Pub Date : 2025-01-04DOI: 10.1016/j.jnca.2024.104103
Yong Liu, Qian Meng, Kefei Chen, Zhonghua Shen
With networks increasing in size and traffic bursting, Data Center Networks (DCNs), as the core infrastructure of High-Performance Computing (HPC), can require a high-performance, robust, and scalable load balancing method. However, existing research work has not yet met these design objectives well. In this paper, we design, analyze and evaluate a novel Adaptive Load Balancing based on Traffic Prediction (ALB-TP) for achieving these goals. ALB-TP uses Gate Recurrent Unit and Attention (GRU-Attention) model to dynamically predict the path congestion information of the whole network. Compared with the existing scheme of collecting congestion status information in a fixed time period, the proposed GRU-Attention model improves the timeliness and accuracy of congestion information collection. With global congestion awareness, ALB-TP, which forwards flows to the least congested path via the two-stage routing in the actual implementation, is more robust than existing congestion-agnostic schemes for the asymmetric topology. Additionally, ALB-TP adopts a distributed control structure to capture the congestion information of the entire network in parallel, which makes it more scalable than existing congestion-aware schemes for large-scale networks. Evaluations show that on the Fat-Tree topology, ALB-TP can effectively alleviate network congestion and balance flows on different paths. Compared to existing GRU and LSTM models, the proposed GRU-Attention model improves the accuracy of congestion information prediction by 28.2% on average. Simulation results show that the proposed ALB-TP scheme reduces the Flow Completion Time (FCT) by an average of 18.5% and also improves the throughput by an average of 31.6% compared to the existing schemes. Through theoretical design and experimental analysis, we can see that the proposed ALB-TP can effectively balance the traffic load on the asymmetric topology and achieve the design goal of load balancing. Compared with existing schemes, ALB-TP also has better performance advantages in terms of FCT, throughput, and accuracy of congestion information collection.
随着网络规模的不断扩大和流量的激增,数据中心网络(DCNs)作为高性能计算(HPC)的核心基础设施,对高性能、鲁棒性和可扩展性的负载均衡方法提出了更高的要求。然而,现有的研究工作还没有很好地满足这些设计目标。在本文中,我们设计,分析和评估了一种新的基于流量预测的自适应负载均衡(ALB-TP)来实现这些目标。ALB-TP采用Gate Recurrent Unit and Attention (GRU-Attention)模型动态预测整个网络的路径拥塞信息。与现有的固定时间段内收集拥塞状态信息的方案相比,本文提出的GRU-Attention模型提高了收集拥塞信息的时效性和准确性。在具有全局拥塞感知的情况下,ALB-TP在实际实现中通过两阶段路由将流转发到拥塞最少的路径,比现有的非对称拓扑的拥塞不可知方案更具鲁棒性。此外,ALB-TP采用分布式控制结构,可以并行捕获整个网络的拥塞信息,这使得它比现有的大规模网络拥塞感知方案更具可扩展性。评估结果表明,在胖树拓扑下,ALB-TP可以有效缓解网络拥塞,平衡不同路径上的流量。与现有的GRU和LSTM模型相比,本文提出的GRU- attention模型的拥塞信息预测准确率平均提高了28.2%。仿真结果表明,与现有方案相比,所提出的ALB-TP方案平均减少了18.5%的流量完成时间(FCT),平均提高了31.6%的吞吐量。通过理论设计和实验分析,我们可以看到所提出的ALB-TP能够有效地均衡非对称拓扑上的流量负载,达到负载均衡的设计目标。与现有方案相比,ALB-TP在FCT、吞吐量和拥塞信息采集的准确性方面也具有更好的性能优势。
{"title":"ALB-TP: Adaptive Load Balancing based on Traffic Prediction using GRU-Attention for Software-Defined DCNs","authors":"Yong Liu, Qian Meng, Kefei Chen, Zhonghua Shen","doi":"10.1016/j.jnca.2024.104103","DOIUrl":"https://doi.org/10.1016/j.jnca.2024.104103","url":null,"abstract":"With networks increasing in size and traffic bursting, Data Center Networks (DCNs), as the core infrastructure of High-Performance Computing (HPC), can require a high-performance, robust, and scalable load balancing method. However, existing research work has not yet met these design objectives well. In this paper, we design, analyze and evaluate a novel Adaptive Load Balancing based on Traffic Prediction (ALB-TP) for achieving these goals. ALB-TP uses Gate Recurrent Unit and Attention (GRU-Attention) model to dynamically predict the path congestion information of the whole network. Compared with the existing scheme of collecting congestion status information in a fixed time period, the proposed GRU-Attention model improves the timeliness and accuracy of congestion information collection. With global congestion awareness, ALB-TP, which forwards flows to the least congested path via the two-stage routing in the actual implementation, is more robust than existing congestion-agnostic schemes for the asymmetric topology. Additionally, ALB-TP adopts a distributed control structure to capture the congestion information of the entire network in parallel, which makes it more scalable than existing congestion-aware schemes for large-scale networks. Evaluations show that on the Fat-Tree topology, ALB-TP can effectively alleviate network congestion and balance flows on different paths. Compared to existing GRU and LSTM models, the proposed GRU-Attention model improves the accuracy of congestion information prediction by 28.2% on average. Simulation results show that the proposed ALB-TP scheme reduces the Flow Completion Time (FCT) by an average of 18.5% and also improves the throughput by an average of 31.6% compared to the existing schemes. Through theoretical design and experimental analysis, we can see that the proposed ALB-TP can effectively balance the traffic load on the asymmetric topology and achieve the design goal of load balancing. Compared with existing schemes, ALB-TP also has better performance advantages in terms of FCT, throughput, and accuracy of congestion information collection.","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"50 1","pages":""},"PeriodicalIF":8.7,"publicationDate":"2025-01-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142967863","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-12-24DOI: 10.1016/j.jnca.2024.104102
Mohammad Al-Fawa’reh, Jumana Abu-khalaf, Naeem Janjua, Patryk Szewczyk
Network Intrusion Detection Systems (NIDS), which play a crucial role in defending Industrial Internet of Things (IIoT) networks, often utilize Deep Neural Networks (DNN) for their pattern recognition capabilities. However, these systems remain susceptible to sophisticated adversarial attacks, particularly on-manifold and off-manifold attacks, which skillfully evade detection. This paper addresses the limitations in existing research, focusing primarily on: the predominant focus on off-manifold attacks, while often overlooking subtler yet potent on-manifold attacks; a lack of consideration for the functional behavior of these attacks; reliance on detailed knowledge of the target NIDS for creating attacks; and the need for detailed knowledge about the creation process of adversarial attacks for effective detection. This paper introduces the Saliency Adversarial Autoencoder (SAAE), designed for generating on-manifold attacks through latent space perturbations. This dual-space perturbation approach enables SAAE to efficiently create stealthy attacks that blend with normal network behavior, posing significant challenges to state-of-the-art (SOTA) NIDS. To counter these advanced threats, we propose an attack-agnostic defence mechanism utilizing a fusion-based Autoencoder (AE) with disentangled representations. This defence is adept at detecting threats within the manifold, significantly enhancing NIDS robustness. Comparative assessments with SOTA DNN and Deep Reinforcement Learning (DRL) models highlight the effectiveness of our approach. The SAAE model markedly reduces True Positive Rates (TPR) in these systems. For DNNs, TPR dropped from 99.72% to 41.5%, and for DRLs, from 95.6% to 63.94%. Conversely, our defence model shows high TPR in detecting these attacks, registering 94% for DNNs and 92% for DRLs. Additionally, we release our dataset, named OOM-X-IIoTID11The datasets can be found at the following link: https://github.com/mohdah200/OOM-X-IIoTID., which includes On/Off manifold adversarial attacks, a first in the field, to facilitate further research and development in cybersecurity.
网络入侵检测系统(NIDS)在防御工业物联网(IIoT)网络中起着至关重要的作用,通常利用深度神经网络(DNN)来实现其模式识别功能。然而,这些系统仍然容易受到复杂的对抗性攻击,特别是流形和流形攻击,这些攻击巧妙地逃避了检测。本文解决了现有研究的局限性,主要集中在:主要关注非流形攻击,而往往忽略了微妙但强大的非流形攻击;缺乏对这些攻击的功能性行为的考虑;依赖对目标NIDS的详细了解来创建攻击;并且需要详细了解对抗性攻击的产生过程,以便进行有效的检测。本文介绍了显著性对抗自编码器(SAAE),该编码器设计用于通过潜在空间扰动产生流形攻击。这种双空间摄动方法使SAAE能够有效地创建与正常网络行为混合的隐形攻击,对最先进的(SOTA) NIDS构成重大挑战。为了应对这些高级威胁,我们提出了一种攻击不可知的防御机制,利用基于融合的自动编码器(AE)与解纠缠表示。这种防御擅长于检测歧管中的威胁,显著提高了NIDS的鲁棒性。与SOTA DNN和深度强化学习(DRL)模型的比较评估突出了我们方法的有效性。SAAE模型显著降低了这些系统的真阳性率(TPR)。dnn的TPR从99.72%下降到41.5%,drl的TPR从95.6%下降到63.94%。相反,我们的防御模型在检测这些攻击时显示出很高的TPR, dnn的TPR为94%,drl为92%。此外,我们发布了名为om - x - iiotid11的数据集,数据集可以在以下链接中找到:https://github.com/mohdah200/OOM-X-IIoTID.,其中包括开/关歧管对抗性攻击,这是该领域的第一个,以促进网络安全的进一步研究和开发。
{"title":"On and off the manifold: Generation and Detection of adversarial attacks in IIoT networks","authors":"Mohammad Al-Fawa’reh, Jumana Abu-khalaf, Naeem Janjua, Patryk Szewczyk","doi":"10.1016/j.jnca.2024.104102","DOIUrl":"https://doi.org/10.1016/j.jnca.2024.104102","url":null,"abstract":"Network Intrusion Detection Systems (NIDS), which play a crucial role in defending Industrial Internet of Things (IIoT) networks, often utilize Deep Neural Networks (DNN) for their pattern recognition capabilities. However, these systems remain susceptible to sophisticated adversarial attacks, particularly on-manifold and off-manifold attacks, which skillfully evade detection. This paper addresses the limitations in existing research, focusing primarily on: the predominant focus on off-manifold attacks, while often overlooking subtler yet potent on-manifold attacks; a lack of consideration for the functional behavior of these attacks; reliance on detailed knowledge of the target NIDS for creating attacks; and the need for detailed knowledge about the creation process of adversarial attacks for effective detection. This paper introduces the Saliency Adversarial Autoencoder (SAAE), designed for generating on-manifold attacks through latent space perturbations. This dual-space perturbation approach enables SAAE to efficiently create stealthy attacks that blend with normal network behavior, posing significant challenges to state-of-the-art (SOTA) NIDS. To counter these advanced threats, we propose an attack-agnostic defence mechanism utilizing a fusion-based Autoencoder (AE) with disentangled representations. This defence is adept at detecting threats within the manifold, significantly enhancing NIDS robustness. Comparative assessments with SOTA DNN and Deep Reinforcement Learning (DRL) models highlight the effectiveness of our approach. The SAAE model markedly reduces True Positive Rates (TPR) in these systems. For DNNs, TPR dropped from 99.72% to 41.5%, and for DRLs, from 95.6% to 63.94%. Conversely, our defence model shows high TPR in detecting these attacks, registering 94% for DNNs and 92% for DRLs. Additionally, we release our dataset, named OOM-X-IIoTID<ce:cross-ref ref><ce:sup loc=\"post\">1</ce:sup></ce:cross-ref><ce:footnote><ce:label>1</ce:label><ce:note-para view=\"all\">The datasets can be found at the following link: <ce:inter-ref xlink:href=\"https://github.com/mohdah200/OOM-X-IIoTID\" xlink:type=\"simple\">https://github.com/mohdah200/OOM-X-IIoTID</ce:inter-ref>.</ce:note-para></ce:footnote>, which includes On/Off manifold adversarial attacks, a first in the field, to facilitate further research and development in cybersecurity.","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"336 1","pages":""},"PeriodicalIF":8.7,"publicationDate":"2024-12-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142889236","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-12-19DOI: 10.1016/j.jnca.2024.104094
Borja Molina-Coronado, Antonio Ruggia, Usue Mori, Alessio Merlo, Alexander Mendiburu, Jose Miguel-Alonso
Malware authors have seen obfuscation as the mean to bypass malware detectors based on static analysis features. For Android, several studies have confirmed that many anti-malware products are easily evaded with simple program transformations. As opposed to these works, ML detection proposals for Android leveraging static analysis features have also been proposed as obfuscation-resilient. Therefore, it needs to be determined to what extent the use of a specific obfuscation strategy or tool poses a risk for the validity of ML Android malware detectors based on static analysis features. To shed some light in this regard, in this article we assess the impact of specific obfuscation techniques on common features extracted using static analysis and determine whether the changes are significant enough to undermine the effectiveness of ML malware detectors that rely on these features. The experimental results suggest that obfuscation techniques affect all static analysis features to varying degrees across different tools. However, certain features retain their validity for ML malware detection even in the presence of obfuscation. Based on these findings, we propose a ML malware detector for Android that is robust against obfuscation and outperforms current state-of-the-art detectors.
{"title":"Light up that Droid! On the effectiveness of static analysis features against app obfuscation for Android malware detection","authors":"Borja Molina-Coronado, Antonio Ruggia, Usue Mori, Alessio Merlo, Alexander Mendiburu, Jose Miguel-Alonso","doi":"10.1016/j.jnca.2024.104094","DOIUrl":"https://doi.org/10.1016/j.jnca.2024.104094","url":null,"abstract":"Malware authors have seen obfuscation as the mean to bypass malware detectors based on static analysis features. For Android, several studies have confirmed that many anti-malware products are easily evaded with simple program transformations. As opposed to these works, ML detection proposals for Android leveraging static analysis features have also been proposed as obfuscation-resilient. Therefore, it needs to be determined to what extent the use of a specific obfuscation strategy or tool poses a risk for the validity of ML Android malware detectors based on static analysis features. To shed some light in this regard, in this article we assess the impact of specific obfuscation techniques on common features extracted using static analysis and determine whether the changes are significant enough to undermine the effectiveness of ML malware detectors that rely on these features. The experimental results suggest that obfuscation techniques affect all static analysis features to varying degrees across different tools. However, certain features retain their validity for ML malware detection even in the presence of obfuscation. Based on these findings, we propose a ML malware detector for Android that is robust against obfuscation and outperforms current state-of-the-art detectors.","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"71 1","pages":""},"PeriodicalIF":8.7,"publicationDate":"2024-12-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142889244","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-12-15DOI: 10.1016/j.jnca.2024.104083
Seethalakshmi Perumal, P. Kola Sujatha, Krishnaa S., Muralitharan Krishnan
In response to the escalating sophistication of cyber threats, traditional security measures are proving insufficient, necessitating advanced solutions. The complexity of cyberattacks renders standard protocols inadequate, leading to an increased frequency of disruptions, data breaches, and financial losses. To address aforementioned challenges, a novel deep clustering algorithm developed to handle high-dimensional network data. Furthermore, the suggested autoencoder method improves anomaly detection by enabling a threshold value. The integration of clustering and the autoencoder method effectively handles anomaly detection. More specifically, involving the grouping of similar normal data points through clustering, followed by training individual autoencoders for each cluster. This innovative technique captures nuanced patterns of normal behavior within each cluster, significantly enhancing the model’s ability to detect anomalies. In addition to implement the intelligent system, NSL-KDD dataset is considered. From the simulation results, the proposed Cluster Autoencoder Pair (CAEP) model reveals that the overall accuracy of 96%, precision of 97%, recall of 98%, and F1-score of 97%, demonstrating superior performance compared to other existing models for network anomaly detection.
{"title":"Clusters in chaos: A deep unsupervised learning paradigm for network anomaly detection","authors":"Seethalakshmi Perumal, P. Kola Sujatha, Krishnaa S., Muralitharan Krishnan","doi":"10.1016/j.jnca.2024.104083","DOIUrl":"https://doi.org/10.1016/j.jnca.2024.104083","url":null,"abstract":"In response to the escalating sophistication of cyber threats, traditional security measures are proving insufficient, necessitating advanced solutions. The complexity of cyberattacks renders standard protocols inadequate, leading to an increased frequency of disruptions, data breaches, and financial losses. To address aforementioned challenges, a novel deep clustering algorithm developed to handle high-dimensional network data. Furthermore, the suggested autoencoder method improves anomaly detection by enabling a threshold value. The integration of clustering and the autoencoder method effectively handles anomaly detection. More specifically, involving the grouping of similar normal data points through clustering, followed by training individual autoencoders for each cluster. This innovative technique captures nuanced patterns of normal behavior within each cluster, significantly enhancing the model’s ability to detect anomalies. In addition to implement the intelligent system, NSL-KDD dataset is considered. From the simulation results, the proposed Cluster Autoencoder Pair (CAEP) model reveals that the overall accuracy of 96%, precision of 97%, recall of 98%, and F1-score of 97%, demonstrating superior performance compared to other existing models for network anomaly detection.","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"50 1","pages":""},"PeriodicalIF":8.7,"publicationDate":"2024-12-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142874157","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-12-13DOI: 10.1016/j.jnca.2024.104091
Usman Ahmed, Zheng Jiangbin, Sheharyar Khan, Muhammad Tariq Sadiq
Intrusion detection systems (IDSs) are dynamic to cybersecurity because they protect computer networks from malicious activity. IDS can benefit from machine learning; however, individual models may be unable to handle sophisticated and dynamic threats. Current cutting-edge research frequently concentrates on single machine-learning models for intrusion detection. They do not emphasize the necessity for more flexible and effective alternatives. The current computer network identification design techniques often need to improve efficiency and interpretability. Techniques that allow different models to operate together and adjust to dynamic network settings are required. This research addresses this gap, suggesting an innovative ensemble learning strategy, the ”Consensus Hybrid Ensemble Model” (CHEM)”, for intrusion detection. We combined different types of models, such as linear, nonlinear, and ensemble methods, neural networks, and probabilistic models, by using a metaclassifier approach. In this setup, a hybrid model of random forest (RF) and decision tree (DT) acts as the metaclassifier in a voting classifier, which uses consensus voting to align predictions from the various base classifiers. This method enhances the decision-making by considering each base classifier’s confidence and agreement. Local and global explanation models, such as the Shapley Additive explanations (SHAP) and Local Interpretable Model-agnostic Explanations (LIME) approaches, contributed to the primary predictions of the models’ transparency. We used different datasets for testing, such as Kdd99, NSL-KDD, CIC-IDS2017, BoTNeTIoT, and Edge-IIoTset. The proposed ”CHEM” model shows impressive performance across several attack scenarios, including novel and zero-day attacks, and proves its ability to identify and adapt to changing cyber threats. Several ablation experiments were conducted on available datasets to train, test, evaluate, and compare the proposed ”CHEM” model with the most sophisticated and state-of-the-art models. This research combines machine learning algorithms to create a precise IDS that adapts to ever-changing cyber threats.
{"title":"Consensus hybrid ensemble machine learning for intrusion detection with explainable AI","authors":"Usman Ahmed, Zheng Jiangbin, Sheharyar Khan, Muhammad Tariq Sadiq","doi":"10.1016/j.jnca.2024.104091","DOIUrl":"https://doi.org/10.1016/j.jnca.2024.104091","url":null,"abstract":"Intrusion detection systems (IDSs) are dynamic to cybersecurity because they protect computer networks from malicious activity. IDS can benefit from machine learning; however, individual models may be unable to handle sophisticated and dynamic threats. Current cutting-edge research frequently concentrates on single machine-learning models for intrusion detection. They do not emphasize the necessity for more flexible and effective alternatives. The current computer network identification design techniques often need to improve efficiency and interpretability. Techniques that allow different models to operate together and adjust to dynamic network settings are required. This research addresses this gap, suggesting an innovative ensemble learning strategy, the ”Consensus Hybrid Ensemble Model” (CHEM)”, for intrusion detection. We combined different types of models, such as linear, nonlinear, and ensemble methods, neural networks, and probabilistic models, by using a metaclassifier approach. In this setup, a hybrid model of random forest (RF) and decision tree (DT) acts as the metaclassifier in a voting classifier, which uses consensus voting to align predictions from the various base classifiers. This method enhances the decision-making by considering each base classifier’s confidence and agreement. Local and global explanation models, such as the Shapley Additive explanations (SHAP) and Local Interpretable Model-agnostic Explanations (LIME) approaches, contributed to the primary predictions of the models’ transparency. We used different datasets for testing, such as Kdd99, NSL-KDD, CIC-IDS2017, BoTNeTIoT, and Edge-IIoTset. The proposed ”CHEM” model shows impressive performance across several attack scenarios, including novel and zero-day attacks, and proves its ability to identify and adapt to changing cyber threats. Several ablation experiments were conducted on available datasets to train, test, evaluate, and compare the proposed ”CHEM” model with the most sophisticated and state-of-the-art models. This research combines machine learning algorithms to create a precise IDS that adapts to ever-changing cyber threats.","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"60 1","pages":""},"PeriodicalIF":8.7,"publicationDate":"2024-12-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142874162","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-12-12DOI: 10.1016/j.jnca.2024.104087
Yadong Zhang, Huixiang Zhang, Yi Yang, Wen Sun, Haibin Zhang, Yaru Fu
The integration of aerial-aided edge computing and federated learning (FL) is expected to completely change the way data is collected and utilized in edge computing scenarios, while effectively addressing the issues of data privacy protection and data distribution in this scenario. However, in the face of the challenge of device heterogeneity at the edge computing systems, most current synchronous federated learning approaches suffer from low efficiency because of the straggler effect. This issue can be significantly mitigated by adopting Asynchronous Federated Learning (AFL). Despite the potential benefits, AFL remains under-explored, posing a significant hurdle to optimizing the utility of privacy-enhanced AFL. To address this, we introduce adaptive differential privacy algorithms aimed at enhancing the balance between model utility and privacy in AFL. Our approach begins by defining two frameworks for privacy-enhanced AFL, taking into account various factors relevant to different adversary models. Through in-depth analysis of the model convergence in AFL, we demonstrate how differential privacy can be adaptively achieved while maintaining high utility. Extensive experiments on diverse training models and benchmark datasets showcase that our proposed algorithms outperform existing benchmark methods in terms of overall performance, enhancing test accuracy under similar privacy constraints and achieving faster convergence rates.
{"title":"Adaptive differential privacy in asynchronous federated learning for aerial-aided edge computing","authors":"Yadong Zhang, Huixiang Zhang, Yi Yang, Wen Sun, Haibin Zhang, Yaru Fu","doi":"10.1016/j.jnca.2024.104087","DOIUrl":"https://doi.org/10.1016/j.jnca.2024.104087","url":null,"abstract":"The integration of aerial-aided edge computing and federated learning (FL) is expected to completely change the way data is collected and utilized in edge computing scenarios, while effectively addressing the issues of data privacy protection and data distribution in this scenario. However, in the face of the challenge of device heterogeneity at the edge computing systems, most current synchronous federated learning approaches suffer from low efficiency because of the straggler effect. This issue can be significantly mitigated by adopting Asynchronous Federated Learning (AFL). Despite the potential benefits, AFL remains under-explored, posing a significant hurdle to optimizing the utility of privacy-enhanced AFL. To address this, we introduce adaptive differential privacy algorithms aimed at enhancing the balance between model utility and privacy in AFL. Our approach begins by defining two frameworks for privacy-enhanced AFL, taking into account various factors relevant to different adversary models. Through in-depth analysis of the model convergence in AFL, we demonstrate how differential privacy can be adaptively achieved while maintaining high utility. Extensive experiments on diverse training models and benchmark datasets showcase that our proposed algorithms outperform existing benchmark methods in terms of overall performance, enhancing test accuracy under similar privacy constraints and achieving faster convergence rates.","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"128 1","pages":""},"PeriodicalIF":8.7,"publicationDate":"2024-12-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142873856","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
To ensure secure and reliable communication in wireless systems, authenticating the identities of numerous nodes is imperative. Traditional cryptography-based authentication methods suffer from issues such as low compatibility, reliability, and high complexity. Physical-Layer Authentication (PLA) is emerging as a promising complement due to its exploitation of unique properties in wireless environments. Recently, Machine Learning (ML)-based PLA has gained attention for its intelligence, adaptability, universality, and scalability compared to non-ML approaches. However, a comprehensive overview of state-of-the-art ML-based PLA and its foundational aspects is lacking. This paper presents a comprehensive survey of characteristics and technologies that can be used in the ML-based PLA. We categorize existing ML-based PLA schemes into two main types: multi-device identification and attack detection schemes. In deep learning-based multi-device identification schemes, Deep Neural Networks are employed to train models, avoiding complex processing and expert feature transformation. Deep learning-based multi-device identification schemes are further subdivided, with schemes based on Convolutional Neural Networks being extensively researched. In ML-based attack detection schemes, receivers utilize intelligent ML techniques to set detection thresholds automatically, eliminating the need for manual calculation or knowledge of channel models. ML-based attack detection schemes are categorized into three sub-types: Supervised Learning, Unsupervised Learning, and Reinforcement Learning. Additionally, we summarize open-source datasets used for PLA, encompassing Radio Frequency fingerprints and channel fingerprints. Finally, this paper outlines future research directions to guide researchers in related fields.
为了确保无线系统中通信的安全性和可靠性,必须对众多节点的身份进行验证。传统的基于密码学的身份验证方法存在兼容性差、可靠性低和复杂性高等问题。物理层身份验证(PLA)利用了无线环境中的独特特性,正在成为一种前景广阔的补充方法。最近,与非机器学习方法相比,基于机器学习(ML)的 PLA 因其智能性、适应性、通用性和可扩展性而备受关注。然而,目前还缺乏对最先进的基于 ML 的 PLA 及其基础方面的全面概述。本文全面介绍了可用于基于 ML 的 PLA 的特征和技术。我们将现有的基于 ML 的 PLA 方案分为两大类:多设备识别和攻击检测方案。在基于深度学习的多设备识别方案中,采用深度神经网络来训练模型,避免了复杂的处理和专家特征转换。基于深度学习的多设备识别方案还可进一步细分,其中基于卷积神经网络的方案得到了广泛研究。在基于 ML 的攻击检测方案中,接收器利用智能 ML 技术自动设置检测阈值,无需人工计算或了解信道模型。基于 ML 的攻击检测方案分为三个子类型:监督学习、无监督学习和强化学习。此外,我们还总结了用于 PLA 的开源数据集,包括无线电频率指纹和信道指纹。最后,本文概述了未来的研究方向,为相关领域的研究人员提供指导。
{"title":"A survey of Machine Learning-based Physical-Layer Authentication in wireless communications","authors":"Rui Meng, Bingxuan Xu, Xiaodong Xu, Mengying Sun, Bizhu Wang, Shujun Han, Suyu Lv, Ping Zhang","doi":"10.1016/j.jnca.2024.104085","DOIUrl":"https://doi.org/10.1016/j.jnca.2024.104085","url":null,"abstract":"To ensure secure and reliable communication in wireless systems, authenticating the identities of numerous nodes is imperative. Traditional cryptography-based authentication methods suffer from issues such as low compatibility, reliability, and high complexity. Physical-Layer Authentication (PLA) is emerging as a promising complement due to its exploitation of unique properties in wireless environments. Recently, Machine Learning (ML)-based PLA has gained attention for its intelligence, adaptability, universality, and scalability compared to non-ML approaches. However, a comprehensive overview of state-of-the-art ML-based PLA and its foundational aspects is lacking. This paper presents a comprehensive survey of characteristics and technologies that can be used in the ML-based PLA. We categorize existing ML-based PLA schemes into two main types: multi-device identification and attack detection schemes. In deep learning-based multi-device identification schemes, Deep Neural Networks are employed to train models, avoiding complex processing and expert feature transformation. Deep learning-based multi-device identification schemes are further subdivided, with schemes based on Convolutional Neural Networks being extensively researched. In ML-based attack detection schemes, receivers utilize intelligent ML techniques to set detection thresholds automatically, eliminating the need for manual calculation or knowledge of channel models. ML-based attack detection schemes are categorized into three sub-types: Supervised Learning, Unsupervised Learning, and Reinforcement Learning. Additionally, we summarize open-source datasets used for PLA, encompassing Radio Frequency fingerprints and channel fingerprints. Finally, this paper outlines future research directions to guide researchers in related fields.","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"15 1","pages":""},"PeriodicalIF":8.7,"publicationDate":"2024-12-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142825310","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-12-11DOI: 10.1016/j.jnca.2024.104086
Fan Dong, Henry Leung, Steve Drew
Federated learning offers a promising solution for overcoming the challenges of networking and data privacy in aerial and space networks by harnessing large-scale private edge data and computing resources from drones, balloons, and satellites. Although existing research has extensively explored optimizing the learning process, improving computing efficiency, and reducing communication overhead, statistical heterogeneity remains a substantial challenge for federated learning optimization. While state-of-the-art algorithms have made progress, they often overlook diversity heterogeneity and fail to significantly improve performance in high-degree label heterogeneity conditions. In this paper, statistical heterogeneity is further dissected into two categories: diversity heterogeneity and label heterogeneity, allowing for a more nuanced analysis. It also emphasizes the importance of addressing both diversity heterogeneity and high-degree label heterogeneity in aerial and space network applications. A theoretical analysis is provided to guide optimization in these two challenging scenarios. To tackle diversity heterogeneity, the WeiAvgCS algorithm is introduced to accelerate federated learning convergence. This algorithm employs weighted aggregation and client selection based on an estimated diversity measure, termed projection, enabling WeiAvgCS to outperform other benchmarks without compromising privacy. For high-degree label heterogeneity, the FedBalance algorithm is proposed, utilizing the label distribution information of each client. A novel metric, termed relative scarcity, is introduced to determine the aggregation weights assigned to clients. During the training process, fully homomorphic encryption is employed to protect clients’ label distributions. Additionally, two communication protocols are designed to facilitate training across different scenarios. Extensive experiments were conducted, demonstrating the effectiveness of WeiAvgCS and FedBalance in addressing the research gaps in diversity heterogeneity and high-degree label heterogeneity.
{"title":"Optimizing federated learning with weighted aggregation in aerial and space networks","authors":"Fan Dong, Henry Leung, Steve Drew","doi":"10.1016/j.jnca.2024.104086","DOIUrl":"https://doi.org/10.1016/j.jnca.2024.104086","url":null,"abstract":"Federated learning offers a promising solution for overcoming the challenges of networking and data privacy in aerial and space networks by harnessing large-scale private edge data and computing resources from drones, balloons, and satellites. Although existing research has extensively explored optimizing the learning process, improving computing efficiency, and reducing communication overhead, statistical heterogeneity remains a substantial challenge for federated learning optimization. While state-of-the-art algorithms have made progress, they often overlook diversity heterogeneity and fail to significantly improve performance in high-degree label heterogeneity conditions. In this paper, statistical heterogeneity is further dissected into two categories: diversity heterogeneity and label heterogeneity, allowing for a more nuanced analysis. It also emphasizes the importance of addressing both diversity heterogeneity and high-degree label heterogeneity in aerial and space network applications. A theoretical analysis is provided to guide optimization in these two challenging scenarios. To tackle diversity heterogeneity, the WeiAvgCS algorithm is introduced to accelerate federated learning convergence. This algorithm employs weighted aggregation and client selection based on an estimated diversity measure, termed <ce:italic>projection</ce:italic>, enabling WeiAvgCS to outperform other benchmarks without compromising privacy. For high-degree label heterogeneity, the FedBalance algorithm is proposed, utilizing the label distribution information of each client. A novel metric, termed <ce:italic>relative scarcity</ce:italic>, is introduced to determine the aggregation weights assigned to clients. During the training process, fully homomorphic encryption is employed to protect clients’ label distributions. Additionally, two communication protocols are designed to facilitate training across different scenarios. Extensive experiments were conducted, demonstrating the effectiveness of WeiAvgCS and FedBalance in addressing the research gaps in diversity heterogeneity and high-degree label heterogeneity.","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"32 1","pages":""},"PeriodicalIF":8.7,"publicationDate":"2024-12-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142873857","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The study of how to integrate Complex Networks (CN) within the Internet of Things (IoT) ecosystem has advanced significantly because of the field's recent expansion. CNs can tackle the biggest IoT issues by providing a common conceptual framework that encompasses the IoT scope. To this end, the Social Internet of Things (SIoT) perspective is introduced. In this study, a dynamic community-driven recommendation-oriented connection prediction and choice strategy utilizing Deep Reinforcement Learning (DRL) is proposed to deal with the key challenges located in the SIoT friendship selection component. To increase the efficiency of exploration, we incorporate an approach motivated by curiosity to create an intrinsic bonus signal that encourages the DRL agent to efficiently interact with its surroundings. Also, a novel method for Dynamic Community Detection (DCD) on SIoT to carry out community-oriented object recommendations is introduced. Lastly, we complete the experimental verifications utilizing datasets from the real world, and the experimental findings demonstrate that, in comparison to the related baselines, the approach presented here can enhance the accuracy of the social IoT friendship selection task and the effectiveness of training.
如何在物联网(IoT)生态系统中集成复杂网络(CN)的研究由于该领域最近的扩展而取得了重大进展。cnn可以通过提供涵盖物联网范围的通用概念框架来解决最大的物联网问题。为此,引入了社会物联网(Social Internet of Things, SIoT)视角。本研究提出了一种基于深度强化学习(DRL)的动态社区驱动的面向推荐的连接预测和选择策略,以解决SIoT友谊选择组件中的关键挑战。为了提高探索的效率,我们采用了一种由好奇心驱动的方法来创造一个内在的奖励信号,鼓励DRL代理与周围环境有效地互动。在此基础上,提出了一种基于SIoT的动态社区检测(DCD)方法来进行面向社区的对象推荐。最后,我们利用来自现实世界的数据集完成了实验验证,实验结果表明,与相关基线相比,本文提出的方法可以提高社交物联网友谊选择任务的准确性和训练的有效性。
{"title":"A novel community-driven recommendation-based approach to predict and select friendships on the social IoT utilizing deep reinforcement learning","authors":"Babak Farhadi, Parvaneh Asghari, Ebrahim Mahdipour, Hamid Haj Seyyed Javadi","doi":"10.1016/j.jnca.2024.104092","DOIUrl":"https://doi.org/10.1016/j.jnca.2024.104092","url":null,"abstract":"The study of how to integrate Complex Networks (CN) within the Internet of Things (IoT) ecosystem has advanced significantly because of the field's recent expansion. CNs can tackle the biggest IoT issues by providing a common conceptual framework that encompasses the IoT scope. To this end, the Social Internet of Things (SIoT) perspective is introduced. In this study, a dynamic community-driven recommendation-oriented connection prediction and choice strategy utilizing Deep Reinforcement Learning (DRL) is proposed to deal with the key challenges located in the SIoT friendship selection component. To increase the efficiency of exploration, we incorporate an approach motivated by curiosity to create an intrinsic bonus signal that encourages the DRL agent to efficiently interact with its surroundings. Also, a novel method for Dynamic Community Detection (DCD) on SIoT to carry out community-oriented object recommendations is introduced. Lastly, we complete the experimental verifications utilizing datasets from the real world, and the experimental findings demonstrate that, in comparison to the related baselines, the approach presented here can enhance the accuracy of the social IoT friendship selection task and the effectiveness of training.","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"148 1","pages":""},"PeriodicalIF":8.7,"publicationDate":"2024-12-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142873860","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Mobile ad hoc networks (MANETs) are beneficial in a wide range of sectors because of their rapid network creation capabilities. If mobile nodes collaborate and have mutual trust, the network can function properly. Routing becomes more difficult, and vulnerabilities are exposed more quickly as a result of flexible network features and frequent relationship flaws induced by node movement. This paper proposes a method for evaluating trust nodes using direct trust values, indirect trust values, and comprehensive trust values. Then, evaluating the trust value, the network's malicious and non-malicious nodes are identified using the Improved Extreme Gradient Boosting (XGBoost) algorithm. From the detected malicious nodes, the cluster head is chosen to ensure effective data transmission. Finally, the optimal routes are chosen using a novel Enhanced Cat Swarm-assisted Optimized Link State Routing Protocol (ECSO OLSRP). Furthermore, the Cat Swarm Optimization (CSO) algorithm determines the ideal route path based on characteristics such as node stability degree and connection stability degree. Because the proposed technique provides secure data transmission, node path setup, and node efficiency evaluation, it can maintain network performance even in the presence of several hostile nodes. The performance of the proposed trust-based approach security routing technique in terms of packet delivery ratio of nodes (0.47), end-to-end delay time of nodes (0.06), network throughput of nodes (1852.22), and control overhead of nodes (7.41).
{"title":"A secure routing and malicious node detection in mobile Ad hoc network using trust value evaluation with improved XGBoost mechanism","authors":"Geetika Dhand, Meena Rao, Parul Chaudhary, Kavita Sheoran","doi":"10.1016/j.jnca.2024.104093","DOIUrl":"https://doi.org/10.1016/j.jnca.2024.104093","url":null,"abstract":"Mobile ad hoc networks (MANETs) are beneficial in a wide range of sectors because of their rapid network creation capabilities. If mobile nodes collaborate and have mutual trust, the network can function properly. Routing becomes more difficult, and vulnerabilities are exposed more quickly as a result of flexible network features and frequent relationship flaws induced by node movement. This paper proposes a method for evaluating trust nodes using direct trust values, indirect trust values, and comprehensive trust values. Then, evaluating the trust value, the network's malicious and non-malicious nodes are identified using the Improved Extreme Gradient Boosting (XGBoost) algorithm. From the detected malicious nodes, the cluster head is chosen to ensure effective data transmission. Finally, the optimal routes are chosen using a novel Enhanced Cat Swarm-assisted Optimized Link State Routing Protocol (ECSO OLSRP). Furthermore, the Cat Swarm Optimization (CSO) algorithm determines the ideal route path based on characteristics such as node stability degree and connection stability degree. Because the proposed technique provides secure data transmission, node path setup, and node efficiency evaluation, it can maintain network performance even in the presence of several hostile nodes. The performance of the proposed trust-based approach security routing technique in terms of packet delivery ratio of nodes (0.47), end-to-end delay time of nodes (0.06), network throughput of nodes (1852.22), and control overhead of nodes (7.41).","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"1 1","pages":""},"PeriodicalIF":8.7,"publicationDate":"2024-12-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142873859","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: