Journal of Network and Systems Management最新文献

For performing various predictive analytics tasks for real-time mission-critical applications, Federated Learning (FL) have emerged as the go-to machine learning paradigm for its ability to leverage perform machine learning workloads on resource-constrained edge devices. For such FL applications working under stringent deadlines, the overall local training time needs to be minimized, which consists of the retrieval delay, i.e., the delay in fetching the data from the IoT devices to the FL clients as well as the time consumed in training the local models. Since the latter component is mostly uniform among the FL clients, we have to minimize the retrieval delay to reduce the local training time. To that end, we formulate the Client Assignment Problem (CAP) as an intelligent assignment of selected IoT devices to each FL client such that the FL client may retrieve training data from these IoT devices with minimal retrieval delay. CAP must perform assignments for each FL client considering its relative distances from each IoT device such that each FL client does not experience an arbitrarily large retrieval delay in fetching data from a remotely placed IoT device. We prove that CAP is NP-Hard, and as such, obtaining a polynomial time solution to CAP is infeasible. To deal with the challenges faced by such heuristics approaches, we propose Deep Reinforcement Learning-based algorithms to produce near-optimal solution to CAP. We demonstrate that our algorithms outperform the state of the art in reducing the local training time, while producing a near-optimal solution.

Internet of Things (IoT) allows distinct elements of an environment to be remotely monitored using existing network infrastructures, creating a prominent integration of disparate computing systems. Such an integration commonly results in efficient data collection and processing. Indeed, the adoption of IoT can improve communication in gathering and transmitting data, especially in locations that deal with connectivity challenges. For instance, hospitals have adopted IoT to collect and transmit patient data to health professionals, as critical patients must be monitored uninterruptedly. As a consequence, healthcare systems typically require high availability, in which connectivity is essential for critical medical decisions. Some works have conceived techniques to assess the availability of Internet of Medical Things (IoMT) systems, but the joint assessment of performance and availability is generally neglected. This paper presents a modeling approach based on stochastic Petri nets (SPN) and reliability block diagrams (RBD) to evaluate IoMT systems. The proposed technique evaluates availability and response time of the communication between devices in an IoMT architecture. Experimental results show the practical feasibility of the proposed approach, in which a sensitivity analysis is adopted to indicate the components with the most significant impact on the system operation. Our approach contributes to the state of the art as an additional technique to evaluate different system designs before modifying or implementing the real system or a prototype.

Software-defined Networking (SDN) is a modern network management paradigm that decouples the data and control planes. The centralized control plane offers comprehensive control and orchestration over the network infrastructure. Although SDN provides better control over traffic flow, ensuring network security and service availability remains challenging. This paper presents an anomaly-based intrusion detection system (IDS) for monitoring and securing SDN networks. The system utilizes deep learning models to identify anomalous traffic behavior. When an anomaly is detected, a mitigation module blocks suspicious communications and restores the network to its normal state. Three versions of the proposed solution were implemented and compared: the traditional Generative Adversarial Network (GAN), Deep Convolutional GAN (DCGAN), and Wasserstein GAN with Gradient Penalty (WGAN-GP). These models were incorporated into the system’s detection structure and tested on two benchmark datasets. The first is emulated, and the second is the well-known CICDDoS2019 dataset. The results indicate that the IDS adequately identified potential threats, regardless of the deep learning algorithm. Although the traditional GAN is a simpler model, it could still efficiently detect when the network was under attack and was considerably faster than the other models. Additionally, the employed mitigation strategy successfully dropped over 89% of anomalous flows in the emulated dataset and over 99% in the public dataset, preventing the effects of the threats from being accentuated and jeopardizing the proper functioning of the SDN network.

As a result of the rapid advancement of technology, the Internet of Things (IoT) has emerged as an essential research question, capable of collecting and sending data through a network between linked items without the need for human interaction. However, these interconnected devices often encounter challenges related to data security, encompassing aspects of confidentiality, integrity, availability, authentication, and privacy, particularly when facing potential intruders. Addressing this concern, our study propose a novel host-based intrusion detection system grounded in machine learning. Our approach incorporates a feature selection (FS) technique based on the correlation between features and a ranking function utilizing Support Vector Machine (SVM). The experimentation, conducted on the NSL-KDD dataset, demonstrates the efficacy of our methodology. The results showcase superiority over comparable approaches in both binary and multi-class classification scenarios, achieving remarkable accuracy rates of 99.094% and 99.11%, respectively. This underscores the potential of our proposed system in enhancing security measures for IoT devices.

Rapid development and deployment of VANET necessitate solutions to support its safe applications. One of the major threats to VANET is the Sybil attack that uses numerous fake identities to spread misleading information around the network, resulting in traffic jams, accidents, and theft. Most of the existing solutions to Sybil attacks in VANET concentrate mainly on detecting the presence of Sybil attacks and identifying the virtual Sybil nodes. Though solutions exist to detect the Sybil attacker node, the attack scenarios where multiple Sybil attackers generate the Sybil nodes collaboratively persist as a research gap that needs to be addressed effectively. In this paper, we concentrate on detecting multiple Sybil attackers and the Sybil nodes generated in VANET using a decentralized, distance-based strategy. Despite the performance verification of the proposed technique using simulation, in this paper, we evaluate it in a real-time test-bed environment of VANET to verify its practical applicability.

Cloud computing has become the most popular distributed paradigm with massive computing resources and a large data storage capacity to run large-scale scientific workflow applications without the need to own any infrastructure. Scheduling workflows in a distributed system is a well-known NP-complete problem, which has become even more challenging with a dynamic and heterogeneous pool of resources in a cloud computing platform. The aim of this work is to design efficient and effective scheduling algorithms for multi-objective optimization of large-scale scientific workflows in cloud environments. We propose two novel genetic algorithm (GA)-based scheduling algorithms to assign workflow tasks to different cloud resources in order to simultaneously optimize makespan, monetary cost, and energy consumption. One is multi-objective optimization for makespan, cost and energy (MOMCE), which combines the strengths of two widely adopted solutions, genetic algorithm and particle swarm optimization, for multi-objective optimization problems. The other is pareto dominance for makespan, cost and energy (PDMCE), which is based on genetic algorithm and non-dominated solutions to achieve a better convergence and a uniform distribution of the approximate Pareto front. The proposed solutions are evaluated by an extensive set of different workflow applications and cloud environments, and compared with other existing methods in the literature to show the performance stability and superiority. We also conduct performance evaluation and comparison between MOMCE and PDMCE for different criteria.

Intelligent software-defined network (SDN) in unmanned aerial vehicles (UAVs) is an emerging research area to enhance UAV communication networks’ performance, security, and efficiency. By incorporating artificial intelligence (AI) and machine learning (ML) algorithms, SDN-based UAV networks enable real-time decision-making, proactive network management, and dynamic resource allocation. These advancements improve network performance, reduce latency, and enhance network efficiency. Moreover, AI-based security mechanisms can swiftly detect and mitigate potential threats, bolstering UAV networks’ overall security. Integrating intelligent SDN in UAVs holds tremendous potential for revolutionizing the UAV communication and networking field. This paper comprehensively discusses the solutions available for UAV-based intelligent SDNs. It provides an in-depth exploration of UAVs and SDNs and presents a comprehensive analysis of the evolution from traditional networking environments to UAV-based SDN environments. Our research primarily focuses on UAV communication’s performance, security, latency, and efficiency. It includes a taxonomy, comparison, and analysis of existing ML solutions specifically designed for UAV-based SDNs.

Network traffic analysis is essential for enhancing network security and management. Integrating Machine Learning and Explainable Artificial Intelligence (XAI) offers a promising avenue for exploring darknet traffic. XAI’s integration into security domains paves the way to enriching our understanding of network traffic patterns and extracting valuable insights for security purposes. This investigation delves into the intricacies of darknet traffic classification by analyzing the datasets ISCXTor2016 and CIC-Darknet2020. By employing XAI techniques, we identify the most crucial features for accurate network traffic categorization. We conduct an in-depth analysis of darknet traffic models by utilizing explainable tools such as SHAP, LIME, Permutation Importance, and Counterfactual Explanations. Our experimental results highlight Protocol as the crucial factor in the ISXCTor2016 traffic classification, Source Port in the ISCXTor2016 application identification, and IdleMax in the CIC-Darknet2020 traffic classification. Additionally, our analysis encompassed the extraction of Cyber Threat Intelligence from the IP addresses within the network traffic. We explored the prevalent malware types and discerned specific targeted countries. Furthermore, a comprehensive exploration was conducted on the sophisticated attack techniques employed by adversaries. Our analysis identified T1071 as a frequently employed attack technique in which adversaries utilize OSI application layer protocols to communicate, strategically evading detection and network filtering measures.

With the advent of 5G and beyond, the mobile network operator is integrated with edge computing capabilities along with the cloud. This paradigm requires the application at UE to consist of multiple microservices that are appropriately placed at the edge/cloud with dynamic relocation to enhance the overall Quality of Service (QoS) of the application. In this work, a Microservice-Scheduler is developed to dynamically relocate an application’s microservices between the edge and cloud server. The relocation decision is based on the CPU utilization of the edge server. The developed Microservice-Scheduler is integrated in ETSI compliant 5G testbed. The deployment is evaluated by analyzing the different scenarios obtained while monitoring the completion time of the microservices. It is observed that in the majority of scenarios, relocating microservices between the edge and cloud server outperforms the edge-only and cloud-only approaches. In addition, the dynamic relocation mechanism aids in better utilization of the resources while enhancing the overall QoS of the application’s microservices.

Wireless energy transfer (WET) technology has been proven to mitigate the energy shortage challenge faced by the Internet of Things (IoT), which encompasses sensor networks. Exploiting a Mobile Charger (MC) to energize critical sensors provides a new dimension to maintain continual network operations. Still, existing solutions are not robust as they suffer from high charging delays at the sensor end due to inefficient scheduling. Moreover, charging efficiency is degraded in those schemes due to fixed charging thresholds and ignoring scheduling feasibility conditions. Thus, intelligent scheduling for an MC is needed based on decision-making through multiple network performance-affecting attributes, but blending multiple attributes together for wise scheduling decision-making remains challenging, which is overlooked in previous research. Fortunately, Multi-Criteria Decision Making (MCDM) is best-fit herein for considering numerous attributes and picking the most suitable sensor node to charge next. To this end, we have proposed solving the scheduling problem by combining two MCDM techniques, i.e., Combinative Distance Based Assessment (CODAS) and the Best Worst Method (BWM). The attributes used for the decision are the distance to MC, energy consumption rate, the remaining energy of nodes, and neighborhood criticality. The relative weights of all considered network attributes are calculated by BWM, which is followed by CODAS to select the most appropriate node to be charged next. To make the scheme more realistic and practical in time-critical applications, the dynamic threshold of nodes is calculated along with formulation scheduling feasibility conditions. Simulation results demonstrate the efficiency of the proposed scheme over the competing approaches on various performance parameters.