首页 > 最新文献

Journal of Network and Systems Management最新文献

英文 中文
WoS-CoMS: Work Stealing-Based Congestion Management Scheme for SDN Programmable Networks WoS-CoMS:面向 SDN 可编程网络的基于偷工减料的拥塞管理方案
IF 3.6 3区 计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS Pub Date : 2024-01-13 DOI: 10.1007/s10922-023-09798-1
Yannick Florian Yankam, Vianney Kengne Tchendji, Jean Frédéric Myoupo

In recent years, the software-defined networking (SDN) paradigm emerged as an easy way to manage large-scale network infrastructures through programmability brought out and its control plane/data plane decoupling logic. This allows infrastructure and service providers to better deploy, configure and automate their traffic management policies and network equipments. However, congestion control remains a concern due to the evolution of increasingly complex and resource-intensive user requirements [(virtual reality, metaverse, Internet of Things (IoT), Artificial Intelligence (AI), Cloud,...] on network infrastructures. This server state leads to high latency in request processing and data loss. This paper proposes, in such a controller-supervised environment, a congestion management scheme within network service servers to maintain an acceptable quality of service. The strategy relies on work stealing to ensure a better workload balance. Simulations show that the proposed solution can reduce congestion load on the servers by up to 22%, depending on the request grain size, with shorter latency than other works in the literature. Moreover, the proposed solution allows stolen tasks to be completed within a shorter time frame.

近年来,软件定义网络(SDN)范例通过其可编程性及其控制平面/数据平面解耦逻辑,成为管理大规模网络基础设施的简便方法。这使基础设施和服务提供商能够更好地部署、配置和自动化其流量管理策略和网络设备。然而,由于网络基础设施上日益复杂和资源密集型的用户需求(虚拟现实、元宇宙、物联网(IoT)、人工智能(AI)、云计算......)的发展,拥塞控制仍然是一个令人担忧的问题。这种服务器状态会导致请求处理的高延迟和数据丢失。本文提出了在这种控制器监督环境下,网络服务服务器内部的拥塞管理方案,以保持可接受的服务质量。该策略依靠工作偷窃来确保更好的工作负载平衡。仿真结果表明,根据请求粒度的大小,建议的解决方案可将服务器上的拥塞负荷减少 22%,而且与其他文献相比,延迟时间更短。此外,建议的解决方案还能在更短的时间内完成窃取的任务。
{"title":"WoS-CoMS: Work Stealing-Based Congestion Management Scheme for SDN Programmable Networks","authors":"Yannick Florian Yankam, Vianney Kengne Tchendji, Jean Frédéric Myoupo","doi":"10.1007/s10922-023-09798-1","DOIUrl":"https://doi.org/10.1007/s10922-023-09798-1","url":null,"abstract":"<p>In recent years, the software-defined networking (SDN) paradigm emerged as an easy way to manage large-scale network infrastructures through programmability brought out and its control plane/data plane decoupling logic. This allows infrastructure and service providers to better deploy, configure and automate their traffic management policies and network equipments. However, congestion control remains a concern due to the evolution of increasingly complex and resource-intensive user requirements [(virtual reality, metaverse, Internet of Things (IoT), Artificial Intelligence (AI), Cloud,...] on network infrastructures. This server state leads to high latency in request processing and data loss. This paper proposes, in such a controller-supervised environment, a congestion management scheme within network service servers to maintain an acceptable quality of service. The strategy relies on work stealing to ensure a better workload balance. Simulations show that the proposed solution can reduce congestion load on the servers by up to 22%, depending on the request grain size, with shorter latency than other works in the literature. Moreover, the proposed solution allows stolen tasks to be completed within a shorter time frame.</p>","PeriodicalId":50119,"journal":{"name":"Journal of Network and Systems Management","volume":"58 1","pages":""},"PeriodicalIF":3.6,"publicationDate":"2024-01-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"139462706","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Optimal and Efficient Sensor Design for 5G-Based Internet-of-Body Healthcare Monitoring Network 基于 5G 的体联网医疗监控网络的优化和高效传感器设计
IF 3.6 3区 计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS Pub Date : 2024-01-12 DOI: 10.1007/s10922-023-09795-4
Abdelaziz Hamdi, Amina Nahali, Rafik Brahem

The Internet of Body (IoB), a subset of wireless sensor networks, has emerged as a promising technology in the biomedical field. The applications of the IoB, particularly in healthcare and medical applications, have attracted significant attention in recent years. The IoB, also known as a Wireless Body Area Network (WBAN), consists of small sensors placed on the human body, which can collect physiological data and facilitate remote operations such as processing, treatment, assessment and decision-making via the Internet network. This paper presents detailed theoretical and experimental studies on the design of sensors for a 5G-based IoB healthcare monitoring network. The need for efficient and high-performance sensors, in the healthcare industry for enabling continuous monitoring of patient’s health in real-time, is highlighted along this work. In this paper, we propose a novel approach for designing and analyzing the performance of IoB antenna sensors, specifically focusing on channel modeling and power-consumption between wearable wireless sensors. The behavior of the sensors on the human body is studied both theoretically and experimentally for two optimal locations: on the human body waist and on human arm-hand. The results are compared to assess the accuracy of the theoretical model. Despite the complexity of the physiological behavior of the human body, our findings show a good agreement between the theoretical and experimental results. This work provides valuable insights into the design and optimization of IoB/WBANs for real-world medical applications.

体联网(IoB)是无线传感器网络的一个子集,已成为生物医学领域一项前景广阔的技术。近年来,IoB 的应用,尤其是在保健和医疗领域的应用,引起了广泛关注。IoB 又称无线体域网(WBAN),由放置在人体上的小型传感器组成,可以收集生理数据,并通过互联网络方便地进行处理、治疗、评估和决策等远程操作。本文对基于 5G 的物联网医疗监控网络的传感器设计进行了详细的理论和实验研究。本文强调了医疗保健行业对高效、高性能传感器的需求,以实现对病人健康状况的持续实时监测。在本文中,我们提出了一种设计和分析物联网天线传感器性能的新方法,尤其侧重于可穿戴无线传感器之间的信道建模和功耗。通过理论和实验研究了传感器在人体上的两个最佳位置的行为:人体腰部和人体手部。通过比较结果来评估理论模型的准确性。尽管人体生理行为非常复杂,但我们的研究结果表明,理论和实验结果之间存在良好的一致性。这项工作为实际医疗应用中物联网/无线局域网的设计和优化提供了宝贵的见解。
{"title":"Optimal and Efficient Sensor Design for 5G-Based Internet-of-Body Healthcare Monitoring Network","authors":"Abdelaziz Hamdi, Amina Nahali, Rafik Brahem","doi":"10.1007/s10922-023-09795-4","DOIUrl":"https://doi.org/10.1007/s10922-023-09795-4","url":null,"abstract":"<p>The Internet of Body (IoB), a subset of wireless sensor networks, has emerged as a promising technology in the biomedical field. The applications of the IoB, particularly in healthcare and medical applications, have attracted significant attention in recent years. The IoB, also known as a Wireless Body Area Network (WBAN), consists of small sensors placed on the human body, which can collect physiological data and facilitate remote operations such as processing, treatment, assessment and decision-making via the Internet network. This paper presents detailed theoretical and experimental studies on the design of sensors for a 5G-based IoB healthcare monitoring network. The need for efficient and high-performance sensors, in the healthcare industry for enabling continuous monitoring of patient’s health in real-time, is highlighted along this work. In this paper, we propose a novel approach for designing and analyzing the performance of IoB antenna sensors, specifically focusing on channel modeling and power-consumption between wearable wireless sensors. The behavior of the sensors on the human body is studied both theoretically and experimentally for two optimal locations: on the human body waist and on human arm-hand. The results are compared to assess the accuracy of the theoretical model. Despite the complexity of the physiological behavior of the human body, our findings show a good agreement between the theoretical and experimental results. This work provides valuable insights into the design and optimization of IoB/WBANs for real-world medical applications.</p>","PeriodicalId":50119,"journal":{"name":"Journal of Network and Systems Management","volume":"30 1","pages":""},"PeriodicalIF":3.6,"publicationDate":"2024-01-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"139462662","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
C3S-TTP: A Trusted Third Party for Configuration Security in TOSCA-Based Cloud Services C3S-TTP:基于 TOSCA 的云服务配置安全可信第三方
IF 3.6 3区 计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS Pub Date : 2024-01-05 DOI: 10.1007/s10922-023-09792-7
Mohamed Oulaaffart, Rémi Badonnel, Olivier Festor

The large-scale deployment of cloud composite services distributed over heterogeneous environments poses new challenges in terms of security management. In particular, the migration of their resources is facilitated by recent advances in the area of virtualization techniques. This contributes to increase the dynamics of their configuration, and may induce vulnerabilities that could compromise the security of cloud resources, or even of the whole service. In addition, cloud providers may be reluctant to share precise information regarding the configuration of their infrastructures with cloud tenants that build and deploy cloud composite services. This makes the assessment of vulnerabilities difficult to be performed with only a partial view on the overall configuration. We therefore propose in this article an inter-cloud trusted third-party approach, called C3S-TTP, for supporting secure configurations in cloud composite services, more specifically during the migration of their resources. We describe the considered architecture, its main building blocks and their interactions based on an extended version of the TOSCA orchestration language. The trusted third party is capable to perform a precise and exhaustive vulnerability assessment, without requiring the cloud provider and the cloud tenant to share critical configuration information between each other. After designing and formalizing this third party solution, we perform large series of experiments based on a proof-of-concept prototype in order to quantify its benefits and limits.

分布在异构环境中的云复合服务的大规模部署给安全管理带来了新的挑战。特别是,虚拟化技术领域的最新进展促进了资源的迁移。这有助于增加其配置的动态性,并可能诱发可能危及云资源甚至整个服务安全的漏洞。此外,云提供商可能不愿意与构建和部署云复合服务的云租户分享有关其基础设施配置的准确信息。这就使得漏洞评估难以在仅了解部分整体配置的情况下进行。因此,我们在本文中提出了一种名为 C3S-TTP 的云间可信第三方方法,用于支持云复合服务中的安全配置,特别是在其资源迁移过程中。我们基于 TOSCA 协调语言的扩展版本,描述了所考虑的架构、主要构建模块及其交互。可信第三方能够执行精确、详尽的漏洞评估,而无需云提供商和云租户共享彼此间的关键配置信息。在设计并正式确定该第三方解决方案后,我们基于概念验证原型进行了大量实验,以量化其优势和局限性。
{"title":"C3S-TTP: A Trusted Third Party for Configuration Security in TOSCA-Based Cloud Services","authors":"Mohamed Oulaaffart, Rémi Badonnel, Olivier Festor","doi":"10.1007/s10922-023-09792-7","DOIUrl":"https://doi.org/10.1007/s10922-023-09792-7","url":null,"abstract":"<p>The large-scale deployment of cloud composite services distributed over heterogeneous environments poses new challenges in terms of security management. In particular, the migration of their resources is facilitated by recent advances in the area of virtualization techniques. This contributes to increase the dynamics of their configuration, and may induce vulnerabilities that could compromise the security of cloud resources, or even of the whole service. In addition, cloud providers may be reluctant to share precise information regarding the configuration of their infrastructures with cloud tenants that build and deploy cloud composite services. This makes the assessment of vulnerabilities difficult to be performed with only a partial view on the overall configuration. We therefore propose in this article an inter-cloud trusted third-party approach, called C3S-TTP, for supporting secure configurations in cloud composite services, more specifically during the migration of their resources. We describe the considered architecture, its main building blocks and their interactions based on an extended version of the TOSCA orchestration language. The trusted third party is capable to perform a precise and exhaustive vulnerability assessment, without requiring the cloud provider and the cloud tenant to share critical configuration information between each other. After designing and formalizing this third party solution, we perform large series of experiments based on a proof-of-concept prototype in order to quantify its benefits and limits.</p>","PeriodicalId":50119,"journal":{"name":"Journal of Network and Systems Management","volume":"119 1","pages":""},"PeriodicalIF":3.6,"publicationDate":"2024-01-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"139105084","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Privacy-Aware Anomaly Detection in IoT Environments using FedGroup: A Group-Based Federated Learning Approach 使用 FedGroup 在物联网环境中进行隐私意识异常检测:基于群组的联合学习方法
IF 3.6 3区 计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS Pub Date : 2024-01-04 DOI: 10.1007/s10922-023-09782-9
Yixuan Zhang, Basem Suleiman, Muhammad Johan Alibasa, Farnaz Farid

The popularity of Internet of Things (IoT) devices in smart homes has raised significant concerns regarding data security and privacy. Traditional machine learning (ML) methods for anomaly detection often require sharing sensitive IoT data with a central server, posing security and efficiency challenges. In response, this paper introduces FedGroup, a novel Federated Learning (FL) method inspired by FedAvg. FedGroup revolutionizes the central model’s learning process by updating it based on the learning patterns of distinct groups of IoT devices. Our experimental results demonstrate that FedGroup consistently achieves comparable or superior accuracy in anomaly detection when compared to both federated and non-federated learning methods. Additionally, Ensemble Learning (EL) collects intelligence from numerous contributing models, leading to enhanced prediction performance. Furthermore, FedGroup significantly improves the detection of attack types and their details, contributing to a more robust security framework for smart homes. Our approach demonstrates exceptional performance, achieving an accuracy rate of 99.64% with a minimal false positive rate (FPR) of 0.02% in attack type detection, and an impressive 99.89% accuracy in attack type detail detection.

智能家居中物联网(IoT)设备的普及引起了人们对数据安全和隐私的极大关注。用于异常检测的传统机器学习(ML)方法通常需要与中央服务器共享敏感的物联网数据,从而带来了安全和效率方面的挑战。为此,本文介绍了 FedGroup,一种受 FedAvg 启发的新型 Federated Learning(FL)方法。FedGroup 根据不同物联网设备组的学习模式对中央模型的学习过程进行更新,从而彻底改变了中央模型的学习过程。我们的实验结果表明,与联合学习方法和非联合学习方法相比,FedGroup 在异常检测方面始终保持着相当或更高的准确率。此外,集合学习(EL)从众多贡献模型中收集情报,从而提高了预测性能。此外,FedGroup 还大大提高了对攻击类型及其细节的检测能力,为智能家居提供了更强大的安全框架。我们的方法表现出卓越的性能,在攻击类型检测方面,准确率达到 99.64%,误报率 (FPR) 仅为 0.02%,在攻击类型细节检测方面,准确率达到 99.89%,令人印象深刻。
{"title":"Privacy-Aware Anomaly Detection in IoT Environments using FedGroup: A Group-Based Federated Learning Approach","authors":"Yixuan Zhang, Basem Suleiman, Muhammad Johan Alibasa, Farnaz Farid","doi":"10.1007/s10922-023-09782-9","DOIUrl":"https://doi.org/10.1007/s10922-023-09782-9","url":null,"abstract":"<p>The popularity of Internet of Things (IoT) devices in smart homes has raised significant concerns regarding data security and privacy. Traditional machine learning (ML) methods for anomaly detection often require sharing sensitive IoT data with a central server, posing security and efficiency challenges. In response, this paper introduces FedGroup, a novel Federated Learning (FL) method inspired by FedAvg. FedGroup revolutionizes the central model’s learning process by updating it based on the learning patterns of distinct groups of IoT devices. Our experimental results demonstrate that FedGroup consistently achieves comparable or superior accuracy in anomaly detection when compared to both federated and non-federated learning methods. Additionally, Ensemble Learning (EL) collects intelligence from numerous contributing models, leading to enhanced prediction performance. Furthermore, FedGroup significantly improves the detection of attack types and their details, contributing to a more robust security framework for smart homes. Our approach demonstrates exceptional performance, achieving an accuracy rate of 99.64% with a minimal false positive rate (FPR) of 0.02% in attack type detection, and an impressive 99.89% accuracy in attack type detail detection.\u0000</p>","PeriodicalId":50119,"journal":{"name":"Journal of Network and Systems Management","volume":"9 1","pages":""},"PeriodicalIF":3.6,"publicationDate":"2024-01-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"139094692","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
RT-Ranked: Towards Network Resiliency by Anticipating Demand in TSCH/RPL Communication Environments RT-Ranked:通过预测 TSCH/RPL 通信环境中的需求实现网络弹性
IF 3.6 3区 计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS Pub Date : 2024-01-03 DOI: 10.1007/s10922-023-09796-3
Ivanilson França Vieira Junior, Jorge Granjal, Marilia Curado

Time-slotted Channel Hopping (TSCH) Media Access Control (MAC) was specified to target the Industrial Internet of Things needs. This MAC balances energy, bandwidth, and latency for deterministic communications in unreliable wireless environments. Building a distributed or autonomous TSCH schedule is arduous because the node negotiates cells with its neighbours based on queue occupancy, latency, and consumption metrics. The Minimal TSCH Configuration defined by RFC 8180 was specified for bootstrapping a 6TiSCH network and detailed configurations necessary to be supported. In particular, it adopts Routing Protocol for Low Power and Lossy networks (RPL) Non-Storing mode, which reduces the node’s network awareness. Dealing with unpredicted traffic far from the forwarding node is difficult due to limited network information. Anticipating this unexpected flow from multiple network regions is essential because it can turn the forwarding node into a network bottleneck leading to high latency, packet discard or disconnection rates, forcing RPL to change the topology. To cope with that, this work proposes a new mechanism that implements an RPL control message option for passing forward the node’s cell demand, allowing the node to anticipate the proper cell allocation for supporting the traffic originating by nodes far from the forwarding point embedded in Destination-Oriented Directed Acyclic Graph (DODAG) Information Object (DIO) and Destination Advertisement Object (DAO) RPL control messages. Implementing this mechanism in a distributed TSCH Scheduling developed in Contiki-NG yielded promising results in supporting unforeseen traffic bursts and has the potential to significantly improve the performance and reliability of TSCH schedules in challenging network environments.

时隙信道跳频 (TSCH) 媒体访问控制 (MAC) 是针对工业物联网的需求而设计的。这种 MAC 可在不可靠的无线环境中平衡确定性通信的能量、带宽和延迟。建立分布式或自主 TSCH 计划非常困难,因为节点会根据队列占用率、延迟和消耗指标与其邻居协商单元。RFC 8180 中定义的最小 TSCH 配置是为引导 6TiSCH 网络和支持所需的详细配置而指定的。特别是,它采用了低功耗和低损耗网络路由协议(RPL)非存储模式,减少了节点的网络感知。由于网络信息有限,很难处理远离转发节点的意外流量。预测这种来自多个网络区域的意外流量至关重要,因为它会使转发节点成为网络瓶颈,导致高延迟、数据包丢弃率或断开率,从而迫使 RPL 改变拓扑结构。为了应对这种情况,本研究提出了一种新的机制,它实现了一种 RPL 控制信息选项,用于转发节点的小区需求,允许节点预测适当的小区分配,以支持嵌入在面向目的地的有向无环图(DODAG)信息对象(DIO)和目的地广告对象(DAO)RPL 控制信息中的远离转发点的节点所产生的流量。在 Contiki-NG 中开发的分布式 TSCH 调度中实施这种机制,在支持不可预见的流量突发方面取得了可喜的成果,并有可能显著提高 TSCH 调度在具有挑战性的网络环境中的性能和可靠性。
{"title":"RT-Ranked: Towards Network Resiliency by Anticipating Demand in TSCH/RPL Communication Environments","authors":"Ivanilson França Vieira Junior, Jorge Granjal, Marilia Curado","doi":"10.1007/s10922-023-09796-3","DOIUrl":"https://doi.org/10.1007/s10922-023-09796-3","url":null,"abstract":"<p>Time-slotted Channel Hopping (TSCH) Media Access Control (MAC) was specified to target the Industrial Internet of Things needs. This MAC balances energy, bandwidth, and latency for deterministic communications in unreliable wireless environments. Building a distributed or autonomous TSCH schedule is arduous because the node negotiates cells with its neighbours based on queue occupancy, latency, and consumption metrics. The Minimal TSCH Configuration defined by RFC 8180 was specified for bootstrapping a 6TiSCH network and detailed configurations necessary to be supported. In particular, it adopts Routing Protocol for Low Power and Lossy networks (RPL) Non-Storing mode, which reduces the node’s network awareness. Dealing with unpredicted traffic far from the forwarding node is difficult due to limited network information. Anticipating this unexpected flow from multiple network regions is essential because it can turn the forwarding node into a network bottleneck leading to high latency, packet discard or disconnection rates, forcing RPL to change the topology. To cope with that, this work proposes a new mechanism that implements an RPL control message option for passing forward the node’s cell demand, allowing the node to anticipate the proper cell allocation for supporting the traffic originating by nodes far from the forwarding point embedded in Destination-Oriented Directed Acyclic Graph (DODAG) Information Object (DIO) and Destination Advertisement Object (DAO) RPL control messages. Implementing this mechanism in a distributed TSCH Scheduling developed in Contiki-NG yielded promising results in supporting unforeseen traffic bursts and has the potential to significantly improve the performance and reliability of TSCH schedules in challenging network environments.</p>","PeriodicalId":50119,"journal":{"name":"Journal of Network and Systems Management","volume":"46 1","pages":""},"PeriodicalIF":3.6,"publicationDate":"2024-01-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"139083692","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Unsupervised Clustering for a Comparative Methodology of Machine Learning Models to Detect Domain-Generated Algorithms Based on an Alphanumeric Features Analysis 基于字母数字特征分析的机器学习模型无监督聚类比较方法,用于检测领域生成的算法
IF 3.6 3区 计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS Pub Date : 2024-01-02 DOI: 10.1007/s10922-023-09793-6
Mohamed Hassaoui, Mohamed Hanini, Said El Kafhali

Domain Generation Algorithms (DGAs) are often used for generating huge amounts of domain names to maintain command and control between the infected computer and the bot master. By establishing as needed a great number of domain names, attackers may mask their C2 servers and escape detection. Many malware families have switched to a stealthier contact approach. Therefore, the traditional methods become ineffective. Over the past decades, many researches have started to use artificial intelligence to create systems able to detect DGA in traffic, but these works do not use the same data to evaluate their models. This article proposes a comparative methodology to compare machine learning models based on unsupervised clustering and then applied this methodology to study the best models belonging to neural network methods and traditional machine learning methods to detect DGAs. We extracted 21 linguistic features based on the analysis of alphanumeric and n-gram, we studied the correlation between these features in order to reduce their number. We examine in detail those Machine learning algorithms and we discuss the drawbacks and strengths of each method with specific classes of DGA to propose a new switch case model that could be always reliable to detect DGAs.

域名生成算法(DGA)通常用于生成大量域名,以维持受感染计算机与僵尸主控程序之间的指挥和控制。通过根据需要建立大量域名,攻击者可以掩盖其 C2 服务器并逃避检测。许多恶意软件家族已经转而采用更隐蔽的联系方法。因此,传统方法已经失效。过去几十年来,许多研究人员开始使用人工智能来创建能够检测流量中 DGA 的系统,但这些工作并没有使用相同的数据来评估其模型。本文提出了一种比较方法来比较基于无监督聚类的机器学习模型,然后应用这种方法来研究属于神经网络方法和传统机器学习方法的最佳模型,以检测 DGA。我们在分析字母数字和 n-gram 的基础上提取了 21 个语言特征,并研究了这些特征之间的相关性,以减少其数量。我们详细研究了这些机器学习算法,并针对特定类别的 DGA 讨论了每种方法的缺点和优点,从而提出了一种新的转换案例模型,该模型可以始终可靠地检测 DGA。
{"title":"Unsupervised Clustering for a Comparative Methodology of Machine Learning Models to Detect Domain-Generated Algorithms Based on an Alphanumeric Features Analysis","authors":"Mohamed Hassaoui, Mohamed Hanini, Said El Kafhali","doi":"10.1007/s10922-023-09793-6","DOIUrl":"https://doi.org/10.1007/s10922-023-09793-6","url":null,"abstract":"<p>Domain Generation Algorithms (DGAs) are often used for generating huge amounts of domain names to maintain command and control between the infected computer and the bot master. By establishing as needed a great number of domain names, attackers may mask their C2 servers and escape detection. Many malware families have switched to a stealthier contact approach. Therefore, the traditional methods become ineffective. Over the past decades, many researches have started to use artificial intelligence to create systems able to detect DGA in traffic, but these works do not use the same data to evaluate their models. This article proposes a comparative methodology to compare machine learning models based on unsupervised clustering and then applied this methodology to study the best models belonging to neural network methods and traditional machine learning methods to detect DGAs. We extracted 21 linguistic features based on the analysis of alphanumeric and n-gram, we studied the correlation between these features in order to reduce their number. We examine in detail those Machine learning algorithms and we discuss the drawbacks and strengths of each method with specific classes of DGA to propose a new switch case model that could be always reliable to detect DGAs.</p>","PeriodicalId":50119,"journal":{"name":"Journal of Network and Systems Management","volume":"10 1","pages":""},"PeriodicalIF":3.6,"publicationDate":"2024-01-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"139077688","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Stochastic Machine Learning Based Attacks Detection System in Wireless Sensor Networks 基于随机机器学习的无线传感器网络攻击检测系统
IF 3.6 3区 计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS Pub Date : 2023-12-29 DOI: 10.1007/s10922-023-09794-5
Anselme Russel Affane Moundounga, Hassan Satori

Wireless Sensor Networks (WSNs) play a crucial role in diverse applications, encompassing environmental monitoring, healthcare, and industrial automation. However, these networks are susceptible to various security threats, underscoring the need for robust attack detection systems. In this paper, we propose a Stochastic Machine Learning-Based Attack Detection System for WSNs that leverages the synergy of Hidden Markov Models (HMMs) and Gaussian Mixture Models (GMMs). The proposed system employs Principal Component Analysis for dimensionality reduction in the WSN dataset, thereby retaining essential routing features while mitigating the number of variables. Additionally, iterative machine learning Expectation-Maximization is employed to train the HMMs and GMMs, empowering the system to accurately detect and classify malicious activities and erroneous routing data. To evaluate the system’s efficacy, a series of experiments were conducted, entailing variations in the parameters of both HMMs and GMMs. Notably, the findings underscore that the configuration comprising 3 HMMs and 4 GMMs surpasses other combinations, achieving an exceptional accuracy level of 94.55%. Furthermore, a comprehensive comparison is drawn between the proposed system and common machine learning classifiers. This analysis unequivocally highlights the system’s superiority in terms of accuracy and overall performance. Notable is the system’s exceptional performance in cross-validation, consistently achieving accuracies within the range of 0.96 to 0.98. The proposed Stochastic Machine Learning-Based Attack Detection System introduces a highly promising approach to fortify the security of WSNs. The amalgamation of rigorous experimentation, comparative analysis, and impressive results underscores its potential as an effective security enhancement tool.

无线传感器网络(WSN)在环境监测、医疗保健和工业自动化等各种应用中发挥着至关重要的作用。然而,这些网络很容易受到各种安全威胁的影响,这凸显了对强大攻击检测系统的需求。本文提出了一种基于随机机器学习的 WSN 攻击检测系统,它充分利用了隐马尔可夫模型(HMM)和高斯混杂模型(GMM)的协同作用。该系统采用主成分分析法对 WSN 数据集进行降维处理,从而在保留基本路由特征的同时减少变量数量。此外,还采用了迭代机器学习期望最大化方法来训练 HMM 和 GMM,从而使系统能够准确地检测和分类恶意活动和错误路由数据。为了评估该系统的功效,我们进行了一系列实验,要求改变 HMM 和 GMM 的参数。值得注意的是,实验结果表明,由 3 个 HMM 和 4 个 GMM 组成的配置超越了其他组合,达到了 94.55% 的超高准确率水平。此外,还对所提出的系统和常见的机器学习分类器进行了全面比较。这一分析明确凸显了该系统在准确率和整体性能方面的优势。值得注意的是,该系统在交叉验证中表现优异,准确率始终保持在 0.96 到 0.98 的范围内。所提出的基于随机机器学习的攻击检测系统为加强 WSN 的安全性引入了一种极具前景的方法。严谨的实验、比较分析和令人印象深刻的结果都突出了它作为有效安全增强工具的潜力。
{"title":"Stochastic Machine Learning Based Attacks Detection System in Wireless Sensor Networks","authors":"Anselme Russel Affane Moundounga, Hassan Satori","doi":"10.1007/s10922-023-09794-5","DOIUrl":"https://doi.org/10.1007/s10922-023-09794-5","url":null,"abstract":"<p>Wireless Sensor Networks (WSNs) play a crucial role in diverse applications, encompassing environmental monitoring, healthcare, and industrial automation. However, these networks are susceptible to various security threats, underscoring the need for robust attack detection systems. In this paper, we propose a Stochastic Machine Learning-Based Attack Detection System for WSNs that leverages the synergy of Hidden Markov Models (HMMs) and Gaussian Mixture Models (GMMs). The proposed system employs Principal Component Analysis for dimensionality reduction in the WSN dataset, thereby retaining essential routing features while mitigating the number of variables. Additionally, iterative machine learning Expectation-Maximization is employed to train the HMMs and GMMs, empowering the system to accurately detect and classify malicious activities and erroneous routing data. To evaluate the system’s efficacy, a series of experiments were conducted, entailing variations in the parameters of both HMMs and GMMs. Notably, the findings underscore that the configuration comprising 3 HMMs and 4 GMMs surpasses other combinations, achieving an exceptional accuracy level of 94.55%. Furthermore, a comprehensive comparison is drawn between the proposed system and common machine learning classifiers. This analysis unequivocally highlights the system’s superiority in terms of accuracy and overall performance. Notable is the system’s exceptional performance in cross-validation, consistently achieving accuracies within the range of 0.96 to 0.98. The proposed Stochastic Machine Learning-Based Attack Detection System introduces a highly promising approach to fortify the security of WSNs. The amalgamation of rigorous experimentation, comparative analysis, and impressive results underscores its potential as an effective security enhancement tool.</p>","PeriodicalId":50119,"journal":{"name":"Journal of Network and Systems Management","volume":"14 1","pages":""},"PeriodicalIF":3.6,"publicationDate":"2023-12-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"139069459","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Simplifying Forwarding Data Plane Operations with XOR-Based Source Routing 利用基于 XOR 的源路由简化转发数据平面操作
IF 3.6 3区 计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS Pub Date : 2023-12-21 DOI: 10.1007/s10922-023-09791-8
Jérôme Lacan, Emmanuel Lochin

We propose a theoretical analysis of a novel source routing scheme called XSR. XSR uses linear encoding operation to both (1) build the path labels of unicast and multicast data transfers; (2) perform fast computational efficient routing decisions compared to standard table lookup procedure without any packet modification all along the path. XSR specifically focuses on decreasing the computational complexity of forwarding operations. This allows packet switches (e.g, link-layer switch or router) to perform only simple linear operations over a binary vector label that embeds the path. We provide analytical proofs demonstrating that XSRs efficiently compute a valid unicast or multicast path label over any finite fields ({mathbb {F}}_{2^w}). Furthermore, we show that this path label can be used for both the forward and return unicast paths, unlike other source routing algorithms that require recomputing a label for the return path. Compared to recent approaches based on modular arithmetic, XSR computes the smallest label possible and presents strong scalable properties, allowing it to be deployed over any kind of core vendor or datacenter networks.

我们提出了一种名为 XSR 的新型源路由方案的理论分析。XSR 使用线性编码操作来:(1) 建立单播和组播数据传输的路径标签;(2) 与标准的查表程序相比,执行计算效率高的快速路由决策,而无需在整个路径上对数据包进行任何修改。XSR 特别注重降低转发操作的计算复杂性。这使得数据包交换机(如链路层交换机或路由器)只需对嵌入路径的二进制向量标签执行简单的线性操作即可。我们提供的分析证明表明,XSR 可以在任意有限域上({mathbb {F}}_{2^w} )高效计算有效的单播或组播路径标签。此外,我们还证明了该路径标签可同时用于前向和回传单播路径,这与其他需要为回传路径重新计算标签的源路由算法不同。与最近基于模块运算的方法相比,XSR 计算出了尽可能小的标签,并具有很强的可扩展性,可以在任何类型的核心供应商或数据中心网络上部署。
{"title":"Simplifying Forwarding Data Plane Operations with XOR-Based Source Routing","authors":"Jérôme Lacan, Emmanuel Lochin","doi":"10.1007/s10922-023-09791-8","DOIUrl":"https://doi.org/10.1007/s10922-023-09791-8","url":null,"abstract":"<p>We propose a theoretical analysis of a novel source routing scheme called XSR. XSR uses linear encoding operation to both (1) build the path labels of unicast and multicast data transfers; (2) perform fast computational efficient routing decisions compared to standard table lookup procedure without any packet modification all along the path. XSR specifically focuses on decreasing the computational complexity of forwarding operations. This allows packet switches (e.g, link-layer switch or router) to perform only simple linear operations over a binary vector label that embeds the path. We provide analytical proofs demonstrating that XSRs efficiently compute a valid unicast or multicast path label over any finite fields <span>({mathbb {F}}_{2^w})</span>. Furthermore, we show that this path label can be used for both the forward and return unicast paths, unlike other source routing algorithms that require recomputing a label for the return path. Compared to recent approaches based on modular arithmetic, XSR computes the smallest label possible and presents strong scalable properties, allowing it to be deployed over any kind of core vendor or datacenter networks.</p>","PeriodicalId":50119,"journal":{"name":"Journal of Network and Systems Management","volume":"10 1","pages":""},"PeriodicalIF":3.6,"publicationDate":"2023-12-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"138824043","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Regenerating Networked Systems’ Monitoring Traces Using Neural Networks 利用神经网络再生网络系统的监控轨迹
IF 3.6 3区 计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS Pub Date : 2023-12-21 DOI: 10.1007/s10922-023-09790-9
K. Paim, Vagner E. Quincozes, Diego Kreutz, R. Mansilha, Weverton Cordeiro
{"title":"Regenerating Networked Systems’ Monitoring Traces Using Neural Networks","authors":"K. Paim, Vagner E. Quincozes, Diego Kreutz, R. Mansilha, Weverton Cordeiro","doi":"10.1007/s10922-023-09790-9","DOIUrl":"https://doi.org/10.1007/s10922-023-09790-9","url":null,"abstract":"","PeriodicalId":50119,"journal":{"name":"Journal of Network and Systems Management","volume":"42 1","pages":""},"PeriodicalIF":3.6,"publicationDate":"2023-12-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"138950919","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Provisioning Load Balancing in Time-Sensitive Task Allocation for Mobile Crowdsensing 为移动人群感知的时间敏感任务分配提供负载平衡
IF 3.6 3区 计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS Pub Date : 2023-12-07 DOI: 10.1007/s10922-023-09783-8
Moirangthem Goldie Meitei, Ningrinla Marchang

Task allocation is the mechanism which enables the allotment of sensing tasks to participating users in a mobile crowdsensing (MCS) environment. Task allocation plays a vital role in the management of resources in crowdsensed networks which deploy mobile participants or devices. While conventional task allocation techniques focus on maximizing profit for either the platform or the user, our proposed task allocation scheme, called Load Balanced Task Allocation (LBTA) is geared towards user-oriented task allocation in order to mainly address altruistic MCS campaigns in which participants voluntarily contribute towards a common goal such as in citizen science-based projects. This paper deals with the problem of task allocation using a load balanced approach while trying to maximize the allocation of tasks at the same time. For this, we propose and formulate the LBTA algorithm, which is an extension of a greedy algorithm. The proposed LBTA algorithm has been compared with a known algorithm and their relative performances have been analysed. Simulation results demonstrate that the proposed algorithm performs better than the baseline algorithm for time-dependent MCS systems that operate without a budget constraint, and comparatively better up to a certain budget for those systems with budgeting limitations.

任务分配是一种机制,可将感知任务分配给移动众感应(MCS)环境中的参与用户。在部署了移动参与者或设备的众感应网络中,任务分配在资源管理方面起着至关重要的作用。传统的任务分配技术侧重于平台或用户的利益最大化,而我们提出的任务分配方案,即负载平衡任务分配(LBTA),则是面向用户的任务分配,主要针对利他主义的 MCS 活动,在这些活动中,参与者自愿为一个共同目标做出贡献,如基于公民科学的项目。本文采用负载平衡方法处理任务分配问题,同时试图最大限度地分配任务。为此,我们提出并制定了 LBTA 算法,这是一种贪婪算法的扩展。我们将提出的 LBTA 算法与已知算法进行了比较,并分析了它们的相对性能。仿真结果表明,对于无预算限制的随时间变化的 MCS 系统,拟议算法的性能优于基准算法,而对于有预算限制的系统,在一定预算范围内,拟议算法的性能相对更好。
{"title":"Provisioning Load Balancing in Time-Sensitive Task Allocation for Mobile Crowdsensing","authors":"Moirangthem Goldie Meitei, Ningrinla Marchang","doi":"10.1007/s10922-023-09783-8","DOIUrl":"https://doi.org/10.1007/s10922-023-09783-8","url":null,"abstract":"<p>Task allocation is the mechanism which enables the allotment of sensing tasks to participating users in a mobile crowdsensing (MCS) environment. Task allocation plays a vital role in the management of resources in crowdsensed networks which deploy mobile participants or devices. While conventional task allocation techniques focus on maximizing profit for either the platform or the user, our proposed task allocation scheme, called Load Balanced Task Allocation (LBTA) is geared towards user-oriented task allocation in order to mainly address altruistic MCS campaigns in which participants voluntarily contribute towards a common goal such as in citizen science-based projects. This paper deals with the problem of task allocation using a load balanced approach while trying to maximize the allocation of tasks at the same time. For this, we propose and formulate the LBTA algorithm, which is an extension of a greedy algorithm. The proposed LBTA algorithm has been compared with a known algorithm and their relative performances have been analysed. Simulation results demonstrate that the proposed algorithm performs better than the baseline algorithm for time-dependent MCS systems that operate without a budget constraint, and comparatively better up to a certain budget for those systems with budgeting limitations.</p>","PeriodicalId":50119,"journal":{"name":"Journal of Network and Systems Management","volume":"82 1","pages":""},"PeriodicalIF":3.6,"publicationDate":"2023-12-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"138556178","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
期刊
Journal of Network and Systems Management
全部 Acc. Chem. Res. ACS Applied Bio Materials ACS Appl. Electron. Mater. ACS Appl. Energy Mater. ACS Appl. Mater. Interfaces ACS Appl. Nano Mater. ACS Appl. Polym. Mater. ACS BIOMATER-SCI ENG ACS Catal. ACS Cent. Sci. ACS Chem. Biol. ACS Chemical Health & Safety ACS Chem. Neurosci. ACS Comb. Sci. ACS Earth Space Chem. ACS Energy Lett. ACS Infect. Dis. ACS Macro Lett. ACS Mater. Lett. ACS Med. Chem. Lett. ACS Nano ACS Omega ACS Photonics ACS Sens. ACS Sustainable Chem. Eng. ACS Synth. Biol. Anal. Chem. BIOCHEMISTRY-US Bioconjugate Chem. BIOMACROMOLECULES Chem. Res. Toxicol. Chem. Rev. Chem. Mater. CRYST GROWTH DES ENERG FUEL Environ. Sci. Technol. Environ. Sci. Technol. Lett. Eur. J. Inorg. Chem. IND ENG CHEM RES Inorg. Chem. J. Agric. Food. Chem. J. Chem. Eng. Data J. Chem. Educ. J. Chem. Inf. Model. J. Chem. Theory Comput. J. Med. Chem. J. Nat. Prod. J PROTEOME RES J. Am. Chem. Soc. LANGMUIR MACROMOLECULES Mol. Pharmaceutics Nano Lett. Org. Lett. ORG PROCESS RES DEV ORGANOMETALLICS J. Org. Chem. J. Phys. Chem. J. Phys. Chem. A J. Phys. Chem. B J. Phys. Chem. C J. Phys. Chem. Lett. Analyst Anal. Methods Biomater. Sci. Catal. Sci. Technol. Chem. Commun. Chem. Soc. Rev. CHEM EDUC RES PRACT CRYSTENGCOMM Dalton Trans. Energy Environ. Sci. ENVIRON SCI-NANO ENVIRON SCI-PROC IMP ENVIRON SCI-WAT RES Faraday Discuss. Food Funct. Green Chem. Inorg. Chem. Front. Integr. Biol. J. Anal. At. Spectrom. J. Mater. Chem. A J. Mater. Chem. B J. Mater. Chem. C Lab Chip Mater. Chem. Front. Mater. Horiz. MEDCHEMCOMM Metallomics Mol. Biosyst. Mol. Syst. Des. Eng. Nanoscale Nanoscale Horiz. Nat. Prod. Rep. New J. Chem. Org. Biomol. Chem. Org. Chem. Front. PHOTOCH PHOTOBIO SCI PCCP Polym. Chem.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1