Journal of Network and Systems Management最新文献

The rapid growth of Internet of Things (IoT) technologies led to an increase in the demand of connected devices around the world. Today, these devices are integrated in several applications and solutions. Therefore, providing a smooth and simple approach for their integration is essential to extend their popularity and wide adaptation. However, there is a high level of complexity to be considered especially when it comes to wireless communication and deployment to the field. These devices are deployed part of wireless sensor networks, which increase the complexity of their operation and integration. In this paper, we focus on the integration of IoT devices in wireless networks for smart home applications. We present an overview of the challenges in designing and developing the firmware. As well, we suggest several testing use-cases to verify that the firmware we are deploying is stable and ready to be introduced to the market. Also, we consider some diagnostic metrics to identify the issues that could degrade the functionality of the devices. Finally, we propose an algorithmic approach based on Fuzzy Logic to improve the integration of IoT devices into the wireless sensor networks using intelligent decision-making techniques to mitigate the challenges and deployment limitations.

The Internet of Things (IoT) is omnipresent, exposing a large number of devices that often lack security controls to the public Internet. In the modern world, many everyday processes depend on these devices, and their service outage could lead to catastrophic consequences. There are many Deep Packet Inspection (DPI) based intrusion detection systems (IDS). However, their linear computational complexity induced by the event-driven nature poses a power-demanding obstacle in resource-constrained IoT environments. In this paper, we shift away from the traditional IDS as we introduce a novel and lightweight framework, relying on a time-driven algorithm to detect Distributed Denial of Service (DDoS) attacks by employing Machine Learning (ML) algorithms leveraging the newly engineered features containing system and network utilization information. These features are periodically generated, and there are only ten of them, resulting in a low and constant algorithmic complexity. Moreover, we leverage IoT-specific patterns to detect malicious traffic as we argue that each Denial of Service (DoS) attack leaves a unique fingerprint in the proposed set of features. We construct a dataset by launching some of the most prevalent DoS attacks against an IoT device, and we demonstrate the effectiveness of our approach with high accuracy. The results show that standalone IoT devices can detect and classify DoS and, therefore, arguably, DDoS attacks against them at a low computational cost with a deterministic delay.

Competing service providers in the cloud environment ensure services are delivered under the promised security requirements. It is crucial for mobile services where user’s movement results in the service’s migration between edge servers or clouds in the Continuum. Maintaining service sovereignty before, during, and after the migration is a real challenge, especially when the service provider has committed to ensuring its quality following the Service Level Agreement. In this paper, we present the main challenges mobile service providers face in a cloud environment to guarantee the required level of security and digital sovereignty as described in the Security Service Level Agreement, with emphasis on challenges resulting from the service migration between the old and new locations. We present the security and sovereignty context intended for migration and the steps of the migration algorithm. We also analyze three specific service migration cases for three vertical industries with different service quality requirements.

Integrating Software-Defined Networking (SDN) with the Internet of Things (IoT) simplifies the management of IoT devices; however, it introduces security challenges. Adversaries may manipulate forwarding rules to redirect communication, compromising user security. Additionally, the centralized nature of SDN-enabled IoT networks poses a single point of failure during master controller failure. To address these issues, we present SDBlock-IoT, a distributed SDN architecture based on blockchain technology. This ensures increased resiliency in the event of master controller failure. Our proposed model considers response time and resource utilization of equal controllers, ensuring the most suitable controller assumes the role of master controller. We enhance the integrity of OpenFlow forwarding rules through the Smart Agent and SC, which validate whether a flow is registered on the blockchain or not. The Smart Agent verifies forwarding rules for every new flow request. We conducted experiments on hardware SDN switches using a Ryu OpenFlow controller and a private blockchain, demonstrating the effectiveness of our approach. Evaluation results indicate that SDBlock-IoT outperforms existing solutions in terms of flow verification time, controller recovery time, CPU utilization, and transaction costs.

Proprietary communication technologies for time-critical communication in industrial environments are being gradually replaced by Time-sensitive Networking (TSN)-enabled Ethernet. Furthermore, attempts have been made to bring TSN features into wireless networks so that the flexibility of wireless networks can be utilized, and the end-to-end timings for Time-Triggered (TT) streams can be guaranteed. Given a mixed wired-wireless network, the scheduling problem should be solved for a set of TT stream requests. In this paper, we formulate the no-wait scheduling problem for mixed wired-wireless networks as a Mixed Integer Linear Programming (MILP) model with the objective of minimizing the flowspan. We also propose a relaxation of the original MILP in the form of a 2-stage MILP formulation. Next, a scalable approach based on the greedy heuristic is proposed to solve the problem for realistic-size networks. Evaluation results show that the greedy heuristic is suitable for realistic problem sizes where the MILP-based approach is found to be practically infeasible. Furthermore, the impact of wireless requests on the performance of the greedy heuristic is reported.