Pub Date : 2024-12-09DOI: 10.1016/j.jnca.2024.104084
Hongyan Ran, Xiaohong Li, Zhichang Zhang
Recently, massive research has achieved significant development in improving the performance of rumor detection. However, identifying rumors in an invisible domain is still an elusive challenge. To address this issue, we propose an unsupervised cross-domain rumor detection model that enhances contrastive learning and cross-attention by label-aware learning to alleviate the domain shift. The model performs cross-domain feature alignment and enforces target samples to align with the corresponding prototypes of a given source domain. Moreover, we use a cross-attention mechanism on a pair of source data and target data with the same labels to learn domain-invariant representations. Because the samples in a domain pair tend to express similar semantic patterns, especially on the people’s attitudes (e.g., supporting or denying) towards the same category of rumors. In addition, we add a label-aware learning module as an enhancement component to learn the correlations between labels and instances during training and generate a better label distribution to replace the original one-hot label vector to guide the model training. At the same time, we use the label representation learned by the label learning module to guide the production of pseudo-label for the target samples. We conduct experiments on four groups of cross-domain datasets and show that our proposed model achieves state-of-the-art performance.
{"title":"Label-aware learning to enhance unsupervised cross-domain rumor detection","authors":"Hongyan Ran, Xiaohong Li, Zhichang Zhang","doi":"10.1016/j.jnca.2024.104084","DOIUrl":"https://doi.org/10.1016/j.jnca.2024.104084","url":null,"abstract":"Recently, massive research has achieved significant development in improving the performance of rumor detection. However, identifying rumors in an invisible domain is still an elusive challenge. To address this issue, we propose an unsupervised cross-domain rumor detection model that enhances contrastive learning and cross-attention by label-aware learning to alleviate the domain shift. The model performs cross-domain feature alignment and enforces target samples to align with the corresponding prototypes of a given source domain. Moreover, we use a cross-attention mechanism on a pair of source data and target data with the same labels to learn domain-invariant representations. Because the samples in a domain pair tend to express similar semantic patterns, especially on the people’s attitudes (e.g., supporting or denying) towards the same category of rumors. In addition, we add a label-aware learning module as an enhancement component to learn the correlations between labels and instances during training and generate a better label distribution to replace the original one-hot label vector to guide the model training. At the same time, we use the label representation learned by the label learning module to guide the production of pseudo-label for the target samples. We conduct experiments on four groups of cross-domain datasets and show that our proposed model achieves state-of-the-art performance.","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"117 1","pages":""},"PeriodicalIF":8.7,"publicationDate":"2024-12-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142825314","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The traditional architecture of networks in Software Defined Networking (SDN) is divided into three distinct planes to incorporate intelligence into networks. However, this structure has also introduced security threats and challenges across these planes, including the widely recognized Distributed Denial of Service (DDoS) attack. Therefore, it is essential to predict such attacks and their variants at different planes in SDN to maintain seamless network operations. Apart from network based and flow analysis based solutions to detect the attacks; machine learning and deep learning based prediction and mitigation approaches are also explored by the researchers and applied at different planes of software defined networking. Consequently, a detailed analysis of DDoS attacks and a review that explores DDoS attacks in SDN along with their learning based prediction/mitigation strategies are required to be studied and presented in detail. This paper primarily aims to investigate and analyze DDoS attacks on each plane of SDN and to study as well as compare machine learning, advanced federated learning and deep learning approaches to predict these attacks. The real world case studies are also explored to compare the analysis. In addition, low-rate DDoS attacks and novel research directions are discussed that can further be utilized by SDN experts and researchers to confront the effects by DDoS attacks on SDN.
{"title":"A comprehensive plane-wise review of DDoS attacks in SDN: Leveraging detection and mitigation through machine learning and deep learning","authors":"Dhruv Kalambe, Divyansh Sharma, Pushkar Kadam, Shivangi Surati","doi":"10.1016/j.jnca.2024.104081","DOIUrl":"https://doi.org/10.1016/j.jnca.2024.104081","url":null,"abstract":"The traditional architecture of networks in Software Defined Networking (SDN) is divided into three distinct planes to incorporate intelligence into networks. However, this structure has also introduced security threats and challenges across these planes, including the widely recognized Distributed Denial of Service (DDoS) attack. Therefore, it is essential to predict such attacks and their variants at different planes in SDN to maintain seamless network operations. Apart from network based and flow analysis based solutions to detect the attacks; machine learning and deep learning based prediction and mitigation approaches are also explored by the researchers and applied at different planes of software defined networking. Consequently, a detailed analysis of DDoS attacks and a review that explores DDoS attacks in SDN along with their learning based prediction/mitigation strategies are required to be studied and presented in detail. This paper primarily aims to investigate and analyze DDoS attacks on each plane of SDN and to study as well as compare machine learning, advanced federated learning and deep learning approaches to predict these attacks. The real world case studies are also explored to compare the analysis. In addition, low-rate DDoS attacks and novel research directions are discussed that can further be utilized by SDN experts and researchers to confront the effects by DDoS attacks on SDN.","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"252 1","pages":""},"PeriodicalIF":8.7,"publicationDate":"2024-12-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142825313","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-12-09DOI: 10.1016/j.jnca.2024.104082
Lizeth Patricia Aguirre Sanchez, Yao Shen, Minyi Guo
The challenge of link overutilization in networking persists, prompting the development of load-balancing methods such as multi-path strategies and flow rerouting. However, traditional rule-based heuristics struggle to adapt dynamically to network changes. This leads to complex models and lengthy convergence times, unsuitable for diverse QoS demands, particularly in time-sensitive applications. Existing routing approaches often result in specific types of traffic overloading links or general congestion, prolonged convergence delays, and scalability challenges. To tackle these issues, we propose a QoS-Congestion Aware Deep Reinforcement Learning Approach for Multi-Path Routing in Software-Defined Networking (MDQ). Leveraging Deep Reinforcement Learning, MDQ intelligently selects optimal multi-paths and allocates traffic based on flow needs. We design a multi-objective function using a combination of link and queue metrics to establish an efficient routing policy. Moreover, we integrate a congestion severity index into the learning process and incorporate a traffic classification phase to handle mice-elephant flows, ensuring that diverse class-of-service requirements are adequately addressed. Through an RYU-Docker-based Openflow framework integrating a Live QoS Monitor, DNC Classifier, and Online Routing, results demonstrate a 19%–22% reduction in delay compared to state-of-the-art algorithms, exhibiting robust reliability across diverse scenarios of network dynamics.
{"title":"MDQ: A QoS-Congestion Aware Deep Reinforcement Learning Approach for Multi-Path Routing in SDN","authors":"Lizeth Patricia Aguirre Sanchez, Yao Shen, Minyi Guo","doi":"10.1016/j.jnca.2024.104082","DOIUrl":"https://doi.org/10.1016/j.jnca.2024.104082","url":null,"abstract":"The challenge of link overutilization in networking persists, prompting the development of load-balancing methods such as multi-path strategies and flow rerouting. However, traditional rule-based heuristics struggle to adapt dynamically to network changes. This leads to complex models and lengthy convergence times, unsuitable for diverse QoS demands, particularly in time-sensitive applications. Existing routing approaches often result in specific types of traffic overloading links or general congestion, prolonged convergence delays, and scalability challenges. To tackle these issues, we propose a QoS-Congestion Aware Deep Reinforcement Learning Approach for Multi-Path Routing in Software-Defined Networking (MDQ). Leveraging Deep Reinforcement Learning, MDQ intelligently selects optimal multi-paths and allocates traffic based on flow needs. We design a multi-objective function using a combination of link and queue metrics to establish an efficient routing policy. Moreover, we integrate a congestion severity index into the learning process and incorporate a traffic classification phase to handle mice-elephant flows, ensuring that diverse class-of-service requirements are adequately addressed. Through an RYU-Docker-based Openflow framework integrating a Live QoS Monitor, DNC Classifier, and Online Routing, results demonstrate a 19%–22% reduction in delay compared to state-of-the-art algorithms, exhibiting robust reliability across diverse scenarios of network dynamics.","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"37 1","pages":""},"PeriodicalIF":8.7,"publicationDate":"2024-12-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142825309","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-12-09DOI: 10.1016/j.jnca.2024.104080
Xiankun Fu, Li Pan, Shijun Liu
High computing power and large storage capacity are necessary for running big data tasks, which leads to high infrastructure costs. Infrastructure-as-a-Service (IaaS) clouds can provide configuration environments and computing resources needed for running big data tasks, while saving users from expensive software and hardware infrastructure investments. Many studies show that the cost of computation can be reduced by caching intermediate results and reusing them instead of repeating computations. However, the storage cost incurred by caching a large number of intermediate results over a long period of time may exceed the cost of computation, ultimately leading to an increase in total cost instead. For making optimal caching decisions, future usage profiles for big data tasks are needed, but it is generally very hard to predict them precisely. In this paper, to address this problem, we propose two practical online algorithms, one deterministic and the other randomized, which can determine whether to cache intermediate results to reduce the total cost of big data tasks without requiring any future information. We prove theoretically that the competitive ratio of the proposed deterministic (randomized) algorithm is min(2−1−ηδ,2−ηβ) (resp., ee−1). Using real-world Wikipedia data as well as synthetic datasets, we verify the effectiveness of our proposed algorithms through a large number of experiments based on the price of Alibaba’s public IaaS cloud products.
{"title":"Caching or re-computing: Online cost optimization for running big data tasks in IaaS clouds","authors":"Xiankun Fu, Li Pan, Shijun Liu","doi":"10.1016/j.jnca.2024.104080","DOIUrl":"https://doi.org/10.1016/j.jnca.2024.104080","url":null,"abstract":"High computing power and large storage capacity are necessary for running big data tasks, which leads to high infrastructure costs. Infrastructure-as-a-Service (IaaS) clouds can provide configuration environments and computing resources needed for running big data tasks, while saving users from expensive software and hardware infrastructure investments. Many studies show that the cost of computation can be reduced by caching intermediate results and reusing them instead of repeating computations. However, the storage cost incurred by caching a large number of intermediate results over a long period of time may exceed the cost of computation, ultimately leading to an increase in total cost instead. For making optimal caching decisions, future usage profiles for big data tasks are needed, but it is generally very hard to predict them precisely. In this paper, to address this problem, we propose two practical online algorithms, one deterministic and the other randomized, which can determine whether to cache intermediate results to reduce the total cost of big data tasks without requiring any future information. We prove theoretically that the competitive ratio of the proposed deterministic (randomized) algorithm is <mml:math altimg=\"si1.svg\" display=\"inline\"><mml:mrow><mml:mi>m</mml:mi><mml:mi>i</mml:mi><mml:mi>n</mml:mi><mml:mrow><mml:mo>(</mml:mo><mml:mn>2</mml:mn><mml:mo>−</mml:mo><mml:mfrac><mml:mrow><mml:mn>1</mml:mn><mml:mo>−</mml:mo><mml:mi>η</mml:mi></mml:mrow><mml:mrow><mml:mi>δ</mml:mi></mml:mrow></mml:mfrac><mml:mo>,</mml:mo><mml:mn>2</mml:mn><mml:mo>−</mml:mo><mml:mfrac><mml:mrow><mml:mi>η</mml:mi></mml:mrow><mml:mrow><mml:mi>β</mml:mi></mml:mrow></mml:mfrac><mml:mo>)</mml:mo></mml:mrow></mml:mrow></mml:math> (resp., <mml:math altimg=\"si2.svg\" display=\"inline\"><mml:mfrac><mml:mrow><mml:mi>e</mml:mi></mml:mrow><mml:mrow><mml:mi>e</mml:mi><mml:mo>−</mml:mo><mml:mn>1</mml:mn></mml:mrow></mml:mfrac></mml:math>). Using real-world Wikipedia data as well as synthetic datasets, we verify the effectiveness of our proposed algorithms through a large number of experiments based on the price of Alibaba’s public IaaS cloud products.","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"30 1","pages":""},"PeriodicalIF":8.7,"publicationDate":"2024-12-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142825311","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-12-05DOI: 10.1016/j.jnca.2024.104088
Annamaria Ficara, Hocine Cherifi, Xiaoyang Liu, Luiz Fernando Bittencourt, Maria Fazio
{"title":"Complex networks for Smart environments management","authors":"Annamaria Ficara, Hocine Cherifi, Xiaoyang Liu, Luiz Fernando Bittencourt, Maria Fazio","doi":"10.1016/j.jnca.2024.104088","DOIUrl":"https://doi.org/10.1016/j.jnca.2024.104088","url":null,"abstract":"","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"43 1","pages":""},"PeriodicalIF":8.7,"publicationDate":"2024-12-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142825324","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-12-04DOI: 10.1016/j.jnca.2024.104079
Walid K. Hasan, Iftekhar Ahmad, Daryoush Habibi, Quoc Viet Phung, Mohammad Al-Fawa'reh, Kazi Yasin Islam, Ruba Zaheer, Haitham Khaled
Underwater communication plays a crucial role in monitoring the aquatic environment on Earth. Due to their unique characteristics, underwater acoustic channels present unique challenges including lengthy signal transmission delays, limited data transfer bandwidth, variable signal quality, and fluctuating channel conditions. Furthermore, the reliance on battery power for most Underwater Wireless Acoustic Networks (UWAN) devices, coupled with the challenges associated with battery replacement or recharging, intensifies the challenges. Underwater acoustic communications are heavily constrained by available resources (e.g., very limited bandwidth, and limited energy storage). Consequently, the role of medium access control (MAC) protocol which distributes available resources among nodes is critical in maintaining a reliable underwater communication system. This study presents an extensive review of current research in MAC for UWAN. This study presents an extensive review of current research in MAC for UWAN. The paper explores the unique challenges and characteristics of UWAN, which are critical for the MAC protocol design. Subsequently, a diverse range of energy-efficient MAC techniques are categorized and reviewed. Potential future research avenues in energy-efficient MAC protocols are discussed, with a particular emphasis on the challenges to enable the broader implementation of the Green Internet of Underwater Things (GIoUT).
{"title":"A survey on energy efficient medium access control for acoustic wireless communication networks in underwater environments","authors":"Walid K. Hasan, Iftekhar Ahmad, Daryoush Habibi, Quoc Viet Phung, Mohammad Al-Fawa'reh, Kazi Yasin Islam, Ruba Zaheer, Haitham Khaled","doi":"10.1016/j.jnca.2024.104079","DOIUrl":"https://doi.org/10.1016/j.jnca.2024.104079","url":null,"abstract":"Underwater communication plays a crucial role in monitoring the aquatic environment on Earth. Due to their unique characteristics, underwater acoustic channels present unique challenges including lengthy signal transmission delays, limited data transfer bandwidth, variable signal quality, and fluctuating channel conditions. Furthermore, the reliance on battery power for most Underwater Wireless Acoustic Networks (UWAN) devices, coupled with the challenges associated with battery replacement or recharging, intensifies the challenges. Underwater acoustic communications are heavily constrained by available resources (e.g., very limited bandwidth, and limited energy storage). Consequently, the role of medium access control (MAC) protocol which distributes available resources among nodes is critical in maintaining a reliable underwater communication system. This study presents an extensive review of current research in MAC for UWAN. This study presents an extensive review of current research in MAC for UWAN. The paper explores the unique challenges and characteristics of UWAN, which are critical for the MAC protocol design. Subsequently, a diverse range of energy-efficient MAC techniques are categorized and reviewed. Potential future research avenues in energy-efficient MAC protocols are discussed, with a particular emphasis on the challenges to enable the broader implementation of the Green Internet of Underwater Things (GIoUT).","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"2 1","pages":""},"PeriodicalIF":8.7,"publicationDate":"2024-12-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142825325","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-11-28DOI: 10.1016/j.jnca.2024.104068
Silvestre Malta , Pedro Pinto , Manuel Fernández-Veiga
The advent of 5th Generation (5G) networks has introduced the strategy of network slicing as a paradigm shift, enabling the provision of services with distinct Quality of Service (QoS) requirements. The 5th Generation New Radio (5G NR) standard complies with the use cases Enhanced Mobile Broadband (eMBB), Ultra-Reliable Low Latency Communications (URLLC), and Massive Machine Type Communications (mMTC), which demand a dynamic adaptation of network slicing to meet the diverse traffic needs. This dynamic adaptation presents both a critical challenge and a significant opportunity to improve 5G network efficiency. This paper proposes a Deep Reinforcement Learning (DRL) agent that performs dynamic resource allocation in 5G wireless network slicing according to traffic requirements of the 5G use cases within two scenarios: eMBB with URLLC and eMBB with mMTC. The DRL agent evaluates the performance of different decoding schemes such as Orthogonal Multiple Access (OMA), Non-Orthogonal Multiple Access (NOMA), and Rate Splitting Multiple Access (RSMA) and applies the best decoding scheme in these scenarios under different network conditions. The DRL agent has been tested to maximize the sum rate in scenario eMBB with URLLC and to maximize the number of successfully decoded devices in scenario eMBB with mMTC, both with different combinations of number of devices, power gains and number of allocated frequencies. The results show that the DRL agent dynamically chooses the best decoding scheme and presents an efficiency in maximizing the sum rate and the decoded devices between 84% and 100% for both scenarios evaluated.
{"title":"Optimizing 5G network slicing with DRL: Balancing eMBB, URLLC, and mMTC with OMA, NOMA, and RSMA","authors":"Silvestre Malta , Pedro Pinto , Manuel Fernández-Veiga","doi":"10.1016/j.jnca.2024.104068","DOIUrl":"10.1016/j.jnca.2024.104068","url":null,"abstract":"<div><div>The advent of 5th Generation (5G) networks has introduced the strategy of network slicing as a paradigm shift, enabling the provision of services with distinct Quality of Service (QoS) requirements. The 5th Generation New Radio (5G NR) standard complies with the use cases Enhanced Mobile Broadband (eMBB), Ultra-Reliable Low Latency Communications (URLLC), and Massive Machine Type Communications (mMTC), which demand a dynamic adaptation of network slicing to meet the diverse traffic needs. This dynamic adaptation presents both a critical challenge and a significant opportunity to improve 5G network efficiency. This paper proposes a Deep Reinforcement Learning (DRL) agent that performs dynamic resource allocation in 5G wireless network slicing according to traffic requirements of the 5G use cases within two scenarios: eMBB with URLLC and eMBB with mMTC. The DRL agent evaluates the performance of different decoding schemes such as Orthogonal Multiple Access (OMA), Non-Orthogonal Multiple Access (NOMA), and Rate Splitting Multiple Access (RSMA) and applies the best decoding scheme in these scenarios under different network conditions. The DRL agent has been tested to maximize the sum rate in scenario eMBB with URLLC and to maximize the number of successfully decoded devices in scenario eMBB with mMTC, both with different combinations of number of devices, power gains and number of allocated frequencies. The results show that the DRL agent dynamically chooses the best decoding scheme and presents an efficiency in maximizing the sum rate and the decoded devices between 84% and 100% for both scenarios evaluated.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"234 ","pages":"Article 104068"},"PeriodicalIF":7.7,"publicationDate":"2024-11-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142745343","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-11-26DOI: 10.1016/j.jnca.2024.104072
Rakesh Kumar, Mayank Swarnkar
With the increasing popularity of IoT, there has been a noticeable surge in security breaches associated with vulnerable IoT devices. To identify and counter such attacks. Intrusion Detection Systems (IDS) are deployed. However, these IoT devices use device-specific application layer protocols like MQTT and CoAP, which pose an additional burden to the traditional IDS. Several Machine Learning (ML) and Deep Learning (DL) based IDS are developed to detect malicious IoT network traffic. However, in recent times, a variety of IoT devices have been available on the market, resulting in the frequent installation and uninstallation of IoT devices based on users’ needs. Moreover, ML and DL-based IDS must train with sufficient device-specific attack training data for each IoT device, consuming a noticeable amount of training time. To solve these problems, we propose QuIDS, which utilizes a Quantum Support Vector Classifier to classify attacks in an IoT network. QuIDS requires very little training data compared to ML or DL to train and accurately identify attacks in the IoT network. QuIDS extracts eight flow-level features from IoT network traffic and utilizes them over four quantum bits for training. We experimented with QuIDS on two publicly available datasets and found the average recall rate, precision, and f1-score of the QuIDS as 91.1%, 84.3%, and 86.4%, respectively. Moreover, comparing QuIDS with the ML and DL methods, we found that QuIDS outperformed by 37.7%, 24.4.6%, and 36.9% more average recall and precision rates than the ML and DL methods, respectively.
{"title":"QuIDS: A Quantum Support Vector machine-based Intrusion Detection System for IoT networks","authors":"Rakesh Kumar, Mayank Swarnkar","doi":"10.1016/j.jnca.2024.104072","DOIUrl":"https://doi.org/10.1016/j.jnca.2024.104072","url":null,"abstract":"With the increasing popularity of IoT, there has been a noticeable surge in security breaches associated with vulnerable IoT devices. To identify and counter such attacks. Intrusion Detection Systems (IDS) are deployed. However, these IoT devices use device-specific application layer protocols like MQTT and CoAP, which pose an additional burden to the traditional IDS. Several Machine Learning (ML) and Deep Learning (DL) based IDS are developed to detect malicious IoT network traffic. However, in recent times, a variety of IoT devices have been available on the market, resulting in the frequent installation and uninstallation of IoT devices based on users’ needs. Moreover, ML and DL-based IDS must train with sufficient device-specific attack training data for each IoT device, consuming a noticeable amount of training time. To solve these problems, we propose QuIDS, which utilizes a Quantum Support Vector Classifier to classify attacks in an IoT network. QuIDS requires very little training data compared to ML or DL to train and accurately identify attacks in the IoT network. QuIDS extracts eight flow-level features from IoT network traffic and utilizes them over four quantum bits for training. We experimented with QuIDS on two publicly available datasets and found the average recall rate, precision, and f1-score of the QuIDS as 91.1%, 84.3%, and 86.4%, respectively. Moreover, comparing QuIDS with the ML and DL methods, we found that QuIDS outperformed by 37.7%, 24.4.6%, and 36.9% more average recall and precision rates than the ML and DL methods, respectively.","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"60 1","pages":""},"PeriodicalIF":8.7,"publicationDate":"2024-11-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142790082","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-11-26DOI: 10.1016/j.jnca.2024.104067
José Santos , Efstratios Reppas , Tim Wauters , Bruno Volckaert , Filip De Turck
Containers have reshaped application deployment and life-cycle management in recent cloud platforms. The paradigm shift from large monolithic applications to complex graphs of loosely-coupled microservices aims to increase deployment flexibility and operational efficiency. However, efficient allocation and scaling of microservice applications is challenging due to their intricate inter-dependencies. Existing works do not consider microservice dependencies, which could lead to the application’s performance degradation when service demand increases. As dependencies increase, communication between microservices becomes more complex and frequent, leading to slower response times and higher resource consumption, especially during high demand. In addition, performance issues in one microservice can also trigger a ripple effect across dependent services, exacerbating the performance degradation across the entire application. This paper studies the impact of microservice inter-dependencies in auto-scaling by proposing Gwydion, a novel framework that enables different auto-scaling goals through Reinforcement Learning (RL) algorithms. Gwydion has been developed based on the OpenAI Gym library and customized for the popular Kubernetes (K8s) platform to bridge the gap between RL and auto-scaling research by training RL algorithms on real cloud environments for two opposing reward strategies: cost-aware and latency-aware. Gwydion focuses on improving resource usage and reducing the application’s response time by considering microservice inter-dependencies when scaling horizontally. Experiments with microservice benchmark applications, such as Redis Cluster (RC) and Online Boutique (OB), show that RL agents can reduce deployment costs and the application’s response time compared to default scaling mechanisms, achieving up to 50% lower latency while avoiding performance degradation. For RC, cost-aware algorithms can reduce the number of deployed pods (2 to 4), resulting in slightly higher latency ( to 6 ms) but lower resource consumption. For OB, all RL algorithms exhibit a notable response time improvement by considering all microservices in the observation space, enabling the sequential triggering of actions across different deployments. This leads to nearly 30% cost savings while maintaining consistently lower latency throughout the experiment. Gwydion aims to advance auto-scaling research in a rapidly evolving dynamic cloud environment.
{"title":"Gwydion: Efficient auto-scaling for complex containerized applications in Kubernetes through Reinforcement Learning","authors":"José Santos , Efstratios Reppas , Tim Wauters , Bruno Volckaert , Filip De Turck","doi":"10.1016/j.jnca.2024.104067","DOIUrl":"10.1016/j.jnca.2024.104067","url":null,"abstract":"<div><div>Containers have reshaped application deployment and life-cycle management in recent cloud platforms. The paradigm shift from large monolithic applications to complex graphs of loosely-coupled microservices aims to increase deployment flexibility and operational efficiency. However, efficient allocation and scaling of microservice applications is challenging due to their intricate inter-dependencies. Existing works do not consider microservice dependencies, which could lead to the application’s performance degradation when service demand increases. As dependencies increase, communication between microservices becomes more complex and frequent, leading to slower response times and higher resource consumption, especially during high demand. In addition, performance issues in one microservice can also trigger a ripple effect across dependent services, exacerbating the performance degradation across the entire application. This paper studies the impact of microservice inter-dependencies in auto-scaling by proposing <em>Gwydion</em>, a novel framework that enables different auto-scaling goals through Reinforcement Learning (RL) algorithms. <em>Gwydion</em> has been developed based on the OpenAI Gym library and customized for the popular Kubernetes (K8s) platform to bridge the gap between RL and auto-scaling research by training RL algorithms on real cloud environments for two opposing reward strategies: cost-aware and latency-aware. <em>Gwydion</em> focuses on improving resource usage and reducing the application’s response time by considering microservice inter-dependencies when scaling horizontally. Experiments with microservice benchmark applications, such as Redis Cluster (RC) and Online Boutique (OB), show that RL agents can reduce deployment costs and the application’s response time compared to default scaling mechanisms, achieving up to 50% lower latency while avoiding performance degradation. For RC, cost-aware algorithms can reduce the number of deployed pods (2 to 4), resulting in slightly higher latency (<span><math><mrow><mn>300</mn><mspace></mspace><mi>μ</mi><mi>s</mi></mrow></math></span> to 6 ms) but lower resource consumption. For OB, all RL algorithms exhibit a notable response time improvement by considering all microservices in the observation space, enabling the sequential triggering of actions across different deployments. This leads to nearly 30% cost savings while maintaining consistently lower latency throughout the experiment. Gwydion aims to advance auto-scaling research in a rapidly evolving dynamic cloud environment.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"234 ","pages":"Article 104067"},"PeriodicalIF":7.7,"publicationDate":"2024-11-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142745345","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-11-22DOI: 10.1016/j.jnca.2024.104071
Yuxin Xia , Jie Zhang , Ka Lok Man , Yuji Dong
Authenticated Key Exchange (AKE) has been playing a significant role in ensuring communication security. However, in some Multi-access Edge Computing (MEC) scenarios where a moving end-node switchedly connects to a sequence of edge-nodes, it is costly in terms of time and computing resources to repeatedly run AKE protocols between the end-node and each edge-node. Moreover, the cloud needs to be involved to assist the authentication between them, which goes against MEC’s purpose of bringing cloud services from cloud to closer to end-user. To address the above problems, this paper proposes a new type of AKE, named as Handover Authenticated Key Exchange (HAKE). In HAKE, an earlier AKE procedure handovers authentication materials and some parameters to its temporally next AKE procedure, thereby saving resources and reducing the participation of remote cloud. Following the framework of HAKE, we propose a concrete HAKE protocol based on Elliptic Curve Diffie–Hellman (ECDH) key exchange and ratcheted key exchange. Then we verify its security via Burrows-Abadi-Needham (BAN) logic and the Automated Validation of Internet Security Protocols and Applications (AVISPA) tool. Finally, we evaluate and test its performance. The results show that the HAKE protocol achieves security goals and reduces communication and computation costs compared to similar protocols.
{"title":"Handover Authenticated Key Exchange for Multi-access Edge Computing","authors":"Yuxin Xia , Jie Zhang , Ka Lok Man , Yuji Dong","doi":"10.1016/j.jnca.2024.104071","DOIUrl":"10.1016/j.jnca.2024.104071","url":null,"abstract":"<div><div>Authenticated Key Exchange (AKE) has been playing a significant role in ensuring communication security. However, in some Multi-access Edge Computing (MEC) scenarios where a moving end-node switchedly connects to a sequence of edge-nodes, it is costly in terms of time and computing resources to repeatedly run AKE protocols between the end-node and each edge-node. Moreover, the cloud needs to be involved to assist the authentication between them, which goes against MEC’s purpose of bringing cloud services from cloud to closer to end-user. To address the above problems, this paper proposes a new type of AKE, named as Handover Authenticated Key Exchange (HAKE). In HAKE, an earlier AKE procedure handovers authentication materials and some parameters to its temporally next AKE procedure, thereby saving resources and reducing the participation of remote cloud. Following the framework of HAKE, we propose a concrete HAKE protocol based on Elliptic Curve Diffie–Hellman (ECDH) key exchange and ratcheted key exchange. Then we verify its security via Burrows-Abadi-Needham (BAN) logic and the Automated Validation of Internet Security Protocols and Applications (AVISPA) tool. Finally, we evaluate and test its performance. The results show that the HAKE protocol achieves security goals and reduces communication and computation costs compared to similar protocols.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"234 ","pages":"Article 104071"},"PeriodicalIF":7.7,"publicationDate":"2024-11-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142720458","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: