large amounts of data collected by different types of sensors to the edge computing nodes. This is likely to cause network delays and congestion, affecting the computation of the edge computing nodes and thus posing serious security risks. Therefore, optimizing data transmission between vehicles and edge computing nodes is a new challenge to be addressed in the practical application of edge computing‐based vehicle dynamic detection architectures. The data requirements of VDT for vehicle detection dynamic detection in different environments are considered, the optimization objectives and constraints are analysed, and a deviation detection and greedy algorithm is proposed in this paper to address the problems of long mixed‐integer linear programme solution time and insufficient practical applications, and the performance of the algorithm is evaluated through simulation experiments conducted by simulation of urban mobility, a traffic flow simulation tool, and PreScan, a vehicle simulation test software. The results show that compared with the deviation detection algorithm, the greedy algorithm can reduce the communication overhead by 82.6%–86.2% in all cases and improve the performance by 13.6%–19.5%, which is more suitable for practical applications. The results of this paper contribute to the automation and modernization of vehicle technology management and information transfer.","PeriodicalId":14154,"journal":{"name":"International Journal of Network Management","volume":"31 4","pages":""},"PeriodicalIF":1.5,"publicationDate":"2023-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"50802380","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
In blockchain networks, topology discovery is a prerequisite when investigating the network characteristics (e.g., performance and robustness), which can provide a deeper comprehension of the behavior of the nodes and topology dynamicity. In this paper, we conduct a longitudinal study on the Bitcoin topology by collecting network snapshots from 2018 to 2022 with Node-Probe, our topology discovery technique that uses recursive scanning to find all reachable nodes in the Bitcoin network. Using Node-Probe, we have collected 5-week-long snapshots (36-day-long snapshots) of the Bitcoin main network and analyzed the network properties, community structure, and topology dynamicity. We confirm that our approach achieves a precision of 99% with a recall of 98% in inferring the topology. Analytical results on community structure show that the Bitcoin network has � more communities than what should be expected from a random network. Meanwhile, analytical results on dynamicity indicate that the topology stands firmly on heavy and long-running nodes. Improving the propagation mechanism using master nodes could improve the propagation delay by proximity � compared with the Bitcoin default protocol. Considering a K-anonymity attack, any transaction from one of the autonomous systems containing only a single Bitcoin node can easily be linked to real users' IP information.
{"title":"Characterizing the Bitcoin network topology with Node-Probe","authors":"Meryam Essaid, Changhyun Lee, Hongteak Ju","doi":"10.1002/nem.2230","DOIUrl":"10.1002/nem.2230","url":null,"abstract":"<p>In blockchain networks, topology discovery is a prerequisite when investigating the network characteristics (e.g., performance and robustness), which can provide a deeper comprehension of the behavior of the nodes and topology dynamicity. In this paper, we conduct a longitudinal study on the Bitcoin topology by collecting network snapshots from 2018 to 2022 with Node-Probe, our topology discovery technique that uses recursive scanning to find all reachable nodes in the Bitcoin network. Using Node-Probe, we have collected 5-week-long snapshots (36-day-long snapshots) of the Bitcoin main network and analyzed the network properties, community structure, and topology dynamicity. We confirm that our approach achieves a precision of 99% with a recall of 98% in inferring the topology. Analytical results on community structure show that the Bitcoin network has \u0000<math>\u0000 <mo>×</mo>\u0000 <mn>4</mn></math> more communities than what should be expected from a random network. Meanwhile, analytical results on dynamicity indicate that the topology stands firmly on heavy and long-running nodes. Improving the propagation mechanism using master nodes could improve the propagation delay by proximity \u0000<math>\u0000 <mo>×</mo>\u0000 <mn>25</mn></math> compared with the Bitcoin default protocol. Considering a K-anonymity attack, any transaction from one of the autonomous systems containing only a single Bitcoin node can easily be linked to real users' IP information.</p>","PeriodicalId":14154,"journal":{"name":"International Journal of Network Management","volume":"33 6","pages":""},"PeriodicalIF":1.5,"publicationDate":"2023-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"42874730","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Dynamic vehicle detection requires the transmission of large amounts of data collected by different types of sensors to the edge computing nodes. This is likely to cause network delays and congestion, affecting the computation of the edge computing nodes and thus posing serious security risks. Therefore, optimizing data transmission between vehicles and edge computing nodes is a new challenge to be addressed in the practical application of edge computing-based vehicle dynamic detection architectures. The data requirements of VDT for vehicle detection dynamic detection in different environments are considered, the optimization objectives and constraints are analysed, and a deviation detection and greedy algorithm is proposed in this paper to address the problems of long mixed-integer linear programme solution time and insufficient practical applications, and the performance of the algorithm is evaluated through simulation experiments conducted by simulation of urban mobility, a traffic flow simulation tool, and PreScan, a vehicle simulation test software. The results show that compared with the deviation detection algorithm, the greedy algorithm can reduce the communication overhead by 82.6%–86.2% in all cases and improve the performance by 13.6%–19.5%, which is more suitable for practical applications. The results of this paper contribute to the automation and modernization of vehicle technology management and information transfer.
动态车辆检测需要将不同类型的传感器收集的大量数据传输到边缘计算节点。这可能会导致网络延迟和拥塞,影响边缘计算节点的计算,从而带来严重的安全风险。因此,在基于边缘计算的车辆动态检测架构的实际应用中,优化车辆与边缘计算节点之间的数据传输是一个新的挑战。考虑了VDT在不同环境下对车辆检测动态检测的数据需求,分析了优化目标和约束条件,针对混合整数线性规划求解时间长、实际应用不足的问题,提出了偏差检测和贪婪算法,并通过交通流仿真工具simulation of urban mobility和车辆仿真测试软件PreScan进行仿真实验,对算法的性能进行了评价。结果表明,与偏差检测算法相比,贪婪算法在所有情况下都可以减少82.6%–86.2%的通信开销,并提高13.6%–19.5%的性能,更适合实际应用。本文的研究结果有助于车辆技术管理和信息传递的自动化和现代化。
{"title":"Dynamic management network system of automobile detection applying edge computing","authors":"Xianhong Cao","doi":"10.1002/nem.2231","DOIUrl":"https://doi.org/10.1002/nem.2231","url":null,"abstract":"<p>Dynamic vehicle detection requires the transmission of large amounts of data collected by different types of sensors to the edge computing nodes. This is likely to cause network delays and congestion, affecting the computation of the edge computing nodes and thus posing serious security risks. Therefore, optimizing data transmission between vehicles and edge computing nodes is a new challenge to be addressed in the practical application of edge computing-based vehicle dynamic detection architectures. The data requirements of VDT for vehicle detection dynamic detection in different environments are considered, the optimization objectives and constraints are analysed, and a deviation detection and greedy algorithm is proposed in this paper to address the problems of long mixed-integer linear programme solution time and insufficient practical applications, and the performance of the algorithm is evaluated through simulation experiments conducted by simulation of urban mobility, a traffic flow simulation tool, and PreScan, a vehicle simulation test software. The results show that compared with the deviation detection algorithm, the greedy algorithm can reduce the communication overhead by 82.6%–86.2% in all cases and improve the performance by 13.6%–19.5%, which is more suitable for practical applications. The results of this paper contribute to the automation and modernization of vehicle technology management and information transfer.</p>","PeriodicalId":14154,"journal":{"name":"International Journal of Network Management","volume":"33 5","pages":""},"PeriodicalIF":1.5,"publicationDate":"2023-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1002/nem.2231","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"50142662","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Internet of Things (IoT) and related applications have revolutionized most of our societal activities, enhancing the quality of human life. This study presents an IoT-based model that enables optimized parking space utilization. The paper implements a Hybrid Deep DenseNet Optimization (HDDNO) algorithm for predicting parking spot availability involving Machine Learning (ML) and deep learning techniques. The HDDNO-based ML model uses secondary data from the National Research Council Park (CNRPark) in Pisa, Italy. Different regression algorithms are employed to forecast parking lot availability for a given time as part of the prediction process. The DenseNet technique has generated promising results, whereas the HDDNO model yielded better accuracy. The use of five optimizers, namely, Adaptive Moment Estimation (Adam), Root Mean Squared Propagation (RMSprop), Adaptive Gradient (AdaGrad), AdaDelta, and Stochastic Gradient Descent (SGD), have played significant roles in minimizing the loss of the model. The part of Adam has enabled the HDDNO model to generate predictions with high accuracy 99.19% and low loss 0.0306%. This proposed methodology would significantly improve environmental safety and act as an initiative toward developing smart cities.
{"title":"Detection of car parking space by using Hybrid Deep DenseNet Optimization algorithm","authors":"Vankadhara Rajyalakshmi, Kuruva Lakshmanna","doi":"10.1002/nem.2228","DOIUrl":"10.1002/nem.2228","url":null,"abstract":"<p>Internet of Things (IoT) and related applications have revolutionized most of our societal activities, enhancing the quality of human life. This study presents an IoT-based model that enables optimized parking space utilization. The paper implements a Hybrid Deep DenseNet Optimization (HDDNO) algorithm for predicting parking spot availability involving Machine Learning (ML) and deep learning techniques. The HDDNO-based ML model uses secondary data from the National Research Council Park (CNRPark) in Pisa, Italy. Different regression algorithms are employed to forecast parking lot availability for a given time as part of the prediction process. The DenseNet technique has generated promising results, whereas the HDDNO model yielded better accuracy. The use of five optimizers, namely, Adaptive Moment Estimation (Adam), Root Mean Squared Propagation (RMSprop), Adaptive Gradient (AdaGrad), AdaDelta, and Stochastic Gradient Descent (SGD), have played significant roles in minimizing the loss of the model. The part of Adam has enabled the HDDNO model to generate predictions with high accuracy 99.19% and low loss 0.0306%. This proposed methodology would significantly improve environmental safety and act as an initiative toward developing smart cities.</p>","PeriodicalId":14154,"journal":{"name":"International Journal of Network Management","volume":"34 1","pages":""},"PeriodicalIF":1.5,"publicationDate":"2023-04-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"46960201","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Weizhi Meng, Sokratis K. Katsikas, Jiageng Chen, Chao Chen
The world is becoming increasingly connected, from Internet of Things (IoT) and social networks to big data and cloud computing. Networked systems are not just relevant to information technology but have been already integrated with the engineering and cyber-physical systems domains. The agents of networked systems (e.g., sensor networks) can sense, compute, and interact based on a given task. However, networked systems suffer from many security and trust issues, as these systems are mostly designed based on traditional IT infrastructure. For example, attackers can compromise one internal sensor nodes and infect other nodes afterwards. There was an increase in malware attacks on IoT/Connected Devices of 77% in the first half of 2022, according to a recent report by Sonic Wall. This special issue focuses on how to build a trust and secure networked systems, and identifies new issues and directions for future research and development work.
In the first contribution entitled “Privacy-preserving and efficient user matching based on attribute encryption in mobile social networks,” Wu et al. aimed to protect users' privacy and introduced an attribute-based encryption scheme based on the defined policy. Then the server does not need to decrypt the attribute matching file frequently for dating users. The proposed scheme can provide several benefits: (1) it allows two-way matching to support suitable publishers recommended to requesters with dating interests, (2) our scheme protects the privacy of users by encrypting the tagged keywords of the interest information collected from requesters and the personal attribute information of publishers, and (3) the scheme can reduce the computational cost by transferring most of the decryption work to the matching server and dividing the encryption into preparation and online stages.
In the second contribution entitled “Privacy Preserving distributed smart grid system based on Hyperledger Fabric and Wireguard,” Yao et al. focused on the security issues of Smart Grid and designed a secure and decentralized energy trading platform in edge area of smart grid system by means of Hyperledger Fabric and WireGuard VPN. WireGuard can customize network gateway and controls traffic by WireGuard Interface, which includes an exclusive private key generated by the elliptic curve, a User Datagram Protocol (UDP) listening port, and a group of peer nodes. The proposed architecture was composed of four main layers, including application, blockchain platform, network structure, and physical infrastructure. In the experiment, the authors tested the bandwidth in WireGuard network and transactions throughput capacity of HyperLedger Fabric blockchain. It showed the feasibility of the proposed architecture, even with the WireGuard communication latency.
In the third contribution entitled “Intelligent detection of vulnerable functions in software through neural embedding-based code analysis,” Zeng et al. found that conv
从物联网(IoT)和社交网络到大数据和云计算,世界正变得越来越互联。网络化系统不仅与信息技术相关,而且已经与工程和网络物理系统领域相集成。联网系统(例如,传感器网络)的代理可以基于给定的任务进行感知、计算和交互。然而,网络系统存在许多安全和信任问题,因为这些系统大多是基于传统的IT基础设施设计的。例如,攻击者可以破坏一个内部传感器节点,然后感染其他节点。根据Sonic Wall最近的一份报告,2022年上半年,针对物联网/联网设备的恶意软件攻击增加了77%。本期特刊聚焦于如何建立信任和安全的网络系统,并确定了未来研发工作的新问题和方向。在题为“移动社交网络中基于属性加密的隐私保护和高效用户匹配”的第一篇文章中,吴等人旨在保护用户的隐私,并基于定义的策略引入了一种基于属性的加密方案。那么服务器就不需要频繁地为约会用户解密属性匹配文件。所提出的方案可以提供几个好处:(1)它允许双向匹配,以支持向有约会兴趣的请求者推荐合适的发布者;(2)我们的方案通过加密从请求者收集的兴趣信息的标记关键字和发布者的个人属性信息来保护用户的隐私,以及(3)该方案可以通过将大部分解密工作转移到匹配服务器并将加密划分为准备阶段和在线阶段来降低计算成本。在题为“基于Hyperledger Fabric和Wireguard的隐私保护分布式智能电网系统”的第二篇文章中,姚等人重点研究了智能电网的安全问题,并通过Hyperledger Fabric和Wireguard VPN在智能电网系统的边缘区域设计了一个安全、分散的能源交易平台。WireGuard可以自定义网络网关,并通过WireGuard接口控制流量,该接口包括由椭圆曲线生成的专用密钥、用户数据报协议(UDP)侦听端口和一组对等节点。所提出的架构由四个主要层组成,包括应用程序、区块链平台、网络结构和物理基础设施。在实验中,作者测试了WireGuard网络中的带宽和HyperLedger Fabric区块链的交易吞吐量。它显示了所提出的体系结构的可行性,即使有WireGuard通信延迟。在题为“通过基于神经嵌入的代码分析智能检测软件中的脆弱函数”的第三篇文章中,曾等人发现卷积神经网络(CNN)仅适用于提取局部特征,而不适用于提取长距离相关特征。本文通过添加两个完全连接层和微调技术,提出了一个基于CodeBERT的功能级漏洞检测框架。也就是说,在微调过程中,作者添加了人工合成的数据,以加深网络深度。为了增强捕获序列较大上下文依赖关系的能力,作者使用了BERT并利用了Transformer的双向结构。作者还利用合成的C测试样本对所提出的框架进行了微调。实验结果表明,该微调模型可以有效地提高检测性能,优于几种基线系统。在题为“MACPABE:Multi-Authority-Based CP-ABE with Efficient Attribute Revocation for IoT Enabled Healthcare Infrastructure”的第四篇文章中,Das等人旨在解决密钥托管问题,并引入了一种细粒度访问控制方案来支持有效的属性撤销。该方案基于价格较低的椭圆曲线密码(ECC)操作,可以抵抗碰撞攻击。多个权威机构负责生成与用户属性相关的密钥。从物联网设备收集数据后,数据所有者(DO)对数据进行加密,并为授权用户定义访问策略。然后,DO将这些数据上传到云服务器。然后,云服务提供商对这些加密数据进行重新加密,并将其存储在其数据库中。为了减少最终用户的解密开销,解密过程外包给解密助手(DA)。DOI:10.1002/nem.2229
{"title":"Editorial for special issue on security and trust on networked systems","authors":"Weizhi Meng, Sokratis K. Katsikas, Jiageng Chen, Chao Chen","doi":"10.1002/nem.2229","DOIUrl":"10.1002/nem.2229","url":null,"abstract":"<p>The world is becoming increasingly connected, from Internet of Things (IoT) and social networks to big data and cloud computing. Networked systems are not just relevant to information technology but have been already integrated with the engineering and cyber-physical systems domains. The agents of networked systems (e.g., sensor networks) can sense, compute, and interact based on a given task. However, networked systems suffer from many security and trust issues, as these systems are mostly designed based on traditional IT infrastructure. For example, attackers can compromise one internal sensor nodes and infect other nodes afterwards. There was an increase in malware attacks on IoT/Connected Devices of 77% in the first half of 2022, according to a recent report by Sonic Wall. This special issue focuses on how to build a trust and secure networked systems, and identifies new issues and directions for future research and development work.</p><p>In the first contribution entitled “Privacy-preserving and efficient user matching based on attribute encryption in mobile social networks,” Wu et al. aimed to protect users' privacy and introduced an attribute-based encryption scheme based on the defined policy. Then the server does not need to decrypt the attribute matching file frequently for dating users. The proposed scheme can provide several benefits: (1) it allows two-way matching to support suitable publishers recommended to requesters with dating interests, (2) our scheme protects the privacy of users by encrypting the tagged keywords of the interest information collected from requesters and the personal attribute information of publishers, and (3) the scheme can reduce the computational cost by transferring most of the decryption work to the matching server and dividing the encryption into preparation and online stages.</p><p>In the second contribution entitled “Privacy Preserving distributed smart grid system based on Hyperledger Fabric and Wireguard,” Yao et al. focused on the security issues of Smart Grid and designed a secure and decentralized energy trading platform in edge area of smart grid system by means of Hyperledger Fabric and WireGuard VPN. WireGuard can customize network gateway and controls traffic by WireGuard Interface, which includes an exclusive private key generated by the elliptic curve, a User Datagram Protocol (UDP) listening port, and a group of peer nodes. The proposed architecture was composed of four main layers, including application, blockchain platform, network structure, and physical infrastructure. In the experiment, the authors tested the bandwidth in WireGuard network and transactions throughput capacity of HyperLedger Fabric blockchain. It showed the feasibility of the proposed architecture, even with the WireGuard communication latency.</p><p>In the third contribution entitled “Intelligent detection of vulnerable functions in software through neural embedding-based code analysis,” Zeng et al. found that conv","PeriodicalId":14154,"journal":{"name":"International Journal of Network Management","volume":"33 3","pages":""},"PeriodicalIF":1.5,"publicationDate":"2023-04-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1002/nem.2229","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"45677720","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
This paper concentrates on the issue of detecting abnormal flows in distributed monitoring systems, which has many network management applications such as anomaly detection and traffic engineering. Collecting massive network traffic in real-time remains a large challenge due to the limited system resource. Most existing approaches perform abnormal flow detection at one measurement point, while they cause large computation and memory overhead for recovering abnormal flows. In this paper, we propose a novel data streaming method that supports accurate abnormal flow detection with a low memory requirement. The key idea of our method is that each monitor compresses flow information to summary data structure, sends the generated data structure to the controller; then the controller aggregates the received data structures, recovers candidates of abnormal flows and estimates their size and change to find abnormal flows on the basis of the aggregated data structure. The experimental results based on real network traffic show that the proposed approach can detect up to 97% of abnormal flows with low memory and update requirements in comparison with related approaches.
{"title":"A novel data streaming method for detecting abnormal flows in distributed monitoring systems","authors":"Aiping Zhou, Ye Zhu","doi":"10.1002/nem.2227","DOIUrl":"10.1002/nem.2227","url":null,"abstract":"<p>This paper concentrates on the issue of detecting abnormal flows in distributed monitoring systems, which has many network management applications such as anomaly detection and traffic engineering. Collecting massive network traffic in real-time remains a large challenge due to the limited system resource. Most existing approaches perform abnormal flow detection at one measurement point, while they cause large computation and memory overhead for recovering abnormal flows. In this paper, we propose a novel data streaming method that supports accurate abnormal flow detection with a low memory requirement. The key idea of our method is that each monitor compresses flow information to summary data structure, sends the generated data structure to the controller; then the controller aggregates the received data structures, recovers candidates of abnormal flows and estimates their size and change to find abnormal flows on the basis of the aggregated data structure. The experimental results based on real network traffic show that the proposed approach can detect up to 97% of abnormal flows with low memory and update requirements in comparison with related approaches.</p>","PeriodicalId":14154,"journal":{"name":"International Journal of Network Management","volume":"33 6","pages":""},"PeriodicalIF":1.5,"publicationDate":"2023-03-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"49543274","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Sandeep Kumar Arora, Gulshan Kumar, Mustapha Hedabou, El Mehdi Amhoud, Celestine Iwendi
A decentralized application runs on the blockchain network without the intervention of a central authority. Transparency in transactions and security in vehicular networks are the issues for central systems. The proposed system uses blockchain-based smart contracts, which eliminate the requirement for any third-party verification. Additionally, with signature verification and reduced overhead, smart contracts also help in a fast and secure transaction. This study suggests a trust-based system paradigm where certificate authority (CA) is employed for vehicle registration. We also propose a blockchain-based system that provides efficient two-way authentication and key agreement through encryption and digital signatures. The analysis of the proposed model reveals that it is an efficient way of establishing distributed trust management, which helps in preserving vehicle privacy. The proposed scheme is tested in Automated Validation of Internet Security-sensitive Protocols (AVISPA), and security parameters verification in Network Simulator 2(NS2) also shows that the proposed scheme is more effective in comparison with existing schemes in terms of authentication cost, storage cost, and overhead.
{"title":"Blockchain-inspired lightweight trust-based system in vehicular networks","authors":"Sandeep Kumar Arora, Gulshan Kumar, Mustapha Hedabou, El Mehdi Amhoud, Celestine Iwendi","doi":"10.1002/nem.2226","DOIUrl":"10.1002/nem.2226","url":null,"abstract":"<p>A decentralized application runs on the blockchain network without the intervention of a central authority. Transparency in transactions and security in vehicular networks are the issues for central systems. The proposed system uses blockchain-based smart contracts, which eliminate the requirement for any third-party verification. Additionally, with signature verification and reduced overhead, smart contracts also help in a fast and secure transaction. This study suggests a trust-based system paradigm where certificate authority (CA) is employed for vehicle registration. We also propose a blockchain-based system that provides efficient two-way authentication and key agreement through encryption and digital signatures. The analysis of the proposed model reveals that it is an efficient way of establishing distributed trust management, which helps in preserving vehicle privacy. The proposed scheme is tested in Automated Validation of Internet Security-sensitive Protocols (AVISPA), and security parameters verification in Network Simulator 2(NS2) also shows that the proposed scheme is more effective in comparison with existing schemes in terms of authentication cost, storage cost, and overhead.</p>","PeriodicalId":14154,"journal":{"name":"International Journal of Network Management","volume":"33 5","pages":""},"PeriodicalIF":1.5,"publicationDate":"2023-03-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1002/nem.2226","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"42598057","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Wenjun Song, Mengqi Liu, Thar Baker, Qikun Zhang, Yu-an Tan
� �
Federated learning (FL) is widely used in internet of things (IoT) scenarios such as health research, automotive autopilot, and smart home systems. In the process of model training of FL, each round of model training requires rigorous decryption training and encryption uploading steps. The efficiency of FL is seriously affected by frequent encryption and decryption operations. A scheme of key computation and key management with high efficiency is urgently needed. Therefore, we propose a group key agreement technique to keep private information and confidential data from being leaked, which is used to encrypt and decrypt the transmitted data among IoT terminals. The key agreement scheme includes hidden attribute authentication, multipolicy access, and ciphertext storage. Key agreement is designed with edge-cloud collaborative network architecture. Firstly, the terminal generates its own public and private keys through the key algorithm then confirms the authenticity and mapping relationship of its private and public keys to the cloud server. Secondly, IoT terminals can confirm their cryptographic attributes to the cloud and obtain the permissions corresponding to each attribute by encrypting the attributes. The terminal uses these permissions to encrypt the FL model parameters and uploads the secret parameters to the edge server. Through the storage of the edge server, these ciphertext decryption parameters are shared with the other terminal models of FL. Finally, other terminal models are trained by downloading and decrypting the shared model parameters for the purpose of FL. The performance analysis shows that this model has a better performance in computational complexity and computational time compared with the cited literature.
{"title":"A group key exchange and secure data sharing based on privacy protection for federated learning in edge-cloud collaborative computing environment","authors":"Wenjun Song, Mengqi Liu, Thar Baker, Qikun Zhang, Yu-an Tan","doi":"10.1002/nem.2225","DOIUrl":"10.1002/nem.2225","url":null,"abstract":"<div>\u0000 \u0000 <p>Federated learning (FL) is widely used in internet of things (IoT) scenarios such as health research, automotive autopilot, and smart home systems. In the process of model training of FL, each round of model training requires rigorous decryption training and encryption uploading steps. The efficiency of FL is seriously affected by frequent encryption and decryption operations. A scheme of key computation and key management with high efficiency is urgently needed. Therefore, we propose a group key agreement technique to keep private information and confidential data from being leaked, which is used to encrypt and decrypt the transmitted data among IoT terminals. The key agreement scheme includes hidden attribute authentication, multipolicy access, and ciphertext storage. Key agreement is designed with edge-cloud collaborative network architecture. Firstly, the terminal generates its own public and private keys through the key algorithm then confirms the authenticity and mapping relationship of its private and public keys to the cloud server. Secondly, IoT terminals can confirm their cryptographic attributes to the cloud and obtain the permissions corresponding to each attribute by encrypting the attributes. The terminal uses these permissions to encrypt the FL model parameters and uploads the secret parameters to the edge server. Through the storage of the edge server, these ciphertext decryption parameters are shared with the other terminal models of FL. Finally, other terminal models are trained by downloading and decrypting the shared model parameters for the purpose of FL. The performance analysis shows that this model has a better performance in computational complexity and computational time compared with the cited literature.</p>\u0000 </div>","PeriodicalId":14154,"journal":{"name":"International Journal of Network Management","volume":"33 5","pages":""},"PeriodicalIF":1.5,"publicationDate":"2023-03-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"46857570","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
扫码关注我们
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号