Towards a robust, effective and resource-efficient machine learning technique for IoT security monitoring.

Internet of Things (IoT) devices are becoming increasingly popular and an integral part of our everyday lives, making them a lucrative target for attackers. These devices require suitable security mechanisms that enable robust and effective detection of attacks. Machine learning (ML) and its subdivision Deep Learning (DL) methods offer a promise, but they can be computationally expensive in providing better detection for resource-constrained IoT devices. Therefore, this research proposes an optimization method to train ML and DL methods for effective and efficient security monitoring of IoT devices. It first investigates the feasibility of the Light Gradient Boosting Machine (LGBM) for attack detection in IoT environments, proposing an optimization procedure to obtain its effective counterparts. The trained LGBM can successfully discern attacks and regular traffic in various IoT benchmark datasets used in this research. As LGBM is a traditional ML technique, it may be difficult to learn complex network traffic patterns present in IoT datasets. Therefore, we further examine Deep Neural Networks (DNNs), proposing an effective and efficient DNN-based security solution for IoT security monitoring to leverage more resource savings and accurate attack detection. Investigation results are promising, as the proposed optimization method exploits the mini-batch gradient descent with simulated micro-batching in building effective and efficient DNN-based IoT security solutions. Following the success of DNN for effective and efficient attack detection, we further exploit it in the context of adversarial attack resistance. The resulting DNN is more resistant to adversarial samples than its benchmark counterparts and other conventional ML methods. To evaluate the effectiveness of our proposal, we considered on-device learning in federated learning settings, using decentralized edge devices to augment data privacy in resource-constrained environments. To this end, the performance of the method was evaluated against various realistic IoT datasets (e.g. NBaIoT, MNIST) on virtual and realistic testbed set-ups with GB-BXBT-2807 edge-computing-like devices. The experimental results show that the proposed method can reduce memory and time usage by 81% and 22% in the simulated environment of virtual workers compared to its benchmark counterpart. In the realistic testbed scenario, it saves 6% of memory footprints with a reduction of execution time by 15%, while maintaining a better and state-of-the-art accuracy

Router-based network traffic observation by terminal sliding mode control theory

Since the early days of the Internet, network traffic monitoring (NTM) has always played a strategic role in understanding and characterizing users’ activities. Nowadays, with the increased complexity of the Internet infrastructure, applications, and services, this role has become more crucial than ever. The aims of NTM are mainly focused on the three improvements, which include the quality of service (QoS) of the network, optimization of resource usage, and enhancement of security in computer networks. Specifically speaking, firstly, network conditions can be recognized by the network manager with NTM scheme. It provides the complete details about the QoS of networks, such as bandwidth, throughput, propagation delay, link availability, jitter, server memory, database space and etc. Secondly, with NTM being implemented at network nodes, i.e., network gateways, such as routers, or network links, the network traffic that is traversing the network is under online observation. Thereby, the network utilization can be improved by optimizing the resource usage to avoid the network congestions. Thirdly, unauthenticated service or approaches to the server will be identified by regularly monitoring the traffic. The network convention and statistics about the traffic will be known easily which helps to troubleshoot the network. Security events will also be investigated and the entry of the user will be maintained for responsibility. The work in this thesis focuses on the development of an intelligent real-time dynamic router-based network traffic observation (RNTO) by using the terminal sliding-mode theory. The RNTO technique is applied at network gateways, i.e., routers, to estimate the status of the traffic flows at the router level. The aims of the proposed RNTO technique is to estimate the traffic states, such as queue length (QL)in router buffer, average congestion window size (ACwnd), and the queuing dynamics of the additional traffic flows (ATF). The main contributions of the work can be broadly categorized into four parts. First, the problem of router-based network traffic monitoring is formulated as an observer design by using TSM theory for RNTO applications. The proposed TSM observer in the research is a network-based monitoring, which is implemented into the network gateways, i.e., network routers. Different from the static network traffic monitoring methods, the TSM observer is designed by using control methods based on the fluid-flow mathematical model, which represents the traffic dynamics of the interactions in a set of TCP traffic flows through network routers. By considering the time delay and stochastic properties in the data transmission network, the sliding-mode observation strategy is proposed with its high robustness with system parameter uncertainties as well as the external disturbance rejection. Given the natural weakness of chattering in sliding mode control signal, which can affect the system state, the chattering avoiding technique of the proposed TSM observation was utilized by using a smooth control signal for estimating the abnormal dynamics. It does not need any low-pass filler, which will lead to a phase leg. In addition, for the stochastic dynamics of the network traffics, fast transient convergence at a distance from and within a close range of the equilibrium of the traffic dynamics is essential to quickly capture traffic dynamics in network systems. Thus, a fractional term has been considered in the TSM for faster convergence in system states to efficiently estimate the traffic behaviors. Second, the issue of internal dynamics in network observation system is studied by proposing a novel full-order TSM strategy to speed up the convergence rate of the estimation error. In the RNTO scheme, the precise estimation for ACwnd is needed to estimate the queuing dynamics of ATF. However, the estimation error for ACwnd is not available and it converges to origin asymptotically, which results in a long response time in estimation. The proposed novel TSM observer has been designed to drive the estimation error for ACwnd to a defined known area in the finite-time, which can be calculated. Thereby, the estimation error of ACwnd can converge to origin asymptotically within the defined area. This strategy has shortened the response time and improves the estimation accuracy. This further improves the estimation accuracy for ATF. The comparative studies are conducted to evaluate the performance. Third, the issue of algorithm-efficient RNTO is investigated by considering an event triggered sliding-mode observer to reduce the computational load and the communication burden. Instead of the time-driven observation scheme, the control of the sliding mode observer is formulated under the event triggered scheme. The control of the observer is designed to be smooth and is directly applied to estimate the dynamics of the additional traffic flows. The event triggered observation algorithms is developed to reduce the computational load of the network router and the communication resource of output link in the network. Fourth, the problem of global RNTO is addressed by developing a fuzzy TSM observer by using fuzzy theory to achieve global operation under network uncertainties. The existing RNTO schemes are based on the linearization of a certain network conditions, i.e., a fixed number of TCP connections, which is a constant value N. Given the network suffers from time-varying fading, shadowing and interference and the data rate changes over time, the current methods proposed so far might not effectively and accurately monitor and estimate the traffic dynamics under network uncertainties. The T-S fuzzy models are used to model the traffic dynamics of the time-varying data changes in network link resources, i.e. the time-varying number of TCP sections, N(t) in a mathematical model. Based on the T-S fuzzy models, the fuzzy terminal sliding mode observer is established by using the fuzzy logic theory to estimate the states of the network traffic to achieve the global observation performance under the network uncertainties. In the fuzzy terminal sliding mode observer, the control signal is designed to be continuous for application of estimating the additional traffic flows without the low-pass filter. To evaluate the proposed RNTO technique, the networking simulator tool Network Simulator II (NS-II) has been used. The proposed RNTO algorithms are coded and implemented into network routers in NS-II. Numerous simulation scenarios are considered and performed. The comparative studies are also conducted by analyzing the NS-2 results. The results have demonstrated the effectiveness and efficiency of the proposed RNTO algorithms

Biztonság és jog: Konferenciakötet

Mindig is jelentős tudományos teher nehezedett azon kutatókra a társadalomtudományok terén, akik a „biztonság” – mint általános koncepció fogalmát - gazdasági, jogi, vagy iparági, szűk körben értelemezett szakmai szempontok alapján kívánták meghatározni. A jogtudományok területén a biztonság hiánya számos álláspont szerint egyfajta fenyegetést, veszélyt, kárt, hátrányt jelent, így maga a „biztonság” egy sajátos védelmi, konzervációs állapotot testesít meg. Így az értelmezés terén a joggyakorlatban gyakran alkalmazott ún. negatív megközelítés szolgálhat kiindulópontként tekintettel arra, hogy a biztonság fogalma legegyszerűbben annak hiányán keresztül értelmezhető. Figyelemmel a jogi értelemben vett biztonság multilaterális jellegére, ahogyan a gazdasági -, úgy szükségszerűen a jogi érdekek esetleges sérelme sem zárható ki teljes mértékben, tekintettel a fogalom relatív jellegére. Ugyanakkor az ember, mint jogalany biztonságát holisztikus megközelítéssel a személyét, valamint anyagi javait érő valamennyi fenyegetést és sérelmet figyelembe vevő, egymásra épülő megközelítés útján lehetséges értelmezni. A negyedik ipari forradalom következtében a fentiek alapján vett biztonság kérdésköre új dimenzót jelentve számottevő mértékben az online térben jelenik meg. Dinamikáját tekintve e kérdéskör - az információs-kommunikációs technológiák fejlődésével, különösen a jelenlegi COVID-19 okozta pandemiás helyzet kapcsán bekövetkezett változások okán – a korábbiakhoz képest jelentősen felgyorsult. A jelenlegi tudományos, műszaki és gazdasági fejlődés szintje, az ún. „state of art” új igényeket és jelenleg még nem ismert kockázatokat, kihívásokat generál. A konferencia 2020. december 8-án a fent részletezett aktualitásokra figyelemmel a Pécsi Tudományegyetem Állam-és Jogtudományi Kar Kriminológia és Büntetés-végrehajtási Jogi Tanszéke által került megszervezésre a biztonságpolitika területén folytatott kutatási munka hagyományának további ápolásaként. Az előadások anyagát jelen kötetünkben az Olvasó szíves figyelmébe ajánljuk.2020.12.0

Safe and Efficient Intelligent Intersection Control of Autonomous Vehicles

In this dissertation, we address a problem of safe and efficient intersection crossing traffic management of autonomous and connected ground traffic. Toward this objective, we propose several algorithms to handle different traffic environments. First, an algorithm that is called the Discrete-time occupancies trajectory (DTOT) based Intersection traffic Coordination Algorithm (DICA) is proposed. All vehicles in the system are Connected and Autonomous Vehicles (CAVs) and capable of wireless Vehicle-to-Intersection communication. The main advantage of DICA is that it enables us to utilize the intersection space more efficiently resulting in less delay for vehicles to cross the intersection. In the proposed framework, an intersection coordinates the motions of CAVs based on their proposed DTOTs to let them cross the intersection efficiently while avoiding collisions. In case when there is a potential collision between vehicles\u27 DTOTs, the intersection modifies conflicting DTOTs to avoid the collision and requests CAVs to approach and cross the intersection according to the modified DTOTs. We also prove that the basic DICA is deadlock free and starvation free. We show that the basic DICA has a computational complexity of O(n2 L3m) where n is the number of vehicles granted to cross an intersection and Lm is the maximum length of intersection crossing routes. To improve the overall computational efficiency of the algorithm, the basic DICA is enhanced by several computational techniques. The enhanced algorithm has a reduced computational complexity of O(n2 Lm log2 Lm). The problem of evacuating emergency vehicles as quickly as possible through autonomous and connected intersection traffic is also addressed in this dissertation. The proposed Reactive DICA aims to determine an efficient vehicle-passing sequence which allows the emergency vehicle to cross an intersection as soon as possible while the travel times of other normal vehicles are minimally affected. When there are no emergency vehicles within the intersection area, the vehicles are controlled by DICA. When there are emergency vehicles entering communication range, we prioritize emergency vehicles through the optimal ordering of vehicles. Since the number of possible vehicle-passing sequences increases rapidly with the number of vehicles, finding an efficient sequence of vehicles in a short time is the main challenge of the study. A genetic algorithm is proposed to solve the optimization problem which finds the optimal vehicle sequence in real time that gives the emergency vehicles the highest priority. We then address an optimization problem of autonomous intersection control which provides the optimal trajectory for every entering vehicle. Based on the algorithm DICA, we improve the conservative way of trajectory generation which is the key part of DICA to be an optimization approach using mixed integer programming. The new algorithm is named Mixed integer programming based Intersection Coordination Algorithm (MICA) with the objective of maximizing the final position of a new head vehicle over a fixed time interval. Constraints from space conflicting vehicles are modeled using binary variables to represent the vehicle\u27s future crossing behavior. The influence of immediate front vehicles of the vehicle of interest is also modeled as constraints in the problem formulation to obtain a feasible optimal trajectory while potential collisions are safely avoided. Finally, based on MICA, we propose a novel vehicle-intersection interaction mechanism MICACO which is designed to handle imperfect communication, i.e., message delay and loss. To ensure the successful delivery of messages, we add two more message types and corresponding simple rules. State machines of intersection and vehicles are designed properly to ensure the safety of every vehicle. We verify the efficiency of the proposed algorithms through simulations using SUMO. The simulation results show that DICA performs better than another existing intersection management scheme: Concurrent Algorithm in [1]. The overall throughput, as well as the computational efficiency of the computationally enhanced DICA, are also compared with those of an optimized traffic light control. The efficiency of the proposed Reactive DICA is validated through comparisons with DICA and a reactive traffic light algorithm. The results show that Reactive DICA is able to decrease the travel times of emergency vehicles significantly in light and medium traffic volumes without causing any noticeable performance degradation of normal vehicles. The simulation results show that MICA is able to reduce congestions of an intersection significantly compared with DICA. We also show MICACO\u27s performance through comparisons with MICA and an optimized traffic light

Melhoria do desempenho em sistemas de escalonamento-Híbrido SJF/FIFO através da gestão do tamanho de jobs

Orientadores: Michel Daoud Yacoub, Edson Luiz UrsiniTese (doutorado) - Universidade Estadual de Campinas, Faculdade de Engenharia Elétrica e de ComputaçãoResumo: Esta tese propõe um método de simulação discreta para planejar e gerenciar o desempenho de sistemas de filas M/G/1 de relativa complexidade. O sistema é formado por servidores em paralelo submetidos a mudanças dinâmicas entre as políticas de escalonamento SJF e FIFO. O tráfego de entrada de entidades é aleatório com oscilações até a sobrecarga do sistema. As entidades são formadas por multiplas classes de jobs e cada servidor processa uma única classe desses jobs. O método gerencia o desempenho das classes de jobs que provocam perda no desempenho do sistema por atrasos no tempo médio de residência. O modelo de simulação obtém o tempo médio de residência relativo de cada classe de job para calcular o atraso relativo dessas classes no atraso total do sistema. Os jobs que ultrapassam os limites dos requisitos podem ser gerenciados, e.g., direcionados para outros servidores, ou serem bloqueados temporária ou definitivamente. Como exemplo de um problema complexo, apresentamos um estudo de caso logístico de carregamento e movimentação de cargas dentro da área de produção industrial. As cargas são formadas por múltiplas classes de produtos simultaneamente carregados em diferentes servidores. A implementação desse modelo logístico é iniciada com um modelo reconhecido e validado e prossegue com pequenos incrementos validados até a representação de um modelo o mais próximo possível da realidade. A técnica de Escalonamento Híbrido de Sistemas com Gestão do Tamanho de Jobs permite a mudança dinâmica de políticas de escalonamento do sistema entre SJF e FIFO, ainda que sujeita a variações abruptas de tráfego de entrada. Essa técnica é efetiva para reduzir os tempos médios, conter os tempos máximos e habilitar a identificação dos jobs que provocam atrasos, permitindo dessa forma, ações de gestão para mitigar resultados indesejadosAbstract: This thesis proposes a discrete-event simulation method to plan and manage the performance of M/G/1 queuing systems of relative complexity. The system has parallel servers undergoing dynamic changes under system instabilities (e.g., spontaneous oscillations of the incoming traffic to the system overload). Entities have multi classes of jobs and each server performs a single class of this jobs. The method manages the size of jobs that may cause loss of performance, e.g. the delays in average residence time. Performance management is carried out via the monitoring of the impact of classes of job sizes on the total system delay. Jobs that exceed a certain threshold value may then be managed accordingly, e.g. by moving them to different servers or by (temporarily or permanently) blocking them. We present a case study of loading and moving cargoes within an industrial production area. Each cargo consists of multiple product classes which are simultaneously loaded on different servers. This logistic-model implementation begins with a well-known validated model extended by small validated increments to better be able to represent the real-world. The technique of Improving the Performance of SJF/FIFO Hybrid-Scheduling Systems through the Management of Job Size under dynamic conditions, i.e. when subject to toggling SJF and FIFO policies and fluctuations of inbound traffic, has shown to be effective in the reduction of the time average, in the decrease of the mean time maximum, and in the identification of jobs that cause delays to the system, and thus enable the management of these jobs to mitigate unwanted system performanceDoutoradoTelecomunicações e TelemáticaDoutor em Engenharia Elétrica138.553/2014CAPE