Computer Networks最新文献

{"title":"HawkEye: An end-host method to detect the Low-rate Denial-of-Service attack of cross-traffic over bottleneck links","authors":"Fei Lei,&nbsp;Xianliang Jiang,&nbsp;Guang Jin,&nbsp;Dingxin Yu","doi":"10.1016/j.comnet.2024.110951","DOIUrl":"10.1016/j.comnet.2024.110951","url":null,"abstract":"<div><div>The adaptive mechanisms of the Transmission Control Protocol (TCP) address network congestion and other unpredictable network conditions. They ensure the reliability of data transmission and the stability of the network. Unfortunately, the vulnerabilities in these adaptive mechanisms are targeted explicitly by low-rate denial-of-service (LDoS) attacks, which severely degrade network service quality. Only by modifying these protocols and addressing their vulnerabilities can one entirely prevent LDoS attacks. Although various improved TCP algorithms exist, they often fail to identify LDoS attacks accurately and, in some cases, may even reduce TCP performance. Furthermore, traditional LDoS attack detection methods rely on intermediate devices, which do not meet TCP’s end-to-end performance optimization needs. We introduce <strong>HawkEye</strong>, which moves the detection mechanism to the <strong>end hosts</strong> to address this issue. HawkEye uses an improved genetic algorithm to fine-tune the parameters of the LightGBM on the sending host, integrating multiple network traffic features to detect LDoS attacks. Experimental results show that our proposed method achieves the high accuracy, high true positive rate, and low false positive rate, successfully addressing the limitations of end-host detection of LDoS attacks and providing an innovative and effective solution for enhancing LDoS attack detection.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"257 ","pages":"Article 110951"},"PeriodicalIF":4.4,"publicationDate":"2024-11-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142758888","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"DUdetector: A dual-granularity unsupervised model for network anomaly detection","authors":"Haijun Geng ,&nbsp;Qi Ma ,&nbsp;Haotian Chi ,&nbsp;Zhi Zhang ,&nbsp;Jing Yang ,&nbsp;Xia Yin","doi":"10.1016/j.comnet.2024.110937","DOIUrl":"10.1016/j.comnet.2024.110937","url":null,"abstract":"<div><div>Internet of Things (IoT) devices are often used as springboards for network intrusion due to the open nature of IoT protocol stacks that enable automatic inter-connection and data sharing among devices, so it is critical to develop network anomaly detection algorithms that can be deployed at important nodes such as gateways and routers. However, existing detection algorithms based on signature rules and supervised machine learning heavily rely on known anomaly types, yielding low detection accuracy when deployed in realistic network environments with a significant number of unknown attacks. With this in mind, we propose DUdetector, an unsupervised anomaly detection algorithm by employing Transformer and Conv1d&amp;MaxPool1d AutoEncoder with residual connection (abbr., CM&amp;RC-AE) to realize a dual-granularity learning from the perspective of segments and points, respectively. Specifically, we perform coarse-grained segment-level anomaly detection based on an improved Transformer to detect whether there is any anomalous traffic within a time window. Then, we perform fine-grained point-level anomaly detection based on CM&amp;RC-AE for each packet within the problematic segment output by the first step. Extensive experiments on three datasets (<em>SSDP Flood</em>, <em>Mirai</em> and <em>IDS2017</em>) demonstrate that our DUdetector achieves a better performance than existing work: an F1-score of 95.98% for Mirai, and over 99.2% for both SSDP Flood and IDS2017, with false positive rates less than 0.5% for all three datasets.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"257 ","pages":"Article 110937"},"PeriodicalIF":4.4,"publicationDate":"2024-11-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142745506","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"LPPAC: Lightweight privacy-preserving distributed payments with access control","authors":"Bo Zeng ,&nbsp;Tian Wu ,&nbsp;Fangchao Yu ,&nbsp;Geying Yang ,&nbsp;Kai Zhao ,&nbsp;Lina Wang","doi":"10.1016/j.comnet.2024.110936","DOIUrl":"10.1016/j.comnet.2024.110936","url":null,"abstract":"<div><div>The privacy-preserving distributed payment system leverages the advantages of its decentralized form while upholding data privacy. Currently, numerous solutions effectively safeguard users’ privacy, encompassing transaction amounts and identities, but in practical deployments, these solutions may impose limitations due to their indiscriminate treatments. Recognizing that real-world transactions involve not only the exchange of funds but also the transfer of assets, we introduce a lightweight privacy-preserving distributed payment scheme called LPPAC, which differentiates its treatment of different levels of private data. The transformation of amounts, which directly involves monetary values, is rigorously protected using appropriate encryption techniques. Additionally, we incorporate transaction pruning techniques to reduce storage overhead and enhance operational efficiency. In the context of asset transfers, there may be instances where parties other than the transacting entities need to be informed to make adequate preparations. However, the information related to asset transfers is inherently linked to transaction amounts. Therefore, we introduce an access control mechanism to allocate corresponding access rights. Through this approach, we theoretically establish that LPPAC can offer a precise privacy protection solution without compromising privacy. Furthermore, experimental results show the strong performance of LPPAC in practical applications.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"257 ","pages":"Article 110936"},"PeriodicalIF":4.4,"publicationDate":"2024-11-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142745508","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Cooperation-based server deployment strategy in mobile edge computing system","authors":"Xin Li ,&nbsp;Meiyan Teng ,&nbsp;Yanling Bu ,&nbsp;Jianjun Qiu ,&nbsp;Xiaolin Qin ,&nbsp;Jie Wu","doi":"10.1016/j.comnet.2024.110932","DOIUrl":"10.1016/j.comnet.2024.110932","url":null,"abstract":"<div><div>In our exploration of Mobile Edge Computing (MEC) systems, we address the critical challenge of edge server deployment, aiming to enhance application responsiveness through optimized server placement and cooperation. Our study diverges from traditional approaches that prioritize server location, instead highlighting the untapped potential of server collaboration for sharing computing resources. This cooperative strategy not only boosts resource utilization and trims response times but also intricately complicates deployment strategies. We introduce an innovative Collaboration-Based Server Deployment (CBSD) algorithm that stands out by facilitating cooperative communication between edge servers via Base Stations (BSs), even under stringent resource constraints. This algorithm employs a dual-phase approach: initially utilizing a non-collaborative <em>Gradient</em> algorithm for resource allocation among cooperative regions, followed by a strategic distribution of resources based on regional demand. Our comprehensive simulations show that our proposed methodology improves system utility and throughput by 35% and 25%, respectively, while robustness reaches 90% compared to the baseline. These results represent improvement in managing limited edge resources effectively.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"257 ","pages":"Article 110932"},"PeriodicalIF":4.4,"publicationDate":"2024-11-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142745501","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A resilient routing strategy based on deep reinforcement learning for urban emergency communication networks","authors":"Zilong Jin ,&nbsp;Huajian Xu ,&nbsp;Zhixiang Kong ,&nbsp;Chengsheng Pan","doi":"10.1016/j.comnet.2024.110898","DOIUrl":"10.1016/j.comnet.2024.110898","url":null,"abstract":"<div><div>In the context of urban informatization, meeting the stringent requirements of emergency communication presents a significant challenge for Urban Emergency Communication Networks (UECNs). Mobile ad hoc networks deployed in these environments often experience node degradation and link disruptions due to the complex urban landscape, leading to frequent communication failures. This paper introduces a novel resilient routing strategy, termed Deep Reinforcement Learning-based Resilient Routing (DRLRR). The proposed routing strategy first utilizes node and link state information to accurately characterize dynamic changes in network topology. The routing decision-making process is then formalized as a Markov decision process, integrating multiple performance metrics into a reward function tailored for the specific demands of urban emergency communications. By leveraging deep reinforcement learning, DRLRR effectively adapts to the complexities of urban environment, enabling intelligent and optimal route selection during network topology fluctuations to ensure seamless data transmission during emergencies. Comparative simulations conducted using NS3(Network simulator 3) demonstrate that DRLRR significantly outperforms three other routing protocols, achieving notable improvements in packet delivery rate, average end-to-end delay, and throughput, thus fulfilling the requirements for reliable and consistent communication in urban emergency scenarios.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"257 ","pages":"Article 110898"},"PeriodicalIF":4.4,"publicationDate":"2024-11-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142745509","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"BGP anomaly detection as a group dynamics problem","authors":"Ben A. Scott ,&nbsp;Michael N. Johnstone ,&nbsp;Patryk Szewczyk ,&nbsp;Steven Richardson","doi":"10.1016/j.comnet.2024.110926","DOIUrl":"10.1016/j.comnet.2024.110926","url":null,"abstract":"<div><div>Understanding group information and collective behaviors is an ongoing area of research, encompassing natural phenomena and human dynamics. Quantifying interactions and interdependencies at the group level can be valuable for understanding complex and dynamical systems. The Border Gateway Protocol (BGP), the default inter-domain routing protocol for the Internet, operates within a large, complex, and dynamic system vulnerable to security threats. Traditional BGP anomaly detection focuses on single observables from individual Autonomous Systems (ASes), which inadequately addresses the multidimensional, multi-viewpoint nature of the Internet and interdomain routing. This paper introduces a novel approach for quantifying group AS-level information and dynamics. We present the first ever application of Multidimensional Recurrence Quantification Analysis (MdRQA) to any computer system, offering a robust BGP anomaly detection technique that identifies anomalies earlier than traditional single-AS observable methods. This research marks a significant advancement in BGP anomaly detection, treating it as a group dynamics problem within the Internet’s complex and distributed system.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"257 ","pages":"Article 110926"},"PeriodicalIF":4.4,"publicationDate":"2024-11-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142745502","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Reducing tail latency for multi-bottleneck in datacenter networks: A compound approach","authors":"Yuxiang Zhang ,&nbsp;Lin Cui ,&nbsp;Fung Po Tso ,&nbsp;Xiaolin Lei","doi":"10.1016/j.comnet.2024.110931","DOIUrl":"10.1016/j.comnet.2024.110931","url":null,"abstract":"<div><div>The effectiveness of network congestion control fundamentally depends on the accuracy and granularity of congestion feedback. In datacenter networks, precise feedback is essential for achieving high performance. Most existing approaches use either Explicit Congestion Notification (ECN) or network delay (e.g., RTT) independently as congestion indicators. However, in multi-bottleneck networks, the limitations of these signals become more pronounced: ECN struggles with large cumulative end-to-end latency, while RTT lacks the precision needed to control queuing delays at individual hops. To address these challenges, we propose <em>Cocktail</em>, a simple yet effective transport protocol for datacenter networks that combines both ECN and RTT congestion signals to more effectively handle multi-bottleneck scenarios. By leveraging the ECN signal, <em>Cocktail</em> bounds per-hop queue lengths, enhancing its ability to control single-hop latency and prevent packet loss. Additionally, by estimating RTT, <em>Cocktail</em> effectively manages end-to-end delay, resulting in lower Flow Completion Time (FCT). Extensive experimental evaluations in Mininet demonstrate that <em>Cocktail</em> significantly reduces the average and 99th-percentile completion times for small flows by up to 20% and 29%, respectively, compared to current practices under production workloads.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"257 ","pages":"Article 110931"},"PeriodicalIF":4.4,"publicationDate":"2024-11-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142745019","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"SFACIF: A safety function attack and anomaly industrial condition identified framework","authors":"Kaixiang Liu ,&nbsp;Yongfang Xie ,&nbsp;Yuqi Chen ,&nbsp;Shiwen Xie ,&nbsp;Xin Chen ,&nbsp;Dongliang Fang ,&nbsp;Limin Sun","doi":"10.1016/j.comnet.2024.110927","DOIUrl":"10.1016/j.comnet.2024.110927","url":null,"abstract":"<div><div>High-stakes process industries require a harmonious relationship between the Safety Instrumented System (SIS) and the Basic Process Control System (BPCS) to guarantee the safety and stability of operations. As security threats to SIS intensify, the imperative to fortify it against cyber-attacks has never been more critical. SIS activates safety functions to bring the process to a safe state or shut it down under anomaly idustrial conditions. This raises two critical questions for SIS security: (1) how to differentiate between genuine industrial anomalies and data injected by attackers to prevent unnecessary shutdowns and economic losses; and (2) how to distinguish between attackers’ replayed data and normal operational data to avoid casualties resulting from delayed shutdowns. In addressing these challenges, we introduce SFACIF, a framework designed to effectively identify safety function attacks and anomaly industrial conditions. Inspired by advanced two out of three voting mechanisms and process monitoring technologies, our approach encompasses several innovative strategies. Initially, a deep learning-based time series prediction method is employed to generate benchmark data. Next, potential issues are identified by detecting deviations through pairwise comparisons between the predicted benchmark data, SIS observations, and BPCS observations. To account for the higher fault rates in BPCS and the presence of process noise, we apply a modified sliding window residual statistical method for analysis. Lastly, we introduce a novel coding scheme to interpret the results of the three-way comparison, enabling the identification of safety function attacks and anomaly industrial conditions. To validate the efficacy of SFACIF, we devised a physical simulation platform that mirrors real-world industrial environments, facilitating a rigorous assessment of our framework under operational conditions. The performance metrics underscore the superior capability of SFACIF, which achieved 99% accuracy and 1% false alarm rate. These results not only attest to the ability of SFACIF to accurately differentiate between various attack vectors but also highlight its proficiency in discerning between authentic and manipulated data.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"257 ","pages":"Article 110927"},"PeriodicalIF":4.4,"publicationDate":"2024-11-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142745504","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Optimized design for integrated sensing and communication in secure MIMO SWIPT systems","authors":"Xuan-Xinh Nguyen,&nbsp;Ha Hoang Kha","doi":"10.1016/j.comnet.2024.110930","DOIUrl":"10.1016/j.comnet.2024.110930","url":null,"abstract":"<div><div>This paper investigates a secure multiple-input multiple-output integrated sensing and communication (MIMO ISAC)-enabled untrusted simultaneous wireless information and power transfer (SWIPT) system in which a base station is concurrently responsible for three different functionalities of communicating with users, sensing targets, and powering energy harvesting (EH) devices. These EH devices are assumed to be untrusted and potentially wiretap the information intended for legitimate users. This paper considers three different system design strategies: (i) communication-centric design, (ii) sensing-centric design, and (iii) EH-centric design. In each strategy, we aim to jointly design the transmit communication precoders and sensing precoder (which also acts as both the energy beam for EH and the artificial noise for securing communication) subject to requirements corresponding to the transmit power budget, minimum achievable secrecy rate, minimum amount of harvested energy, and maximum beampattern similarity constraint. The optimization design problems are highly non-convex, and thus it is mathematically challenging to directly find the optimal solutions. To overcome this issue, we first derive convex inner approximations, and then utilize the sequential convex programming (SCP) approach to develop efficient iterative algorithms which converge at least to a locally optimal solution. Extensive numerical results are simulated to verify the optimality of developed algorithms and highlight the impact of sensing on the system secrecy rate and harvested energy.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"257 ","pages":"Article 110930"},"PeriodicalIF":4.4,"publicationDate":"2024-11-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142745603","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Towards 6G vehicular networks: Vision, technologies, and open challenges","authors":"Ping Lang ,&nbsp;Daxin Tian ,&nbsp;Xu Han ,&nbsp;Peiyu Zhang ,&nbsp;Xuting Duan ,&nbsp;Jianshan Zhou ,&nbsp;Victor C.M. Leung","doi":"10.1016/j.comnet.2024.110916","DOIUrl":"10.1016/j.comnet.2024.110916","url":null,"abstract":"<div><div>As an essential method to meet the communication requirements of intelligent transportation and automated driving, vehicular networks facilitate intelligent interaction and cooperation among vehicles and pedestrians, vehicles, infrastructures, and cloud platforms. Enabled by 4G and 5G communications, cellular vehicle to everything (C-V2X)-based vehicular networks have been widely applied in safety and efficiency improvement scenarios of intelligent transportation systems (ITS). However, the development of autonomous driving and ITS technologies requires the support of lower latency and more reliable communications to realize advanced driving applications such as platooning and sensor-sharing, which raises higher requirements for the performance of vehicular networks. Towards 2030 and beyond, 6G communications will construct intelligent connections for everything and provide the ultimate performance, thus 6G-enabled vehicular networks have been widely researched. This paper surveys and categorizes a comprehensive array of existing studies on the intersection of 6G and vehicular networks. Drawing insights from these studies, we delineate the evolutionary trajectory of 6G and vehicular networks, outlining a visionary perspective on their forthcoming development. Furthermore, we summarize and analyze the existing studies from the perspective of enabling technologies such as communication, intelligence, and security. Finally, by analyzing the characteristics of the existing works, we provide the future challenges and potential research directions for 6G vehicular networks.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"257 ","pages":"Article 110916"},"PeriodicalIF":4.4,"publicationDate":"2024-11-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142756901","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}