15,529 research outputs found
Intrusion Response Systems for the 5G Networks and Beyond: A New Joint Security-vs-QoS Optimization Approach
Network connectivity exposes the network infrastructure and assets to vulnerabilities that attackers can exploit. Protecting network assets against attacks requires the application of security countermeasures. Nevertheless, employing countermeasures incurs costs, such as monetary costs, along with time and energy to prepare and deploy the countermeasures. Thus, an Intrusion Response System (IRS) shall consider security and QoS costs when dynamically selecting the countermeasures to address the detected attacks. This has motivated us to formulate a joint Security-vs-QoS optimization problem to select the best countermeasures in an IRS. The problem is then transformed into a matching game-theoretical model. Considering the monetary costs and attack coverage constraints, we first derive the theoretical upper bound for the problem and later propose stable matching-based solutions to address the trade-off. The performance of the proposed solution, considering different settings, is validated over a series of simulations
A Survey on Forensics and Compliance Auditing for Critical Infrastructure Protection
The broadening dependency and reliance that modern societies have on essential services
provided by Critical Infrastructures is increasing the relevance of their trustworthiness. However, Critical
Infrastructures are attractive targets for cyberattacks, due to the potential for considerable impact, not just
at the economic level but also in terms of physical damage and even loss of human life. Complementing
traditional security mechanisms, forensics and compliance audit processes play an important role in ensuring
Critical Infrastructure trustworthiness. Compliance auditing contributes to checking if security measures are
in place and compliant with standards and internal policies. Forensics assist the investigation of past security
incidents. Since these two areas significantly overlap, in terms of data sources, tools and techniques, they can
be merged into unified Forensics and Compliance Auditing (FCA) frameworks. In this paper, we survey the
latest developments, methodologies, challenges, and solutions addressing forensics and compliance auditing
in the scope of Critical Infrastructure Protection. This survey focuses on relevant contributions, capable of
tackling the requirements imposed by massively distributed and complex Industrial Automation and Control
Systems, in terms of handling large volumes of heterogeneous data (that can be noisy, ambiguous, and
redundant) for analytic purposes, with adequate performance and reliability. The achieved results produced
a taxonomy in the field of FCA whose key categories denote the relevant topics in the literature. Also, the
collected knowledge resulted in the establishment of a reference FCA architecture, proposed as a generic
template for a converged platform. These results are intended to guide future research on forensics and
compliance auditing for Critical Infrastructure Protection.info:eu-repo/semantics/publishedVersio
Performance Analytical Modelling of Mobile Edge Computing for Mobile Vehicular Applications: A Worst-Case Perspective
Quantitative performance analysis plays a pivotal
role in theoretically investigating the performance of Vehicular
Edge Computing (VEC) systems. Although considerable research
efforts have been devoted to VEC performance analysis, all
of the existing analytical models were designed to derive the
average system performance, paying insufficient attention to the
worst-case performance analysis, which hinders the practical
deployment of VEC systems to support mission-critical vehicular
applications, such as collision avoidance. To bridge this gap, we
develop an original performance analytical model by virtue of
Stochastic Network Calculus (SNC) to investigate the worst-case
end-to-end performance of VEC systems. Specifically, to capture
the bursty feature of task generation, an innovative bivariate
Markov Chain is firstly established and rigorously analysed to
derive the stochastic task envelope. Then, an effective service
curve is created to investigate the severe resource competition
among vehicular applications. Driven by the stochastic task
envelope and effective service curve, a closed-form end-to-end
analytical model is derived to obtain the latency bound for
VEC systems. Extensive simulation experiments are conducted
to validate the accuracy of the proposed analytical model under
different system configurations. Furthermore, we exploit the
proposed analytical model as a cost-effective tool to investigate
the resource allocation strategies in VEC systems
Efficient network management and security in 5G enabled internet of things using deep learning algorithms
The rise of fifth generation (5G) networks and the proliferation of internet-of-things (IoT) devices have created new opportunities for innovation and increased connectivity. However, this growth has also brought forth several challenges related to network management and security. Based on the review of literature it has been identified that majority of existing research work are limited to either addressing the network management issue or security concerns. In this paper, the proposed work has presented an integrated framework to address both network management and security concerns in 5G internet-of-things (IoT) network using a deep learning algorithm. Firstly, a joint approach of attention mechanism and long short-term memory (LSTM) model is proposed to forecast network traffic and optimization of network resources in a, service-based and user-oriented manner. The second contribution is development of reliable network attack detection system using autoencoder mechanism. Finally, a contextual model of 5G-IoT is discussed to demonstrate the scope of the proposed models quantifying the network behavior to drive predictive decision making in network resources and attack detection with performance guarantees. The experiments are conducted with respect to various statistical error analysis and other performance indicators to assess prediction capability of both traffic forecasting and attack detection model
Privacy-aware secured discrete framework in wireless sensor network
Rapid expansion of wireless sensor network-internet of things (WSN-IoT) in terms of application and technologies has led to wide research considering efficiency and security aspects. Considering the efficiency approach such as data aggregation along with consensus mechanism has been one of the efficient and secure approaches, however, privacy has been one of major concern and it remains an open issue due to low classification and high misclassification rate. This research work presents the privacy and reliable aware discrete (PRD-aggregation) framework to protect and secure the privacy of the node. It works by initializing the particular variable for each node and defining the threshold; further nodes update their state through the functions, and later consensus is developed among the sensor nodes, which further updates. The novelty of PRD is discretized transmission for efficiency and security. PRD-aggregation offers reliability through efficient termination criteria and avoidance of transmission failure. PRD-aggregation framework is evaluated considering the number of deceptive nodes for securing the node in the network. Furthermore, comparative analysis proves the marginal improvisation in terms of discussed parameter against the existing protocol
Automation for network security configuration: state of the art and research trends
The size and complexity of modern computer networks are progressively increasing, as a consequence of novel architectural paradigms such as the Internet of Things and network virtualization. Consequently, a manual orchestration and configuration of network security functions is no more feasible, in an environment where cyber attacks can dramatically exploit breaches related to any minimum configuration error. A new frontier is then the introduction of automation in network security configuration, i.e., automatically designing the architecture of security services and the configurations of network security functions, such as firewalls, VPN gateways, etc. This opportunity has been enabled by modern computer networks technologies, such as virtualization. In view of these considerations, the motivations for the introduction of automation in network security configuration are first introduced, alongside with the key automation enablers. Then, the current state of the art in this context is surveyed, focusing on both the achieved improvements and the current limitations. Finally, possible future trends in the field are illustrated
Optimization of Beyond 5G Network Slicing for Smart City Applications
Transitioning from the current fifth-generation (5G) wireless technology, the advent of beyond 5G (B5G) signifies a pivotal stride toward sixth generation (6G) communication technology. B5G, at its essence, harnesses end-to-end (E2E) network slicing (NS) technology, enabling the simultaneous accommodation of multiple logical networks with distinct performance requirements on a shared physical infrastructure. At the forefront of this implementation lies the critical process of network slice design, a phase central to the realization of efficient smart city networks. This thesis assumes a key role in the network slicing life cycle, emphasizing the analysis and formulation of optimal procedures for configuring, customizing, and allocating E2E network slices. The focus extends to catering to the unique demands of smart city applications, encompassing critical areas such as emergency response, smart buildings, and video surveillance. By addressing the intricacies of network slice design, the study navigates through the complexities of tailoring slices to meet specific application needs, thereby contributing to the seamless integration of diverse services within the smart city framework. Addressing the core challenge of NS, which involves the allocation of virtual networks on the physical topology with optimal resource allocation, the thesis introduces a dual integer linear programming (ILP) optimization problem. This problem is formulated to jointly minimize the embedding cost and latency. However, given the NP-hard nature of this ILP, finding an efficient alternative becomes a significant hurdle. In response, this thesis introduces a novel heuristic approach the matroid-based modified greedy breadth-first search (MGBFS) algorithm. This pioneering algorithm leverages matroid properties to navigate the process of virtual network embedding and resource allocation. By introducing this novel heuristic approach, the research aims to provide near-optimal solutions, overcoming the computational complexities associated with the dual integer linear programming problem. The proposed MGBFS algorithm not only addresses the connectivity, cost, and latency constraints but also outperforms the benchmark model delivering solutions remarkably close to optimal. This innovative approach represents a substantial advancement in the optimization of smart city applications, promising heightened connectivity, efficiency, and resource utilization within the evolving landscape of B5G-enabled communication technology
Water level identification with laser sensors, inertial units, and machine learning
Flood risk management usually hinges on accurate water level identification in urban streams such as rivers or creeks. Although research has emphasised the applicability of ultrasonic sensors as a contactless technology for sensor-based water level monitoring, Light Detection and Ranging (LiDAR) sensors are less sensitive to weather conditions that typically happen during flood events, such as dust, fog and rainfall. However, there has been little research on the applicability of LiDAR sensors in this field. No previous literature has analysed the impact of complicating variables on the quality of predictions or evaluated the possible benefits of using a combined approach with Inertial Measurement Units (IMU) and machine learning to produce superior predictions. In this work, we collected a dataset in a laboratory condition synchronising data from a LiDAR, an ultrasonic sensor and an IMU in an experimental device. We controlled the incidence angle, the distance, and the water turbidity to analyse their effect on the predictions. Traditional machine-learning techniques were evaluated as models to combine data from distance and inertial sensors, reducing the error rates compared to individual sensors’ predictions. Results indicated a sharp drop in the mean absolute error, root mean squared error and coefficient of determination for all water turbidity and incidence angles considered, especially when tree-based ensembles were used. The ultrasonic sensor led to improved results for low water turbidity and increased incidence angle, but statistically significant differences were not found in the other cases
- …