Thirty Years of Machine Learning: The Road to Pareto-Optimal Wireless Networks

Future wireless networks have a substantial potential in terms of supporting a broad range of complex compelling applications both in military and civilian fields, where the users are able to enjoy high-rate, low-latency, low-cost and reliable information services. Achieving this ambitious goal requires new radio techniques for adaptive learning and intelligent decision making because of the complex heterogeneous nature of the network structures and wireless services. Machine learning (ML) algorithms have great success in supporting big data analytics, efficient parameter estimation and interactive decision making. Hence, in this article, we review the thirty-year history of ML by elaborating on supervised learning, unsupervised learning, reinforcement learning and deep learning. Furthermore, we investigate their employment in the compelling applications of wireless networks, including heterogeneous networks (HetNets), cognitive radios (CR), Internet of things (IoT), machine to machine networks (M2M), and so on. This article aims for assisting the readers in clarifying the motivation and methodology of the various ML algorithms, so as to invoke them for hitherto unexplored services as well as scenarios of future wireless networks.Comment: 46 pages, 22 fig

Unsupervised clustering for 5G network planning assisted by real data

The fifth-generation (5G) of networks is being deployed to provide a wide range of new services and to manage the accelerated traffic load of the existing networks. In the present-day networks, data has become more noteworthy than ever to infer about the traffic load and existing network infrastructure to minimize the cost of new 5G deployments. Identifying the region of highest traffic density in megabyte (MB) per km2 has an important implication in minimizing the cost per bit for the mobile network operators (MNOs). In this study, we propose a base station (BS) clustering framework based on unsupervised learning to identify the target area known as the highest traffic cluster (HTC) for 5G deployments. We propose a novel approach assisted by real data to determine the appropriate number of clusters k and to identify the HTC. The algorithm, named as NetClustering, determines the HTC and appropriate value of k by fulfilling MNO's requirements on the highest traffic density MB/km2 and the target deployment area in km2. To compare the appropriate value of k and other performance parameters, we use the Elbow heuristic as a benchmark. The simulation results show that the proposed algorithm fulfills the MNO's requirements on the target deployment area in km2 and highest traffic density MB/km2 with significant cost savings and achieves higher network utilization compared to the Elbow heuristic. In brief, the proposed algorithm provides a more meaningful interpretation of the underlying data in the context of clustering performed for network planningThis work was supported by the Spanish National Project IRENE-EARTH (PID2020-115323RB-C33/AEI/10.13039/501100011033

Modélisation formelle des systèmes de détection d'intrusions

L’écosystème de la cybersécurité évolue en permanence en termes du nombre, de la diversité, et de la complexité des attaques. De ce fait, les outils de détection deviennent inefficaces face à certaines attaques. On distingue généralement trois types de systèmes de détection d’intrusions : détection par anomalies, détection par signatures et détection hybride. La détection par anomalies est fondée sur la caractérisation du comportement habituel du système, typiquement de manière statistique. Elle permet de détecter des attaques connues ou inconnues, mais génère aussi un très grand nombre de faux positifs. La détection par signatures permet de détecter des attaques connues en définissant des règles qui décrivent le comportement connu d’un attaquant. Cela demande une bonne connaissance du comportement de l’attaquant. La détection hybride repose sur plusieurs méthodes de détection incluant celles sus-citées. Elle présente l’avantage d’être plus précise pendant la détection. Des outils tels que Snort et Zeek offrent des langages de bas niveau pour l’expression de règles de reconnaissance d’attaques. Le nombre d’attaques potentielles étant très grand, ces bases de règles deviennent rapidement difficiles à gérer et à maintenir. De plus, l’expression de règles avec état dit stateful est particulièrement ardue pour reconnaître une séquence d’événements. Dans cette thèse, nous proposons une approche stateful basée sur les diagrammes d’état-transition algébriques (ASTDs) afin d’identifier des attaques complexes. Les ASTDs permettent de représenter de façon graphique et modulaire une spécification, ce qui facilite la maintenance et la compréhension des règles. Nous étendons la notation ASTD avec de nouvelles fonctionnalités pour représenter des attaques complexes. Ensuite, nous spécifions plusieurs attaques avec la notation étendue et exécutons les spécifications obtenues sur des flots d’événements à l’aide d’un interpréteur pour identifier des attaques. Nous évaluons aussi les performances de l’interpréteur avec des outils industriels tels que Snort et Zeek. Puis, nous réalisons un compilateur afin de générer du code exécutable à partir d’une spécification ASTD, capable d’identifier de façon efficiente les séquences d’événements.Abstract : The cybersecurity ecosystem continuously evolves with the number, the diversity, and the complexity of cyber attacks. Generally, we have three types of Intrusion Detection System (IDS) : anomaly-based detection, signature-based detection, and hybrid detection. Anomaly detection is based on the usual behavior description of the system, typically in a static manner. It enables detecting known or unknown attacks but also generating a large number of false positives. Signature based detection enables detecting known attacks by defining rules that describe known attacker’s behavior. It needs a good knowledge of attacker behavior. Hybrid detection relies on several detection methods including the previous ones. It has the advantage of being more precise during detection. Tools like Snort and Zeek offer low level languages to represent rules for detecting attacks. The number of potential attacks being large, these rule bases become quickly hard to manage and maintain. Moreover, the representation of stateful rules to recognize a sequence of events is particularly arduous. In this thesis, we propose a stateful approach based on algebraic state-transition diagrams (ASTDs) to identify complex attacks. ASTDs allow a graphical and modular representation of a specification, that facilitates maintenance and understanding of rules. We extend the ASTD notation with new features to represent complex attacks. Next, we specify several attacks with the extended notation and run the resulting specifications on event streams using an interpreter to identify attacks. We also evaluate the performance of the interpreter with industrial tools such as Snort and Zeek. Then, we build a compiler in order to generate executable code from an ASTD specification, able to efficiently identify sequences of events

Quality of service and security in future mobile technologies

Future networks will comprise a wide variety of wireless networks. Users will expect to be always connected from any location, and, as users move, connections will be switched to available networks using vertical handover techniques. The current approach of the operators is a centralized network, and the mobility management is done at the infrastructure level. The decentralized mobility management is another approach developed in many researches, however, not widely deployed. We are interested in this type of decentralized mobility management, especially in a highly dynamic environment when the network topology changes frequently. We choose a particular case study, Vehicular Ad-hoc Networks (VANETs), which are a new emerging network technology derived from ad-hoc networks and are an example of future networks. In the field of Intelligent Transportation Systems (ITS), communications without a wire between vehicles (V2V) appear as an accident prevention solution offering a wider vision than conventional sensors. By linking vehicles to telecommunications network (V2I), new perspectives are offered both passengers and driver with conventional communication applications such as access Internet, e-learning, games or chat. This means that future mobile networks like VANETs will have to integrate communications, mobility, Quality of Service (QoS) and security. We mainly interested in three issues: mobility, QoS and security. These three issues are intrinsic to vehicles on motorway networks. We need to simultaneously manage QoS and security while taking into account users mobility. In this thesis, we propose to contribute on how to improve security without degrading the quality of service QoS in a highly mobile environment as VANETs networks. To answer this research question, we use simulations and experiments. Simulation using Network Simulator 2 (NS2) will be used to show that security schemes have significant impacts on the throughput QoS, and our proposed schemes can substantially improve the effective secure throughput with cooperative communications

Towards reliable geographic broadcasting in vehicular networks

In Vehicular ad hoc Networks (VANETs), safety-related messages are broadcasted amongst cars, helping to improve drivers' awareness of the road situation. VANETs’ reliability are highly affected by channel contention. This thesis first addresses the issue of channel use efficiency in geographical broadcasts (geocasts). Constant connectivity changes inside a VANET make the existing routing algorithms unsuitable. This thesis presents a geocast algorithm that uses a metric to estimate the ratio of useful to useless packet received. Simulations showed that this algorithm is more channel-efficient than the farthest-first strategy. It also exposes a parameter, allowing it to adapt to channel load. Second, this thesis presents a method of estimating channel load for providing feedback to moderate the offered load. A theoretical model showing the relationship between channel load and the idle time between transmissions is presented and used to estimate channel contention. Unsaturated stations on the network were shown to have small but observable effects on this relationship. In simulations, channel estimators based on this model show higher accuracy and faster convergence time than by observing packet collisions. These estimators are also less affected by unsaturated stations than by observing packet collisions. Third, this thesis couples the channel estimator to the geocast algorithm, producing a closed-loop load-reactive system that allows geocasts to adapt to instantaneous channel conditions. Simulations showed that this system is not only shown to be more efficient in channel use and be able to adapt to channel contention, but is also able to self-correct suboptimal retransmission decisions. Finally, this thesis demonstrates that all tested network simulators exhibit unexpected behaviours when simulating broadcasts. This thesis describes in depth the error in ns-3, leading to a set of workarounds that allows results from most versions of ns-3 to be interpreted correctly

WARDOG: Awareness detection watchbog for Botnet infection on the host device

Botnets constitute nowadays one of the most dangerous security threats worldwide. High volumes of infected machines are controlled by a malicious entity and perform coordinated cyber-attacks. The problem will become even worse in the era of the Internet of Things (IoT) as the number of insecure devices is going to be exponentially increased. This paper presents WARDOG – an awareness and digital forensic system that informs the end-user of the botnet’s infection, exposes the botnet infrastructure, and captures verifiable data that can be utilized in a court of law. The responsible authority gathers all information and automatically generates a unitary documentation for the case. The document contains undisputed forensic information, tracking all involved parties and their role in the attack. The deployed security mechanisms and the overall administration setting ensures non-repudiation of performed actions and enforces accountability. The provided properties are verified through theoretic analysis. In simulated environment, the effectiveness of the proposed solution, in mitigating the botnet operations, is also tested against real attack strategies that have been captured by the FORTHcert honeypots, overcoming state-of-the-art solutions. Moreover, a preliminary version is implemented in real computers and IoT devices, highlighting the low computational/communicational overheads of WARDOG in the field

Advances in Intelligent Vehicle Control

This book is a printed edition of the Special Issue Advances in Intelligent Vehicle Control that was published in the journal Sensors. It presents a collection of eleven papers that covers a range of topics, such as the development of intelligent control algorithms for active safety systems, smart sensors, and intelligent and efficient driving. The contributions presented in these papers can serve as useful tools for researchers who are interested in new vehicle technology and in the improvement of vehicle control systems

User-centric privacy preservation in Internet of Things Networks

Recent trends show how the Internet of Things (IoT) and its services are becoming more omnipresent and popular. The end-to-end IoT services that are extensively used include everything from neighborhood discovery to smart home security systems, wearable health monitors, and connected appliances and vehicles. IoT leverages different kinds of networks like Location-based social networks, Mobile edge systems, Digital Twin Networks, and many more to realize these services. Many of these services rely on a constant feed of user information. Depending on the network being used, how this data is processed can vary significantly. The key thing to note is that so much data is collected, and users have little to no control over how extensively their data is used and what information is being used. This causes many privacy concerns, especially for a na ̈ıve user who does not know the implications and consequences of severe privacy breaches. When designing privacy policies, we need to understand the different user data types used in these networks. This includes user profile information, information from their queries used to get services (communication privacy), and location information which is much needed in many on-the-go services. Based on the context of the application, and the service being provided, the user data at risk and the risks themselves vary. First, we dive deep into the networks and understand the different aspects of privacy for user data and the issues faced in each such aspect. We then propose different privacy policies for these networks and focus on two main aspects of designing privacy mechanisms: The quality of service the user expects and the private information from the user’s perspective. The novel contribution here is to focus on what the user thinks and needs instead of fixating on designing privacy policies that only satisfy the third-party applications’ requirement of quality of service

Performance of management solutions and cooperation approaches for vehicular delay-tolerant networks

A wide range of daily-life applications supported by vehicular networks attracted the interest, not only from the research community, but also from governments and the automotive industry. For example, they can be used to enable services that assist drivers on the roads (e.g., road safety, traffic monitoring), to spread commercial and entertainment contents (e.g., publicity), or to enable communications on remote or rural regions where it is not possible to have a common network infrastructure. Nonetheless, the unique properties of vehicular networks raise several challenges that greatly impact the deployment of these networks. Most of the challenges faced by vehicular networks arise from the highly dynamic network topology, which leads to short and sporadic contact opportunities, disruption, variable node density, and intermittent connectivity. This situation makes data dissemination an interesting research topic within the vehicular networking area, which is addressed by this study. The work described along this thesis is motivated by the need to propose new solutions to deal with data dissemination problems in vehicular networking focusing on vehicular delay-tolerant networks (VDTNs). To guarantee the success of data dissemination in vehicular networks scenarios it is important to ensure that network nodes cooperate with each other. However, it is not possible to ensure a fully cooperative scenario. This situation makes vehicular networks suitable to the presence of selfish and misbehavior nodes, which may result in a significant decrease of the overall network performance. Thus, cooperative nodes may suffer from the overwhelming load of services from other nodes, which comprises their performance. Trying to solve some of these problems, this thesis presents several proposals and studies on the impact of cooperation, monitoring, and management strategies on the network performance of the VDTN architecture. The main goal of these proposals is to enhance the network performance. In particular, cooperation and management approaches are exploited to improve and optimize the use of network resources. It is demonstrated the performance gains attainable in a VDTN through both types of approaches, not only in terms of bundle delivery probability, but also in terms of wasted resources. The results and achievements observed on this research work are intended to contribute to the advance of the state-of-the-art on methods and strategies for overcome the challenges that arise from the unique characteristics and conceptual design of vehicular networks.O vasto número de aplicações e cenários suportados pelas redes veiculares faz com que estas atraiam o interesse não só da comunidade científica, mas também dos governos e da indústria automóvel. A título de exemplo, estas podem ser usadas para a implementação de serviços e aplicações que podem ajudar os condutores dos veículos a tomar decisões nas estradas, para a disseminação de conteúdos publicitários, ou ainda, para permitir que existam comunicações em zonas rurais ou remotas onde não é possível ter uma infraestrutura de rede convencional. Contudo, as propriedades únicas das redes veiculares fazem com que seja necessário ultrapassar um conjunto de desafios que têm grande impacto na sua aplicabilidade. A maioria dos desafios que as redes veiculares enfrentam advêm da grande mobilidade dos veículos e da topologia de rede que está em constante mutação. Esta situação faz com que este tipo de rede seja suscetível de disrupção, que as oportunidades de contacto sejam escassas e de curta duração, e que a ligação seja intermitente. Fruto destas adversidades, a disseminação dos dados torna-se um tópico de investigação bastante promissor na área das redes veiculares e por esta mesma razão é abordada neste trabalho de investigação. O trabalho descrito nesta tese é motivado pela necessidade de propor novas abordagens para lidar com os problemas inerentes à disseminação dos dados em ambientes veiculares. Para garantir o sucesso da disseminação dos dados em ambientes veiculares é importante que este tipo de redes garanta a cooperação entre os nós da rede. Contudo, neste tipo de ambientes não é possível garantir um cenário totalmente cooperativo. Este cenário faz com que as redes veiculares sejam suscetíveis à presença de nós não cooperativos que comprometem seriamente o desempenho global da rede. Por outro lado, os nós cooperativos podem ver o seu desempenho comprometido por causa da sobrecarga de serviços que poderão suportar. Para tentar resolver alguns destes problemas, esta tese apresenta várias propostas e estudos sobre o impacto de estratégias de cooperação, monitorização e gestão de rede no desempenho das redes veiculares com ligações intermitentes (Vehicular Delay-Tolerant Networks - VDTNs). O objetivo das propostas apresentadas nesta tese é melhorar o desempenho global da rede. Em particular, as estratégias de cooperação e gestão de rede são exploradas para melhorar e optimizar o uso dos recursos da rede. Ficou demonstrado que o uso deste tipo de estratégias e metodologias contribui para um aumento significativo do desempenho da rede, não só em termos de agregados de pacotes (“bundles”) entregues, mas também na diminuição do volume de recursos desperdiçados. Os resultados observados neste trabalho procuram contribuir para o avanço do estado da arte em métodos e estratégias que visam ultrapassar alguns dos desafios que advêm das propriedades e desenho conceptual das redes veiculares

Collaborative Sensing in Automotive Scenarios : Enhancement of the Vehicular Electronic Horizon through Collaboratively Sensed Knowledge

Modern vehicles are equipped with a variety of advanced driver assistance systems that increase driving comfort, economy and safety. Respective information sources for these systems are local sensors, like cameras, radar or lidar. However, the next generation of assistant systems will require information above the local sensing range. An extension of the local perception can be provided by the use of appro- priate communication mechanisms. Hence, other vehicles can serve as an informa- tion source by providing their local perception data, but also any other information source, such as cloud services. Required communication can take place directly be- tween vehicles via mobile ad-hoc communication or via a backend by the use of cellu- lar communication. The appropriate technology depends on the respective use case, that determines information content, granularity and tolerated latency. Based on liter- ature, we derived a categorization of use case dependent information demands, with respect to communication. The resulting three zones, namely safety zone, awareness zone and information zone, refer to the tolerated latency between the occurrence of an information and the point in time the information has to be processed at the receiver side. While communication mechanisms for the safety zone, i. e., the ego-vehicle’s di- rect surroundings with a remaining driving time of less than 2 − 5 seconds, have been focus in research and standardization in the past, respective mechanisms for larger distances have not been sufficiently considered. In this thesis, we examine in- formation distribution mechanisms in context of the previously mentioned use case categories. As the first key contribution, we consider the gathering of vehicular sensed data with regard to the information zone, i. e., more than 30 seconds remaining driving time to the point of the information origin. We developed a probabilistic data collection model that is able to reduce data traffic up to 85 % compared to opportunistic trans- mission and still sticks to certain quality metrics, e. g., a maximum detection latency. A central adaption of transmission probabilities to the density of transmitting vehi- cles is applicable for cellular use and copes with sparse traffic situations. Moreover, we have extended this approach by hybrid communication, i. e., the parallel use of cellular and mobile ad-hoc communication. This allows to further reduce cellular based data traffic, in particular in case of dense traffic. As the second key contribution, we examine the efficient distribution of the pre- viously gathered information. Information is structured and prioritized according to the most probable driving path, as so-called electronic horizon. The transmission towards the vehicles is performed in small data packets, according to the given pri- orities. The aim is to transmit only information relevant for road segments that will be used. Concerning this, we developed a mechanism for most probable travel path estimation and a data structure for efficient mapping of the electronic horizon. As the third key contribution, we examine the information exchange in the aware- ness zone, an area between the safety zone and the information zone with about 5 to 30 seconds remaining driving time to the point of the information origin. Derived from the respective use cases, this data is not directly safety relevant, but it is still about dynamic position information of neighboring vehicles. Due to the relatively long distance, direct vehicle to vehicle communication is not possible. Respective data has to be forwarded by intermediate vehicles. However, position beacons with- out data forwarding can already cause channel congestion in dense traffic situations. The use of cellular networks would require absolute total network coverage with permanent free channel resources. To enable forwarding of dynamic vehicle infor- mation anyhow, we developed at first a mechanism to reduce the channel load for position beacons. Next, we use the freed-up bandwidth to forward dynamic informa- tion about neighboring vehicle positions. With this mechanism, we are able to more than double the range of vehicular perception, with respect to moving objects. In extension to standardized communication mechanisms for the safety relevant direct proximity, our three mentioned contributions provide the means to complete the long range vehicular perception for future advanced driver assistance systems