Sonification of Network Traffic for Detecting and Learning About Botnet Behavior

Today's computer networks are under increasing threat from malicious activity. Botnets (networks of remotely controlled computers, or "bots") operate in such a way that their activity superficially resembles normal network traffic which makes their behaviour hard to detect by current Intrusion Detection Systems (IDS). Therefore, new monitoring techniques are needed to enable network operators to detect botnet activity quickly and in real time. Here we show a sonification technique using the SoNSTAR system that maps characteristics of network traffic to a real-time soundscape enabling an operator to hear and detect botnet activity. A case study demonstrated how using traffic log files alongside the interactive SoNSTAR system enabled the identification of new traffic patterns that characteristic botnet behaviour and subsequently the effective targeting and real-time detection of botnet activity. An experiment using the 11.39 GiB ISOT Botnet Dataset, containing labelled botnet traffic data, compared the SoNSTAR system with three leading machine learning-based traffic classifiers in a botnet activity detection test. SoNSTAR demonstrated greater accuracy, precision and recall and much lower false positive rates than the other techniques. The knowledge generated about characteristic botnet behaviours could be used in the development of future IDSs

Systematic literature review for malware visualization techniques

Analyzing the activities or the behaviors of malicious scripts highly depends on extracted features. It is also significant to know which features are more effective for certain visualization types. Similarly, selecting an appropriate visualization technique plays a key role for analytical descriptive, diagnostic, predictive and prescriptive. Thus, the visualization technique should provide understandable information about the malicious code activities. This paper followed systematic literature review method in order to review the extracted features that are used to identify the malware, different types of visualization techniques and guidelines to select the right visualization techniques. An advanced search has been performed in most relevant digital libraries to obtain potentially relevant articles. The results demonstrate significant resources and types of features that are important to analyze malware activities and common visualization techniques that are currently used and methods to choose the right visualization technique in order to analyze the security events effectively

Applied Metaheuristic Computing

For decades, Applied Metaheuristic Computing (AMC) has been a prevailing optimization technique for tackling perplexing engineering and business problems, such as scheduling, routing, ordering, bin packing, assignment, facility layout planning, among others. This is partly because the classic exact methods are constrained with prior assumptions, and partly due to the heuristics being problem-dependent and lacking generalization. AMC, on the contrary, guides the course of low-level heuristics to search beyond the local optimality, which impairs the capability of traditional computation methods. This topic series has collected quality papers proposing cutting-edge methodology and innovative applications which drive the advances of AMC

Networks, Communication, and Computing Vol. 2

Networks, communications, and computing have become ubiquitous and inseparable parts of everyday life. This book is based on a Special Issue of the Algorithms journal, and it is devoted to the exploration of the many-faceted relationship of networks, communications, and computing. The included papers explore the current state-of-the-art research in these areas, with a particular interest in the interactions among the fields

Proceedings, MSVSCC 2012

Proceedings of the 6th Annual Modeling, Simulation & Visualization Student Capstone Conference held on April 19, 2012 at VMASC in Suffolk, Virginia

Applied Methuerstic computing

For decades, Applied Metaheuristic Computing (AMC) has been a prevailing optimization technique for tackling perplexing engineering and business problems, such as scheduling, routing, ordering, bin packing, assignment, facility layout planning, among others. This is partly because the classic exact methods are constrained with prior assumptions, and partly due to the heuristics being problem-dependent and lacking generalization. AMC, on the contrary, guides the course of low-level heuristics to search beyond the local optimality, which impairs the capability of traditional computation methods. This topic series has collected quality papers proposing cutting-edge methodology and innovative applications which drive the advances of AMC

Information-Centric Design and Implementation for Underwater Acoustic Networks

Over the past decade, Underwater Acoustic Networks (UANs) have received extensive attention due to their vast benefits in academia and industry alike. However, due to the overall magnitude and harsh characteristics of underwater environments, standard wireless network techniques will fail because current technology and energy restrictions limit underwater devices due to delayed acoustic communications. To help manage these limitations we utilize Information-Centric Networking (ICN). More importantly, we look at ICN\u27s paradigm shift from traditional TCP/IP architecture to improve data handling and enhance network efficiency. By utilizing some of ICN\u27s techniques, such as data naming hierarchy, we can reevaluate each component of the network\u27s protocol stack given current underwater limitations to study the vast solutions and perspectives Information-Centric architectures can provide to UANs. First, we propose a routing strategy used to manage and route large data files in a network prone to high mobility. Therefore, due to UANs limited transmitting capability, we passively store sensed data and adaptively find the best path. Furthermore, we introduce adapted Named Data Networking (NDN) components to improve upon routing robustness and adaptiveness. Beyond naming data, we use tracers to assist in tracking stored data locations without using other excess means such as flooding. By collaborating tracer consistency with routing path awareness our protocol can adaptively manage faulty or high mobility nodes. Through this incorporation of varied NDN techniques, we are able to see notable improvements in routing efficiency. Second, we analyze the effects of Denial of Service (DoS) attacks on upper layer protocols. Since UANs are typically resource restrained, malicious users can advantageously create fake traffic to burden the already constrained network. While ICN techniques only provide basic DoS restriction we must expand our detection and restriction technique to meet the unique demands of UANs. To provide enhanced security against DoS we construct an algorithm to detect and restrict against these types of attacks while adapting to meet acoustic characteristics. To better extend this work we incorporate three node behavior techniques using probabilistic, adaptive, and predictive approaches for detecting malicious traits. Thirdly, to depict and test protocols in UANs, simulators are commonly used due to their accessibility and controlled testing aspects. For this section, we review Aqua-Sim, a discrete event-driven open-source underwater simulator. To enhance the core aspect of this simulator we first rewrite the current architecture and transition Aqua-Sim to the newest core simulator, NS-3. Following this, we clean up redundant features spread out between the various underwater layers. Additionally, we fully integrate the diverse NS-3 API within our simulator. By revamping previous code layout we are able to improve architecture modularity and child class expandability. New features are also introduced including localization and synchronization support, busy terminal problem support, multi-channel support, transmission range uncertainty modules, external noise generators, channel trace-driven support, security module, and an adapted NDN module. Additionally, we provide extended documentation to assist in user development. Simulation testing shows improved memory management and continuous validity in comparison to other underwater simulators and past iterations of Aqua-Sim

Secure Large Scale Penetration of Electric Vehicles in the Power Grid

As part of the approaches used to meet climate goals set by international environmental agreements, policies are being applied worldwide for promoting the uptake of Electric Vehicles (EV)s. The resulting increase in EV sales and the accompanying expansion in the EV charging infrastructure carry along many challenges, mostly infrastructure-related. A pressing need arises to strengthen the power grid to handle and better manage the electricity demand by this mobile and geo-distributed load. Because the levels of penetration of EVs in the power grid have recently started increasing with the increase in EV sales, the real-time management of en-route EVs, before they connect to the grid, is quite recent and not many research works can be found in the literature covering this topic comprehensively. In this dissertation, advances and novel ideas are developed and presented, seizing the opportunities lying in this mobile load and addressing various challenges that arise in the application of public charging for EVs. A Bilateral Decision Support System (BDSS) is developed here for the management of en-route EVs. The BDSS is a middleware-based MAS that achieves a win-win situation for the EVs and the power grid. In this framework, the two are complementary in a way that the desired benefit of one cannot be achieved without attaining that of the other. A Fuzzy Logic based on-board module is developed for supporting the decision of the EV as to which charging station to charge at. GPU computing is used in the higher-end agents to handle the big amount of data resulting in such a large scale system with mobile and geo-distributed nodes. Cyber security risks that threaten the BDSS are assessed and measures are applied to revoke possible attacks. Furthermore, the Collective Distribution of Mobile Loads (CDML), a service with ancillary potential to the power system, is developed. It comprises a system-level optimization. In this service, the EVs requesting a public charging session are collectively redistributed onto charging stations with the objective of achieving the optimal and secure operation of the power system by reducing active power losses in normal conditions and mitigating line congestions in contingency conditions. The CDML uses the BDSS as an industrially viable tool to achieve the outcomes of the optimization in real time. By participating in this service, the EV is considered as an interacting node in the system-wide communication platform, providing both enhanced self-convenience in terms of access to public chargers, and contribution to the collective effort of providing benefit to the power system under the large scale uptake of EVs. On the EV charger level, several advantages have been reported favoring wireless charging of EVs over wired charging. Given that, new techniques are presented that facilitate the optimization of the magnetic link of wireless EV chargers while considering international EMC standards. The original techniques and developments presented in this dissertation were experimentally verified at the Energy Systems Research Laboratory at FIU

INTER-ENG 2020

These proceedings contain research papers that were accepted for presentation at the 14th International Conference Inter-Eng 2020 ,Interdisciplinarity in Engineering, which was held on 8–9 October 2020, in Târgu Mureș, Romania. It is a leading international professional and scientific forum for engineers and scientists to present research works, contributions, and recent developments, as well as current practices in engineering, which is falling into a tradition of important scientific events occurring at Faculty of Engineering and Information Technology in the George Emil Palade University of Medicine, Pharmacy Science, and Technology of Târgu Mures, Romania. The Inter-Eng conference started from the observation that in the 21st century, the era of high technology, without new approaches in research, we cannot speak of a harmonious society. The theme of the conference, proposing a new approach related to Industry 4.0, was the development of a new generation of smart factories based on the manufacturing and assembly process digitalization, related to advanced manufacturing technology, lean manufacturing, sustainable manufacturing, additive manufacturing, and manufacturing tools and equipment. The conference slogan was “Europe’s future is digital: a broad vision of the Industry 4.0 concept beyond direct manufacturing in the company”

Strategic Latency Unleashed: The Role of Technology in a Revisionist Global Order and the Implications for Special Operations Forces

The article of record may be found at https://cgsr.llnl.govThis work was performed under the auspices of the U.S. Department of Energy by Lawrence Livermore National Laboratory in part under Contract W-7405-Eng-48 and in part under Contract DE-AC52-07NA27344. The views and opinions of the author expressed herein do not necessarily state or reflect those of the United States government or Lawrence Livermore National Security, LLC. ISBN-978-1-952565-07-6 LCCN-2021901137 LLNL-BOOK-818513 TID-59693This work was performed under the auspices of the U.S. Department of Energy by Lawrence Livermore National Laboratory in part under Contract W-7405-Eng-48 and in part under Contract DE-AC52-07NA27344. The views and opinions of the author expressed herein do not necessarily state or reflect those of the United States government or Lawrence Livermore National Security, LLC. ISBN-978-1-952565-07-6 LCCN-2021901137 LLNL-BOOK-818513 TID-5969