Management and Service-aware Networking Architectures (MANA) for Future Internet Position Paper: System Functions, Capabilities and Requirements

Future Internet (FI) research and development threads have recently been gaining momentum all over the world and as such the international race to create a new generation Internet is in full swing: GENI, Asia Future Internet, Future Internet Forum Korea, European Union Future Internet Assembly (FIA). This is a position paper identifying the research orientation with a time horizon of 10 years, together with the key challenges for the capabilities in the Management and Service-aware Networking Architectures (MANA) part of the Future Internet (FI) allowing for parallel and federated Internet(s)

Smart grid architecture for rural distribution networks: application to a Spanish pilot network

This paper presents a novel architecture for rural distribution grids. This architecture is designed to modernize traditional rural networks into new Smart Grid ones. The architecture tackles innovation actions on both the power plane and the management plane of the system. In the power plane, the architecture focuses on exploiting the synergies between telecommunications and innovative technologies based on power electronics managing low scale electrical storage. In the management plane, a decentralized management system is proposed based on the addition of two new agents assisting the typical Supervisory Control And Data Acquisition (SCADA) system of distribution system operators. Altogether, the proposed architecture enables operators to use more effectively—in an automated and decentralized way—weak rural distribution systems, increasing the capability to integrate new distributed energy resources. This architecture is being implemented in a real Pilot Network located in Spain, in the frame of the European Smart Rural Grid project. The paper also includes a study case showing one of the potentialities of one of the principal technologies developed in the project and underpinning the realization of the new architecture: the so-called Intelligent Distribution Power Router.Postprint (published version

Evolving Ensemble Fuzzy Classifier

The concept of ensemble learning offers a promising avenue in learning from data streams under complex environments because it addresses the bias and variance dilemma better than its single model counterpart and features a reconfigurable structure, which is well suited to the given context. While various extensions of ensemble learning for mining non-stationary data streams can be found in the literature, most of them are crafted under a static base classifier and revisits preceding samples in the sliding window for a retraining step. This feature causes computationally prohibitive complexity and is not flexible enough to cope with rapidly changing environments. Their complexities are often demanding because it involves a large collection of offline classifiers due to the absence of structural complexities reduction mechanisms and lack of an online feature selection mechanism. A novel evolving ensemble classifier, namely Parsimonious Ensemble pENsemble, is proposed in this paper. pENsemble differs from existing architectures in the fact that it is built upon an evolving classifier from data streams, termed Parsimonious Classifier pClass. pENsemble is equipped by an ensemble pruning mechanism, which estimates a localized generalization error of a base classifier. A dynamic online feature selection scenario is integrated into the pENsemble. This method allows for dynamic selection and deselection of input features on the fly. pENsemble adopts a dynamic ensemble structure to output a final classification decision where it features a novel drift detection scenario to grow the ensemble structure. The efficacy of the pENsemble has been numerically demonstrated through rigorous numerical studies with dynamic and evolving data streams where it delivers the most encouraging performance in attaining a tradeoff between accuracy and complexity.Comment: this paper has been published by IEEE Transactions on Fuzzy System

Applying Lessons from Cyber Attacks on Ukrainian Infrastructures to Secure Gateways onto the Industrial Internet of Things

Previous generations of safety-related industrial control systems were ‘air gapped’. In other words, process control components including Programmable Logic Controllers (PLCs) and smart sensor/actuators were disconnected and isolated from local or wide area networks. This provided a degree of protection; attackers needed physical access to compromise control systems components. Over time this ‘air gap’ has gradually been eroded. Switches and gateways have subsequently interfaced industrial protocols, including Profibus and Modbus, so that data can be drawn from safety-related Operational Technology into enterprise information systems using TCP/IP. Senior management uses these links to monitor production processes and inform strategic planning. The Industrial Internet of Things represents another step in this evolution – enabling the coordination of physically distributed resources from a centralized location. The growing range and sophistication of these interconnections create additional security concerns for the operation and management of safety-critical systems. This paper uses lessons learned from recent attacks on Ukrainian critical infrastructures to guide a forensic analysis of an IIoT switch. The intention is to identify and mitigate vulnerabilities that would enable similar attacks to be replicated across Europe and North America

Flooding attacks to internet threat monitors (ITM): Modeling and counter measures using botnet and honeypots

The Internet Threat Monitoring (ITM),is a globally scoped Internet monitoring system whose goal is to measure, detect, characterize, and track threats such as distribute denial of service(DDoS) attacks and worms. To block the monitoring system in the internet the attackers are targeted the ITM system. In this paper we address flooding attack against ITM system in which the attacker attempt to exhaust the network and ITM's resources, such as network bandwidth, computing power, or operating system data structures by sending the malicious traffic. We propose an information-theoretic frame work that models the flooding attacks using Botnet on ITM. Based on this model we generalize the flooding attacks and propose an effective attack detection using Honeypots