Experimental Evaluation of SDN-Controlled, Joint Consolidation of Policies and Virtual Machines

Middleboxes (MBs) are ubiquitous in modern data centre (DC) due to their crucial role in implementing network security, management and optimisation. In order to meet network policy's requirement on correct traversal of an ordered sequence of MBs, network administrators rely on static policy based routing or VLAN stitching to steer traffic flows. However, dynamic virtual server migration in virtual environment has greatly challenged such static traffic steering. In this paper, we design and implement Sync, an efficient and synergistic scheme to jointly consolidate network policies and virtual machines (VMs), in a readily deployable Mininet environment. We present the architecture of Sync framework and open source its code. We also extensively evaluate Sync over diverse workload and policies. Our results show that in an emulated DC of 686 servers, 10k VMs, 8k policies, and 100k flows, Sync processes a group of 900 VMs and 10 VMs in 634 seconds and 4 seconds respectively

Vulnerabilities and limitations of MQTT protocol used between IoT devices

With the proliferation of smart devices capable of communicating over a network using different protocols, each year more and more successful attacks are recorded against these, underlining the necessity of developing and implementing mechanisms to protect against such attacks. This paper will review some existing solutions used to secure a communication channel, such as Transport Layer Security or symmetric encryption, as well as provide a novel approach to achieving confidentiality and integrity of messages. The method, called Value-to-Keyed-Hash Message Authentication Code (Value-to-HMAC) mapping, uses signatures to send messages, instead of encryption, by implementing a Keyed-Hash Message Authentication Code generation algorithm. Although robust solutions exist that can be used to secure the communication between devices, this paper considers that not every Internet of Things (IoT) device or network design is able to afford the overhead and drop in performance, or even support such protocols. Therefore, the Value-to-HMAC method was designed to maximize performance while ensuring the messages are only readable by the intended node. The experimental procedure demonstrates how the method will achieve better performance than a symmetric-key encryption algorithm, while ensuring the confidentiality and integrity of information through the use of one mechanism

Incident Handling for Healthcare Organizations and Supply-Chains

Healthcare ecosystems form a critical type of infrastructures that provide valuable services in today societies. However, the underlying sensitive information is also of interest of malicious entities around the globe, with the attack volume being continuously increasing. Safeguarding this complex computerized setting constitutes a major challenge for the involved organizations. This paper presents an incident handling system for healthcare organizations and their supply-chain. The proposed approach utilizes swarm intelligence in order to assess the current security posture in a continuous basis and respond to attacks in real-time. The overall solution is based on the related NIST 800.61 standard and implements the operations of i) preparation, ii) detection and analysis, iii) containment, eradication, and recovery, and iv) post-incident activity. The system is developed under the EU funded project AI4HEALTHSEC and is applied in the relevant healthcare pilots

Mitigation of Routing Congestion on Data Networks: A Quantum Game Theory Approach

Because of the sustained growth of information and mobile users transmitting a great amount of data packets, modern network performances are being seriously affected by congestion problems. In fact, congestion management is a challenging task that can be roughly summarized as a trade off between transmission latency and cost. In order to contribute to solve the congestion problem on communication networks, a novel framework based on a quantum game model is proposed, where network packets compete selfishly for their fastest route. Simulations show that final network routing and traveling times achieved with the quantum version outperform those obtained with a classical game model with the same options for packet transmission for both. Pareto optimality and Nash equilibrium are studied as well as the influence of simulated and real noise in the quantum protocol. This leads to the opportunity of developing full-stack protocols that may be capable of taking advantage of the quantum properties for optimizing communication systems. Due to its generality, this game approach can be applied both in classical complex networks and in future quantum networks in order to maximize the performance of the quantum internet.Fil: Silva, Agustin. Consejo Nacional de Investigaciones Científicas y Técnicas. Centro Científico Tecnológico Conicet - Mar del Plata. Instituto de Investigaciones Científicas y Tecnológicas en Electrónica. Universidad Nacional de Mar del Plata. Facultad de Ingeniería. Instituto de Investigaciones Científicas y Tecnológicas en Electrónica; ArgentinaFil: Zabaleta, Omar Gustavo. Consejo Nacional de Investigaciones Científicas y Técnicas. Centro Científico Tecnológico Conicet - Mar del Plata. Instituto de Investigaciones Científicas y Tecnológicas en Electrónica. Universidad Nacional de Mar del Plata. Facultad de Ingeniería. Instituto de Investigaciones Científicas y Tecnológicas en Electrónica; ArgentinaFil: Arizmendi, Constancio Miguel. Consejo Nacional de Investigaciones Científicas y Técnicas. Centro Científico Tecnológico Conicet - Mar del Plata. Instituto de Investigaciones Científicas y Tecnológicas en Electrónica. Universidad Nacional de Mar del Plata. Facultad de Ingeniería. Instituto de Investigaciones Científicas y Tecnológicas en Electrónica; Argentin

The Extent and Coverage of Current Knowledge of Connected Health: Systematic Mapping Study

Background: This paper examines the development of the Connected Health research landscape with a view on providing a historical perspective on existing Connected Health research. Connected Health has become a rapidly growing research field as our healthcare system is facing pressured to become more proactive and patient centred. Objective: We aimed to identify the extent and coverage of the current body of knowledge in Connected Health. With this, we want to identify which topics have drawn the attention of Connected health researchers, and if there are gaps or interdisciplinary opportunities for further research. Methods: We used a systematic mapping study that combines scientific contributions from research on medicine, business, computer science and engineering. We analyse the papers with seven classification criteria, publication source, publication year, research types, empirical types, contribution types research topic and the condition studied in the paper. Results: Altogether, our search resulted in 208 papers which were analysed by a multidisciplinary group of researchers. Our results indicate a slow start for Connected Health research but a more recent steady upswing since 2013. The majority of papers proposed healthcare solutions (37%) or evaluated Connected Health approaches (23%). Case studies (28%) and experiments (26%) were the most popular forms of scientific validation employed. Diabetes, cancer, multiple sclerosis, and heart conditions are among the most prevalent conditions studied. Conclusions: We conclude that Connected Health research seems to be an established field of research, which has been growing strongly during the last five years. There seems to be more focus on technology driven research with a strong contribution from medicine, but business aspects of Connected health are not as much studied

Vulnerabilities and limitations of MQTT protocol used between IoT devices

With the proliferation of smart devices capable of communicating over a network using different protocols, each year more and more successful attacks are recorded against these, underlining the necessity of developing and implementing mechanisms to protect against such attacks. This paper will review some existing solutions used to secure a communication channel, such as Transport Layer Security or symmetric encryption, as well as provide a novel approach to achieving confidentiality and integrity of messages. The method, called Value-to-Keyed-Hash Message Authentication Code (Value-to-HMAC) mapping, uses signatures to send messages, instead of encryption, by implementing a Keyed-Hash Message Authentication Code generation algorithm. Although robust solutions exist that can be used to secure the communication between devices, this paper considers that not every Internet of Things (IoT) device or network design is able to afford the overhead and drop in performance, or even support such protocols. Therefore, the Value-to-HMAC method was designed to maximize performance while ensuring the messages are only readable by the intended node. The experimental procedure demonstrates how the method will achieve better performance than a symmetric-key encryption algorithm, while ensuring the confidentiality and integrity of information through the use of one mechanism

Trajectory planing for cooperating unmanned aerial vehicles in the IoT

The use of Unmanned Aerial Vehicles (UAVs) in data transport has attracted a lot of attention and applications, as a modern traffic engineering technique used in data sensing, transport, and delivery to where infrastructure is available for its interpretation. Due to UAVs’ constraints such as limited power lifetime, it has been necessary to assist them with ground sensors to gather local data, which has to be transferred to UAVs upon visiting the sensors. The management of such ground sensor communication together with a team of flying UAVs constitutes an interesting data muling problem, which still deserves to be addressed and investigated. This paper revisits the issue of traffic engineering in Internet-of-Things (IoT) settings, to assess the relevance of using UAVs for the persistent collection of sensor readings from the sensor nodes located in an environment and their delivery to base stations where further processing is performed. We propose a persistent path planning and UAV allocation model, where a team of heterogeneous UAVs coming from various base stations are used to collect data from ground sensors and deliver the collected information to their closest base stations. This problem is mathematically formalised as a real-time constrained optimisation model, and proven to be NP-hard. The paper proposes a heuristic solution to the problem and evaluates its relative efficiency through performing experiments on both artificial and real sensors networks, using various scenarios of UAVs settings

Towards the use of unmanned aerial systems for providing sustainable services in smart cities

La sostenibilidad está en el centro de muchos campos de aplicación en los que el uso de los sistemas aéreos no tripulados (SUA) es cada vez más importante (por ejemplo, la agricultura, la detección y predicción de incendios, la vigilancia ambiental, la cartografía, etc.). Sin embargo, su uso y evolución están muy condicionados por el campo de aplicación específico para el que están diseñados y, por lo tanto, no pueden ser fácilmente reutilizados entre los diferentes campos de aplicación. Desde este punto de vista, al no ser polivalentes, podemos decir que no son totalmente sostenibles. Teniendo esto en cuenta, el objetivo de este trabajo es doble: por un lado, identificar el conjunto de características que debe proporcionar un UAS para ser considerado sostenible y demostrar que no hay ningún UAS que satisfaga todas estas características; por otra parte, presentar una arquitectura abierta y sostenible de los UAS que pueda utilizarse para construir UAS a petición para proporcionar las características necesarias en cada campo de aplicación. Dado que esta arquitectura se basa principalmente en la adaptabilidad del software y el hardware, contribuye a la sostenibilidad técnica de las ciudades.Sustainability is at the heart of many application fields where the use of Unmanned Aerial Systems (UAS) is becoming more and more important (e.g., agriculture, fire detection and prediction, environmental surveillance, mapping, etc.). However, their usage and evolution are highly conditioned by the specific application field they are designed for, and thus, they cannot be easily reused among different application fields. From this point of view, being that they are not multipurpose, we can say that they are not fully sustainable. Bearing this in mind, the objective of this paper is two-fold: on the one hand, to identify the whole set of features that must be provided by a UAS to be considered sustainable and to show that there is no UAS satisfying all these features; on the other hand, to present an open and sustainable UAS architecture that may be used to build UAS on demand to provide the features needed in each application field. Since this architecture is mainly based on software and hardware adaptability, it contributes to the technical sustainability of cities.• Ministerio de Economía y Competitividad y Fondos FEDER. Proyecto TIN2015-69957-R (I+D+i) • Junta de Extremadura y Fondo Europeo de Desarrollo Regional. Ayuda GR15098 y IB16055 • Parcialmente financiado por Interreg V-A España-Portugal (POCTEP) 2014-2020 program. Proyecto 0045-4IE-4-PpeerReviewe

A fair channel hopping scheme for LoRa Networks with multiple single-channel gateways

LoRa is one of the most prominent LPWAN technologies due to its suitable characteristics for supporting large-scale IoT networks, as it offers long-range communications at low power consumption. The latter is granted mainly because end-nodes transmit directly to the gateways and no energy is spent in multi-hop transmissions. LoRaWAN gateways can successfully receive simultaneous transmissions on multiple channels. However, such gateways can be costly when compared to simpler single-channel LoRa transceivers, and at the same time they are configured to operate with pure-ALOHA, the well-known and fragile channel access scheme used in LoRaWAN. This work presents a fair, control-based channel hopping-based medium access scheme for LoRa networks with multiple single-channel gateways. Compared with the pure-ALOHA used in LoRaWAN, the protocol proposed here achieves higher goodput and fairness levels because each device can choose its most appropriate channel to transmit at a higher rate and spending less energy. Several simulation results considering different network densities and different numbers of single-channel LoRa gateways show that our proposal is able to achieve a packet delivery ratio (PDR) of around 18% for a network size of 2000 end-nodes and one gateway, and a PDR of almost 50% when four LoRa gateways are considered, compared to 2% and 6%, respectively, achieved by the pure-ALOHA approachinfo:eu-repo/semantics/publishedVersio