This paper presents an iterative visualization technique including the timeline and parallel coordinates to illustrate network communication for forensic analysis. In primarily analysis process, the timeline of events is reconstructed from traffic logs. An analyst can track the related anomaly event on-demand. In addition the details of abnormal and normal activities are shown in multiple dimensions of parallel coordinates. The novelty of this research is not a presentation of the timeline and parallel coordinates technique, but iterative visualization framework to illustrate both anomaly traffic and application traffic pattern. We applied frequent item-set mining to search dominant traffic flow and classify them by traffic flow shape and entropy. Although some studies have been applied frequent item-set mining with traffic dataset, but as we have known, this is the first research to 1) take advantages of the frequent item-set mining and parallel coordinates, which allow us to find both the anomaly traffic and application traffic and it can easily understand the patterns of traffic flow with the multi-dimensional visualization, and 2) classify the application traffic from the entropy values of traffic flow discovered by frequent item-set mining. This method is able to classify the encrypted traffic data and it does not violate a user privacy. The results of this research and development of a visual network communication tool can: 1) show abnormalities and normal communication activities, 2) have application traffic classification 92% accurate, 3) be a visual network communication prototype which helps an analyst to find the cause of the network malfunction.
{"title":"Traffic Flow Classification and Visualization for Network Forensic Analysis","authors":"Nuttachot Promrit, A. Mingkhwan","doi":"10.1109/AINA.2015.207","DOIUrl":"https://doi.org/10.1109/AINA.2015.207","url":null,"abstract":"This paper presents an iterative visualization technique including the timeline and parallel coordinates to illustrate network communication for forensic analysis. In primarily analysis process, the timeline of events is reconstructed from traffic logs. An analyst can track the related anomaly event on-demand. In addition the details of abnormal and normal activities are shown in multiple dimensions of parallel coordinates. The novelty of this research is not a presentation of the timeline and parallel coordinates technique, but iterative visualization framework to illustrate both anomaly traffic and application traffic pattern. We applied frequent item-set mining to search dominant traffic flow and classify them by traffic flow shape and entropy. Although some studies have been applied frequent item-set mining with traffic dataset, but as we have known, this is the first research to 1) take advantages of the frequent item-set mining and parallel coordinates, which allow us to find both the anomaly traffic and application traffic and it can easily understand the patterns of traffic flow with the multi-dimensional visualization, and 2) classify the application traffic from the entropy values of traffic flow discovered by frequent item-set mining. This method is able to classify the encrypted traffic data and it does not violate a user privacy. The results of this research and development of a visual network communication tool can: 1) show abnormalities and normal communication activities, 2) have application traffic classification 92% accurate, 3) be a visual network communication prototype which helps an analyst to find the cause of the network malfunction.","PeriodicalId":6845,"journal":{"name":"2015 IEEE 29th International Conference on Advanced Information Networking and Applications Workshops","volume":"28 1","pages":"358-364"},"PeriodicalIF":0.0,"publicationDate":"2015-03-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"84114532","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Internet routers are a commons. While modest regulatory measures have generally been successful for Information Communication Technologies (ICT), this paper argues that the lack of regulation has hindered the technological evolution of the Internet in some areas. This issue is examined through five Internet problems, and the technological solutions adopted. The key contribution of this paper is the explanation of these issues and the identification of areas where misaligned incentives promote inadequate solutions or inaction. The paper reviews the available measures to encourage the adoption of globally beneficial Internet technologies.
{"title":"Why Internet Protocols Need Incentives","authors":"David Murray","doi":"10.1109/WAINA.2015.48","DOIUrl":"https://doi.org/10.1109/WAINA.2015.48","url":null,"abstract":"Internet routers are a commons. While modest regulatory measures have generally been successful for Information Communication Technologies (ICT), this paper argues that the lack of regulation has hindered the technological evolution of the Internet in some areas. This issue is examined through five Internet problems, and the technological solutions adopted. The key contribution of this paper is the explanation of these issues and the identification of areas where misaligned incentives promote inadequate solutions or inaction. The paper reviews the available measures to encourage the adoption of globally beneficial Internet technologies.","PeriodicalId":6845,"journal":{"name":"2015 IEEE 29th International Conference on Advanced Information Networking and Applications Workshops","volume":"104 1","pages":"261-266"},"PeriodicalIF":0.0,"publicationDate":"2015-03-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"86944110","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
An end-to-end shared secret key between two distant nodes in a mobile ad hoc network (MANET) is essential for providing secure communication between them. However, to provide effective security in a MANET, end-to-end key establishment should be secure against both internal as well as external malicious nodes. An external malicious node in a MANET does not possess any valid security credential related to the MANET, whereas an internal malicious node would possess some valid security credentials related to the MANET. Most of the protocols for end-to-end key establishment in MANETs either make an unrealistic assumption that an end-to-end secure channel exists between source and destination or use bandwidth consuming multi-path schemes. In this paper, we propose a simple and efficient protocol for end-to-end key establishment during route discovery (E2-KDR) in MANETs. Unlike many other existing schemes, the protocol establishes end-to-end key using trust among the nodes which, during initial stage, is established using public key certificate issued by an off-line membership granting authority. However, the use of public key in the proposed protocol is minimal to make it efficient. Since the key is established during route discovery phase, it reduces the key establishment time. The proposed protocol exploits mobility to establish end-to-end key, and provides comprehensive solution by making use of symmetric keys for protecting routing control messages and end-to-end communication. Moreover, as the end-to-end keys are established during route discovery phase, the protocol is on-demand and only necessary keys are established, which makes the protocol storage scalable. The protocol is shown to be secure using security analysis, and its efficiency is confirmed by the results obtained from simulation experiments.
{"title":"A Protocol for End-to-End Key Establishment During Route Discovery in MANETs","authors":"Shrikant H. Talawar, R. Hansdah","doi":"10.1109/AINA.2015.183","DOIUrl":"https://doi.org/10.1109/AINA.2015.183","url":null,"abstract":"An end-to-end shared secret key between two distant nodes in a mobile ad hoc network (MANET) is essential for providing secure communication between them. However, to provide effective security in a MANET, end-to-end key establishment should be secure against both internal as well as external malicious nodes. An external malicious node in a MANET does not possess any valid security credential related to the MANET, whereas an internal malicious node would possess some valid security credentials related to the MANET. Most of the protocols for end-to-end key establishment in MANETs either make an unrealistic assumption that an end-to-end secure channel exists between source and destination or use bandwidth consuming multi-path schemes. In this paper, we propose a simple and efficient protocol for end-to-end key establishment during route discovery (E2-KDR) in MANETs. Unlike many other existing schemes, the protocol establishes end-to-end key using trust among the nodes which, during initial stage, is established using public key certificate issued by an off-line membership granting authority. However, the use of public key in the proposed protocol is minimal to make it efficient. Since the key is established during route discovery phase, it reduces the key establishment time. The proposed protocol exploits mobility to establish end-to-end key, and provides comprehensive solution by making use of symmetric keys for protecting routing control messages and end-to-end communication. Moreover, as the end-to-end keys are established during route discovery phase, the protocol is on-demand and only necessary keys are established, which makes the protocol storage scalable. The protocol is shown to be secure using security analysis, and its efficiency is confirmed by the results obtained from simulation experiments.","PeriodicalId":6845,"journal":{"name":"2015 IEEE 29th International Conference on Advanced Information Networking and Applications Workshops","volume":"25 1","pages":"176-184"},"PeriodicalIF":0.0,"publicationDate":"2015-03-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"78453064","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Due to the rapid increase in the use of social networking websites and applications, the need to stream video over wireless networks has increased. There are a number of considerations when transmitting streaming video between the nodes connected through wireless networks, such as throughput, the size of the multimedia file, response time, delay, scalability and loss of data. The scalability of ad-hoc networks needs to be analyzed by considering various aspects, such as self-organization, security, routing flexibility, availability of bandwidth, data distribution, Quality of Service, throughput, response time and efficiency. In this paper, we discuss the existing approaches to multimedia routing and transmission over wireless ad-hoc networks by considering scalability. The study draws several conclusions and makes recommendations for future directions.
{"title":"Transmitting Scalable Video Streaming over Wireless Ad Hoc Networks","authors":"Walayat Hussain, F. Hussain, O. Hussain","doi":"10.1109/AINA.2015.186","DOIUrl":"https://doi.org/10.1109/AINA.2015.186","url":null,"abstract":"Due to the rapid increase in the use of social networking websites and applications, the need to stream video over wireless networks has increased. There are a number of considerations when transmitting streaming video between the nodes connected through wireless networks, such as throughput, the size of the multimedia file, response time, delay, scalability and loss of data. The scalability of ad-hoc networks needs to be analyzed by considering various aspects, such as self-organization, security, routing flexibility, availability of bandwidth, data distribution, Quality of Service, throughput, response time and efficiency. In this paper, we discuss the existing approaches to multimedia routing and transmission over wireless ad-hoc networks by considering scalability. The study draws several conclusions and makes recommendations for future directions.","PeriodicalId":6845,"journal":{"name":"2015 IEEE 29th International Conference on Advanced Information Networking and Applications Workshops","volume":"35 1","pages":"201-206"},"PeriodicalIF":0.0,"publicationDate":"2015-03-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"89450986","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The fingerprinting technique based on received signal strength (RSS) has been intensively researched for indoor localization in the last decade. Instead of using discrete reference points to build a fingerprint database, this paper applies the surface fitting technique to construct RSS spatial distribution functions and proposes two location search methods to find the target location. We also propose to use subarea division and determination to improve the fitting accuracy and search efficiency. In the offline phase, we divide the whole indoor environment into several subareas, construct a fingerprint for each subarea, and build a RSS fitting function for each access point in each subarea. In the online phase, we first determine to which subarea a target belongs, and then search its location according to the proposed exhaustive location search or gradient descent based search algorithm. We conduct both simulations and field experiments to verify the proposed scheme. The experiment results show that for the same reference point granularity, the proposed scheme can achieve on average 10% to 22% localization accuracy improvements, compared with the classical nearest neighbor-based fingerprinting method.
{"title":"Location Search Based on Subarea Fingerprinting and Surface Fitting for Indoor Positioning System","authors":"Bang Wang, Shengliang Zhou","doi":"10.1109/AINA.2015.199","DOIUrl":"https://doi.org/10.1109/AINA.2015.199","url":null,"abstract":"The fingerprinting technique based on received signal strength (RSS) has been intensively researched for indoor localization in the last decade. Instead of using discrete reference points to build a fingerprint database, this paper applies the surface fitting technique to construct RSS spatial distribution functions and proposes two location search methods to find the target location. We also propose to use subarea division and determination to improve the fitting accuracy and search efficiency. In the offline phase, we divide the whole indoor environment into several subareas, construct a fingerprint for each subarea, and build a RSS fitting function for each access point in each subarea. In the online phase, we first determine to which subarea a target belongs, and then search its location according to the proposed exhaustive location search or gradient descent based search algorithm. We conduct both simulations and field experiments to verify the proposed scheme. The experiment results show that for the same reference point granularity, the proposed scheme can achieve on average 10% to 22% localization accuracy improvements, compared with the classical nearest neighbor-based fingerprinting method.","PeriodicalId":6845,"journal":{"name":"2015 IEEE 29th International Conference on Advanced Information Networking and Applications Workshops","volume":"31 1","pages":"302-309"},"PeriodicalIF":0.0,"publicationDate":"2015-03-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"75802638","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
User's varying posture incurs undesired measurement error on conventional BCG or non-restrictive ECG measurement system during real time measurement. In this paper, we present a novel UBPchair that embed BCG, nonrestrictive ECG, and the posture detection system within a single chair to overcome such problem. Through our evaluation result, we prove that our UBPchair is a fully functional system which is work well for continuous bio signals and posture detection. It is simple and comfortable.
{"title":"Implementation of the Smart Chair System for Multi-functional Unconstrained Healthcare Monitoring","authors":"Byeong-Ju Kim, Yun-Hong Noh, Do-Un Jeong","doi":"10.1109/AINA.2015.220","DOIUrl":"https://doi.org/10.1109/AINA.2015.220","url":null,"abstract":"User's varying posture incurs undesired measurement error on conventional BCG or non-restrictive ECG measurement system during real time measurement. In this paper, we present a novel UBPchair that embed BCG, nonrestrictive ECG, and the posture detection system within a single chair to overcome such problem. Through our evaluation result, we prove that our UBPchair is a fully functional system which is work well for continuous bio signals and posture detection. It is simple and comfortable.","PeriodicalId":6845,"journal":{"name":"2015 IEEE 29th International Conference on Advanced Information Networking and Applications Workshops","volume":"59 1","pages":"448-452"},"PeriodicalIF":0.0,"publicationDate":"2015-03-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"88510439","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Multipath transmission in intermediate nodes is a promising approach to support high bandwidth applications. To prevent out-of-order packet deliveries, packet re-sequencing nodes must be deployed. In this paper, we propose a multipath transmission model that incorporates packet re-sequencing buffers and the Random with Availability Check policy. After mathematically analyzing the model, we show numerical comparisons between the Random with Availability Check and Random policies.
{"title":"Multipath Transmission Model and Its Route Selection Policy Considering Packet Re-sequencing Buffers Availability","authors":"Y. Yoshinaga, M. Shimamura, K. Iida","doi":"10.1109/WAINA.2015.88","DOIUrl":"https://doi.org/10.1109/WAINA.2015.88","url":null,"abstract":"Multipath transmission in intermediate nodes is a promising approach to support high bandwidth applications. To prevent out-of-order packet deliveries, packet re-sequencing nodes must be deployed. In this paper, we propose a multipath transmission model that incorporates packet re-sequencing buffers and the Random with Availability Check policy. After mathematically analyzing the model, we show numerical comparisons between the Random with Availability Check and Random policies.","PeriodicalId":6845,"journal":{"name":"2015 IEEE 29th International Conference on Advanced Information Networking and Applications Workshops","volume":"1 1","pages":"715-720"},"PeriodicalIF":0.0,"publicationDate":"2015-03-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"88587988","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Taro Ishitaki, Donald Elmazi, Yi Liu, Tetsuya Oda, L. Barolli, K. Uchida
Due to the amount of anonymity afforded to users of the Tor infrastructure, Tor has become a useful tool for malicious users. With Tor, the users are able to compromise the non-repudiation principle of computer security. Also, the potentially hackers may launch attacks such as DDoS or identity theft behind Tor. For this reason, there are needed new systems and models to detect the intrusion in Tor networks. In this paper, we present the application of Neural Networks (NNs) for intrusion detection in Tor networks. We used the Back propagation NN and constructed a Tor server and a Deep Web browser (client). Then, the client sends the data browsing to the Tor server using the Tor network. We used Wireshark Network Analyzer to get the data and then use the Back propagation NN to make the approximation. The simulation results show that our simulation system has a good approximation and can be used for intrusion detection in To networks.
{"title":"Application of Neural Networks for Intrusion Detection in Tor Networks","authors":"Taro Ishitaki, Donald Elmazi, Yi Liu, Tetsuya Oda, L. Barolli, K. Uchida","doi":"10.1109/WAINA.2015.136","DOIUrl":"https://doi.org/10.1109/WAINA.2015.136","url":null,"abstract":"Due to the amount of anonymity afforded to users of the Tor infrastructure, Tor has become a useful tool for malicious users. With Tor, the users are able to compromise the non-repudiation principle of computer security. Also, the potentially hackers may launch attacks such as DDoS or identity theft behind Tor. For this reason, there are needed new systems and models to detect the intrusion in Tor networks. In this paper, we present the application of Neural Networks (NNs) for intrusion detection in Tor networks. We used the Back propagation NN and constructed a Tor server and a Deep Web browser (client). Then, the client sends the data browsing to the Tor server using the Tor network. We used Wireshark Network Analyzer to get the data and then use the Back propagation NN to make the approximation. The simulation results show that our simulation system has a good approximation and can be used for intrusion detection in To networks.","PeriodicalId":6845,"journal":{"name":"2015 IEEE 29th International Conference on Advanced Information Networking and Applications Workshops","volume":"138 1","pages":"67-72"},"PeriodicalIF":0.0,"publicationDate":"2015-03-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"86694216","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Peer to peer network is highly huge, open and dynamic. The nodes in the network with autonomy, anonymity, can freely join in or leave the network, and they do not need to be responsible for their own behavior, which reduces the P2P file sharing system's transaction success rate and brings a lot of serious hidden security danger. Some security issues in the P2P network file share system were studied in this paper. The reputation incentive mechanism is established to encourage nodes to contribute own resources positively, increase network resources and promote the healthy development of network, which can improve the resources localization rate and transaction success rate to enhance the network's security.
{"title":"The Research of Security of P2P Network File Sharing System","authors":"Shaojing Li, Wanli Su, Haoling Li","doi":"10.1109/WAINA.2015.57","DOIUrl":"https://doi.org/10.1109/WAINA.2015.57","url":null,"abstract":"Peer to peer network is highly huge, open and dynamic. The nodes in the network with autonomy, anonymity, can freely join in or leave the network, and they do not need to be responsible for their own behavior, which reduces the P2P file sharing system's transaction success rate and brings a lot of serious hidden security danger. Some security issues in the P2P network file share system were studied in this paper. The reputation incentive mechanism is established to encourage nodes to contribute own resources positively, increase network resources and promote the healthy development of network, which can improve the resources localization rate and transaction success rate to enhance the network's security.","PeriodicalId":6845,"journal":{"name":"2015 IEEE 29th International Conference on Advanced Information Networking and Applications Workshops","volume":"13 1","pages":"250-254"},"PeriodicalIF":0.0,"publicationDate":"2015-03-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"89085151","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
With Android applications processing not only personal but also business-critical data, efficient and precise data flow analysis has become a major technique to detect apps handling critical data in unwanted ways. Although data flow analysis in general is a thoroughly researched topic, the event-driven lifecycle model of Android has its own challenges and practical application requires for reliable and efficient analysis techniques. In this paper we present Apparecium, a tool to reveal data flows in Android applications. Apparecium has conceptual differences to other techniques, and can be used to find arbitrary data flows inside Android applications. Details about the used techniques and the differences to existing data flow analysis tools are presented, as well as an evaluation against the data flow analysis framework Flow Droid.
{"title":"Apparecium: Revealing Data Flows in Android Applications","authors":"Dennis Titze, J. Schütte","doi":"10.1109/AINA.2015.239","DOIUrl":"https://doi.org/10.1109/AINA.2015.239","url":null,"abstract":"With Android applications processing not only personal but also business-critical data, efficient and precise data flow analysis has become a major technique to detect apps handling critical data in unwanted ways. Although data flow analysis in general is a thoroughly researched topic, the event-driven lifecycle model of Android has its own challenges and practical application requires for reliable and efficient analysis techniques. In this paper we present Apparecium, a tool to reveal data flows in Android applications. Apparecium has conceptual differences to other techniques, and can be used to find arbitrary data flows inside Android applications. Details about the used techniques and the differences to existing data flow analysis tools are presented, as well as an evaluation against the data flow analysis framework Flow Droid.","PeriodicalId":6845,"journal":{"name":"2015 IEEE 29th International Conference on Advanced Information Networking and Applications Workshops","volume":"36 1","pages":"579-586"},"PeriodicalIF":0.0,"publicationDate":"2015-03-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"88519673","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: