599 research outputs found
Towards Cyber Security for Low-Carbon Transportation: Overview, Challenges and Future Directions
In recent years, low-carbon transportation has become an indispensable part
as sustainable development strategies of various countries, and plays a very
important responsibility in promoting low-carbon cities. However, the security
of low-carbon transportation has been threatened from various ways. For
example, denial of service attacks pose a great threat to the electric vehicles
and vehicle-to-grid networks. To minimize these threats, several methods have
been proposed to defense against them. Yet, these methods are only for certain
types of scenarios or attacks. Therefore, this review addresses security aspect
from holistic view, provides the overview, challenges and future directions of
cyber security technologies in low-carbon transportation. Firstly, based on the
concept and importance of low-carbon transportation, this review positions the
low-carbon transportation services. Then, with the perspective of network
architecture and communication mode, this review classifies its typical attack
risks. The corresponding defense technologies and relevant security suggestions
are further reviewed from perspective of data security, network management
security and network application security. Finally, in view of the long term
development of low-carbon transportation, future research directions have been
concerned.Comment: 34 pages, 6 figures, accepted by journal Renewable and Sustainable
Energy Review
InfoTech Update, Volume 6, Number 3, May/June 1997
https://egrove.olemiss.edu/aicpa_news/4962/thumbnail.jp
Federated Learning in Intelligent Transportation Systems: Recent Applications and Open Problems
Intelligent transportation systems (ITSs) have been fueled by the rapid
development of communication technologies, sensor technologies, and the
Internet of Things (IoT). Nonetheless, due to the dynamic characteristics of
the vehicle networks, it is rather challenging to make timely and accurate
decisions of vehicle behaviors. Moreover, in the presence of mobile wireless
communications, the privacy and security of vehicle information are at constant
risk. In this context, a new paradigm is urgently needed for various
applications in dynamic vehicle environments. As a distributed machine learning
technology, federated learning (FL) has received extensive attention due to its
outstanding privacy protection properties and easy scalability. We conduct a
comprehensive survey of the latest developments in FL for ITS. Specifically, we
initially research the prevalent challenges in ITS and elucidate the
motivations for applying FL from various perspectives. Subsequently, we review
existing deployments of FL in ITS across various scenarios, and discuss
specific potential issues in object recognition, traffic management, and
service providing scenarios. Furthermore, we conduct a further analysis of the
new challenges introduced by FL deployment and the inherent limitations that FL
alone cannot fully address, including uneven data distribution, limited storage
and computing power, and potential privacy and security concerns. We then
examine the existing collaborative technologies that can help mitigate these
challenges. Lastly, we discuss the open challenges that remain to be addressed
in applying FL in ITS and propose several future research directions
Virtual network function development for NG-PON Access Network Architecture
Dissertação de mestrado em Engenharia de Redes e Serviços TelemáticosThe access to Internet services on a large scale, high throughput and low latency has grown
at a very high pace over time, with a growing demand for media content and applications
increasingly oriented towards data consumption. This fact about the use of data at the edge
of the network requires the Central Offices (CO) of telecommunication providers, to be pre pared to absorb these demands. COs generally offer data from various access methods, such
as Passive Optical Network (PON) technologies, mobile networks, copper wired and oth ers. For each of these technologies there may be different manufacturers that support only
their respective hardware and software solutions, although they all share different network
resources and have management, configuration and monitoring tools (Fault, Configuration,
Accounting, Performance, and Security management - FCAPS) similar, but being distinct and
isolated from each other, which produces huge investment in Capital Expenditure (CAPEX)
and Operational Expenditure (OPEX) and can cause barriers to innovation. Such panora mas forced the development of more flexible, scalable solutions that share platforms and net work architectures that can meet this need and enable the evolution of networks. It is then
proposed the architecture of Software-Defined Network (SDN) which has in its proposal to
abstract the control plane from the data plane, in addition to the virtualization of several Net work Function Virtualization (NFV). The SDN architecture allows APIs and protocols such
as Openflow, NETCONF / YANG, RESTCONF, gRPC and others to be used so that there is
communication between the various hardware and software elements that compose the net work and consume network resources, such as services AAA, DHCP, routing, orchestration,
management or various applications that may exist in this context.
This work then aims at the development of a virtualized network function, namely a VNF
in the context of network security to be integrated as a component of an architecture guided
by the SDN paradigm applied to broadband networks, and also adherent to the architecture
OB-BAA promoted by the Broadband Forum. Such OB-BAA architecture fits into the initia tive to modernize the Information Technology (IT) components of broadband networks, more
specifically the Central Offices. With such development, it was intended to explore the con cepts of network security, such as the IEEE 802.1X protocol applied in NG-PON networks
for authentication and authorization of new network equipment. To achieve this goal, the
development of the applications was based on the Golang language combined with gRPC
programmable interfaces for communication between the various elements of the architec ture. Network emulators were initially used, and then the components were ”containerized”
and inserted in the Docker and Kubernetes virtualization frameworks. Finally, performance
metrics were analyzed in the usage tests, namely computational resource usage metrics (CPU,
memory and network I/O), in addition to the execution time of several processes performed
by the developed applications.O acesso aos serviços de Internet em larga escala, alto débito e baixa latência têm crescido em
um ritmo bastante elevado ao longo dos tempos, com uma demanda crescente por conteúdos
de media e aplicações cada vez mais orientadas ao consumo de dados. Tal fato acerca da uti lização de dados na periferia da rede, obriga a que os Central Offices (CO) dos provedores de
telecomunicações estejam preparados para absorver estas demandas. Os CO geralmente re cebem dados de diversos métodos de acesso, como tecnologias Passive Optical Network (PON),
redes móveis, cabladas em cobre, entre outros. Para cada uma destas tecnologias pode haver
diferentes fabricantes que suportam somente suas respetivas soluções de hardware e software,
apesar de todas compartilharem diversos recursos de rede e possuírem ferramentas de gestão,
configuração e monitoração (Fault-management, Configuration, Accounting, Performance e
Segurança - FCAPS) similares, mas serem distintas e isoladas entre si, o que se traduz em
um enorme investimento em Capital Expenditure (CAPEX) e Operational Expenditure (OPEX) e
pode causar barreiras à inovação. Tais panoramas forçaram o desenvolvimento de soluções
mais flexíveis, escaláveis e que compartilhem plataformas e arquiteturas de redes que pos sam suprir tal necessidade e possibilitar a evolução das redes. Propõe-se então a arquitetura
de redes definidas por software (Software-Defined Network - SDN) que tem em sua proposta
abstrair o plano de controle do plano de dados, além da virtualização de diversas funções de
rede (Network Function Virtualization - NFV). A arquitetura SDN possibilita que API’s e pro tocolos como Openflow, NETCONF/YANG, RESTCONF, gRPC e outros, sejam utilizados
para que haja comunicação entre os diversos elementos de hardware e software que estejam a
compor a rede e a consumir recursos de redes, como serviços de AAA, DHCP, roteamento,
orquestração, gestão ou diversas outras aplicações que possam existir neste contexto.
Este trabalho visa então o desenvolvimento de uma função de rede virtualizada nomeada mente uma (Virtual Network Function - VNF) no âmbito de segurança de redes a ser integrada
como um componente de uma arquitetura orientada pelo paradigma de SDN aplicado a re des de banda larga, e aderente também à arquitetura OB-BAA promovida pelo Broadband Fo rum. Tal arquitetura OB-BAA se enquadra na iniciativa de modernização dos componentes
de Tecnologia da Informação (TI) das redes de banda larga, mais especificamente dos Cen tral Offices. Com tal desenvolvimento pretende-se explorar conceitos de segurança de redes,
como o protocolo IEEE 802.1X aplicado em redes NG-PON para autenticação e autorização
de novos equipamentos de rede. Para atingir tal objetivo, utilizou-se desenvolvimento de
aplicações baseadas na linguagem Golang aliado com interfaces programáveis gRPC para
comunicação entre os diversos elementos da arquitetura. Para emular tais componentes,
utilizou-se inicialmente emuladores de rede, e em um segundo momento os componentes
foram ”containerizados” e inseridos nos frameworks de virtualização Docker e Kubernetes.Por fim, foram analisadas métricas de desempenho nos testes executados, nomeadamente
métricas de utilização de recursos computacionais (CPU, memória e tráfego de rede), além
do tempo de execução de diversos processos desempenhados pelas aplicações desenvolvidas
Peer-to-Peer File Sharing WebApp: Enhancing Data Security and Privacy through Peer-to-Peer File Transfer in a Web Application
Peer-to-peer (P2P) networking has emerged as a promising technology that enables distributed systems to operate in a decentralized manner. P2P networks are based on a model where each node in the network can act as both a client and a server, thereby enabling data and resource sharing without relying on centralized servers. The P2P model has gained considerable attention in recent years due to its potential to provide a scalable, fault-tolerant, and resilient architecture for various applications such as file sharing, content distribution, and social networks.In recent years, researchers have also proposed hybrid architectures that combine the benefits of both structured and unstructured P2P networks. For example, the Distributed Hash Table (DHT) is a popular hybrid architecture that provides efficient lookup and search algorithms while maintaining the flexibility and adaptability of the unstructured network.To demonstrate the feasibility of P2P systems, several prototypes have been developed, such as the BitTorrent file-sharing protocol and the Skype voice-over-IP (VoIP) service. These prototypes have demonstrated the potential of P2P systems for large-scale applications and have paved the way for the development of new P2P-based systems
The iFlame client-based instantaneous datagram communication substrate
Thesis (M. Eng.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 1996.Includes bibliographical references (leaves 69-70).by David Michael LaMacchia.M.Eng
A graph oriented approach for network forensic analysis
Network forensic analysis is a process that analyzes intrusion evidence captured from networked environment to identify suspicious entities and stepwise actions in an attack scenario. Unfortunately, the overwhelming amount and low quality of output from security sensors make it difficult for analysts to obtain a succinct high-level view of complex multi-stage intrusions.
This dissertation presents a novel graph based network forensic analysis system. The evidence graph model provides an intuitive representation of collected evidence as well as the foundation for forensic analysis. Based on the evidence graph, we develop a set of analysis components in a hierarchical reasoning framework. Local reasoning utilizes fuzzy inference to infer the functional states of an host level entity from its local observations. Global reasoning performs graph structure analysis to identify the set of highly correlated hosts that belong to the coordinated attack scenario. In global reasoning, we apply spectral clustering and Pagerank methods for generic and targeted investigation
respectively. An interactive hypothesis testing procedure is developed to identify hidden attackers from non-explicit-malicious evidence. Finally, we introduce the notion of target-oriented effective event sequence (TOEES) to semantically reconstruct stealthy attack scenarios with less dependency on ad-hoc expert knowledge. Well established computation methods used in our approach provide the scalability needed to perform
post-incident analysis in large networks. We evaluate the techniques with a number of intrusion detection datasets and the experiment results show that our approach is effective in identifying complex multi-stage attacks
Recommended from our members
A Comprehensive Survey of Voice over IP Security Research
We present a comprehensive survey of Voice over IP security academic research, using a set of 245 publications forming a closed cross-citation set. We classify these papers according to an extended version of the VoIP Security Alliance (VoIPSA) Threat Taxonomy. Our goal is to provide a roadmap for researchers seeking to understand existing capabilities and to identify gaps in addressing the numerous threats and vulnerabilities present in VoIP systems. We discuss the implications of our findings with respect to vulnerabilities reported in a variety of VoIP products. We identify two specific problem areas (denial of service, and service abuse) as requiring significant more attention from the research community. We also find that the overwhelming majority of the surveyed work takes a black box view of VoIP systems that avoids examining their internal structure and implementation. Such an approach may miss the mark in terms of addressing the main sources of vulnerabilities, i.e., implementation bugs and misconfigurations. Finally, we argue for further work on understanding cross-protocol and cross-mechanism vulnerabilities (emergent properties), which are the byproduct of a highly complex system-of-systems and an indication of the issues in future large-scale systems
- …