NFDLM: A Lightweight Network Flow based Deep Learning Model for DDoS Attack Detection in IoT Domains

In the recent years, Distributed Denial of Service (DDoS) attacks on Internet of Things (IoT) devices have become one of the prime concerns to Internet users around the world. One of the sources of the attacks on IoT ecosystems are botnets. Intruders force IoT devices to become unavailable for its legitimate users by sending large number of messages within a short interval. This study proposes NFDLM, a lightweight and optimised Artificial Neural Network (ANN) based Distributed Denial of Services (DDoS) attack detection framework with mutual correlation as feature selection method which produces a superior result when compared with Long Short Term Memory (LSTM) and simple ANN. Overall, the detection performance achieves approximately 99\% accuracy for the detection of attacks from botnets. In this work, we have designed and compared four different models where two are based on ANN and the other two are based on LSTM to detect the attack types of DDoS.Comment: 7 page

Utility-Based Mechanism for Structural Self-Organization in Service-Oriented MAS

Structural relations established among agents influence the performance of decentralized service discovery process in multiagent systems. Moreover, distributed systems should be able to adapt their structural relations to changes in environmental conditions. In this article, we present a service-oriented multiagent systems, where agents initially self-organize their structural relations based on the similarity of their services. During the service discovery process, agents integrate a mechanism that facilitates the self-organization of their structural relations to adapt the structure of the system to the service demand. This mechanism facilitates the task of decentralized service discovery and improves its performance. Each agent has local knowledge about its direct neighbors and the queries received during discovery processes. With this information, an agent is able to analyze its structural relations and decide when it is more appropriate to modify its direct neighbors and select the most suitable acquaintances to replace them. The experimental evaluation shows how this self-organization mechanism improves the overall performance of the service discovery process in the system when the service demand changesThis work is partially supported by the Spanish Ministry of Science and Innovation through grants CSD2007-0022 (CONSOLIDER-INGENIO 2010), TIN2012-36586-C03-01, TIN2012-36586-C03-01, TIN2012-36586-C03-02, PROMETEOII/2013/019, and FPU grant AP-2008-00601 awarded to E. Del Val.Del Val Noguera, E.; Rebollo Pedruelo, M.; Vasirani, M.; Fernández, A. (2014). Utility-Based Mechanism for Structural Self-Organization in Service-Oriented MAS. ACM Transactions on Autonomous and Adaptive Systems. 9(3):1-24. https://doi.org/10.1145/2651423S12493Sherief Abdallah and Victor Lesser. 2007. Multiagent reinforcement learning and self-organization in a network of agents. In Proceedings of the 6th International Conference on Autonomous Agents and Multiagent Systems. 172--179.Lada A. Adamic and Bernardo A. Huberman. 2002. Zipf’s law and the Internet. Glottometrics 3, 143--150.Muntasir Al-Asfoor, Brendan Neville, and Maria Fasli. 2012. Heuristic resource search in a self-organised distributed multi agent system. In Proceedings of the 6th International Workshop on Self-Organizing Systems. 84--89.Mathieu Aquin, Salman Elahi, and Enrico Motta. 2010. Personal monitoring of Web information exchange: Towards Web lifelogging. In Proceedings of the Web Science Conference.Ulrich Basters and Matthias Klusch. 2006. RS2D: Fast adaptive search for semantic Web services in unstructured p2p networks. In Proceedings of the International Semantic Web Conference. 87--100.Umesh Bellur and Roshan Kulkarni. 2007. Improved matchmaking algorithm for semantic Web services based on bipartite graph matching. In Proceedings of the International Semantic Web Conference. 86--93.Devis Bianchini, Valeria De Antonellis, and Michele Melchiori. 2009. Service-based semantic search in p2p systems. In Proceedings of the European Conference on Web Services. 7--16.Bartosz Biskupski, Jim Dowling, and Jan Sacha. 2007. Properties and mechanisms of self-organizing MANET and P2P systems. ACM Transactions on Autonomous and Adaptive Systems 2, 1, 1--34.Alberto Blanc, Yi-Kai Liu, and Amin Vahdat. 2005. Designing incentives for peer-to-peer routing. In Proceedings of the 24th Annual Joint Conference of the IEEE Computer and Communications Societies. 374--385.Michael Bowling and Manuela Veloso. 2002. Multiagent learning using a variable learning rate. Artificial Intelligence 136, 215--250.Frances M. T. Brazier, Jeffrey O. Kephart, H. Van Dyke Parunak, and Michael N. Huhns. 2009. Agents and service-oriented computing for autonomic computing: A research agenda. IEEE Internet Computing 13, 3, 82--87.Tyson Condie, Sepandar D. Kamvar, and Hector Garcia-Molina. 2004. Adaptive peer-to-peer topologies. In Proceedings of the 4th International Conference on Peer-to-Peer Computing. 53--62.Arturo Crespo and Hector Garcia-Molina. 2002. Routing indices for peer-to-peer systems. In Proceedings of the 22nd International Conference on Distributed Computing Systems. 23--32.Elena Del Val, Natalia Criado, Carlos Carrascosa, Vicente Julian, Miguel Rebollo, Estefania Argente, and Vicente Botti. 2010. THOMAS: A service-oriented framework for virtual organizations. In Proceedings of the 9th International Conference on Autonomous Agents and Multiagent Systems (AAMAS’10). 1631--1632.Elena Del Val, Miguel Rebollo, and Vicente Botti. 2011. Introducing homophily to improve semantic service search in a self-adaptive system. In Proceedings of the 10th International Conference on Autonomous Agents and Multiagent Systems. 1241--1242.Elena Del Val, Miguel Rebollo, and Vicente Botti. 2012a. Enhancing decentralized service discovery in open service-oriented multi-agent systems. Autonomous Agents and Multi-Agent Systems 28, 1, 1--30.Elena Del Val, Miguel Rebollo, and Vicente Botti. 2012b. Promoting cooperation in service-oriented MAS through social plasticity and incentives. Journal of Systems and Software 86, 2, 520--537.Gianni Di Caro, Frederick Ducatelle, and Luca Maria Gambardella. 2005. AntHocNet: An adaptive nature-inspired algorithm for routing in mobile ad hoc networks. European Transactions on Telecommunications 16, 443--455.Ding Ding, Lei Liu, and Hartmut Schmeck. 2010. Service discovery in self-organizing service-oriented environments. In Proceedings of the 2010 IEEE Asia-Pacific Services Computing Conference. 717--724.Sergey N. Dorogovtsev and Jose F. F. Mendes. 2003. Evolution of Networks: From Biological Nets to the Internet and WWW. Oxford University Press.Giovanna Di Marzo Serugendo, Marie-Pierre Gleizes, and Anthony Karageorgos. 2011. Self-Organizing Software: From Natural to Artificial Adaptation. Natural Computing Series.Erik Einhorn and Andreas Mitschele-Thiel. 2008. RLTE: Reinforcement learning for traffic-engineering. In Proceedings of the 2nd International Conference on Autonomous Infrastructure, Management, and Security. 120--133.Nelson Fernandez, Carlos Maldonado, and Carlos Gershenson. 2014. Information measures of complexity, emergence, self-organization, homeostasis, and autopoiesis. In Guided Self-Organization: Inception. Emergence, Complexity and Computation, Vol. 9. Springer, 19--51. DOI: http://dx.doi.org/10.1007/978-3-642-53734-9_2Jose Luis Fernandez-Marquez, Josep Lluis Arcos, and Giovanna Di Marzo Serugendo. 2012. A decentralized approach for detecting dynamically changing diffuse event sources in noisy WSN environments. Applied Artificial Intelligence 26, 4, 376--397. DOI: http://dx.doi.org/10.1080/08839514.2012.653659Agostino Forestiero, Carlo Mastroianni, and Michela Meo. 2009. Self-Chord: A bio-inspired algorithm for structured P2P systems. In Proceedings of the 9th IEEE/ACM International Symposium on Cluster, Cloud, and Grid Computing. 44--51.Matthew E. Gaston and Marie des Jardins. 2005. Agent-organized networks for multi-agent production and exchange. In Proceedings of the 20th AAAI Conference on Artificial Intelligence. 77--82.Nathan Griffiths and Michael Luck. 2010. Changing neighbours: Improving tag-based cooperation. In Proceedings of the 9th International Conference on Autonomous Agents and Multiagent Systems. 249--256.Peter Haase, Ronny Siebes, and Frank van Harmelen. 2008. Expertise-based peer selection in peer-to-peer networks. Knowledge and Information Systems 15, 1, 75--107.Philip N. Howard, Lee Rainee, and Steve Jones. 2001. Days and nights on the Internet. American Behavioural Scientist, 383--404.Bernardo A. Huberman and Lada A. Adamic. 2000. The nature of markets in the WWW. Quarterly Journal of Electronic Commerce 1, 5--12.Michael N. Huhns et al. 2005. Research directions for service-oriented multiagent systems. IEEE Internet Computing 9, 6, 65--70.Tomoko Itao, Tatsuya Suda, Tetsuya Nakamura, Miyuki Imada, Masato Matsuo, and Tomonori Aoyama. 2001. Jack-in-the-Net: Adaptive networking architecture for service emergence. In Proceedings of the Asian-Pacific Conference on Communications. 9.Emily M. Jin, Michelle Girvan, and Mark E. J. Newman. 2001. Structure of growing social networks. Physical Review E 64, 4, 046132.Sachin Kamboj and Keith S. Decker. 2007. Organizational self-design in semi-dynamic environments. In Proceedings of the 6th International Joint Conference on Autonomous Agents and Multiagent Systems. 335--337.Rahamatullah Khondoker, S. M. Taslim Arif, Nathan Kerr, and Dennis Schwerdel. 2011. Self-organizing communication services in future network architectures. In Proceedings of the 5th International Workshop on Self-Organizing Systems.Matthias Klusch, Benedikt Fries, and Katia Sycara. 2009. OWLS-MX: A hybrid Semantic Web service matchmaker for OWL-S services. Web Semantics Science Services and Agents on the World Wide Web 7, 2, 121--133.Dionisis Kontominas, Paraskevi Raftopoulou, Christos Tryfonopoulos, and Euripides G. M. Petrakis. 2013. DS4: A distributed social and semantic search system. Advances in Information Retrieval 7814, 832--836.Ramachandra Kota, Nicholas Gibbins, and Nicholas R. Jennings. 2012. Decentralized approaches for self-adaptation in agent organizations. ACM Transactions on Autonomous and Adaptive Systems 7, 1, Article No. 1.Paul Lazarsfeld. 1954. Friendship as a social process: A substantive and methodological analysis. In Freedom and Control in Modern Society. Van Nostrand, New York, NY.Paulo Leito. 2013. Towards self-organized service-oriented multi-agent systems. In Service Orientation in Holonic and Multi Agent Manufacturing and Robotics. Studies in Computational Intelligence, Vol. 472. Springer, 41--56.W. Sabrina Lin, Hong Vikcy Zhao, and K. J. Ray Liu. 2009. Incentive cooperation strategies for peer-to-peer live multimedia streaming social networks. IEEE Transactions on Multimedia 11, 3, 396--412.Sheila A. McIlraith, Tran Cao Son, and Honglei Zeng. 2001. Semantic Web services. IEEE Intelligent Systems 16, 2, 46--53.Miller McPherson, Lynn Smith-Lovin, and James Cook. 2001. Birds of a feather: Homophily in social networks. Annual Review of Sociology 27, 415--444.Vivek Nallur and Rami Bahsoon. 2012. A decentralized self-adaptation mechanism for service-based applications in the cloud. IEEE Transactions on Software Engineering 99, 591--612.Aris Ouksel, Yair Babad, and Thomas Tesch. 2004. Matchmaking software agents in B2B markets. In Proceedings of the 37th Annual Hawaii International Conference on System Sciences. 1--9.Massimo Paolucci, Takahiro Kawamura, Terry R. Payne, and Katia P. Sycara. 2002. Semantic matching of Web services capabilities. In Proceedings of the 1st International Semantic Web Conference. 333--347.Leonid Peshkin and Virginia Savova. 2002. Reinforcement learning for adaptive routing. In Proceedings of the 2002 International Conference on Neural Networks (IJCNN’02). 1825--1830.Paraskevi Raftopoulou and Euripides G. M. Petrakis. 2008. iCluster: A self-organizing overlay network for P2P information retrieval. In Proceedings of the 30th European Conference on Advances in Information Retrieval (ECIR’08). 65--76.Sharmila Savarimuthu, Maryam Purvis, Martin Purvis, and Bastin Tony Roy Savarimuthu. 2011. Mechanisms for the self-organization of peer groups in agent societies. In Multi-Agent-Based Simulation XI. Lecture Notes in Computer Science, Vol. 6532. Springer, 93--107.Giovanna Di Marzo Serugendo, Marie-Pierre Gleizes, and Anthony Karageorgos. 2005. Self-organization in multi-agent systems. Knowledge Engineering Review 20, 2, 165--189.Abdul Khalique Shaikh, Saadat M. Alhashmi, and Rajendran Parthiban. 2012. A semantic impact in decentralized resource discovery mechanism for grid computing environments. In Algorithms and Architectures for Parallel Processing. Lecture Notes in Computer Science, Vol. 7440. Springer, 206--216.Qixiang Sun and Hector Garcia-Molina. 2004. SLIC: A selfish link-based incentive mechanism for unstructured peer-to-peer networks. In Proceedings of the 24th International Conference on Distributed Computing Systems (ICDCS’04). 506--515.Mirko Viroli and Franco Zambonelli. 2010. A biochemical approach to adaptive service ecosystems. Information Sciences 180, 10, 1876--1892. DOI: http://dx.doi.org/10.1016/j.ins.2009.11.021Li Wang. 2011. SoFA: An expert-driven, self-organization peer-to-peer semantic communities for network resource management. Expert Systems with Applications 38, 1, 94--105.Kevin Werbach. 2000. Syndication—the emerging model for business in the Internet era. Harvard Business Review 78, 3, 84--93, 214.Tom Wolf and Tom Holvoet. 2005. Emergence versus self-organisation: Different concepts but promising when combined. In Engineering Self-Organising Systems. Lecture Notes in Computer Science, Vol. 3464. Springer, 1--15.Haizheng Zhang, W. Bruce Croft, Brian Levine, and Victor Lesser. 2004. A multi-agent approach for peer-to-peer based information retrieval system. In Proceedings of the 3rd International Conference on Autonomous Agents and Multiagent Systems, Vol. 1. 456--463.Ming Zhong. 2006. Popularity-biased random walks for peer-to-peer search under the square-root principle. In Proceedings of the 5th International Workshop on Peer-to-Peer Systems

Security analysis of security applications for software defined networks

Software Defined Networking (SDN) is a novel approach to allow configuration of networks in real time and a centralized manner. Likewise to legacy network architectures, security mechanisms are used to protect the network and the end-hosts within the network against attacks. While the properties of SDN allow to implement sophisticated security mechanism as extension of the centralized controllers, they also make the controllers and any extensions of its functionality a valuable target for attackers. This motivates to analyze the security of security applications for SDN. In this paper, two security applications namely, OpenFlow-Random Host Mutation and Resonance, are analyzed using STRIDE. It is shown that most threats for the two security applications can be mitigated by using existing security mechanisms. Furthermore, general suggestions that should be considered when designing security applications for SDN are derived

Security of Selected Future Internet Architectures: A Survey

The Internet faces many challenges in terms of flexibility (so called IP bottleneck) as well as host-centric addressing, mobility, self-configuration, self-monitoring, and security. Several Future Internet (FI) architectures have been proposed to address these challenges including eXpressive Internet Architecture (XIA), MobilityFirst, Named Data Networking (NDN), NEBULA, and Recursive InterNetwork Architecture (RINA). This paper surveys the security solutions of the FI architectures based on literatures, prototypes, and demonstrations. It has been found that none of the architectures can fulfill all of the security goals: confidentiality, authentication, integrity and availability. The results of the survey have been verified by the domain experts

Security analysis of OpenDayLight, ONOS, RoseMary and RYU SDN controllers

There is an immense expectation on Software- Defined Networking (SDN) in industry as a novel approach towards potentially replacing conventional network management and control. However, SDN is not immune to security vulnerabilities which currently exist in the legacy systems or which may newly arise due to change in the network design. Since the beginning of SDN development, primary focus of research was on separation of control plane from data plane by keeping performance and operational flexibility unchanged. In the due course of achieving this, security aspects of an SDN have taken a back seat. Even though separation of control plane from a data plane is a great step towards simplification of network management, it subjects the network into a potential two way target for intruders to gain control. Due to the centralized design of SDN, compromising security of a controller will be as good as compromising the security of a whole network. Enterprises which are moving towards adapting SDN are concerned about security issues and the resulting problems. In this paper, we analyze the security issues of few of the widely used controllers. We found that the OpenDayLight controller is the most secure one compared to the others. In addition, this paper also provides a snapshot of current development in security aspect of SDN controllers such that it may help SDN controller developers to identify the issues and rectify the same in future releases

Addressing Industry 4.0 Security by Software-Defined Networking

Preceded by three industrial evolutions with the virtue of innovation in basic technologies such as mechanics (first evolution, beginning in the 1780s), electricity (second evolution, beginning from the 1870s), and electronics and computation (third evolution, starting from the 1970s), the vision for the fourth industrial evolution (in German called Industrie 4.0) has been started by the German government in 2011

AutoSecSDNDemo: Demonstration of automated end-to-end security in software-defined networks

The complexity of modern communication networks and innovative cyber-attacking methods make it difficult to automatically detect and prevent attacks. Software-Defined Networking (SDN) separates the forwarding of network traffic from the decision plane of the network and offers a central and programmable interface for the configuration of the network. In this paper, a novel approach to integrate end-to-end security into an SDN is developed which improves the security of a network through automated defense mechanisms and reduces the time needed for a response to a threat

Cybersecurity Comparison of Brain-Based Automotive Electrical and Electronic Architectures

Modern autonomous vehicles with an electric/electronic (E/E) architecture represent the next big step in the automation and evolution of smart and self-driving vehicles. This technology is of significant interest nowadays and humans are currently witnessing the development of the different levels of automation for their vehicles. According to recent demand, the components of smart vehicles are centrally or zonally connected, as well as connected to clouds to ensure the seamless automation of driving functions. This necessity has a downside, as it makes the system vulnerable to malicious attacks from hackers with unethical motives. To ensure the control, safety, and security of smart vehicles, attaining and upholding automotive cybersecurity standards is inevitable. The ISO/SAE 21434 Road vehicle—Cybersecurity engineering standard document was published in 2021 and can be considered the Bible of automotive cybersecurity. In this paper, a comparison between four different E/E architectures was made based on the aforementioned standard. One of them is the traditional distributed architecture with many electronic control units (ECUs). The other three architectures consist of centralized or zonally distributed high-performance computers (HPCs). As the complexity of autonomous E/E systems are on the rise, the traditional distributive method is compared against the HPC (brain)-based architectures to visualize a comparative scenario between the architectures. The authors of this paper analyzed the threats and damage scenarios of the architectures using the ISO/SAE 21434 standard, “Microsoft Threat Analysis Tool - STRIDE”, TARA, and “Ansys Medini Analyze”. Security controls are recommended to mitigate the threats and risks in all of these studied architectures. This work attempted to mitigate the gap in the scholarly literature by creating a comparative image of the E/E architectures on a generalized level. The exploratory method of this research provides the reader with knowledge on four different architecture types, their fundamental properties, advantages, and disadvantages along with a general overview of the threats and vulnerabilities associated with each in light of the ISO/SAE 21434 standard. The improvement possibilities of the studied architectures are provided and their advantages and disadvantages are highlighted herein