{"title":"LLM Honeypot: Leveraging Large Language Models as Advanced Interactive Honeypot Systems","authors":"Hakan T. Otal, M. Abdullah Canbaz","doi":"arxiv-2409.08234","DOIUrl":"https://doi.org/arxiv-2409.08234","url":null,"abstract":"The rapid evolution of cyber threats necessitates innovative solutions for\u0000detecting and analyzing malicious activity. Honeypots, which are decoy systems\u0000designed to lure and interact with attackers, have emerged as a critical\u0000component in cybersecurity. In this paper, we present a novel approach to\u0000creating realistic and interactive honeypot systems using Large Language Models\u0000(LLMs). By fine-tuning a pre-trained open-source language model on a diverse\u0000dataset of attacker-generated commands and responses, we developed a honeypot\u0000capable of sophisticated engagement with attackers. Our methodology involved\u0000several key steps: data collection and processing, prompt engineering, model\u0000selection, and supervised fine-tuning to optimize the model's performance.\u0000Evaluation through similarity metrics and live deployment demonstrated that our\u0000approach effectively generates accurate and informative responses. The results\u0000highlight the potential of LLMs to revolutionize honeypot technology, providing\u0000cybersecurity professionals with a powerful tool to detect and analyze\u0000malicious activity, thereby enhancing overall security infrastructure.","PeriodicalId":501280,"journal":{"name":"arXiv - CS - Networking and Internet Architecture","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2024-09-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142183881","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Towards Scalable Quantum Networks","authors":"Connor Howe, Mohsin Aziz, Ali Anwar","doi":"arxiv-2409.08416","DOIUrl":"https://doi.org/arxiv-2409.08416","url":null,"abstract":"This paper presents a comprehensive study on the scalability challenges and\u0000opportunities in quantum communication networks, with the goal of determining\u0000parameters that impact networks most as well as the trends that appear when\u0000scaling networks. We design simulations of quantum networks comprised of router\u0000nodes made up of trapped-ion qubits, separated by quantum repeaters in the form\u0000of Bell State Measurement (BSM) nodes. Such networks hold the promise of\u0000securely sharing quantum information and enabling high-power distributed\u0000quantum computing. Despite the promises, quantum networks encounter scalability\u0000issues due to noise and operational errors. Through a modular approach, our\u0000research aims to surmount these challenges, focusing on effects from scaling\u0000node counts and separation distances while monitoring low-quality communication\u0000arising from decoherence effects. We aim to pinpoint the critical features\u0000within networks essential for advancing scalable, large-scale quantum computing\u0000systems. Our findings underscore the impact of several network parameters on\u0000scalability, highlighting a critical insight into the trade-offs between the\u0000number of repeaters and the quality of entanglement generated. This paper lays\u0000the groundwork for future explorations into optimized quantum network designs\u0000and protocols.","PeriodicalId":501280,"journal":{"name":"arXiv - CS - Networking and Internet Architecture","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2024-09-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142260237","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Multi-Model based Federated Learning Against Model Poisoning Attack: A Deep Learning Based Model Selection for MEC Systems","authors":"Somayeh Kianpisheh, Chafika Benzaid, Tarik Taleb","doi":"arxiv-2409.08237","DOIUrl":"https://doi.org/arxiv-2409.08237","url":null,"abstract":"Federated Learning (FL) enables training of a global model from distributed\u0000data, while preserving data privacy. However, the singular-model based\u0000operation of FL is open with uploading poisoned models compatible with the\u0000global model structure and can be exploited as a vulnerability to conduct model\u0000poisoning attacks. This paper proposes a multi-model based FL as a proactive\u0000mechanism to enhance the opportunity of model poisoning attack mitigation. A\u0000master model is trained by a set of slave models. To enhance the opportunity of\u0000attack mitigation, the structure of client models dynamically change within\u0000learning epochs, and the supporter FL protocol is provided. For a MEC system,\u0000the model selection problem is modeled as an optimization to minimize loss and\u0000recognition time, while meeting a robustness confidence. In adaption with\u0000dynamic network condition, a deep reinforcement learning based model selection\u0000is proposed. For a DDoS attack detection scenario, results illustrate a\u0000competitive accuracy gain under poisoning attack with the scenario that the\u0000system is without attack, and also a potential of recognition time improvement.","PeriodicalId":501280,"journal":{"name":"arXiv - CS - Networking and Internet Architecture","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2024-09-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142184000","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Zhaoyang Han, Andrew Briasco-Stewart, Michael Zink, Miriam Leeser
{"title":"Extracting TCPIP Headers at High Speed for the Anonymized Network Traffic Graph Challenge","authors":"Zhaoyang Han, Andrew Briasco-Stewart, Michael Zink, Miriam Leeser","doi":"arxiv-2409.07374","DOIUrl":"https://doi.org/arxiv-2409.07374","url":null,"abstract":"Field Programmable Gate Arrays (FPGAs) play a significant role in\u0000computationally intensive network processing due to their flexibility and\u0000efficiency. Particularly with the high-level abstraction of the P4 network\u0000programming model, FPGA shows a powerful potential for packet processing. By\u0000supporting the P4 language with FPGA processing, network researchers can create\u0000customized FPGA-based network functions and execute network tasks on\u0000accelerators directly connected to the network. A feature of the P4 language is\u0000that it is stateless; however, the FPGA implementation in this research\u0000requires state information. This is accomplished using P4 externs to describe\u0000the stateful portions of the design and to implement them on the FPGA using\u0000High-Level Synthesis (HLS). This paper demonstrates using an FPGA-based\u0000SmartNIC to efficiently extract source-destination IP address information from\u0000network packets and construct anonymized network traffic matrices for further\u0000analysis. The implementation is the first example of the combination of using\u0000P4 and HLS in developing network functions on the latest AMD FPGAs. Our design\u0000achieves a processing rate of approximately 95 Gbps with the combined use of P4\u0000and High-level Synthesis and is able to keep up with 100 Gbps traffic received\u0000directly from the network.","PeriodicalId":501280,"journal":{"name":"arXiv - CS - Networking and Internet Architecture","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2024-09-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142183883","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Synchronization Control-Plane Protocol for Quantum Link Layer","authors":"Brandon Ru, Winston K. G. Seah, Alvin C. Valera","doi":"arxiv-2409.07049","DOIUrl":"https://doi.org/arxiv-2409.07049","url":null,"abstract":"Heralded entanglement generation between nodes of a future quantum internet\u0000is a fundamental operation that unlocks the potential for quantum\u0000communication. In this paper, we propose a decentralized synchronization\u0000protocol that operates at the classical control-plane of the link layer, to\u0000navigate the coordination challenges of generating heralded entanglement across\u0000few-qubit quantum network nodes. Additionally, with quantum network simulations\u0000using NetSquid, we show that our protocol achieves lower entanglement request\u0000latencies than a naive distributed queue approach. We observe a sixfold\u0000reduction in average request latency growth as the number of quantum network\u0000links increases. The Eventual Synchronization Protocol (ESP) allows nodes to\u0000coordinate on heralded entanglement generation in a scalable manner within\u0000multi-peer quantum networks. To the best of our knowledge, this is the first\u0000decentralized synchronization protocol for managing heralded entanglement\u0000requests.","PeriodicalId":501280,"journal":{"name":"arXiv - CS - Networking and Internet Architecture","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2024-09-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142183885","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Tina Khezresmaeilzadeh, Elaine Zhu, Kiersten Grieco, Daniel J. Dubois, Konstantinos Psounis, David Choffnes
{"title":"Echoes of Privacy: Uncovering the Profiling Practices of Voice Assistants","authors":"Tina Khezresmaeilzadeh, Elaine Zhu, Kiersten Grieco, Daniel J. Dubois, Konstantinos Psounis, David Choffnes","doi":"arxiv-2409.07444","DOIUrl":"https://doi.org/arxiv-2409.07444","url":null,"abstract":"Many companies, including Google, Amazon, and Apple, offer voice assistants\u0000as a convenient solution for answering general voice queries and accessing\u0000their services. These voice assistants have gained popularity and can be easily\u0000accessed through various smart devices such as smartphones, smart speakers,\u0000smartwatches, and an increasing array of other devices. However, this\u0000convenience comes with potential privacy risks. For instance, while companies\u0000vaguely mention in their privacy policies that they may use voice interactions\u0000for user profiling, it remains unclear to what extent this profiling occurs and\u0000whether voice interactions pose greater privacy risks compared to other\u0000interaction modalities. In this paper, we conduct 1171 experiments involving a total of 24530 queries\u0000with different personas and interaction modalities over the course of 20 months\u0000to characterize how the three most popular voice assistants profile their\u0000users. We analyze factors such as the labels assigned to users, their accuracy,\u0000the time taken to assign these labels, differences between voice and web\u0000interactions, and the effectiveness of profiling remediation tools offered by\u0000each voice assistant. Our findings reveal that profiling can happen without\u0000interaction, can be incorrect and inconsistent at times, may take several days\u0000to weeks for changes to occur, and can be influenced by the interaction\u0000modality.","PeriodicalId":501280,"journal":{"name":"arXiv - CS - Networking and Internet Architecture","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2024-09-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142183886","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Moritz Flüchter, Steffen Lindner, Fabian Ihle, Michael Menth
{"title":"Extensions to BIER Tree Engineering (BIER-TE) for Large Multicast Domains and 1:1 Protection: Concept, Implementation and Performance","authors":"Moritz Flüchter, Steffen Lindner, Fabian Ihle, Michael Menth","doi":"arxiv-2409.07082","DOIUrl":"https://doi.org/arxiv-2409.07082","url":null,"abstract":"Bit Index Explicit Replication (BIER) has been proposed by the IETF as a\u0000stateless multicast transport technology. BIER adds a BIER header containing a\u0000bitstring indicating receivers of an IP multicast (IPMC) packet within a BIER\u0000domain. BIER-TE extends BIER with tree engineering capabilities, i.e., the\u0000bitstring indicates both receivers as well as links over which the packet is\u0000transmitted. As the bitstring is of limited size, e.g., 256 bits, only that\u0000number of receivers can be addressed within a BIER packet. To scale BIER to\u0000larger networks, the receivers of a BIER domain have been assigned to subsets\u0000that can be addressed by a bitstring with a subset ID. This approach is even\u0000compliant with fast reroute (FRR) mechanisms for BIER. In this work we tackle the challenge of scaling BIER-TE to large networks as\u0000the subset mechanism of BIER is not sufficient for that purpose. A major\u0000challenge is the support of a protection mechanism in this context. We describe\u0000how existing networking concepts like tunneling, egress protection and\u0000BIER-TE-FRR can be combined to achieve the goal. Then, we implement the\u0000relevant BIER-TE components on the P4-programmable Tofino ASIC which builds\u0000upon an existing implementation for BIER. Finally, we consider the forwarding\u0000performance of the prototype and explain how weaknesses can be improved from\u0000remedies that are well-known for BIER implementations.","PeriodicalId":501280,"journal":{"name":"arXiv - CS - Networking and Internet Architecture","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2024-09-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142183884","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Gianluca Anselmi, Yash Vekaria, Alexander D'Souza, Patricia Callejo, Anna Maria Mandalari, Zubair Shafiq
{"title":"Watching TV with the Second-Party: A First Look at Automatic Content Recognition Tracking in Smart TVs","authors":"Gianluca Anselmi, Yash Vekaria, Alexander D'Souza, Patricia Callejo, Anna Maria Mandalari, Zubair Shafiq","doi":"arxiv-2409.06203","DOIUrl":"https://doi.org/arxiv-2409.06203","url":null,"abstract":"Smart TVs implement a unique tracking approach called Automatic Content\u0000Recognition (ACR) to profile viewing activity of their users. ACR is a\u0000Shazam-like technology that works by periodically capturing the content\u0000displayed on a TV's screen and matching it against a content library to detect\u0000what content is being displayed at any given point in time. While prior\u0000research has investigated third-party tracking in the smart TV ecosystem, it\u0000has not looked into second-party ACR tracking that is directly conducted by the\u0000smart TV platform. In this work, we conduct a black-box audit of ACR network\u0000traffic between ACR clients on the smart TV and ACR servers. We use our\u0000auditing approach to systematically investigate whether (1) ACR tracking is\u0000agnostic to how a user watches TV (e.g., linear vs. streaming vs. HDMI), (2)\u0000privacy controls offered by smart TVs have an impact on ACR tracking, and (3)\u0000there are any differences in ACR tracking between the UK and the US. We perform\u0000a series of experiments on two major smart TV platforms: Samsung and LG. Our\u0000results show that ACR works even when the smart TV is used as a \"dumb\" external\u0000display, opting-out stops network traffic to ACR servers, and there are\u0000differences in how ACR works across the UK and the US.","PeriodicalId":501280,"journal":{"name":"arXiv - CS - Networking and Internet Architecture","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2024-09-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142183687","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Stavros Eleftherakis, Domenico Giustiniano, Nicolas Kourtellis
{"title":"SoK: Evaluating 5G Protocols Against Legacy and Emerging Privacy and Security Attacks","authors":"Stavros Eleftherakis, Domenico Giustiniano, Nicolas Kourtellis","doi":"arxiv-2409.06360","DOIUrl":"https://doi.org/arxiv-2409.06360","url":null,"abstract":"Ensuring user privacy remains a critical concern within mobile cellular\u0000networks, particularly given the proliferation of interconnected devices and\u0000services. In fact, a lot of user privacy issues have been raised in 2G, 3G,\u00004G/LTE networks. Recognizing this general concern, 3GPP has prioritized\u0000addressing these issues in the development of 5G, implementing numerous\u0000modifications to enhance user privacy since 5G Release 15. In this\u0000systematization of knowledge paper, we first provide a framework for studying\u0000privacy and security related attacks in cellular networks, setting as privacy\u0000objective the User Identity Confidentiality defined in 3GPP standards. Using\u0000this framework, we discuss existing privacy and security attacks in pre-5G\u0000networks, analyzing the weaknesses that lead to these attacks. Furthermore, we\u0000thoroughly study the security characteristics of 5G up to the new Release 19,\u0000and examine mitigation mechanisms of 5G to the identified pre-5G attacks.\u0000Afterwards, we analyze how recent 5G attacks try to overcome these mitigation\u0000mechanisms. Finally, we identify current limitations and open problems in\u0000security of 5G, and propose directions for future work.","PeriodicalId":501280,"journal":{"name":"arXiv - CS - Networking and Internet Architecture","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2024-09-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142183686","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Design and Implementation of Online Live Streaming System Using A 3D Engine","authors":"Aizierjiang Aiersilan","doi":"arxiv-2409.06207","DOIUrl":"https://doi.org/arxiv-2409.06207","url":null,"abstract":"With the growing demand for live video streaming, there is an increasing need\u0000for low-latency and high-quality transmission, especially with the advent of 5G\u0000networks. While 5G offers hardware-level improvements, effective software\u0000solutions for minimizing latency remain essential. Current methods, such as\u0000multi-channel streaming, fail to address latency issues fundamentally, often\u0000only adding new channels without optimizing overall performance. This thesis\u0000proposes a novel approach using a 3D engine (e.g., Unity 3D) to stream\u0000multi-input video data through a single channel with reduced latency. By\u0000leveraging 3D engine capabilities, such as World/Screen Space Cameras, 3D\u0000Canvases, and Webcam Textures, the proposed system consolidates video streams\u0000from multiple external cameras into a unified, low-latency output. The\u0000affiliated project of this thesis demonstrates the implementation of a\u0000low-latency multi-channel live video streaming system. It employs the RTSP\u0000protocol and examines video encoding techniques, alongside a client-side\u0000application based on Unity 3D. The system architecture includes a WebSocket\u0000server for persistent connections, an HTTP server for communication, a MySQL\u0000database for storage, Redis for caching, and Nginx for load balancing. Each\u0000module operates independently, ensuring flexibility and scalability in the\u0000system's design. A key innovation of this system is its use of a 3D scene to\u0000map multiple video inputs onto a virtual canvas, recorded by an in-engine\u0000camera for transmission. This design minimizes redundant data, enabling an\u0000efficient and director-guided live streaming network. The thesis concludes by\u0000discussing challenges encountered during the project and provides solutions for\u0000future improvement.","PeriodicalId":501280,"journal":{"name":"arXiv - CS - Networking and Internet Architecture","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2024-09-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142183887","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}