Real-time bot infection detection system using DNS fingerprinting and machine-learning

In today's cyberattacks, botnets are used as an advanced technique to generate sophisticated and coordinated attacks. Infected systems connect to a command and control (C&C) server to receive commands and attack. Thus, detecting infected hosts makes it possible to protect the network's resources and prevent them from illicit activities toward third parties. This research elaborates on the design, implementation, and results of a bot infection detection system based on Domain Name System (DNS) traffic events for a network corporation. An infection detection feasibility analysis is performed by creating fingerprints. The traces are generated from a numerical analysis of 13 attributes. These attributes are obtained from the DNS logs of a DNS server. It looks for fingerprint anomalies using Isolation Forest to label a host as infected or not. In addition, on the traces cataloged as anomalous, a search will be carried out for queries to domains generated by Domain Generation Algorithms (DGA). Then, Random Forest generates a model that detects future bot infections on hosts. The devised system integrates the ELK stack and Python. This integration facilitates the management, transformation, and storage of events, generation of fingerprints, machine learning application, and analysis of fingerprint classification results with a precision greater than 99%

PRAVDA: Pseudo Random Network Coding in Vanet for Data Download

International audienceThis paper introduces PRAVDA, a new approach for infrastructure based content distribution in a vehicular network. PRAVDA is built on broadcasting and pseudo random network coding. Its first strength is that, being broadcast based, it does not need any feedback channel and thus consumes very little throughput. Data is transmitted through network coding: multiple linear combinations of data are sent. A vehicle needs to receive a defined number of independent linear combinations to decode the data. The server will send a larger number of different linear combinations. The unreliability of broadcast is thus fought through a useful redundancy rather than through re-transmission. Finally, computation of the linear combination coefficients is done so that the overhead is the same as it would be without network coding

Map update application: Performance measurements on a highway scenario

International audienceRoad maps are important for several applications in vehicular networks. As a consequence, an updated map is essential for a proper behavior of such applications. In this paper, we focus on a map update application based on an infrastructure-to-vehicle communication with a high mobility. In order to understand the application's behavior, we analyze different performance criteria: System Goodput, Packet Delivery Ratio, Delay, Fairness, and Fragmentation. We compare the application's QoS behavior with three different flow densities (overloaded system, maximum system capacity, and under saturated system) and determinate a trade off between bandwidth (spectrum efficiency) and performance

5G networks: a review from the perspectives of architecture, business models, cybersecurity, and research developments

La tecnología 5G está transformando nuestras redes críticas, con implicaciones a largo plazo. Dado que 5G está en transición a una red puramente basada en software, las mejoras potenciales serán las actualizaciones de software, como la forma en que se actualizan los teléfonos inteligentes en la actualidad. Para la empresa global, la llegada de 5G sería disruptiva. Las soluciones largamente esperadas para una variedad de fallas en los sistemas clave de networking surgirán debido a la adopción de la red 5G. Además, las deficiencias de la tecnología en términos de contribuir al crecimiento empresarial y al éxito se pondrán de cabeza. La parte más complicada de la carrera 5G real es reestructurar la forma en que protegemos la red más crítica del siglo XXI y el ecosistema de dispositivos y aplicaciones que surgen de esa red debido a las vulnerabilidades cibernéticas del software. Las nuevas tecnologías habilitadas por las nuevas aplicaciones que se ejecutan en redes 5G tienen mucho potencial. Sin embargo, a medida que avanzamos hacia un futuro conectado, se debe prestar igual o mayor atención a la protección de esos enlaces, computadoras y aplicaciones. En este artículo se abordan los aspectos clave de la estandarización y la arquitectura 5G. También se proporciona un resumen detallado de los modelos comerciales de redes 5G, casos de uso y ciberseguridad. Además, se realiza un estudio de métodos de simulación por computadora y bancos de pruebas para la investigación y el desarrollo de posibles propuestas de redes 5G, que son elementos que rara vez se abordan en estudios y artículos de revisión actuales.5G technology is transforming our critical networks, with long-term implications. Since 5G is transitioning to a purely software-based network, potential improvements will be software updates, like how smartphones are upgraded. For the global enterprise, the 5G arrival would be disruptive. Long-awaited solutions to various flaws in critical networking systems will arise due to 5G network adoption. Furthermore, the shortcomings of technology in contributing to business growth and success would be turned on their heads. The more complicated part of the actual 5G race is retooling how we protect the most critical network of the twenty-first century and the ecosystem of devices and applications that sprout from that network due to cyber software vulnerabilities. The new technologies enabled by new applications running on 5G networks have much potential. However, as we move toward a connected future, equal or more attention should be paid to protecting those links, computers, and applications. We address critical aspects of 5G standardization and architecture in this article. We also provide a detailed summary of 5G network business models, use cases, and cybersecurity. Furthermore, we perform a study of computer simulation methods and testbeds for the research and development of potential 5G network proposals, which are elements that are rarely addressed in current surveys and review articles

Aplicación de tecnologías inalámbricas al monitoreo climatológico en la cuenca del Río Paute

El Programa para el Manejo del Agua y Suelo (PROMAS) de la Universidad de Cuenca, realiza investigación y consultoría en el campo de monitoreo y conservación de recursos hídricos. Dicho programa requiere principalmente el monitoreo de varias variables mediante la utilización de estaciones meteorológicas. Desde sus inicios, el programa ha desplegado alrededor de 130 estaciones en un área de interés geográfica extensa, que comprende desde el sector del Cajas en la provincia del Azuay hasta la provincia del Cañar. Las estaciones meteorológicas guardan las variables de interés en su memoria interna y por tanto, la obtención de los datos recopilados por los distintos sensores para su análisis requiere el desplazamiento del personal hacia los sitios, que en su mayoría son de difícil acceso y por tanto se hacen con una periodicidad de entre 30 y 45 días. En este contexto, el presente artículo describe los avances de un proyecto en curso que tiene como principal objetivo el de dotar a las estaciones meteorológicas con la capacidad de transmisión inalámbrica de los datos recopilados por los sensores en tiempo real hacia el centro de datos del Promas ubicado en el campus de la Universidad de Cuenc

Periurban urbanization and travel choice behaviour: problem or solution?

En las ciudades del siglo XXI, un diseño urbano adecuado representa una gran oportunidad para reducir la cantidad de viajes y distancias recorridas. También se sabe que mejorar el diseño de la ciudad y las redes de transporte podría reducir las emisiones de carbono más que reemplazar todos los combustibles fósiles con energías renovables. Con estos antecedentes, parece fundamental centrarse en la relación sistémica entre las formas urbanas y los comportamientos de elección de viaje. En el caso de la ciudad de Cuenca (Ecuador) en los últimos 5 años, se han construido más de 70 urbanizaciones y condominios monofuncionales, muchos de ellos comunidades cerradas, fuera de los límites urbanos. Esta forma de urbanización es apoyada tanto por promotores públicos como privados. Debido a esta situación, este proyecto de investigación busca determinar la relación entre la ubicación de estas urbanizaciones y condominios, con el comportamiento de elección de viaje de los usuarios. Se utilizaron sistemas de información geográfica, metodología Q, diarios de viaje y métodos cualitativos para la recopilación de datos y la representación espacial. Se encontraron tres discursos, personas que preferían la proximidad a la naturaleza y los espacios abiertos, otros que daban más importancia a la movilidad eficiente y los últimos para quienes la seguridad era el aspecto más importante. Este trabajo abre posibilidades para futuras investigaciones sobre la importancia de la forma urbana para la planificación sostenible y la movilidad. otros que dieron más importancia a la movilidad eficiente y los últimos para quienes la seguridad fue el aspecto más importante. Este trabajo abre posibilidades para futuras investigaciones sobre la importancia de la forma urbana para la planificación sostenible y la movilidad. otros que dieron más importancia a la movilidad eficiente y los últimos para quienes la seguridad fue el aspecto más importante. Este trabajo abre posibilidades para futuras investigaciones sobre la importancia de la forma urbana para la planificación sostenible y la movilidad.In 21st century cities, an adequate urban design represents a great opportunity to reduce the number of trips and distances travelled. It is also known that improving city design and transportation networks could reduce carbon emissions more than replacing all fossil fuels with renewable energies. With this background, it seems fundamental to focus on the systemic relationship between urban forms and travel choices behaviours. In the case of the city of Cuenca (Ecuador,) in the last 5 years, more than 70 mono-functional urbanization and condos, many of them being gated-communities, have been built outside the urban limits. These form of urbanization is supported both by public and private promoters. Due to this situation, this research project seeks to determine the relationship between the location of these urbanizations and condos, with the travel choice behaviour of users. Geographic information systems, Q …Prag

Comparison of an Improved Metaheuristic and Mathematical Optimization Based Methods to Solve the Static AC TNEP Problem

The complexity of current and future electricity networks demands the use of more accurate models to solve the Transmission Network Expansion Planning (TNEP) problem. To deal with this issue, formulations based on AC network equations have been proposed by the research community. Although the AC formulations exist, they do not work with problems with a large number of candidate transmission paths, different planning scenarios due to convergence issues or infeasible solutions. Also, it has been difficult for the power system community to be aware of the real advantages and disadvantages of the existing approaches due to the lack of rigorous and fair comparisons among them. In this research work, a full non-convex AC formulation to solve the TNEP problem is proposed. It considers in an integrated fashion reactive power expansion, the contingency criterion and operational costs. The formulation is solved by an improved non-convex optimization algorithm in a two-stage approach. Also, a fair and rigorous quantitative and qualitative comparison among the proposed approach and other state-of-art metaheuristics and mathematical programming methods has been performed. Simulation results show that the proposed formulation and solution method are superior to other approaches with respect to reliability and suitability for cases with large search spaces and different scenarios. Results are shown for four test systems, namely the Garver 6-bus system, the IEEE 24-bus system, the IEEE 118-bus system, and a modified version of the IEEE 300-bus system. IEE

a simple mapping methodology of gait biomechanics for walking control of a biped robot

This research presents a simple mapping methodology for gait biomechanics of a human being into joint angles of a 10 degrees of freedom (DOF) biped robot. The joint angles are mapped by considering the zero moment point (ZMP) criterion. The walking control of the robot is performed by an optimal state feedback controller. The walking trajectories are planned in the sagittal plane, and they are generated in compliance with the ZMP of the robot - keeping the robot within the support polygon - by dividing the control process in two stages: unique support and double support. A linear inverted pendulum model (LIPM) is used as an approximate single mass model of the robot during gait. Results of this research include simulation-based analysis and real-time implementation results, which show accurate robot movements with limited robustness under slippery platforms. © 2018 IEEE.This research presents a simple mapping methodology for gait biomechanics of a human being into joint angles of a 10 degrees of freedom (DOF) biped robot. The joint angles are mapped by considering the zero moment point (ZMP) criterion. The walking control of the robot is performed by an optimal state feedback controller. The walking trajectories are planned in the sagittal plane, and they are generated in compliance with the ZMP of the robot - keeping the robot within the support polygon - by dividing the control process in two stages: unique support and double support. A linear inverted pendulum model (LIPM) is used as an approximate single mass model of the robot during gait. Results of this research include simulation-based analysis and real-time implementation results, which show accurate robot movements with limited robustness under slippery platforms. © 2018 IEEE.Lim

Evaluation of LoRaWAN transmission range for wireless sensor networks in riparian forests.

© 2019 Copyright held by the owner/author(s). Publication rights licensed to ACM. Low power wide area networks (LPWAN) such as long range wide area networks (LoRaWAN), provide several advantages on monitoring systems development in forested environments due to its simple set-up, low cost, low power consumption, and wide coverage. Regarding the coverage area, the transmission in forested environments can be highly attenuated by foliage and must be defined to optimize the number of nodes. This paper discusses an empirical study of LoRa with LoRaWAN transmission range in riparian forests, based on path-loss modeling, using both received signal strength indicator (RSSI) and signal-to-noise-ratio (SNR). The measurements have been conducted in the riparian forest of three local rivers at urban, semi-urban, and rural environments located in the city of Cuenca, Ecuador. The measurement results found that there is a significant distribution difference among measurement places, a high correlation between two banks of the same river, a higher standard deviation in urban measurements and a larger coverage in rural areas.© 2019 Copyright held by the owner/author(s). Publication rights licensed to ACM. Low power wide area networks (LPWAN) such as long range wide area networks (LoRaWAN), provide several advantages on monitoring systems development in forested environments due to its simple set-up, low cost, low power consumption, and wide coverage. Regarding the coverage area, the transmission in forested environments can be highly attenuated by foliage and must be defined to optimize the number of nodes. This paper discusses an empirical study of LoRa with LoRaWAN transmission range in riparian forests, based on path-loss modeling, using both received signal strength indicator (RSSI) and signal-to-noise-ratio (SNR). The measurements have been conducted in the riparian forest of three local rivers at urban, semi-urban, and rural environments located in the city of Cuenca, Ecuador. The measurement results found that there is a significant distribution difference among measurement places, a high correlation between two banks of the same river, a higher standard deviation in urban measurements and a larger coverage in rural areas.Miam

Un sistema de diagnóstico auxiliar basado en k-means para la evaluación de la resistencia a la insulina en personas mayores de las tierras altas ecuatorianas

La falta de valores de corte estandarizados para los métodos sustitutos para diagnosticar la resistencia a la insulina (IR) y el hecho de que la sensibilidad de estos métodos se hayan estudiado en poblaciones específicas ha limitado su uso en la rutina clínica. Desarrollamos un sistema que podría ayudar al diagnóstico de IR en personas de edad avanzada, analizando cuatro métodos sustitutos de estimación de IR utilizando un algoritmo de agrupación de k-medias. Los sujetos del estudio incluyeron 119 participantes no diabéticos mayores de 65 años de las tierras altas ecuatorianas. Los análisis de sangre incluyeron una tolerancia a la prueba de glucosa oral de dos puntos. El algoritmo de agrupamiento k-means se aplicó en experimentos unidimensionales para Homa-IR, Quicki, Avignon y Matsuda. La población se dividió en tres grupos: C N con valores normales, C IR con IR y C acon valores en el medio. El número de individuos clasificados en cada C Ir fue muy diferente según cada método. Con los valores de corte obtenidos, para cada método, se desarrolló el sistema para la evaluación de IR en personas mayores. Nuestro trabajo está destinado a ayudar a los médicos en la detección temprana de IR mediante el uso de información de diversos métodos. © 2017 IEEE.The lack of standardized cut-off values for the surrogate methods to diagnose Insulin resistance (IR) and the fact that the sensitivity of these methods have been studied in specific populations have limited their use in clinical routine. We developed a system that could aide to diagnosis IR in elderly people, analyzing four surrogate methods of IR estimation using a k-means clustering algorithm. Study subjects included 119 nondiabetic participants over 65 year old from Ecuadorian highlands. Blood tests included a two-point oral glucose test tolerance. The k-means clustering algorithm, was applied in one-dimensional experiments for the Homa-IR, Quicki, Avignon and Matsuda. The population was divided into three clusters: C N with normal values, C IR with IR and C a with values in between. The number of individuals classified in each C Ir was very different according to each method. With the cut-off values obtained, for each method, the system for the evaluation of IR in elderly people was developed. Our work is intended to aid physicians in the early detection of IR by using information from diverse methods.Salina