Journal of Network and Systems Management最新文献

Abstract

The upcoming sixth generation (6 G) networks present significant security challenges due to the growing demand for virtualization, as indicated by their key performance indicators (KPIs). To ensure communication secrecy in such a distributed network, we propose an intelligent zero trust (ZT) framework that safeguards the radio access network (RAN) from potential threats. Our proposed ZT model is specifically designed to cater to the distributed nature of 6 G networks. It accommodates secrecy modules in various nodes, such as the base station, core network, and cloud, to monitor the network while performing hierarchical and distributed threat detection. This approach enables the distributed modules to work together to efficiently identify and respond to the suspected RAN threats. As a RAN security use case, we address the intrusion detection issues of the 6 G-enabled internet of drones. Our simulation results show the robustness of our ZT framework, which is based on distributed security modules, against potential attacks. The framework exhibits low detection time and low false positives, making it a reliable solution for securing 6 G networks. Furthermore, the ZT model enables the accommodation of secrecy modules in various nodes and provides the needed enhanced security measures in the network.

Industrial control device asset identification is essential to the active defense and situational awareness system for industrial control network security. However, industrial control device asset information is challenging to obtain, and efficient asset detection models and identification methods are urgently needed. Existing active detection techniques send many packets to the system, affecting device operation, while passive identification can only analyze publicly available industrial control data. Based on this problem, we propose an asset identification method including networked industrial control device asset detection, fingerprint feature extraction and classification. The proposed method use TCP SYN semi-networked probing in the asset detection phase to reduce the number of packets sent and remove honeypot device data. The fingerprint feature extraction phase considers the periodicity and long-term stability characteristics of industrial control device and proposes a set of asset fingerprint feature combinations. The classification phase uses an improved decision tree algorithm based on feature weight correction and uses AdaBoost ensemble learning algorithm to strengthen the classification model. The experimental results show that the detection technique proposed by our method has the advantages of high efficiency, low frequency and noise immunity.

Wireless Sensor Networks (WSNs) play a critical role in the Internet of Things by collecting information for real-world applications such as healthcare, agriculture, and smart cities. These networks consist of low-resource sensors that produce streaming data requiring online processing. However, since data outliers can occur, it’s important to identify and classify them as errors or events using outlier detection and classification techniques. In this paper, we propose a new and enhanced approach for online outlier detection and classification in WSNs. Our approach is titled SA-O²DCA for Seasonal Adapted Online Outlier Detection and Classification Approach. SA-O²DCA, combines the benefits of the K-means algorithm for clustering, the Iforest algorithm for outlier detection and the Newton interpolation to classify the outliers. We evaluate our approach against other works in literature using multivariate datasets. The simulation results, which encompass the assessment of our proposed approach using a combination of synthetic and real-life multivariate datasets, reveal that SA-O²DCA is stable with fewer training models number and outperforms other works on various metrics, including Detection Rate, False Alarm Rate, and Accuracy Rate. Furthermore, our enhanced approach is suitable for working with seasonal real-life applications as it can dynamically change the Training Model at the end of each season period.

In order to prevent the overloading, the routing algorithm aids in building productive paths both within and between clusters. When sending information from the source Internet of Things (IoT) device to a Base Station (BS), not all IoT devices are utilized in the path. We introduced an energy aware cluster-based routing in this paper, in which Improved Fuzzy C-means (IFCM) model plays a major role in clustering initially. Meanwhile, the clustering procedure considers the factors like energy and distance. Subsequent to the clustering process, optimal routing will be takes place by a new hybrid optimization algorithm named Custom Honey Badger and Coot Optimization (CHBCO) that combines the models like Honey badger optimization and Coot optimization model, respectively. For routing, the model considers the constraints like Energy as well as link quality. Also, this model establishes the fault tolerance method, which ensures that the network will continue to operate normally even in the situation of a Cluster Head (CH) failure. During this, the cluster members switch to another CH. The performance of proposed CHBCO based routing model is compared over existing models with respect to convergence rate, distance evaluation, energy, alive nodes, distance, normalized energy and link quality under various scenarios.

The smart home is one of the most significant applications of Internet of Things (IoT). Smart home is basically the combination of different components like devices, hub, cloud, and smart apps. These components may often be vulnerable, and most likely to be exploited by attackers. Being the main link among all the components to establish communication, the compromised smart apps are the most threatening to smart home security. The existing surveys covers vulnerabilities and issues of smart homes and its components in various perspectives. Still, there is a gap to understand and organize the smart apps, security issues and their impact on smart homes and its stakeholders. The paper presents a systematic literature review on the smart apps related vulnerabilities, their possible threats and current state of the art of the available security mechanisms. In our survey we observed that currently research focuses on rules interaction and access control issue. The conclusive findings reveal the fact that available security mechanisms are not widely applicable and incur overheads to developers and users. The critical review of pertinent literature shows that these mechanisms are not enough to address the issues effectively. Therefore, a generalized and robust solution is essentially required to tackle the issues at their origin. We summarized the insights of our SLR, highlighting current scenario and future directions of research in this domain.

Serverless computing offers people with the liberty of not thinking about the backend side of the things in an application development. They are scalable and cost efficient as they provide pay-for-use service. Providing acceptable performance while having no knowledge about the kind of application is the main challenge the cloud providers have. Many applications may have the need to be completed before the deadline. In that case, the request has to be completed before the deadline or else it will lead to service level agreement violation. If the cloud provider completes the requests faster, there would be less SLA violations. This will also reduce cost for the user as the functions will be completed sooner. Therefore, improving the completion time of the requests will benefit the user as well as the provider. In this paper, we present a method to improve the completion time of requests using genetic algorithm for allocation of requests to virtual machines that could provide optimal completion time for them.

In the Internet of Things (IoT), semantic IoT platforms are often used to solve the challenges associated with the real-time integration of heterogeneous IoT sensor data, domain knowledge and context information. Existing platforms mostly have a static distribution and configuration of queries deployed on the platform’s stream processing components. In contrast, the environmental context in which queries are deployed has a very dynamic nature: real-world set-ups involve varying tasks, device resource usage, networking conditions, etc. To solve this mismatch, this paper presents DIVIDE, an IoT platform component built on Semantic Web technologies. DIVIDE has a generic design containing multiple subcomponents that monitor the environment across a cascading architecture. By monitoring the use case context, DIVIDE adaptively derives the appropriate stream processing queries in a context-aware way. Using a Local Monitor deployed on edge devices, situational context parameters are measured and aggregated. The Meta Model allows modeling these measurements, and meta-information about devices and deployed stream processing queries. Through the definition of application-specific Global Monitor queries that are continuously evaluated centrally on the Meta Model, end users can dynamically configure how the situational context should influence the window parameter configuration and distribution of queries in the network. The paper evaluates a first implementation of DIVIDE on a homecare monitoring use case. The results show how DIVIDE can successfully adapt to varying device and networking conditions, taking into account the use case requirements. This way, DIVIDE allows better balancing use case specific trade-offs and achieves more efficient stream processing.

Federated learning (FL) allows multiple nodes or clients to train a model collaboratively without actual sharing of data. Thus, FL avoids data privacy leakage by keeping the data locally at the clients. Fog computing is a natural fit for decentralized FL where local training can take place at fog nodes using the data of connected Internet of Things (IoT) or edge devices. A cloud-based node can act as the server for global model updates. Although FL has been utilized in fog and edge computing for a few applications, its efficacy has been demonstrated majorly for independent and identically distributed (IID) data. However, real-world IoT applications are generally time-series (TS) data and non-IID. Since there has not been any significant effort towards using FL for non-IID time-series data, this paper presents a fog-based decentralized methodology for time series forecasting utilizing Federated Learning. The efficacy of the proposed methodology for the non-IID data is evaluated using a FL framework Flower. It is observed that the FL based TS forecasting performs at par with a centralized method for the same and yields promising results even when the data exhibits quantity skew. Additionally, the FL based method does not require sharing of data and hence, decreases the network load and preserves client privacy.

Abstract

Software-Defined Networking (SDN) is characterized by a high level of programmability and offers a rich set of capabilities for network management operations. Network intelligence is centralized in the controller, which is responsible for updating the routing policies according to the applications’ requirements. To further enhance such capabilities, the controller has to be endowed with intelligence by integrating Artificial Intelligence (AI) tools in order to provide the controller the ability to autonomously reconfigure the network in a timely way. In this paper, we address the deployment of a Q-learning algorithm for the routing optimization problem in terms of latency minimization. Using a direct modeling approach of the multi-path flow-routing problem, we delve deeper into the impact of the exploration-exploitation strategies on the algorithm’s performance. Furthermore, we propose a couple of improvements to the Q-Learning algorithm to enhance its performance within the considered environment. On the one hand, we integrate a congestion-avoidance mechanism in the exploration phase, which leads to effective improvements in the algorithm’s performance with regard to average latency, convergence time, and computation time. On the other hand, we propose to implement a novel strategy based on the Max-Boltzman Exploration method (MBE), which is a combination of the traditional (varepsilon) - greedy and softmax strategies. The results show that, for an appropriate tuning of the hyperparameters, the MBE strategy combined with the congestion-avoidance mechanism performs better than the (varepsilon) -greedy, (varepsilon) -decay, and Softmax strategies in terms of average latency, convergence time, and computation time.

With the development of 5G technologies and the implementation of EN-DC architecture in heterogeneous networks, managing Physical Cell Identity (PCI) has become increasingly complex. EN-DC, facilitating the coexistence of eNBs and gNBs, creates a densely populated environment that heightens the risk of PCI collisions and confusions. This study introduces a novel hybrid approach to PCI configuration in EN-DC networks, integrating centralized and distributed strategies. By organizing the network into clusters and employing newly introduced algorithms, Symmetrical Comparison (SC) and Symmetrical Triangular Cycling (STC), the method efficiently identifies and resolves PCI confusions. Simulations were conducted to evaluate the effectiveness of the proposed model under various scenarios, revealing its proficiency in preventing PCI confusion and (mod 30) collisions. The results underscore the critical role of PCI pool size and offer insights into network planning and optimization. Despite some challenges in handling specific collisions, such as (mod 3) and (mod 4), the study suggests that incorporating reinforcement learning techniques could provide more adaptive solutions, laying the foundation for future research in this area. The research contributes to the evolving landscape of 5G EN-DC networks, emphasizing the importance of intelligent design and meticulous planning in network management.