Pub Date : 2020-11-16DOI: 10.1109/LCN48667.2020.9314856
Kashif Naveed, Hui Wu, Abdullah Abusaq
IoT devices are becoming ubiquitous and the availability of open-source botnets has made it very easy for anyone to attack and manipulate such connected devices and even infect them. These anomalies are getting sophisticated and powerful enough to generate network traffic at terabits per second (Tbps) and cost companies over a billion dollars a year. We present a novel technique, named Dytokinesis, to separate such anomalous entities. Dytokinesis is inspired by the biological Cytokinesis process in which a cell is divided into two. Dytokinesis, on a similar pattern, performs such a division on a dataset with high accuracy and low latency. Dytokinesis works in different phases and makes use of Empirical Data Analysis (EDA) and Gaussian kernel to bisect the dataset into normal and anomalous classes. Experimental results demonstrate that Dytokinesis obtains significantly higher accuracy compared to other state-of-the-art techniques while achieving the best run-time performance.
{"title":"Dytokinesis: A Cytokinesis-Inspired Anomaly Detection Technique for IoT Devices","authors":"Kashif Naveed, Hui Wu, Abdullah Abusaq","doi":"10.1109/LCN48667.2020.9314856","DOIUrl":"https://doi.org/10.1109/LCN48667.2020.9314856","url":null,"abstract":"IoT devices are becoming ubiquitous and the availability of open-source botnets has made it very easy for anyone to attack and manipulate such connected devices and even infect them. These anomalies are getting sophisticated and powerful enough to generate network traffic at terabits per second (Tbps) and cost companies over a billion dollars a year. We present a novel technique, named Dytokinesis, to separate such anomalous entities. Dytokinesis is inspired by the biological Cytokinesis process in which a cell is divided into two. Dytokinesis, on a similar pattern, performs such a division on a dataset with high accuracy and low latency. Dytokinesis works in different phases and makes use of Empirical Data Analysis (EDA) and Gaussian kernel to bisect the dataset into normal and anomalous classes. Experimental results demonstrate that Dytokinesis obtains significantly higher accuracy compared to other state-of-the-art techniques while achieving the best run-time performance.","PeriodicalId":245782,"journal":{"name":"2020 IEEE 45th Conference on Local Computer Networks (LCN)","volume":"34 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-11-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131941152","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-11-16DOI: 10.1109/lcn48667.2020.9314843
{"title":"List of Accepted Demonstrations","authors":"","doi":"10.1109/lcn48667.2020.9314843","DOIUrl":"https://doi.org/10.1109/lcn48667.2020.9314843","url":null,"abstract":"","PeriodicalId":245782,"journal":{"name":"2020 IEEE 45th Conference on Local Computer Networks (LCN)","volume":"2 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-11-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133567256","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Named Data Networking is a promising Future Internet Architecture, where consumers fetch contents from the network using unique names. It has in-built security features like data integrity, and data origin authentication as contents are signed by the original producer. Though, NDN’s stateful forwarding plane helps to remove some of the existing DDoS attacks in the current IP architecture, still it can face one specific kind of attack called Interest flooding attack (IFA). In this paper, we focus on one variant of IFA where malicious consumers and malicious producers collaboratively launch an attack to degrade the QoS of legitimate consumers. Here we have shown how attackers can intelligently fix the Interest sending rate so that attack goes undetected easily. Simulation results demonstrate that with proper placement of malicious consumers and producers, the attackers can successfully launch the attack with moderate traffic and less number of malicious consumers.
{"title":"SCAN: Smart Collaborative Attack in Named Data Networking","authors":"Madhurima Buragohain, Chinmoy Jyoti Kathar, Chinmoy Kachari, S. Nandi, Sukumar Nandi","doi":"10.1109/LCN48667.2020.9314807","DOIUrl":"https://doi.org/10.1109/LCN48667.2020.9314807","url":null,"abstract":"Named Data Networking is a promising Future Internet Architecture, where consumers fetch contents from the network using unique names. It has in-built security features like data integrity, and data origin authentication as contents are signed by the original producer. Though, NDN’s stateful forwarding plane helps to remove some of the existing DDoS attacks in the current IP architecture, still it can face one specific kind of attack called Interest flooding attack (IFA). In this paper, we focus on one variant of IFA where malicious consumers and malicious producers collaboratively launch an attack to degrade the QoS of legitimate consumers. Here we have shown how attackers can intelligently fix the Interest sending rate so that attack goes undetected easily. Simulation results demonstrate that with proper placement of malicious consumers and producers, the attackers can successfully launch the attack with moderate traffic and less number of malicious consumers.","PeriodicalId":245782,"journal":{"name":"2020 IEEE 45th Conference on Local Computer Networks (LCN)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-11-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131065327","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-11-16DOI: 10.1109/LCN48667.2020.9314793
Fabian Marquardt, Christopher Schmidt
Comprehensive domain lists are a requirement for many Internet measurement studies. Currently, researchers rely on proprietary lists such as the Alexa top list. Recent research has identified many problems with the existing domain lists. Our work proposes Certificate Transparency (CT) logs as an alternative domain list source for use in internet measurement studies. We describe the process of deriving a domain list from available CT log servers and analyze the gathered domain list. Furthermore, we compare the CT domain list with existing domain top lists by scanning the gathered domains for various web application technologies. Our results indicate a high level of similarity between the lists, but also interesting differences.
{"title":"Don’t Stop at the Top: Using Certificate Transparency Logs to Extend Domain Lists for Web Security Studies","authors":"Fabian Marquardt, Christopher Schmidt","doi":"10.1109/LCN48667.2020.9314793","DOIUrl":"https://doi.org/10.1109/LCN48667.2020.9314793","url":null,"abstract":"Comprehensive domain lists are a requirement for many Internet measurement studies. Currently, researchers rely on proprietary lists such as the Alexa top list. Recent research has identified many problems with the existing domain lists. Our work proposes Certificate Transparency (CT) logs as an alternative domain list source for use in internet measurement studies. We describe the process of deriving a domain list from available CT log servers and analyze the gathered domain list. Furthermore, we compare the CT domain list with existing domain top lists by scanning the gathered domains for various web application technologies. Our results indicate a high level of similarity between the lists, but also interesting differences.","PeriodicalId":245782,"journal":{"name":"2020 IEEE 45th Conference on Local Computer Networks (LCN)","volume":"91 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-11-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114800437","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-11-16DOI: 10.1109/LCN48667.2020.9314834
Bharat Agarwal, Mohammed Amine Togou, M. Ruffini, Gabriel-Miro Muntean
Recently, the use of heterogeneous small-cell networks to offload traffic from existing cellular systems has attracted considerable attention. One of the significant challenges in heterogeneous networks (HetNet) is cross-tier interference, which becomes significant when macro-cell users (MUE) are in the vicinity of femtocell base stations (FBS). Indeed, the femtocell will cause significant interference to MUEs on the macrocell downlink (DL) while MUEs will induce hefty interference to the femtocell on the macrocell uplink (UL). Substantial work has focused on offloading and interference mitigation in HetNets; yet, none of them has considered the impact of cross-tier interference on quality of service (QoS), quality of experience (QoE). This paper proposes the Quality Efficient Femtocell Offloading Scheme (QEFOS) that selects the users most affected by the interference encountered and offloads them to nearby FBSs. QEFOS testing shows substantial improvements in terms of QoS and QoE perceived by users in heavy cross-tier interference scenarios in comparison with alternative approaches. In particular QEFOS’s impact on throughput, packet loss ratio (PLR), peak-to-signal-noise ratio (PSNR), and structural similarity identity matrix (SSIM) was assessed.
{"title":"Mitigating the Impact of Cross-Tier Interference on Quality in Heterogeneous Cellular Networks","authors":"Bharat Agarwal, Mohammed Amine Togou, M. Ruffini, Gabriel-Miro Muntean","doi":"10.1109/LCN48667.2020.9314834","DOIUrl":"https://doi.org/10.1109/LCN48667.2020.9314834","url":null,"abstract":"Recently, the use of heterogeneous small-cell networks to offload traffic from existing cellular systems has attracted considerable attention. One of the significant challenges in heterogeneous networks (HetNet) is cross-tier interference, which becomes significant when macro-cell users (MUE) are in the vicinity of femtocell base stations (FBS). Indeed, the femtocell will cause significant interference to MUEs on the macrocell downlink (DL) while MUEs will induce hefty interference to the femtocell on the macrocell uplink (UL). Substantial work has focused on offloading and interference mitigation in HetNets; yet, none of them has considered the impact of cross-tier interference on quality of service (QoS), quality of experience (QoE). This paper proposes the Quality Efficient Femtocell Offloading Scheme (QEFOS) that selects the users most affected by the interference encountered and offloads them to nearby FBSs. QEFOS testing shows substantial improvements in terms of QoS and QoE perceived by users in heavy cross-tier interference scenarios in comparison with alternative approaches. In particular QEFOS’s impact on throughput, packet loss ratio (PLR), peak-to-signal-noise ratio (PSNR), and structural similarity identity matrix (SSIM) was assessed.","PeriodicalId":245782,"journal":{"name":"2020 IEEE 45th Conference on Local Computer Networks (LCN)","volume":"32 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-11-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121135133","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-11-16DOI: 10.1109/LCN48667.2020.9314854
Tao Li, C. Hofmann, Elke Franz
Software Defined Networking (SDN) is established as a widely used concept in networks and has been introduced into the network architecture of Industrial Internet of Things (IIoT). Adversaries targeting on disrupting the operation of an IIoT system can launch a simple yet effective attack – malicious packet-modification attack (MPA) – that was previously identified in IoT based on wireless sensor networks. To mitigate MPAs, we introduce an approach for secure and reliable data transmission in the presence of such active attackers by utilizing the programmability and flexibility offered by SDN. Our approach ensures that modifications are recognized by IIoT devices. The effectiveness and performance of the proposed solution was evaluated in comprehensive tests by means of a prototypical implementation. The results confirm that malicious forwarding devices can be reliably and quickly identified and, hence, bypassed even if they modify only a portion of the data.
{"title":"Secure and Reliable Data Transmission in SDN-based Backend Networks of Industrial IoT","authors":"Tao Li, C. Hofmann, Elke Franz","doi":"10.1109/LCN48667.2020.9314854","DOIUrl":"https://doi.org/10.1109/LCN48667.2020.9314854","url":null,"abstract":"Software Defined Networking (SDN) is established as a widely used concept in networks and has been introduced into the network architecture of Industrial Internet of Things (IIoT). Adversaries targeting on disrupting the operation of an IIoT system can launch a simple yet effective attack – malicious packet-modification attack (MPA) – that was previously identified in IoT based on wireless sensor networks. To mitigate MPAs, we introduce an approach for secure and reliable data transmission in the presence of such active attackers by utilizing the programmability and flexibility offered by SDN. Our approach ensures that modifications are recognized by IIoT devices. The effectiveness and performance of the proposed solution was evaluated in comprehensive tests by means of a prototypical implementation. The results confirm that malicious forwarding devices can be reliably and quickly identified and, hence, bypassed even if they modify only a portion of the data.","PeriodicalId":245782,"journal":{"name":"2020 IEEE 45th Conference on Local Computer Networks (LCN)","volume":"48 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-11-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123870653","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-11-16DOI: 10.1109/LCN48667.2020.9314858
Jiarui Song, Beibei Li, Yuhao Wu, Yaxin Shi, Aohan Li
The Internet of energy (IoE), envisioned to be a promising paradigm of the Internet of things (IoT), is characterized by the deep integration of various distributed energy systems. However, the fusion of heterogeneous IoE communication networks creates a new threat landscape. To thwart and mitigate various types of cyber threats to IoE networks, this paper proposes a novel intrusion detection system (IDS) based on a designed residual network with attention long short term memory (ReAL). Specifically, we design a light gradient boosting machine (LightGBM)-based feature selection method to identify the most useful features. Then, a residual network (ResNet) and a long short term memory neural network with an attention mechanism (ALSTM) are employed, to extract temporal patterns of network traffic events. After that, these patterns are orchestrated to identify the anomalies in IoE networks. The high effectiveness of the proposed IDS is validated on a real IoE dataset.
{"title":"ReAL: A New ResNet-ALSTM Based Intrusion Detection System for the Internet of Energy","authors":"Jiarui Song, Beibei Li, Yuhao Wu, Yaxin Shi, Aohan Li","doi":"10.1109/LCN48667.2020.9314858","DOIUrl":"https://doi.org/10.1109/LCN48667.2020.9314858","url":null,"abstract":"The Internet of energy (IoE), envisioned to be a promising paradigm of the Internet of things (IoT), is characterized by the deep integration of various distributed energy systems. However, the fusion of heterogeneous IoE communication networks creates a new threat landscape. To thwart and mitigate various types of cyber threats to IoE networks, this paper proposes a novel intrusion detection system (IDS) based on a designed residual network with attention long short term memory (ReAL). Specifically, we design a light gradient boosting machine (LightGBM)-based feature selection method to identify the most useful features. Then, a residual network (ResNet) and a long short term memory neural network with an attention mechanism (ALSTM) are employed, to extract temporal patterns of network traffic events. After that, these patterns are orchestrated to identify the anomalies in IoE networks. The high effectiveness of the proposed IDS is validated on a real IoE dataset.","PeriodicalId":245782,"journal":{"name":"2020 IEEE 45th Conference on Local Computer Networks (LCN)","volume":"17 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-11-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123976346","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-11-16DOI: 10.1109/LCN48667.2020.9314815
Christian Killer, B. Rodrigues, E. Scheid, M. Franco, M. Eck, Nik Zaugg, Alex Scheitlin, B. Stiller
While the existence of Public Bulletin Boards (PBB) is often formulated as an assumption in related work on Remote Electronic Voting (REV) systems, this work here on Provotum focuses on the practical design and architecture of such a PBB, including its distributed execution. Further, Provotum leverages a public permissioned Blockchain (BC) as a PBB, where only authorized entities can sign blocks, while the general public can verify all BC data.Therefore, Provotum defines a new and fully decentralized BC-based REV system, which deploys a permissioned BC as a PBB and allows for the explicit distribution of trust across different permissioned BC nodes. Provotum is operated in a fully distributed fashion by using Smart Contracts (SC), Distributed Key Generation (DKG), Homomorphic Encryption (HE), and Cooperative Decryption (CD), as well as employing client-side encryption, which enables ballot secrecy, while the BC forms an audit trail, enabling public and End-to-end Verifiability (E2E-V).
{"title":"Provotum: A Blockchain-based and End-to-end Verifiable Remote Electronic Voting System","authors":"Christian Killer, B. Rodrigues, E. Scheid, M. Franco, M. Eck, Nik Zaugg, Alex Scheitlin, B. Stiller","doi":"10.1109/LCN48667.2020.9314815","DOIUrl":"https://doi.org/10.1109/LCN48667.2020.9314815","url":null,"abstract":"While the existence of Public Bulletin Boards (PBB) is often formulated as an assumption in related work on Remote Electronic Voting (REV) systems, this work here on Provotum focuses on the practical design and architecture of such a PBB, including its distributed execution. Further, Provotum leverages a public permissioned Blockchain (BC) as a PBB, where only authorized entities can sign blocks, while the general public can verify all BC data.Therefore, Provotum defines a new and fully decentralized BC-based REV system, which deploys a permissioned BC as a PBB and allows for the explicit distribution of trust across different permissioned BC nodes. Provotum is operated in a fully distributed fashion by using Smart Contracts (SC), Distributed Key Generation (DKG), Homomorphic Encryption (HE), and Cooperative Decryption (CD), as well as employing client-side encryption, which enables ballot secrecy, while the BC forms an audit trail, enabling public and End-to-end Verifiability (E2E-V).","PeriodicalId":245782,"journal":{"name":"2020 IEEE 45th Conference on Local Computer Networks (LCN)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-11-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131655568","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-11-16DOI: 10.1109/lcn48667.2020.9314821
{"title":"LCN 2020 Keynote 1 - Do We Still Need Wi-Fi in the Era of 5G?","authors":"","doi":"10.1109/lcn48667.2020.9314821","DOIUrl":"https://doi.org/10.1109/lcn48667.2020.9314821","url":null,"abstract":"","PeriodicalId":245782,"journal":{"name":"2020 IEEE 45th Conference on Local Computer Networks (LCN)","volume":"12 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-11-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132544148","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: