143 research outputs found
An Agent-Based Intrusion Detection System for Local Area Networks
Since it is impossible to predict and identify all the vulnerabilities of a
network beforehand, and penetration into a system by malicious intruders cannot
always be prevented, intrusion detection systems (IDSs) are essential entities
to ensure the security of a networked system. To be effective in carrying out
their functions, the IDSs need to be accurate, adaptive, and extensible. Given
these stringent requirements and the high level of vulnerabilities of the
current days' networks, the design of an IDS has become a very challenging
task. Although, an extensive research has been done on intrusion detection in a
distributed environment, distributed IDSs suffer from a number of drawbacks
e.g., high rates of false positives, low detection efficiency etc. In this
paper, the design of a distributed IDS is proposed that consists of a group of
autonomous and cooperating agents. In addition to its ability to detect
attacks, the system is capable of identifying and isolating compromised nodes
in the network thereby introducing fault-tolerance in its operations. The
experiments conducted on the system have shown that it has a high detection
efficiency and low false positives compared to some of the currently existing
systems.Comment: 13 pages, 5 figures, 2 table
Recursive quantum repeater networks
Internet-scale quantum repeater networks will be heterogeneous in physical
technology, repeater functionality, and management. The classical control
necessary to use the network will therefore face similar issues as Internet
data transmission. Many scalability and management problems that arose during
the development of the Internet might have been solved in a more uniform
fashion, improving flexibility and reducing redundant engineering effort.
Quantum repeater network development is currently at the stage where we risk
similar duplication when separate systems are combined. We propose a unifying
framework that can be used with all existing repeater designs. We introduce the
notion of a Quantum Recursive Network Architecture, developed from the emerging
classical concept of 'recursive networks', extending recursive mechanisms from
a focus on data forwarding to a more general distributed computing request
framework. Recursion abstracts independent transit networks as single relay
nodes, unifies software layering, and virtualizes the addresses of resources to
improve information hiding and resource management. Our architecture is useful
for building arbitrary distributed states, including fundamental distributed
states such as Bell pairs and GHZ, W, and cluster states.Comment: 14 page
Design, Implementation and Experiments for Moving Target Defense Framework
The traditional defensive security strategy for distributed systems employs well-established defensive techniques such as; redundancy/replications, firewalls, and encryption to prevent attackers from taking control of the system. However, given sufficient time and resources, all these methods can be defeated, especially when dealing with sophisticated attacks from advanced adversaries that leverage zero-day exploits
IoTEF: A Federated Edge-Cloud Architecture for Fault-Tolerant IoT Applications
The evolution of Internet of Things (IoT) technology has led to an increased emphasis on edge computing for Cyber-Physical Systems (CPS), in which applications rely on processing data closer to the data sources, and sharing the results across heterogeneous clusters. This has simplified the data exchanges between IoT/CPS systems, the cloud, and the edge for managing low latency, minimal bandwidth, and fault-tolerant applications. Nonetheless, many of these applications administer data collection on the edge and offer data analytic and storage capabilities in the cloud. This raises the problem of separate software stacks between the edge and the cloud with no unified fault-tolerant management, hindering dynamic relocation of data processing. In such systems, the data must also be preserved from being corrupted or duplicated in the case of intermittent long-distance network connectivity issues, malicious harming of edge devices, or other hostile environments. Within this context, the contributions of this paper are threefold: (i) to propose a new Internet of Things Edge-Cloud Federation (IoTEF) architecture for multi-cluster IoT applications by adapting our earlier Cloud and Edge Fault-Tolerant IoT (CEFIoT) layered design. We address the fault tolerance issue by employing the Apache Kafka publish/subscribe platform as the unified data replication solution. We also deploy Kubernetes for fault-tolerant management, combined with the federated scheme, offering a single management interface and allowing automatic reconfiguration of the data processing pipeline, (ii) to formulate functional and non-functional requirements of our proposed solution by comparing several IoT architectures, and (iii) to implement a smart buildings use case of the ongoing Otaniemi3D project as proof-of-concept for assessing IoTEF capabilities. The experimental results conclude that the architecture minimizes latency, saves network bandwidth, and handles both hardware and network connectivity based failures.Peer reviewe
Self-stabilizing cluster routing in Manet using link-cluster architecture
We design a self-stabilizing cluster routing algorithm based on the link-cluster architecture of wireless ad hoc networks. The network is divided into clusters. Each cluster has a single special node, called a clusterhead that contains the routing information about inter and intra-cluster communication. A cluster is comprised of all nodes that choose the corresponding clusterhead as their leader. The algorithm consists of two main tasks. First, the set of special nodes (clusterheads) is elected such that it models the link-cluster architecture: any node belongs to a single cluster, it is within two hops of the clusterhead, it knows the direct neighbor on the shortest path towards the clusterhead, and there exist no two adjacent clusterheads. Second, the routing tables are maintained by the clusterheads to store information about nodes both within and outside the cluster. There are two advantages of maintaining routing tables only in the clusterheads. First, as no two neighboring nodes are clusterheads (as per the link-cluster architecture), there is no need to check the consistency of the routing tables. Second, since all other nodes have significantly less work (they only forward messages), they use much less power than the clusterheads. Therefore, if a clusterhead runs out of power, a neighboring node (that is not a clusterhead) can accept the role of a clusterhead. (Abstract shortened by UMI.)
Developing a distributed electronic health-record store for India
The DIGHT project is addressing the problem of building a scalable and highly available information store for the Electronic Health Records (EHRs) of the over one billion citizens of India
- …