Machine Learning for Optical Network Security Monitoring: A Practical Perspective

In order to accomplish cost-efficient management of complex optical communication networks, operators are seeking automation of network diagnosis and management by means of Machine Learning (ML). To support these objectives, new functions are needed to enable cognitive, autonomous management of optical network security. This paper focuses on the challenges related to the performance of ML-based approaches for detectionand localization of optical-layer attacks, and to their integration with standard Network Management Systems (NMSs). We propose a framework for cognitive security diagnostics that comprises an attack detection module with Supervised Learning (SL), Semi-Supervised Learning (SSL) and Unsupervised Learning (UL) approaches, and an attack localization module that deduces the location of a harmful connection and/or a breached link. The influence of false positives and false negatives is addressed by a newly proposed Window-based Attack Detection (WAD) approach. We provide practical implementation\ua0guidelines for the integration of the framework into the NMS and evaluate its performance in an experimental network testbed subjected to attacks, resulting with the largest optical-layer security experimental dataset reported to date

Optical Network Security Management: Requirements, Architecture and Efficient Machine Learning Models for Detection of Evolving Threats [Invited]

As the communication infrastructure that sustains critical societal services, optical networks need to function in a secure and agile way. Thus, cognitive and automated security management functionalities are needed, fueled by the proliferating machine learning (ML) techniques and compatible with common network control entities and procedures. Automated management of optical network security requires advancements both in terms of performance and efficiency of ML approaches for security diagnostics, as well as novel management architectures and functionalities. This paper tackles these challenges by proposing a novel functional block called Security Operation Center (SOC), describing its architecture, specifying key requirements on the supported functionalities and providing guidelines on its integration with optical layer controller. Moreover, to boost efficiency of ML-based security diagnostic techniques when processing high-dimensional optical performance monitoring data in the presence of previously unseen physical-layer attacks, we combine unsupervised and semi-supervised learning techniques with three different dimensionality reduction methods and analyze the resulting performance and trade-offs between ML accuracy and run time complexity

Attack-Aware Routing and Wavelength Assignment of Scheduled Lightpath Demands

In Transparent Optical Networks, tra c is carried over lightpaths, creating a vir- tual topology over the physical connections of optical bers. Due to the increasingly high data rates and the vulnerabilities related to the transparency of optical network, security issues in transparent wavelength division multiplexing (WDM) optical net- works have become of great signi cance to network managers. In this thesis, we intro- duce some basic concepts of transparent optical network, the types and circumstances of physical-layer attacks and analysis of related work at rst. In addition, based on the previous researches, we present a novel approach and several new objective cri- terions for the problem of attack-aware routing and wavelength assignment. Integer Linear Programming (ILP) formulation is used to solve the routing sub-problem with the objective to minimize the disruption of physical-layer attack as well as to opti- mize Routing and Wavelength Assignment (RWA) of scheduled transparent optical network

Management and Control of Scalable and Resilient Next-Generation Optical Networks

Two research topics in next-generation optical networks with wavelength-division multiplexing (WDM) technologies were investigated: (1) scalability of network management and control, and (2) resilience/reliability of networks upon faults and attacks. In scalable network management, the scalability of management information for inter-domain light-path assessment was studied. The light-path assessment was formulated as a decision problem based on decision theory and probabilistic graphical models. It was found that partial information available can provide the desired performance, i.e., a small percentage of erroneous decisions can be traded off to achieve a large saving in the amount of management information. In network resilience under malicious attacks, the resilience of all-optical networks under in-band crosstalk attacks was investigated with probabilistic graphical models. Graphical models provide an explicit view of the spatial dependencies in attack propagation, as well as computationally efficient approaches, e.g., sum-product algorithm, for studying network resilience. With the proposed cross-layer model of attack propagation, key factors that affect the resilience of the network from the physical layer and the network layer were identified. In addition, analytical results on network resilience were obtained for typical topologies including ring, star, and mesh-torus networks. In network performance upon failures, traffic-based network reliability was systematically studied. First a uniform deterministic traffic at the network layer was adopted to analyze the impacts of network topology, failure dependency, and failure protection on network reliability. Then a random network layer traffic model with Poisson arrivals was applied to further investigate the effect of network layer traffic distributions on network reliability. Finally, asymptotic results of network reliability metrics with respect to arrival rate were obtained for typical network topologies under heavy load regime. The main contributions of the thesis include: (1) fundamental understandings of scalable management and resilience of next-generation optical networks with WDM technologies; and (2) the innovative application of probabilistic graphical models, an emerging approach in machine learning, to the research of communication networks.Ph.D.Committee Chair: Ji, Chuanyi; Committee Member: Chang, Gee-Kung; Committee Member: McLaughlin, Steven; Committee Member: Ralph, Stephen; Committee Member: Zegura, Elle

RGBD Datasets: Past, Present and Future

Since the launch of the Microsoft Kinect, scores of RGBD datasets have been released. These have propelled advances in areas from reconstruction to gesture recognition. In this paper we explore the field, reviewing datasets across eight categories: semantics, object pose estimation, camera tracking, scene reconstruction, object tracking, human actions, faces and identification. By extracting relevant information in each category we help researchers to find appropriate data for their needs, and we consider which datasets have succeeded in driving computer vision forward and why. Finally, we examine the future of RGBD datasets. We identify key areas which are currently underexplored, and suggest that future directions may include synthetic data and dense reconstructions of static and dynamic scenes.Comment: 8 pages excluding references (CVPR style

A Survey on Subsurface Signal Propagation

Wireless Underground Communication (WUC) is an emerging field that is being developed continuously. It provides secure mechanism of deploying nodes underground which shields them from any outside temperament or harsh weather conditions. This paper works towards introducing WUC and give a detail overview of WUC. It discusses system architecture of WUC along with the anatomy of the underground sensor motes deployed in WUC systems. It also compares Over-the-Air and Underground and highlights the major differences between the both type of channels. Since, UG communication is an evolving field, this paper also presents the evolution of the field along with the components and example UG wireless communication systems. Finally, the current research challenges of the system are presented for further improvement of the WUCs

Internet of Underwater Things and Big Marine Data Analytics -- A Comprehensive Survey

The Internet of Underwater Things (IoUT) is an emerging communication ecosystem developed for connecting underwater objects in maritime and underwater environments. The IoUT technology is intricately linked with intelligent boats and ships, smart shores and oceans, automatic marine transportations, positioning and navigation, underwater exploration, disaster prediction and prevention, as well as with intelligent monitoring and security. The IoUT has an influence at various scales ranging from a small scientific observatory, to a midsized harbor, and to covering global oceanic trade. The network architecture of IoUT is intrinsically heterogeneous and should be sufficiently resilient to operate in harsh environments. This creates major challenges in terms of underwater communications, whilst relying on limited energy resources. Additionally, the volume, velocity, and variety of data produced by sensors, hydrophones, and cameras in IoUT is enormous, giving rise to the concept of Big Marine Data (BMD), which has its own processing challenges. Hence, conventional data processing techniques will falter, and bespoke Machine Learning (ML) solutions have to be employed for automatically learning the specific BMD behavior and features facilitating knowledge extraction and decision support. The motivation of this paper is to comprehensively survey the IoUT, BMD, and their synthesis. It also aims for exploring the nexus of BMD with ML. We set out from underwater data collection and then discuss the family of IoUT data communication techniques with an emphasis on the state-of-the-art research challenges. We then review the suite of ML solutions suitable for BMD handling and analytics. We treat the subject deductively from an educational perspective, critically appraising the material surveyed.Comment: 54 pages, 11 figures, 19 tables, IEEE Communications Surveys & Tutorials, peer-reviewed academic journa

Security and Privacy for Modern Wireless Communication Systems

The aim of this reprint focuses on the latest protocol research, software/hardware development and implementation, and system architecture design in addressing emerging security and privacy issues for modern wireless communication networks. Relevant topics include, but are not limited to, the following: deep-learning-based security and privacy design; covert communications; information-theoretical foundations for advanced security and privacy techniques; lightweight cryptography for power constrained networks; physical layer key generation; prototypes and testbeds for security and privacy solutions; encryption and decryption algorithm for low-latency constrained networks; security protocols for modern wireless communication networks; network intrusion detection; physical layer design with security consideration; anonymity in data transmission; vulnerabilities in security and privacy in modern wireless communication networks; challenges of security and privacy in node–edge–cloud computation; security and privacy design for low-power wide-area IoT networks; security and privacy design for vehicle networks; security and privacy design for underwater communications networks

Workshop on Smart Sensors - Instrumentation and Measurement: Program

On 18-19 February, the School of Engineering successfully ran a two-day workshop on Smart Sensors - Instrumentation and Measurement. Associate Professor Rainer Künnemeyer organised the event on behalf of the IEEE Instrumentation and Measurement Society, New Zealand Chapter. Over 60 delegates attended and appreciated the 34 presentations which covered a wide range of topics related to sensors, sensor networks and instrumentation. There was substantial interest and support from local industry and crown research institutes