Game-Theoretic Frameworks and Strategies for Defense Against Network Jamming and Collocation Attacks

Modern networks are becoming increasingly more complex, heterogeneous, and densely connected. While more diverse services are enabled to an ever-increasing number of users through ubiquitous networking and pervasive computing, several important challenges have emerged. For example, densely connected networks are prone to higher levels of interference, which makes them more vulnerable to jamming attacks. Also, the utilization of software-based protocols to perform routing, load balancing and power management functions in Software-Defined Networks gives rise to more vulnerabilities that could be exploited by malicious users and adversaries. Moreover, the increased reliance on cloud computing services due to a growing demand for communication and computation resources poses formidable security challenges due to the shared nature and virtualization of cloud computing. In this thesis, we study two types of attacks: jamming attacks on wireless networks and side-channel attacks on cloud computing servers. The former attacks disrupt the natural network operation by exploiting the static topology and dynamic channel assignment in wireless networks, while the latter attacks seek to gain access to unauthorized data by co-residing with target virtual machines (VMs) on the same physical node in a cloud server. In both attacks, the adversary faces a static attack surface and achieves her illegitimate goal by exploiting a stationary aspect of the network functionality. Hence, this dissertation proposes and develops counter approaches to both attacks using moving target defense strategies. We study the strategic interactions between the adversary and the network administrator within a game-theoretic framework. First, in the context of jamming attacks, we present and analyze a game-theoretic formulation between the adversary and the network defender. In this problem, the attack surface is the network connectivity (the static topology) as the adversary jams a subset of nodes to increase the level of interference in the network. On the other side, the defender makes judicious adjustments of the transmission footprint of the various nodes, thereby continuously adapting the underlying network topology to reduce the impact of the attack. The defender\u27s strategy is based on playing Nash equilibrium strategies securing a worst-case network utility. Moreover, scalable decomposition-based approaches are developed yielding a scalable defense strategy whose performance closely approaches that of the non-decomposed game for large-scale and dense networks. We study a class of games considering discrete as well as continuous power levels. In the second problem, we consider multi-tenant clouds, where a number of VMs are typically collocated on the same physical machine to optimize performance and power consumption and maximize profit. This increases the risk of a malicious virtual machine performing side-channel attacks and leaking sensitive information from neighboring VMs. The attack surface, in this case, is the static residency of VMs on a set of physical nodes, hence we develop a timed migration defense approach. Specifically, we analyze a timing game in which the cloud provider decides when to migrate a VM to a different physical machine to mitigate the risk of being compromised by a collocated malicious VM. The adversary decides the rate at which she launches new VMs to collocate with the victim VMs. Our formulation captures a data leakage model in which the cost incurred by the cloud provider depends on the duration of collocation with malicious VMs. It also captures costs incurred by the adversary in launching new VMs and by the defender in migrating VMs. We establish sufficient conditions for the existence of Nash equilibria for general cost functions, as well as for specific instantiations, and characterize the best response for both players. Furthermore, we extend our model to characterize its impact on the attacker\u27s payoff when the cloud utilizes intrusion detection systems that detect side-channel attacks. Our theoretical findings are corroborated with extensive numerical results in various settings as well as a proof-of-concept implementation in a realistic cloud setting

Distributed power allocation for D2D communications underlaying/overlaying OFDMA cellular networks

The implementation of device-to-device (D2D) underlaying or overlaying pre-existing cellular networks has received much attention due to the potential of enhancing the total cell throughput, reducing power consumption and increasing the instantaneous data rate. In this paper we propose a distributed power allocation scheme for D2D OFDMA communications and, in particular, we consider the two operating modes amenable to a distributed implementation: dedicated and reuse modes. The proposed schemes address the problem of maximizing the users' sum rate subject to power constraints, which is known to be nonconvex and, as such, extremely difficult to be solved exactly. We propose here a fresh approach to this well-known problem, capitalizing on the fact that the power allocation problem can be modeled as a potential game. Exploiting the potential games property of converging under better response dynamics, we propose two fully distributed iterative algorithms, one for each operation mode considered, where each user updates sequentially and autonomously its power allocation. Numerical results, computed for several different user scenarios, show that the proposed methods, which converge to one of the local maxima of the objective function, exhibit performance close to the maximum achievable optimum and outperform other schemes presented in the literature

Scalable Inference for Multi-Target Tracking of Proliferating Cells

With the continuous advancements in microscopy techniques such as improved image quality, faster acquisition and reduced photo-toxicity, the amount of data recorded in the life sciences is rapidly growing. Clearly, the size of the data renders manual analysis intractable, calling for automated cell tracking methods. Cell tracking – in contrast to other tracking scenarios – exhibits several difficulties: low signal to noise ratio in the images, high cell density and sometimes cell clusters, radical morphology changes, but most importantly cells divide – which is often the focus of the experiment. These peculiarities have been targeted by tracking-byassignment methods that first extract a set of detection hypotheses and then track those over time. Improving the general quality of these cell tracking methods is difficult, because every cell type, surrounding medium, and microscopy setting leads to recordings with specific properties and problems. This unfortunately implies that automated approaches will not become perfect any time soon but manual proof reading by experts will remain necessary for the time being. In this thesis we focus on two different aspects, firstly on scaling previous and developing new solvers to deal with longer videos and more cells, and secondly on developing a specialized pipeline for detecting and tracking tuberculosis bacteria. The most powerful tracking-by-assignment methods are formulated as probabilistic graphical models and solved as integer linear programs. Because those integer linear programs are in general NP-hard, increasing the problem size will lead to an explosion of computational cost. We begin by reformulating one of these models in terms of a constrained network flow, and show that it can be solved more efficiently. Building on the successful application of network flow algorithms in the pedestrian tracking literature, we develop a heuristic to integrate constraints – here for divisions – into such a network flow method. This allows us to obtain high quality approximations to the tracking solution while providing a polynomial runtime guarantee. Our experiments confirm this much better scaling behavior to larger problems. However, this approach is single threaded and does not utilize available resources of multi-core machines yet. To parallelize the tracking problem we present a simple yet effective way of splitting long videos into intervals that can be tracked independently, followed by a sparse global stitching step that resolves disagreements at the cuts. Going one step further, we propose a microservices based software design for ilastik that allows to distribute all required computation for segmentation, object feature extraction, object classification and tracking across the nodes of a cluster or in the cloud. Finally, we discuss the use case of detecting and tracking tuberculosis bacteria in more detail, because no satisfying automated method to this important problem existed before. One peculiarity of these elongated cells is that they build dense clusters in which it is hard to outline individuals. To cope with that we employ a tracking-by-assignment model that allows competing detection hypotheses and selects the best set of detections while considering the temporal context during tracking. To obtain these hypotheses, we develop a novel algorithm that finds diverseM- best solutions of tree-shaped graphical models by dynamic programming. First experiments with the pipeline indicate that it can greatly reduce the required amount of human intervention for analyzing tuberculosis treatment

Resource allocation in non-orthogonal multiple access technologies for 5G networks and beyond.

Doctoral Degree. University of KwaZulu-Natal, Durban.The increasing demand of mobile and device connectivity poses challenging requirements for 5G wireless communications, such as high energy- and spectral-efficiency and low latency. This necessitates a shift from orthogonal multiple access (OMA) to Non-Orthogonal Multiple Access (NOMA) techniques, namely, power-domain NOMA (PD-NOMA) and code-domain NOMA (CD-NOMA). The basic idea behind NOMA schemes is to co-multiplex different users on the same resource elements (time slot, OFDMA sub-carrier, or spreading code) via power domain (PD) or code domain (CD) at the transmitter while permitting controllable interference, and their successful multi-user detection (MUD) at the receiver albeit, increased computational complexity. In this work, an analysis on the performance of the existing NOMA schemes is carried out. Furthermore, we investigate the feasibility of a proposed uplink hybrid-NOMA scheme namely power domain sparse code multiple access (PD-SCMA) that integrates PD-NOMA and CD-NOMA based sparse code multiple access (SCMA) on heterogeneous networks (HetNets). Such hybrid schemes come with resource allocation (RA) challenges namely; codebook allocation, user pairing and power allocation. Therefore, hybrid RA schemes namely: Successive Codebook Ordering Assignment (SCOA) for codebook assignment (CA), opportunistic macro cell user equipment (MUE)- small cell user equipment (SUE) pairing (OMSP) for user pairing (UP), and a QoS-aware power allocation (QAPA) for power allocation (PA) are developed for an energy efficient (EE) system. The performance of the RA schemes is analyzed alongside an analytical RA optimization algorithm. Through numerical results, the proposed schemes show significant improvements in the EE of the small cells in comparison with the prevalent schemes. Additionally, there is significant sum rate performance improvement over the conventional SCMA and PD-NOMA. Secondly, we investigate the multiplexing capacity of the hybrid PD-SCMA scheme in HetNets. Particularly, we investigate and derive closed-form solutions for codebook capacity, MUE multiplexing and power capacity bounds. The system’s performance results into low outage when the system’s point of operation is within the multiplexing bounds. To alleviate the RA challenges of such a system at the transmitter, dual parameter ranking (DPR) and alternate search method (ASM) based RA schemes are proposed. The results show significant capacity gain with DPR-RA in comparison with conventional RA schemes. Lastly, we investigate the feasibility of integrating the hybrid PD-SCMA with multiple-input multipleoutput (MIMO) technique namely, M-PD-SCMA. The attention to M-PD-SCMA resides in the need of lower number of antennas while preserving the system capacity thanks to the overload in PDSCMA. To enhance spectral efficiency and error performance we propose spatial multiplexing at the transmitter and a low complex joint MUD scheme based on successive interference cancellation (SIC) and expectation propagation algorithm (EPA) at the receiver are proposed. Numerical results exhibit performance benchmark with PD-SCMA schemes and the proposed receiver achieves guaranteed bit error rate (BER) performance with a bounded increase in the number of transmit and receive antennas. Thus, the feasibility of an M-PD-SCMA system is validated

Dynamic OD matrix estimation exploiting ICT traffic measurements

Pla de Doctorats Industrials de la Generalitat de CatalunyaDuring the last decades, urban mobility has become the main concern for city councils and transportation operators. The main problem is the traffic congestion that easily appears in urban networks, producing negative economic impacts for the associated cost and, what is becoming more relevant from the sustainability point of view. In this context, the transportation operators and planners make use of traffic simulation models that assist their strategic decisions aiming at improving the mentioned problems. The dynamic OD matrices estimation problem is a crucial step in transportation modeling and simulation because they contain the total number of vehicles that are circulating throughout the city, including their origins, destinations, and their departing time and describe the associated mobility patterns in terms of trip distributions. As this information is not directly observable in reality, this problem has been widely studied and many different methodologies have been proposed in order to obtain the suitable OD matrices that reflect the urban mobility of the studied area. The common approach is to use the counting stations data sets to estimate, using a minimization problem, the OD matrices that produce them. This is called the bi-level optimization approach. However, the main problem of this approach is that it is mathematically underdetermined, because many different OD matrices can produce the same traffic counts on certain links of the urban network, but presenting totally different trip distributions that could not correspond to the socio-demographic structure originating them. In this thesis, we address the different studies measuring the structural similarity between the estimated OD matrix and the reliable OD matrices, which are the ground truth OD matrix in synthetic experiments or the historical OD matrix in the real ones. The appearance of new sources of traffic data from the growth of the information and communication technologies (ICT) appeals to the researchers to use it for reducing such underdetermination, adding it to the OD estimation problem. GPS devices are increasingly used by vehicles and a huge volume of data is generated every day that, implicitly, contains information of the traffic state under real conditions. These data can be analyzed and processed in order to clean, filter and extract this information and can be then introduced into the OD estimation problem. Most of the theoretical research since the ICT technologies are available assume implicitly or explicitly that GPS tracking data can be done through a controlled collection process. However, in the practical world, GPS data are supplied by companies that use different data collection policies and constraints imposed by privacy policies, which invalidate some of these theoretical hypotheses. One of the main research aspects of this thesis is to investigate how these commercial data can be used for the OD estimation problem. However, the introduction of such information in the bi-level optimization problem is not direct and many alternatives arise. This thesis proposes a data-driven estimation of the dynamic assignment matrix to introduce the GPS data information to an analytical model, reducing the underdetermination of the problem. Moreover, such estimation replaces the dynamic traffic assignment reducing also the computational effort of the OD estimation problem. As this thesis results from the collaboration between the simulation software company PTV Group and the Universitat Politècnica de Catalunya, all the experiments of this thesis have been carried out in PTV Visum and using the already existing products. Moreover, the results have been analyzed both from the computational performance and from the quality aspect.Durant les últimes dècades, les externalitats que es deriven de la mobilitat urbana han estat una de les principals preocupacions dels ajuntaments, gestors metropolitans i operadors de transport. El principal problema és la congestió, que fàcilment apareix en infraestructures urbanes i que impacta negativament en la nostra economia i, el que és més greu, en la sostenibilitat del planeta en que vivim. La contaminació i el soroll provocats per la congestió no només afecten nocivament a la qualitat de l’aire, sinó que també afecten la salut ciutadana i mediambiental. En aquest context, els operadors i planificadors de trànsit utilitzen models de planificació i simulació de trànsit que els aporten coneixement per dur a terme decisions estratègiques i operatives que mitiguin els problemes associats a la mobilitat urbana. El problema d’estimació de les matrius origen-destinació (OD) és un tema crucial en la modelització i simulació del trànsit. Aquestes contenen el nombre total de vehicles que circulen per la ciutat, incloent informació sobre els l’origen, destinació i temps de sortida de cadascun en un horitzó temporal. D’aquesta manera, la distribució de viatges definida en les matrius OD descriu el patró de mobilitat de la xarxa. No obstant això, aquesta informació no és directament observable en un cas pràctic real i, per aquest motiu, es tracta d’un problema profundament estudiat. S’han desenvolupat diferents metodologies que procuren obtenir matrius OD apropiades, és a dir, que reprodueixin correctament la mobilitat de la zona estudiada. L’enfoc més comú consisteix en usar dades recollides per sensors de trànsit que compten vehicles en certs punts de la xarxa per estimar les matrius OD mitjançant la resolució d’un problema de minimització. De tota manera, aquest problema complex és altament indeterminat i diferents matrius OD, que representen realitats sociodemogràfiques i patrons de mobilitat diferents, poden reproduir els mateixos comptatges de vehicles en les vies de la xarxa dotades de sensors. Per tant, moltes línies de recerca han usat diferents tipus de dades de transport addicionals, com ara velocitats mitjanes i densitats de flux, per reduir els graus de llibertat del problema. L’estructura d’una matriu OD descriu el nombre de viatges i la forma com es distribueixen espaialment en la xarxa urbana, des del seu origen a la seva destinació, traçant així el patró de mobilitat global de la xarxa d’estudi. Com que dues matrius OD poden generar els mateixos comptatges, és absolutament necessari fer un estudi exhaustiu de la similaritat de les seves estructures. En aquesta tesi, enfoquem les diferents propostes mesurant sempre el grau de similaritat estructural entre la matriu OD estimada i una matriu OD de referència, sent aquesta la matriu OD històrica en casos reals o la matriu fonamental en el cas dels experiments sintètics. L’aparició de noves fonts de dades de trànsit degut al creixement de les tecnologies de la informació i comunicació (TIC) obre noves línies de recerca adreçades a reduir la indeterminació del problema d’estimació de les matrius OD. L’ús d’aparells GPS en vehicles va en augment, fet que contribueix a la generació diària de grans volums de dades. Aquestes contenen, de manera implícita, informació de l’estat del trànsit en condicions reals. Mitjançant un procés de neteja, filtratge i extracció es pot derivar informació del trànsit per a després introduir-la al problema de l’estimació de matrius OD. El conjunt de dades GPS de tipus comercials no permet conèixer el procediment de recol·lecció de dades i, sovint, està subjectes a polítiques de protecció i privacitat que no permeten assumir certes hipòtesis de qualitat i control en relació als orígens i destinacions. En aquesta tesi, investiguem el valor que poden afegir aquests conjunts de dades comercials per a l’estimació de matrius OD. La introducció d’aquestes dades al problema d’optimització binivell no és directa i existeixen diverses alternatives. Els enfocs analítics no permeten introduir directament aquestes dades perquè la relació entres les dades GPS i els fluxos OD no és elemental. Per altra banda, la versatilitat dels mètodes de simulació-optimització permeten usar-los directament, però l’inconvenient és l’esforç computacional associat. Aquesta tesi proposa un model de la matriu dinàmica d’assignacions basat en dades (data-driven) per aprofitar la informació implícita de les dades GPS i reduir, així, la indeterminació del problema. A més, aquesta tècnica substitueix la necessitat de recórrer a un model de simulació y redueix l’esforç computacional del problema. Aquesta tesi és fruit de la col·laboració entre l’empresa de software de simulació PTV Group i la Universitat Politècnica de Catalunya. Tots els experiments d’aquesta tesi han estat implementats en PTV Visum i usant els productes existents. A més, els resultats de la tesi han estat sempre analitzats des d’una doble perspectiva: computacional i de la qualitat. Aquesta última té com a objectiu analitzar la matriu OD pel que fa a la seva similaritat estructural amb la matriu de referència.Durante las últimas décadas, las externalidades que se derivan de la movilidad urbana han sido una de las principales preocupaciones de los ayuntamientos, gestores metropolitanos, y operadores de tráfico. El principal problema es la congestión, que fácilmente aparece en infraestructuras urbanas y que impacta de forma negativa en nuestra economía y, lo que es más grave, en la sostenibilidad del planeta que habitamos. La contaminación y el ruido provocados por la congestión no solo afectan nocivamente a la calidad del aire, sino que también perjudican la salud ciudadana y medioambiental. En este contexto, los operadores y planificadores de transporte usan modelos de planificación y simulación de tráfico que les aportan conocimiento para tomar decisiones estratégicas y operativas que mitiguen los problemas asociados a la movilidad urbana. El problema de la estimación de las matrices origen-destino (OD) es un tema crucial en la modelización y simulación de tráfico. Éstas contienen el número total de vehículos que circulan por la ciudad, incluyendo información sobre el origen, destino y tiempo de salida de cada uno de los vehículos en un horizonte temporal. De esta manera, la distribución de viajes definida en las matrices OD describe el patrón de movilidad de la red. Aun así, esta información no es directamente observable en un caso práctico real y, por este motivo, se trata de un problema extensamente estudiado. Se han desarrollado diferentes metodologías con el fin de obtener las matrices OD más apropiadas, es decir, aquellas que reproducen adecuadamente la movilidad de la zona estudiada. El enfoque más común consiste en usar datos recogidos por sensores de tráfico que cuentan vehículos en ciertos puntos de la red para estimar las matrices OD mediante la resolución de un problema de minimización. Aun así, este complejo problema es altamente indeterminado y diferentes matrices OD, que representan realidades sociodemográficas y patrones de movilidad distintos, pueden reproducir los mismos conteos de vehículos en las vías de la red dotadas de sensores. Por consiguiente, muchas líneas de investigación han utilizado de forma adicional diferentes tipos de datos de tráfico, como velocidades medias y densidades de flujo, para reducir los grados de libertad del problema. La estructura de una matriz OD describe el número de viajes y la forma como se distribuyen espacialmente en la red urbana, desde su origen hasta su destino, trazando, así, el patrón de movilidad global de la red de estudio. Como dos matrices OD pueden reproducir los mismos conteos, es absolutamente necesario hacer un análisis exhaustivo de la similitud de sus estructuras. En esta tesis, abordamos las diferentes propuestas midiendo siempre el grado de similitud estructural entre la matriz OD estimada y una matriz OD de referencia, siendo ésta la matriz OD histórica en casos reales o la matriz fundamental en el caso de los experimentos sintéticos. La aparición de nuevas fuentes de datos de tráfico debido al crecimiento de las tecnologías de la información y comunicación (TIC) abre nuevas líneas de investigación dirigidas a reducir la indeterminación del problema de estimación de las matrices OD. El uso de aparatos GPS en vehículos va en aumento, hecho que contribuye a la generación diaria de grandes volúmenes de datos. Éstos contienen, de manera implícita, información del estado del tráfico en condiciones reales. Mediante un proceso de limpieza, filtrado, y extracción se puede derivar información del tráfico para luego introducirla en el problema de estimación de matrices OD. El conjunto de datos GPS de tipo comercial no permite conocer el procedimiento de recolecta de datos y, a menudo, está sujeto a políticas de protección y privacidad que no permiten asumir ciertas hipótesis de calidad y control en relación a los orígenes y destinos. En esta tesis, investigamos el valor que pueden añadir estos conjuntos de datos comerciales para la estimación de matrices OD. La introducción de estos datos en el problema de optimización binivel no es directa y existen diferentes alternativas. Los enfoques analíticos no permiten incorporar directamente estos datos puesto que la relación entre los datos GPS y los flujos OD no es elemental. Por otro lado, la versatilidad de los métodos de simulación-optimización permiten usarlos directamente, pero el inconveniente es el esfuerzo computacional asociado. Esta tesis propone un modelo de la matriz dinámica de asignaciones basado en datos (data-driven) para aprovechar la información implícita de los datos GPS y reducir, así, la indeterminación del problema de estimación. Además, esta técnica reemplaza la necesidad de recurrir a un modelo de simulación y reduce el esfuerzo computacional del problema. Esta tesis es fruto de la colaboración entre la empresa de software de simulación PTV Group y la Universitat Politècnica de Catalunya. Todos los experimentos de la tesis han sido implementados en PTV Visum y usando los productos existentes. Además, los resultados de la tesis han sido siempre analizados desde una doble perspectiva: computacional y de calidad. Esta última tiene como objetivo analizar la matriz OD estimada respeto la similitud estructural con la matriz de referencia..Postprint (published version