Computer Communications最新文献

The Social Internet of Things (Social IoT) introduces a fresh approach to promote the usability of IoT networks and enhance service discovery by incorporating social contexts. However, this approach encounters various challenges that impact its performance and reliability. One of the most prominent challenges is trust, specifically trust-related attacks, where certain users engage in malicious behaviors and launch attacks to spread harmful services. To ensure a trustworthy experience for end-users and prevent such attacks in real-time, it is highly significant to incorporate a trust management mechanism within the Social IoT network. To address this challenge, we propose a novel trust management mechanism that leverages blockchain technology. By integrating this technology, we aim to prevent trust-related attacks and create a secure environment. Additionally, we introduce a new consensus protocol for the blockchain called Spark-based Proof of Trust-related Attacks (SPoTA). This protocol is designed to process stream transactions in real-time using Apache Spark, a distributed stream processing engine. To implement SPoTA, we have developed a new classifier utilizing Spark Libraries. This classifier is capable of accurately categorizing transactions as either malicious or secure. As new transaction streams are read, the classifier is employed to classify and assign a label to each stream. This label assists the SPoTA protocol in making informed decisions regarding the validation or rejection of transactions. Our research findings demonstrate the effectiveness of our classifier in predicting malicious transactions, outstripping our previous works and other approaches reported in the literature. Additionally, our new protocol exhibits improved transaction processing times.

Vehicular Edge Computing (VEC) provides a flexible distributed computing paradigm for offloading computations to the vehicular network, which can effectively solve the problem of limited vehicle computing resources and meet the on-vehicle computing requests of users. However, the conflict of interest between vehicle users and service providers leads to the need to consider a variety of conflict optimization goals for computing offloading, and the dynamic nature of vehicle networks, such as vehicle mobility and time-varying network conditions, make the offloading effectiveness of vehicle computing requests and the adaptability to complex VEC scenarios challenging. To address these challenges, this paper proposes a multi-objective optimization model suitable for computational offloading of dynamic heterogeneous VEC networks. By formulating the dynamic multi-objective computational offloading problem as a multi-objective Markov Decision Process (MOMDP), this paper designs a novel multi-objective reinforcement learning algorithm EMOTO, which aims to minimize the average task execution delay and average vehicle energy consumption, and maximize the revenue of service providers. In this paper, a preference priority sampling module is proposed, and a model-augmented environment estimator is introduced to learn the environmental model for multi-objective optimization, so as to solve the problem that the agent is difficult to learn steadily caused by the highly dynamic change of VEC environment, thus to effectively realize the joint optimization of multiple objectives and improve the decision-making accuracy and efficiency of the algorithm. Experiments show that EMOTO has superior performance on multiple optimization objectives compared with advanced multi-objective reinforcement learning algorithms. In addition, the algorithm shows robustness when applied to different environmental settings and better adapting to highly dynamic environments, and balancing the conflict of interest between vehicle users and service providers.

With the advancement of wireless sensing technology, human identification based on WiFi sensing has garnered significant attention in the fields of human–computer interaction and home security. Despite the initial success of WiFi sensing based human identification when the environment is fixed, the performance of the trained identity sensing model will be severely degraded when applied to unfamiliar environments. In this paper, a cross-domain human identification system (CATFSID) is proposed, which is able to achieve environment migration of trained model using up to 3-shot. CATFSID utilizes a dual adversarial training network, including cross-adversarial training between source and source domain classifiers, and adversarial training between source and target domain discriminators to extract environment-independent identity features. Introducing a method based on pseudo-label prediction, which assigns labels to target domain samples similar to the source domain samples, reduces the distribution bias of identity features between the source and target domains. The experimental results show accuracy of 90.1% and F1-Score of 89.33% when using 3 samples per user in the new environment.

With an increase in the complexity and scale of networks, cybersecurity faces increasingly severe challenges. For instance, an attacker can combine individual attacks into complex multi-stage attacks to infiltrate targets. Traditional intrusion detection systems (IDS) generate large number of alerts during an attack, including attack clues along with many false positives. Furthermore, due to the complexity and changefulness of attacks, security analysts spend considerable time and effort on discovering attack paths. Existing methods rely on attack knowledgebases or predefined correlation rules but can only identify known attacks. To address these limitations, this paper presents an attack correlation and scenario reconstruction method. We transform the abnormal flows corresponding to the alerts into abnormal states relationship graph (ASR-graph) and automatically correlate attacks through graph aggregation and clustering. We also implemented an attack path search algorithm to mine attack paths and trace the attack process. This method does not rely on prior knowledge; thus, it can well adapt to the changed attack plan, making it effective in correlating unknown attacks and identifying attack paths. Evaluation results show that the proposed method has higher accuracy and effectiveness than existing methods.

Light fidelity (LiFi) is an emerging wireless networking technology of visible light communication (VLC) paradigm for multiuser communication. This technology enables high data rates due to the availability of large visible light spectrum. While current studies have shown the potential for LiFi technology, they borrow the MAC-layer protocols from traditional WiFi. However, a number of prior studies have shown the challenges faced by the MAC-layer of WiFi in the presence of large number and types of devices. In this work, we show that the hybrid-coordination-function-controlled-access (HCCA) MAC protocol in LiFi provides higher throughput than the traditional CSMA/CA mechanism to user devices. We also show that HCCA has the limitation of higher message overhead in the presence of a large number of devices. We also evaluate the collision probability, busy channel probability, and delay for HCCA and CSMA/CA MAC protocol. We utilize both theoretical analysis and extensive simulations to study these performance tradeoffs and identify a threshold when a LiFi access point should switch to HCCA from CSMA/CA and vice-versa. Finally, based on our findings, we design a hybrid-MAC mechanism that switches between HCCA and CSMA/CA based on the number and type of devices present. Our evaluation shows that this hybrid mechanism can outperform both HCCA and CSMA/CA individually in the presence of different number of devices.

Recently, using Wi-Fi devices as sensing technology has garnered significant attention and found numerous applications. This trend has given birth to what is known as Wi-Fi sensing. This innovative approach has been made possible by analyzing the Channel State Information (CSI) of the Wi-Fi communication channel, which can be calculated from the frame preamble. CSI captures multipath effects, attenuations, and phase shifts in signal propagation, among other fading effects caused, for example, by reflection with objects or a person. Extensive research in this field has revealed that these effects can be utilized for sensing purposes, supposing that the cause of the effects is a person, leading to the development of Wi-Fi sensing applications such as Activity Recognition, Gesture Recognition, and Vital Signs monitoring. This Survey highlights recent works and advances in Wi-Fi sensing applications, identifying and exposing significant applications. For each paper selected, the following sections have been emphasized: Data Collection, Data Preprocessing, Detection Algorithm, Performance, and Application, as these are part of the methodology followed for the functioning of Wi-Fi sensing systems. Furthermore, the techniques and tools commonly used in Wi-Fi sensing are described. Finally, the current challenges associated with Wi-Fi as a wireless sensing technology and possible ways to address these challenges are discussed.

With cloud storage services becoming wildspread and low-cost, individuals and organizations select outsourcing large amounts of document to cloud. Cloud storage applications provide data sharing services with varying functionality. In some cloud storage systems that provide data sharing, such as e-health systems, hiding sensitive information fields is a necessity. Meanwhile, in sharing process, unauthorized entities may have access to these privacy fields. The resource-constrained computation capability for data owner (DO) is universal. To tackle above problems, we propose a sanitizer-based secure data sharing scheme where sanitizer performs most computations of encryption and signature after receiving the partially blinded data from DO. It also checks the legitimacy of visitors before CSP returns stored data file. Besides, adopting an attribute-based access policy guarantees further privacy and fine-grained access authorization. After verification, cloud will return the required data to the legitimate visitors. Moreover, integrity auditing to shared data file is based on certificateless authentication technique, which removes certificates issue of traditional cryptographic technique, avoids key-escrow attack risk caused by identity-based cryptography. Finally, the performance analysis and experimental results show that our proposed scheme is competitive in practical applications since it reduces the authenticator generation overhead by up to 21.6% and proof generation overhead by up to 12% compared with related schemes.

The beyond fifth-generation (B5G) and emerging sixth-generation (6G) wireless networks are considered as key enablers in supporting a diversified set of applications for industrial mobile robots (MRs). In this paper, we consider mobile robots that autonomously roam on an industrial floor and perform a variety of tasks at different locations, whilst utilizing high directivity beamformers in millimeter wave (mmWave) small cells for joint communication and sensing. In such scenarios, the potential close proximity of MRs connected to different base stations, may cause excessive levels of interference having as a net result a decrease in the overall achievable data rate and network service degradation. To mitigate this effect an interference aware path planning algorithm is proposed by explicitly taking into account both achievable communication and sensing performance. More specifically, the proposed heuristic scheme aims to find paths with minimal interfering time whilst improving the overall joint communication and sensing quality of service. A wide set of numerical investigations reveal that the proposed heuristic path planning scheme for the mmWave networked mobile robots can improve the overall achievable communication throughput and the sensing mutual information by up to 35.6% and 23.6% respectively compared with an interference oblivious scheme. Most importantly, those gains are attained without penalizing noticeably the total travel time of the MRs.

The current IEEE 802.11ax standard enhances Wi-Fi networks with a series of new features, such as multi-user (MU) transmission, an Orthogonal Frequency Division Multiple Access (OFDMA) scheme and the ability to multiplex traffic from different access categories (ACs). These features can be utilized to enhance the QoS support for VoIP traffic and optimize the usage of IEEE 802.11ax network resources. This work proposes a new scheme to multiplex VoIP calls in IEEE 802.11ax MU frames and a new scheduler and resource allocation algorithm specifically designed for VoIP data traffic. Our scheduler allocates VoIP packets requiring longer transmission times into the same frame(s), minimizing the channel air-time assigned to VoIP transmission. In addition, unused radio resources in the MU frame are leveraged to transmit best-effort packets along with VoIP packets. For completeness, we also define a call admission control (CAC) algorithm that anticipates channel saturation conditions to ensure VoIP users can maintain a guaranteed level of QoS. Based on simulation results, our scheme is more efficient in reducing channel utilization than other schedulers such as multi-user round-robin (RR) (implemented by ns-3) or single-user FIFO. For example, for 30 VoIP stations using the G.711 codec under mixed channel conditions, our scheme reduces by 30% the air-time required to transmit VoIP packets. When coupled with the ability to also send best-effort packets along with VoIP packets, this translates into a higher throughput (i.e. 10 Mbit/s vs 4 Mbit/s) and more simultaneous VoIP users with guaranteed QoS (up to 46 VoIP users vs 26 and 28 users for the multi-user RR and single-user FIFO scheduling algorithms, respectively).

Internet of Things (IoT) networks have spread to many important fields and applications. The security of these networks remains a big challenge due to their unique characteristics and delicate operations. The blockchain has recently been proposed as a system to secure IoT data and communications. However, the blockchain demands a heavy load that cannot be handled by light IoT devices. For this reason, a large number of “lightweight blockchain” solutions were proposed that aim to modify the blockchain structure and characteristics to make it suitable for IoT networks. In this paper, we propose a novel and unique blockchain system for IoT networks that is based on four lightweight features: “lightweight architecture”, “lightweight authentication”, “lightweight consensus”, and “lightweight storage”. While previous research works focused on one or two of these features, we propose a system that combines the four features into a comprehensive lightweight blockchain system that utilizes a “lightweight cryptography” mechanism to achieve better performance from several perspectives, such as transaction latency, block generation delay, network overhead, and resilience to attacks.