Energy-Efficient UAVs Deployment for QoS-Guaranteed VoWiFi Service

This paper formulates a new problem for the optimal placement of Unmanned Aerial Vehicles (UAVs) geared towards wireless coverage provision for Voice over WiFi (VoWiFi) service to a set of ground users confined in an open area. Our objective function is constrained by coverage and by VoIP speech quality and minimizes the ratio between the number of UAVs deployed and energy efficiency in UAVs, hence providing the layout that requires fewer UAVs per hour of service. Solutions provide the number and position of UAVs to be deployed, and are found using well-known heuristic search methods such as genetic algorithms (used for the initial deployment of UAVs), or particle swarm optimization (used for the periodical update of the positions). We examine two communication services: (a) one bidirectional VoWiFi channel per user; (b) single broadcast VoWiFi channel for announcements. For these services, we study the results obtained for an increasing number of users confined in a small area of 100 m2 as well as in a large area of 10,000 m2. Results show that the drone turnover rate is related to both users’ sparsity and the number of users served by each UAV. For the unicast service, the ratio of UAVs per hour of service tends to increase with user sparsity and the power of radio communication represents 14–16% of the total UAV energy consumption depending on ground user density. In large areas, solutions tend to locate UAVs at higher altitudes seeking increased coverage, which increases energy consumption due to hovering. However, in the VoWiFi broadcast communication service, the traffic is scarce, and solutions are mostly constrained only by coverage. This results in fewer UAVs deployed, less total power consumption (between 20% and 75%), and less sensitivity to the number of served users.Junta de Andalucía Beca 2020/00000172Unión Europea FEDER 2014-202

RPL Cross-Layer Scheme for IEEE 802.15.4 IoT Devices With Adjustable Transmit Power

Article number 9523554We propose a novel cross-layer scheme to reduce energy consumption in wireless sensor networks composed of IEEE 802.15.4 IoT devices with adjustable transmit power. Our approach is based on the IETF’s Routing Protocol for Low power and lossy networks (RPL). Nodes discover neighbors and keep fresh link statistics for each available transmit power level. Using the product of ETX and local transmit power level as a single metric, each node selects both the parent that minimizes the energy for packet transmission along the path to the root and the optimal local transmit power to be used. We have implemented our cross-layer scheme in NG-Contiki using the Z1 mote and two transmit power levels (55mW and 31mW). Simulations of a network of 15 motes show that (on average) 66% of nodes selected the low-power setting in a 25 m × 25 m area. As a result, we obtained an average reduction of 25% of the energy spent on transmission and reception of packets compared to the standard RPL settings where all nodes use the same transmit power level. In large scenarios (e.g., 150 m × 150 m and 40-100 motes), our approach provides better results in dense networks where reducing the transmit power of nodes does not translate into longer paths to the root nor degraded quality of service

On the Detection Capabilities of Signature-Based Intrusion Detection Systems in the Context of Web Attacks

Signature-based Intrusion Detection Systems (SIDS) play a crucial role within the arsenal of security components of most organizations. They can find traces of known attacks in the network traffic or host events for which patterns or signatures have been pre-established. SIDS include standard packages of detection rulesets, but only those rules suited to the operational environment should be activated for optimal performance. However, some organizations might skip this tuning process and instead activate default off-the-shelf rulesets without understanding its implications and trade-offs. In this work, we help gain insight into the consequences of using predefined rulesets in the performance of SIDS. We experimentally explore the performance of three SIDS in the context of web attacks. In particular, we gauge the detection rate obtained with predefined subsets of rules for Snort, ModSecurity and Nemesida using seven attack datasets. We also determine the precision and rate of alert generated by each detector in a real-life case using a large trace from a public webserver. Results show that the maximum detection rate achieved by the SIDS under test is insufficient to protect systems effectively and is lower than expected for known attacks. Our results also indicate that the choice of predefined settings activated on each detector strongly influences its detection capability and false alarm rate. Snort and ModSecurity scored either a very poor detection rate (activating the less-sensitive predefined ruleset) or a very poor precision (activating the full ruleset). We also found that using various SIDS for a cooperative decision can improve the precision or the detection rate, but not both. Consequently, it is necessary to reflect upon the role of these open-source SIDS with default configurations as core elements for protection in the context of web attacks. Finally, we provide an efficient method for systematically determining which rules deactivate from a ruleset to significantly reduce the false alarm rate for a target operational environment. We tested our approach using Snort’s ruleset in our real-life trace, increasing the precision from 0.015 to 1 in less than 16 h of work. View Full-TextMinisterio de Ciencias e Innovación (MICINN)/AEI 10.13039/501100011033: PID2020-115199RB-I00FEDER/Junta de Andalucía-Consejería de Transformación Económica, Industria, Conocimiento y Universidades PYC20-RE-087-US

Designing Cost-Effective Reliable Networks from a Risk Analysis Perspective: A Case Study for a Hospital Campus

The unavailability of information and communication services due to network-related incidents may have a significant impact on large organizations. Network incidents can hence be viewed as a risk for organizations whose consequences are not accounted for by traditional network design problems. In this work, we address the problem of designing a reliable wired network from a risk analysis perspective. We propose a novel methodology for the quantitative assessment of the risk associated with network-related incidents in a hospital campus. We then define an optimization problem to find the topology that minimizes the network cost plus the expected loss over time attributable to the unavailability of corporate services to staff affected by network incidents. A case study illustrates our methodology and its benefits. Using available public information, we design the topology of a campus network for a large hospital where the cost of labor exceeds 200M€/year. The solution to our optimization problem is found through well-known genetic algorithms and provides a topology where network nodes with a higher impact on productivity exhibit higher reliability. As a consequence, the topology obtained reduces more than 95% (+392 000€) the expected annual lost profits when compared to common reduced-cost topologies such as the minimum-cost ring or the non-reliable minimum-cost tree, showing that investment in risk reduction pays off. Our contribution may be used by engineers to (re)design cost-effective reliable networks or by hospital managers to support decisions on updating present infrastructure based on risk reduction

How much training data is enough?. A case study for HTTP anomaly-based intrusion detection

Most anomaly-based intrusion detectors rely on models that learn from a training dataset whose quality is crucial in their performance. Albeit the properties of suitable datasets have been formulated, the influence of the dataset size on the performance of the anomaly-based detector has received scarce attention so far. In this work, we investigate the optimal size of a training dataset. This size should be large enough so that training data is representative of normal behavior, but after that point, collecting more data may result in unnecessary waste of time and computational resources, not to mention an increased risk of overtraining. In this spirit, we provide a method to find out when the amount of data collected at the production environment is representative of normal behavior in the context of a detector of HTTP URI attacks based on 1-grammar. Our approach is founded on a set of indicators related to the statistical properties of the data. These indicators are periodically calculated during data collection, producing time series that stabilize when more training data is not expected to translate to better system performance, which indicates that data collection can be stopped. We present a case study with real-life datasets collected at the University of Seville (Spain) and a public dataset from the University of Saskatchewan. The application of our method to these datasets showed that more than 42% of one of trace, and almost 20% of another were unnecessarily collected, thereby showing that our proposed method can be an efficient approach for collecting training data at the production environment

Deployment of UAV-mounted Access Points for VoWiFi Service with guaranteed QoS

Unmanned Aerial Vehicle (UAV) networks have emerged as a promising means to provide wireless coverage in open geographical areas. Nevertheless, in wireless networks such as WiFi, signal coverage alone is insufficient to guarantee that network performance meets the quality of service (QoS) requirements of real-time communication services, as it also depends on the traffic load produced by ground users sharing the medium access. We formulate a new problem for UAVs optimal deployment in which the QoS level is guaranteed for real-time voice over WiFi (VoWiFi) communications. More specifically, our goal is to dispatch the minimum number of UAVs possible to provide VoWiFi service to a set of ground users subject to coverage, call-blocking probability, and QoS constraints. Optimal solutions are found using well-known heuristics that include K-means clusterization and genetic algorithms. Via numerical results, we show that the WiFi standard revision (e.g. IEEE 802.11a/b/g/n/ac) in use plays an important role in both coverage and QoS performance and hence, in the number of UAVs required to provide the service

Tool for Validation Software Projects in Programming Labs

This work shows a testing tool used in Fundamentals of Programming II laboratory in Telecommunication Technologies Engineering Degree at University of Sevilla to check the student project. This tool allows students to test the proper operation of their project in autonomous way. This is a flexible and useful tool for testing the project because the tool identifies when the student has carried out a project that meet the given specifications of the project. This implies a high rate of success when the student delivers its project

Labeled HTTP requests dataset: Dataset Biblio-US17

This dataset contains a set of anonymized and labeled HTTP requests (selected fields) from the logs of a real-in-production web server at the library of the University of Seville during 6.5 months in 2017. The dataset has been sanitized using a supervised methodology as proposed in: - Díaz-Verdejo, Jesús E.; Estepa, Antonio; Estepa, Rafael; Madinabeitia, German; Muñoz-Calle, Javier, "A methodology for conducting efficient sanitization of HTTP training datasets", Future Generation Computer Systems, vol. 109, pp. 67–82, 2020. https://doi.org/10.1016/j.future.2020.03.033.The dataset is organized in a tree structure (subdirectories) each containing different types of files or sets. As provided, 5 sets of files and two partitioning schemes are considered. The partition files are not directly provided but can be generated from the files using the provided script. The following sets of files (subdirs) are included: - RAW files: Initial registers (obtained after preprocessing and anonymization of real captured files). - LABEL files: Labels assigned during analysis. - CLEAN files: Registers considered as clean after sanitization. This is the full dataset to be used as normal traffic. - SID files: Information about SIDs triggered by used SIDS tools. - ATTACK files: Registers classified as attack (only LVL1 -indubituous- attacks). Registers in each set are organized in daily bins (files) named as biblio-2017--., being the number of the month, the day and an extension related to the type of content: - .raw for RAW files - .lbl for LBL files - .cl for CLEAN files - .sid for SID files - .att for ATTACK filesv.

Generación automática de firmas para detección de ciberataques basados en URI

This work is licensed under a Creative Commons 4.0 International License (CC BY-NC-ND 4.0)La mayor parte de los sistemas de detección de intrusiones (IDS) operativos se basan en el uso de firmas que permiten identificar ataques conocidos. La dependencia de estos IDS con la actualización de las bases de datos de firmas constituye una de sus mayores limitaciones, siendo de interés el desarrollo de sistemas que posibiliten la generación automática o supervisada de firmas. En el presente trabajo se evalúa experimentalmente un sistema para la generación de firmas a partir de un IDS basado en anomalías propuesto en un trabajo previo. También se desarrolla y evalúa un sistema automatizado para la selección del punto de operación óptimo del generador de firmas. Los resultados preliminares de este trabajo en curso muestran que se pueden generar firmas nuevas que aumenten la capacidad de detección del IDS basados en firmas o patrones conocidos (SIDS) controlando el número de falsos positivos introducidos

Blockchain-Based Service-Oriented Architecture for Consent Management, Access Control, and Auditing

Continuity of care requires the exchange of health information among organizations and care teams. The EU General Data Protection Regulation (GDPR) establishes that subject of care should give explicit consent to the treatment of her personal data, and organizations must obey the individual’s will. Nevertheless, few solutions focus on guaranteeing the proper execution of consents. We propose a serviceoriented architecture, backed by blockchain technology, that enables: (1) tamper-proof and immutable storage of subject of care consents; (2) a fine-grained access control for protecting health data according to consents; and (3) auditing tasks for supervisory authorities (or subjects of care themselves) to assess that healthcare organizations comply with GDPR and granted consents. Standards for health information exchange and access control are adopted to guarantee interoperability. Access control events and the subject of care consents are maintained on a blockchain, providing a trusted collaboration between organizations, supervisory authorities, and individuals. A prototype of the architecture has been implemented as a proof of concept to evaluate the performance of critical components. The application of subject of care consent to control the treatment of personal health data in federated and distributed environments is a pressing concern. The experimental results show that blockchain can effectively support sharing consent and audit events among healthcare organizations, supervisory authorities, and individuals