Efficiency and Accuracy Enhancement of Intrusion Detection System Using Feature Selection and Cross-layer Mechanism

The dramatic increase in the number of connected devices and the significant growth of the network traffic data have led to many security vulnerabilities and cyber-attacks. Hence, developing new methods to secure the network infrastructure and protect data from malicious and unauthorized access becomes a vital aspect of communication network design. Intrusion Detection Systems (IDSs), as common widely used security techniques, are critical to detect network attacks and unauthorized network access and thus minimize further cyber-attack damages. However, there are a number of weaknesses that need to be addressed to make reliable IDS for real-world applications. One of the fundamental challenges is the large number of redundant and non-relevant data. Feature selection emerges as a necessary step in efficient IDS design to overcome high dimensionality problem and enhance the performance of IDS through the reduction of its complexity and the acceleration of the detection process. Moreover, detection algorithm has significant impact on the performance of IDS. Machine learning techniques are widely used in such systems which is studied in details in this dissertation. One of the most destructive activities in wireless networks such as MANET is packet dropping. The existence of the intrusive attackers in the network is not the only cause of packet loss. In fact, packet drop can occur because of faulty network. Hence, in order detect the packet dropping caused by a malicious activity of an attacker, information from various layers of the protocol is needed to detect malicious packet loss effectively. To this end, a novel cross-layer design for malicious packet loss detection in MANET is proposed using features from physical layer, network layer and MAC layer to make a better detection decision. Trust-based mechanism is adopted in this design and a packet loss free routing algorithm is presented accordingly

Using routing information to optimize synchronization of replicated event notification mediators in sparse MANETs

Mobile Ad-Hoc Networks maintain information about reachable nodes in the routing table. In many application scenarios, human groups play an important role. This is visible at the network level as independent network partitions which are for some time stable before their members change through merging or partitioning. We use the information from stable routing tables to optimize the synchronization of Mediators in our Distributed Event Notification System. In a stable partition each node has the same information, thus a single Mediator can efficiently coordinate the synchronization, while all other Mediators just receive updates. We show in our experiments that just a few seconds are needed until routing tables stabilize and all nodes have a common view of the partition. We present a heuristic which each individual node uses to determine the proper time to synchronize. Furthermore, we show how exceptions, like disappearing coordinating Mediators and unexpected messages, can be efficiently handled

Mobile Ad-Hoc Networks

Being infrastructure-less and without central administration control, wireless ad-hoc networking is playing a more and more important role in extending the coverage of traditional wireless infrastructure (cellular networks, wireless LAN, etc). This book includes state-of-the-art techniques and solutions for wireless ad-hoc networks. It focuses on the following topics in ad-hoc networks: quality-of-service and video communication, routing protocol and cross-layer design. A few interesting problems about security and delay-tolerant networks are also discussed. This book is targeted to provide network engineers and researchers with design guidelines for large scale wireless ad hoc networks

A novel Big Data analytics and intelligent technique to predict driver's intent

Modern age offers a great potential for automatically predicting the driver's intent through the increasing miniaturization of computing technologies, rapid advancements in communication technologies and continuous connectivity of heterogeneous smart objects. Inside the cabin and engine of modern cars, dedicated computer systems need to possess the ability to exploit the wealth of information generated by heterogeneous data sources with different contextual and conceptual representations. Processing and utilizing this diverse and voluminous data, involves many challenges concerning the design of the computational technique used to perform this task. In this paper, we investigate the various data sources available in the car and the surrounding environment, which can be utilized as inputs in order to predict driver's intent and behavior. As part of investigating these potential data sources, we conducted experiments on e-calendars for a large number of employees, and have reviewed a number of available geo referencing systems. Through the results of a statistical analysis and by computing location recognition accuracy results, we explored in detail the potential utilization of calendar location data to detect the driver's intentions. In order to exploit the numerous diverse data inputs available in modern vehicles, we investigate the suitability of different Computational Intelligence (CI) techniques, and propose a novel fuzzy computational modelling methodology. Finally, we outline the impact of applying advanced CI and Big Data analytics techniques in modern vehicles on the driver and society in general, and discuss ethical and legal issues arising from the deployment of intelligent self-learning cars

Conception d’un support de communication opportuniste pour les services pervasifs

The vision of pervasive computing of building interactive smart spaces in the physical environment is gradually heading from the research domain to reality. Computing capacity is moving beyond personal computers to many day-to-day devices, and these devices become, thanks to multiple interfaces, capable of communicating directly with one another or of connecting to the Internet.In this thesis, we are interested in a kind of pervasive computing environment that forms what we call an Intermittently Connected Hybrid Network (ICHN). An ICHN is a network composed of two parts: a fixed and a mobile part. The fixed part is formed of some fixed infostations (potentially connected together with some fixed infrastructure, typically the Internet). The mobile part, on the other hand, is formed of smartphones carried by nomadic people. While the fixed part is mainly stable, the mobile part is considered challenging and form what is called an Opportunistic Network. Indeed, relying on short-range communication means coupled with the free movements of people and radio interferences lead to frequent disconnections. To perform a network-wide communication, the "store, carry and forward" approach is usually applied. With this approach, a message can be stored temporarily on a device, in order to be forwarded later when circumstances permit. Any device can opportunistically be used as an intermediate relay to facilitate the propagation of a message from one part of the network to another. In this context, the provisioning of pervasive services is particularly challenging, and requires revisiting important components of the provisioning process, such as performing pervasive service discovery and invocation with the presence of connectivity disruptions and absence of both end-to-end paths and access continuity due to user mobility. This thesis addresses the problems of providing network-wide service provisioning in ICHNs and proposes solutions for pervasive service discovery, invocation and access continuity. Concerning service discovery challenge, we propose TAO-DIS, a service discovery protocol that performs an automatic and fast service discovery mechanism. TAO-DIS takes into account the hybrid nature of an ICHN and that the majority of services are provided by infostations. It permits mobile users to discover all the services in the surrounding environment in order to identify and choose the most convenient ones. To allow users to interact with the discovered services, we introduce TAO-INV. TAO-INV is a service invocation protocol specifically designed for ICHNs. It relies on a set of heuristics and mechanisms that ensures performing efficient routing of messages (both service requests and responses) between fixed infostations and mobile clients while preserving both low values of overhead and round trip delays. Since some infostations in the network might be connected, we propose a soft handover mechanism that modifies the invocation process in order to reduce service delivery delays. This handover mechanism takes into consideration the opportunistic nature of the mobile part of the ICHN. We have performed various experiments to evaluate our solutions and compare them with other protocols designed for ad hoc and opportunistic networks. The obtained results tend to prove that our solutions outperform these protocols, namely thanks to the optimizations we have developed for ICHNs. In our opinion, building specialized protocols that benefit from techniques specifically designed for ICHNs is an approach that should be pursued, in complement with research works on general-purpose communication protocolsLa vision de l'informatique ubiquitaire permettant de construire des espaces intelligents interactifs dans l'environnement physique passe, peu à peu, du domaine de la recherche à la réalité. La capacité de calcul ne se limite plus à l'ordinateur personnel mais s'intègre dans de multiples appareils du quotidien, et ces appareils deviennent, grâce à plusieurs interfaces, capables de communiquer directement les uns avec les autres ou bien de se connecter à Internet.Dans cette thèse, nous nous sommes intéressés à un type d'environnement cible de l'informatique ubiquitaire qui forme ce que nous appelons un réseau hybride à connexions intermittentes (ICHN). Un ICHN est un réseau composé de deux parties : une partie fixe et une partie mobile. La partie fixe est constituée de plusieurs infostations fixes (potentiellement reliées entre elles avec une infrastructure fixe, typiquement l'Internet). La partie mobile, quant à elle, est constituée de smartphones portés par des personnes nomades. Tandis que la partie fixe est principalement stable, la partie mobile pose un certain nombre de défis propres aux réseaux opportunistes. En effet, l'utilisation de moyens de communication à courte portée couplée à des déplacements de personnes non contraints et à des interférences radio induit des déconnexions fréquentes. Le concept du "store, carry and forward" est alors habituellement appliqué pour permettre la communication sur l'ensemble du réseau. Avec cette approche, un message peut être stocké temporairement sur un appareil avant d'être transféré plus tard quand les circonstances sont plus favorables. Ainsi, n'importe quel appareil devient un relai de transmission opportuniste qui permet de faciliter la propagation d'un message dans le réseau. Dans ce contexte, la fourniture de services est particulièrement problématique, et exige de revisiter les composants principaux du processus de fourniture, tels que la découverte et l'invocation de service, en présence de ruptures de connectivité et en l'absence de chemins de bout en bout. Cette thèse aborde les problèmes de fourniture de service sur l'ensemble d'un ICHN et propose des solutions pour la découverte de services, l'invocation et la continuité d'accès. En ce qui concerne le défi de la découverte de services, nous proposons TAO-DIS, un protocole qui met en œuvre un mécanisme automatique et rapide de découverte de services. TAO-DIS tient compte de la nature hybride d'un ICHN et du fait que la majorité des services sont fournis par des infostations. Il permet aux utilisateurs mobiles de découvrir tous les services dans l'environnement afin d'identifier et de choisir les plus intéressants. Pour permettre aux utilisateurs d'interagir avec les services découverts, nous introduisons TAO-INV. TAO-INV est un protocole d'invocation de service spécialement conçu pour les ICHN. Il se fonde sur un ensemble d'heuristiques et de mécanismes qui assurent un acheminement efficace des messages (des requêtes et des réponses de services) entre les infostations fixes et les clients mobiles tout en conservant un surcoût et des temps de réponses réduits. Puisque certaines infostations dans le réseau peuvent être reliées entre elles, nous proposons un mécanisme de continuité d'accès (handover) qui modifie le processus d'invocation pour réduire les délais de délivrance. Dans sa définition, il est tenu compte de la nature opportuniste de la partie mobile de l'ICHN. Nous avons mené diverses expérimentations pour évaluer nos solutions et les comparer à d'autres protocoles conçus pour des réseaux ad hoc et des réseaux opportunistes. Les résultats obtenus tendent à montrer que nos solutions surpassent ces autres protocoles, notamment grâce aux optimisations que nous avons développées pour les ICHN. À notre avis, construire des protocoles spécialisés qui tirent parti des techniques spécifiquement conçues pour les ICHN est une approche à poursuivre en complément des recherches sur des protocoles de communication polyvalent

Protocole de routage à chemins multiples pour des réseaux ad hoc

Ad hoc networks consist of a collection of wireless mobile nodes which dynamically exchange data without reliance on any fixed based station or a wired backbone network. They are by definition self-organized. The frequent topological changes make multi-hops routing a crucial issue for these networks. In this PhD thesis, we propose a multipath routing protocol named Multipath Optimized Link State Routing (MP-OLSR). It is a multipath extension of OLSR, and can be regarded as a hybrid routing scheme because it combines the proactive nature of topology sensing and reactive nature of multipath computation. The auxiliary functions as route recovery and loop detection are introduced to improve the performance of the network. The usage of queue length metric for link quality criteria is studied and the compatibility between single path and multipath routing is discussed to facilitate the deployment of the protocol. The simulations based on NS2 and Qualnet softwares are performed in different scenarios. A testbed is also set up in the campus of Polytech’Nantes. The results from the simulator and testbed reveal that MP-OLSR is particularly suitable for mobile, large and dense networks with heavy network load thanks to its ability to distribute the traffic into different paths and effective auxiliary functions. The H.264/SVC video service is applied to ad hoc networks with MP-OLSR. By exploiting the scalable characteristic of H.264/SVC, we propose to use Priority Forward Error Correction coding based on Finite Radon Transform (FRT) to improve the received video quality. An evaluation framework called SVCEval is built to simulate the SVC video transmission over different kinds of networks in Qualnet. This second study highlights the interest of multiple path routing to improve quality of experience over self-organized networks.Les réseaux ad hoc sont constitués d’un ensemble de nœuds mobiles qui échangent des données sans infrastructure de type point d’accès ou artère filaire. Ils sont par définition auto-organisés. Les changements fréquents de topologie des réseaux ad hoc rendent le routage multi-sauts très problématique. Dans cette thèse, nous proposons un protocole de routage à chemins multiples appelé Multipath Optimized Link State Routing (MP-OLSR). C’est une extension d’OLSR à chemins multiples qui peut être considérée comme une méthode de routage hybride. En effet, MP-OLSR combine la caractéristique proactive de la détection de topologie et la caractéristique réactive du calcul de chemins multiples qui est effectué à la demande. Les fonctions auxiliaires comme la récupération de routes ou la détection de boucles sont introduites pour améliorer la performance du réseau. L’utilisation de la longueur des files d’attente des nœuds intermédiaires comme critère de qualité de lien est étudiée et la compatibilité entre routage à chemins multiples et chemin unique est discutée pour faciliter le déploiement du protocole. Les simulations basées sur les logiciels NS2 et Qualnet sont effectuées pour tester le routage MP-OLSR dans des scénarios variés. Une mise en œuvre a également été réalisée au cours de cette thèse avec une expérimentation sur le campus de Polytech’Nantes. Les résultats de la simulation et de l’expérimentation révèlent que MP-OLSR est particulièrement adapté pour les réseaux mobiles et denses avec des trafics élevés grâce à sa capacité à distribuer le trafic dans des chemins différents et à des fonctions auxiliaires efficaces. Au niveau application, le service vidéo H.264/SVC est appliqué à des réseaux ad hoc MP-OLSR. En exploitant la hiérarchie naturelle délivrée par le format H.264/SVC, nous proposons d’utiliser un codage à protection inégale (PFEC) basé sur la Transformation de Radon Finie (FRT) pour améliorer la qualité de la vidéo à la réception. Un outil appelé SVCEval est développé pour simuler la transmission de vidéo SVC sur différents types de réseaux dans le logiciel Qualnet. Cette deuxième étude témoigne de l’intérêt du codage à protection inégale dans un routage à chemins multiples pour améliorer une qualité d’usage sur des réseaux auto-organisés

Code offloading in opportunistic computing

With the advent of cloud computing, applications are no longer tied to a single device, but they can be migrated to a high-performance machine located in a distant data center. The key advantage is the enhancement of performance and consequently, the users experience. This activity is commonly referred computational offloading and it has been strenuously investigated in the past years. The natural candidate for computational offloading is the cloud, but recent results point out the hidden costs of cloud reliance in terms of latency and energy; Cuervo et. al. illustrates the limitations on cloud-based computational offloading based on WANs latency times. The dissertation confirms the results of Cuervo et. al. and illustrates more use cases where the cloud may not be the right choice. This dissertation addresses the following question: is it possible to build a novel approach for offloading the computation that overcomes the limitations of the state-of-the-art? In other words, is it possible to create a computational offloading solution that is able to use local resources when the Cloud is not usable, and remove the strong bond with the local infrastructure? To this extent, I propose a novel paradigm for computation offloading named anyrun computing, whose goal is to use any piece of higher-end hardware (locally or remotely accessible) to offloading a portion of the application. With anyrun computing I removed the boundaries that tie the solution to an infrastructure by adding locally available devices to augment the chances to succeed in offloading. To achieve the goals of the dissertation it is fundamental to have a clear view of all the steps that take part in the offloading process. To this extent, I firstly provided a categorization of such activities combined with their interactions and assessed the impact on the system. The outcome of the analysis is the mapping to the problem to a combinatorial optimization problem that is notoriously known to be NP-Hard. There are a set of well-known approaches to solving such kind of problems, but in this scenario, they cannot be used because they require a global view that can be only maintained by a centralized infrastructure. Thus, local solutions are needed. Moving further, to empirically tackle the anyrun computing paradigm, I propose the anyrun computing framework (ARC), a novel software framework whose objective is to decide whether to offload or not to any resource-rich device willing to lend assistance is advantageous compared to local execution with respect to a rich array of performance dimensions. The core of ARC is the nference nodel which receives a rich set of information about the available remote devices from the SCAMPI opportunistic computing framework developed within the European project SCAMPI, and employs the information to profile a given device, in other words, it decides whether offloading is advantageous compared to local execution, i.e. whether it can reduce the local footprint compared to local execution in the dimensions of interest (CPU and RAM usage, execution time, and energy consumption). To empirically evaluate ARC I presented a set of experimental results on the cloud, cloudlet, and opportunistic domain. In the cloud domain, I used the state of the art in cloud solutions over a set of significant benchmark problems and with three WANs access technologies (i.e. 3G, 4G, and high-speed WAN). The main outcome is that the cloud is an appealing solution for a wide variety of problems, but there is a set of circumstances where the cloud performs poorly. Moreover, I have empirically shown the limitations of cloud-based approaches, specifically, In some circumstances, problems with high transmission costs tend to perform poorly, unless they have high computational needs. The second part of the evaluation is done in opportunistic/cloudlet scenarios where I used my custom-made testbed to compare ARC and MAUI, the state of the art in computation offloading. To this extent, I have performed two distinct experiments: the first with a cloudlet environment and the second with an opportunistic environment. The key outcome is that ARC virtually matches the performances of MAUI (in terms of energy savings) in cloudlet environment, but it improves them by a 50% to 60% in the opportunistic domain

Impacto de mobilidade em encaminhamento centrado no utilizador

Doutoramento em Engenharia Eletrotécnica -TelecomunicaçõesRecent paradigms in wireless communication architectures describe environments where nodes present a highly dynamic behavior (e.g., User Centric Networks). In such environments, routing is still performed based on the regular packet-switched behavior of store-and-forward. Albeit sufficient to compute at least an adequate path between a source and a destination, such routing behavior cannot adequately sustain the highly nomadic lifestyle that Internet users are today experiencing. This thesis aims to analyse the impact of the nodes’ mobility on routing scenarios. It also aims at the development of forwarding concepts that help in message forwarding across graphs where nodes exhibit human mobility patterns, as is the case of most of the user-centric wireless networks today. The first part of the work involved the analysis of the mobility impact on routing, and we found that node mobility significance can affect routing performance, and it depends on the link length, distance, and mobility patterns of nodes. The study of current mobility parameters showed that they capture mobility partially. The routing protocol robustness to node mobility depends on the routing metric sensitivity to node mobility. As such, mobility-aware routing metrics were devised to increase routing robustness to node mobility. Two categories of routing metrics proposed are the time-based and spatial correlation-based. For the validation of the metrics, several mobility models were used, which include the ones that mimic human mobility patterns. The metrics were implemented using the Network Simulator tool using two widely used multi-hop routing protocols of Optimized Link State Routing (OLSR) and Ad hoc On Demand Distance Vector (AODV). Using the proposed metrics, we reduced the path re-computation frequency compared to the benchmark metric. This means that more stable nodes were used to route data. The time-based routing metrics generally performed well across the different node mobility scenarios used. We also noted a variation on the performance of the metrics, including the benchmark metric, under different mobility models, due to the differences in the node mobility governing rules of the models.Os paradigmas recentes de arquiteturas de comunicação sem fios consistem em ambientes onde os dispositivos apresentam um comportamento dinâmico (e.g., Redes Centradas no Utilizador). Nestes ambientes, o encaminhamento de dados ainda é realizado com base no comportamento de armazenamento e encaminhamento da comutação clássica de pacotes. Embora seja suficiente para calcular, pelo menos, um caminho adequado entre uma origem e um destino, tal comportamento de encaminhamento não é adequado nas redes móveis e sem fios atuais. Esta tese tem como objetivo analisar o impacto da mobilidade dos utilizadores sobre os diferentes cenários de encaminhamento. A tese também visa o desenvolvimento de conceitos de encaminhamento que ajudam na distribuição de dados através de grafos, nos quais os vértices exibem padrões de mobilidade humana, como é o caso hoje em dia para a maior parte das redes sem fios centradas no utilizador. A primeira parte desta tese envolveu a análise do impacto da mobilidade dos utilizadores no encaminhamento, com a análise de que a mobilidade, para afetar o desempenho do encaminhamento, depende do comprimento do caminho entre a origem e o destino, da distância entre os dispositivos, e dos diferentes padrões de mobilidade. O estudo dos atuais parâmetros de mobilidade mostrou que eles capturam parcialmente a mobilidade dos utilizadores. A robustez dos protocolos de encaminhamento depende da sensibilidade das métricas no que concerne a esta mobilidade. Assim, foram concebidas métricas de encaminhamento baseadas na mobilidade dos utilizadores para aumentar a robustez do encaminhamento em relação à mobilidade. As duas categorias de métricas de encaminhamento criadas foram métricas que têm como base o tempo e a correlação espacial. Para a validação das métricas foram utilizados vários modelos de mobilidade, incluindo os modelos que imitam padrões de mobilidade humana. As métricas foram implementadas utilizando a ferramenta Network Simulator e considerando dois protocolos de encaminhamento por múltiplos saltos amplamente utilizados, o Optimized Link State Routing (OLSR) e o Adhoc On Demand Distance Vector (AODV). Com a utilização das métricas propostas observa-se que a frequência de realização de novos cálculos de caminhos de comunicação foi reduzida em relação à métrica de referência. Isto significa que foram usados caminhos mais estáveis para encaminhar dados. As métricas de encaminhamento baseadas no tempo apresentam geralmente um bom desempenho nos diferentes cenários de mobilidade utilizados. Observou-se também uma variação no desempenho das métricas, incluindo a métrica de referência, nos diferentes modelos de mobilidade considerados, devido a diferenças nas regras de mobilidade dos utilizadores dos diferentes modelos