Annals of Telecommunications最新文献

Single carrier frequency division multiple access (SC-FDMA) has become increasingly popular in broadband data transmission systems due to its many advantages. One of the main advantages is the lower peak-to-average power ratio (PAPR), which significantly benefits the mobile terminal station in terms of transmit power efficiency. However, SC-FDMA is susceptible to carrier frequency offsets (CFOs) which affect the orthogonality between subcarriers and cause inter-carrier interference (ICI) and multiple access interference (MAI). In this paper, we analyze and evaluate the performance of SC-FDMA in the presence of CFOs for wireless image transmission with different basis functions, different subcarrier mapping techniques, and different modulation schemes over vehicular A and SUI3 channel models. This study focuses on evaluating the performance of SC-FDMA using wireless image transmission. The evaluation is conducted based on two performance metrics, namely peak signal-to-noise ratio (PSNR) and mean square error (MSE). Specifically, we consider the following three cases: the no CFOs case, the case when CFOs are present but without compensation, and the case when CFOs are present and CFO compensation is used. The CFO compensation technique used in this work is the joint mean minimum squared error (JMMSE) method. The results showed that JMMSE with DFT can provide better performance in the presence of CFOs compared to DCT and DST. Additionally, the choice of interleaved subcarrier mapping technique provides better performance compared to localized subcarrier mapping. Furthermore, the impact of the modulation scheme and the channel model on system performance is also evaluated, with the results showing that QPSK is more robust to CFOs compared to 16QAM modulation and the performance is better transmitting over the SU13 model rather than the vehicular A channel model. Simulation results demonstrate the effectiveness of JMMSE combined with DFT and interleaved subcarrier mapping in mitigating the effects of CFOs and multipath channels, especially with the SUI3 channel model and QPSK modulation.

Abstract

New developments of blockchain designs, for both research and commercial environments, focus on improving security and energy consumption. Indeed, these implementations are based on managing a single type of information linked to a single blockchain. In this paper, we propose a new design called NestedChain. This proposal creates a system that allows two completely different types of information to be held in the same physical structure, enabling the creation of a blockchain within a blockchain. The new blockchain design can be implemented in various environments where it is necessary to have two different and parallel sets of information in the same network infrastructure. This new conception of blockchain offers a new way to understand the limitations of existing implementations and suggests how the evolution of the blockchain environment could be enhanced.

Abstract

Log file analysis is increasingly being addressed through the use of large language models (LLM). LLM provides the mechanism for discovering embeddings for distinguishing between different behaviors present in log files. In this work, we are interested in discriminating between normal and anomalous behaviors via an unsupervised learning approach. To this end, firstly five recent LLM architectures are evaluated over six different log files. Then, further research is conducted to explicitly quantify the significance of performing self-supervised fine-tuning on the LLMs. Moreover, we show that the quality of an (unsupervised) feature map used to make the overall (normal/anomalous) predictions may also benefit from an AutoEncoder stage between LLM and feature map. Such an AutoEncoder provides significant reductions in the cost of training the feature map and typically improves the quality of the resulting predictions.

Insider threats refer to harmful actions carried out by authorized users within an organization, posing the most damaging risks. The increasing number of these threats has revealed the inadequacy of traditional methods for detecting and mitigating insider threats. These existing approaches lack the ability to analyze activity-related information in detail, resulting in delayed detection of malicious intent. Additionally, current methods lack advancements in addressing noisy datasets or unknown scenarios, leading to under-fitting or over-fitting of the models. To address these, our paper presents a hybrid insider threat detection framework. We not only enhance prediction accuracy by incorporating a layer of statistical criteria on top of machine learning-based classification but also present optimal parameters to address over/under-fitting of models. We evaluate the performance of our framework using a real-life threat test dataset (CERT r4.2) and compare it to existing methods on the same dataset (Glasser and Lindauer 2013). Our initial evaluation demonstrates that our proposed framework achieves an accuracy of 98.48% in detecting insider threats, surpassing the performance of most of the existing methods. Additionally, our framework effectively handles potential bias and data imbalance issues that can arise in real-life scenarios.

There has been a significant development in the design of intrusion detection systems (IDS) by using deep learning (DL)/machine learning (ML) methods for detecting threats in a computer network. Unfortunately, these DL/ML-based IDS are vulnerable to adversarial examples, wherein a malicious data sample can be slightly perturbed to cause a misclassification by an IDS while retaining its malicious properties. Unlike image recognition domain, the network domain has certain constraints known as domain constraints which are multifarious interrelationships and dependencies between features. To be considered as practical and realizable, an adversary must ensure that the adversarial examples comply with domain constraints. Recently, generative models like GANs and VAEs have been extensively used for generating adversarial examples against IDS. However, majority of these techniques generate adversarial examples which do not satisfy all domain constraints. Also, current generative methods lack explicit restrictions on the amount of perturbation which a malicious data sample undergoes during the crafting of adversarial examples, leading to the potential generation of invalid data samples. To address these limitations, a solution is presented in this work which utilize a variational autoencoder to generate adversarial examples that not only result in misclassification by an IDS, but also satisfy domain constraints. Instead of perturbing the data samples itself, the adversarial examples are crafted by perturbing the latent space representation of the data sample. It allows the generation of adversarial examples under limited perturbation. This research has explored the novel applications of generative networks for generating constraint satisfying adversarial examples. The experimental results support the claims with an attack success rate of 64.8(%) against ML/DL-based IDS. The trained model can be integrated further into an operational IDS to strengthen its robustness against adversarial examples; however, this is out of scope of this work.

Modern attacks, such as advanced persistent threats, hide command-and-control channels inside authorized network traffic like DNS or DNS over HTTPS to infiltrate the local network and exfiltrate sensitive data. Detecting such malicious traffic using traditional techniques is cumbersome especially when the traffic encrypted like DNS over HTTPS. Unsupervised machine learning techniques, and more specifically density-based spatial clustering of applications with noise (DBSCAN), can achieve good results in detecting malicious DNS tunnels. However, DBSCAN requires manually tuning two hyperparameters, whose optimal values can differ depending on the dataset. In this article, we propose an improved algorithm called AutoRoC-DBSCAN that can automatically find the best hyperparameters. We evaluated and obtained good results on two different datasets: a dataset we created with malicious DNS tunnels and the CIRA-CIC-DoHBrw-2020 dataset with malicious DoH tunnels.