Computer Networks最新文献

{"title":"Efficient data transmission mechanisms in energy harvesting wireless body area networks: A survey","authors":"","doi":"10.1016/j.comnet.2024.110769","DOIUrl":"10.1016/j.comnet.2024.110769","url":null,"abstract":"<div><p>Limited energy and reliable data transmission are two key issues in Wireless body area networks (WBANs). The utilization of energy harvesting technology has alleviated the energy problem in WBANs, making continuous operation possible. However, Energy Harvesting WBANs (EH-WBANs) face new challenges. How to design efficient data transmission mechanisms taking into account the unstable energy harvesting conditions and dynamic network topology has become crucial. The efficiency of data transmission mainly depends on the network layer and media access control (MAC) layer. Therefore, this paper surveys the routing and MAC protocols proposed for EH-WBANs. There are some surveys on routing and MAC protocols for traditional battery-powered WBANs. However, these mechanisms cannot be directly applied to EH-WBANs due to the randomness and time-varying nature of the energy obtained by energy harvesting, which differs from the energy characteristics of nodes powered solely by batteries. In addition, due to the dynamic network topology and heterogeneous nodes in WBANs, the research results on routing and MAC protocols for Energy Harvesting Wireless Sensor Networks (EH-WSNs) cannot be directly applied to EH-WBANs. Thus, unlike previous surveys, this paper focuses on protocols specifically designed for EH-WBANs. It introduces and analyzes these protocols, summarizes the comprehensive performance metrics and efficient measures for data transmission mechanisms in EH-WBANs, and conducts a comprehensive performance analysis on the protocols proposed for EH-WBANs based on these metrics. This paper intends to provide assistance in addressing the energy and reliable data transmission issues in WBANs, thereby enhancing the applicability of EH-WBANs.</p></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":null,"pages":null},"PeriodicalIF":4.4,"publicationDate":"2024-09-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S1389128624006017/pdfft?md5=90e00118fa2bd76046fbb62975e2c484&pid=1-s2.0-S1389128624006017-main.pdf","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142163177","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Detecting the cyber-physical-social cooperated APTs in high-DER-penetrated smart grids: Threats, current work and challenges","authors":"","doi":"10.1016/j.comnet.2024.110776","DOIUrl":"10.1016/j.comnet.2024.110776","url":null,"abstract":"<div><p>Large-scale renewable distributed energy sources (DERs) penetrating into smart grids (SGs) is an inevitable trend. Such high-DER-penetrated SGs entail heavy reliance on information and communication technologies and increasing impact of social behaviors on system operation and management. In this sense, the SGs become cyber-physical-social systems. However, the deeply coupling of cyber networks, physical grids, and societies leads SGs more complex and openness, and therefore a higher possibility of facing to various threats, especially advanced persistent threats (APTs) that disrupt system operations at a large scale. To better study the threats, current APTs detection work and challenges of the SGs, we first analyze the key features of high-DER-penetrated SGs, and the vulnerabilities of devices, networks, and applications in the SGs introduced by system design, limitation of deployed security measures, and social behaviors. On this basis, we analyze APTs faced by the SGs and deem that the APTs are in the form of cyber-physical-social cooperated and multi-stage APTs. The possible attacking methods for each stage of the APTs, typically stealthy attacks at the early stages and coordinated attacks at the action stage, are also summarized. Thereafter, a review of current work on security architectures for APT detection and intelligent intrusion detection methods is provided. Finally, we discuss the key challenges, research needs, and potential solutions of future work for the SGs against the APTs from the aspects of threat modeling, threat detection, threat hunting, and implementation technology.</p></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":null,"pages":null},"PeriodicalIF":4.4,"publicationDate":"2024-09-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142241821","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"All in one: Improving GPS accuracy and security via crowdsourcing","authors":"","doi":"10.1016/j.comnet.2024.110775","DOIUrl":"10.1016/j.comnet.2024.110775","url":null,"abstract":"<div><p>GPS is an integral part of billions of devices that serve a wide range of applications. This reliance upon GPS renders the users vulnerable to GPS spoofing attacks, especially when in need of precise or real-time location information. To protect commodity devices, we first propose a crowdsourcing-based method for detecting GPS spoofing. In this method, called method I, we leverage the orientation diversity of different users to expose spoofing attacks and, in many cases, the location of the attacker. In all scenarios, our method not only recovers the correct location but also significantly improves the location accuracy. This is an important incentive that can drive the adoption of our approach along with the use of privacy-preserving location sharing. Additionally, we leverage the users’ distances produced by GPS and Bluetooth measurements to detect discrepancies and account for errors, called Method II. Method II is robust even in the presence of multiple coordinate adversaries. The experimental results based on our prototype implementation and large-scale simulations demonstrate a detection rate as high as 98.72<!--> <!-->% and latency of 62<!--> <!-->ms with average localization error of 2.43<!--> <!-->m.</p></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":null,"pages":null},"PeriodicalIF":4.4,"publicationDate":"2024-09-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142241819","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Leveraging quantum uncertainty: Quantum randomness through the lens of classical communication networks","authors":"","doi":"10.1016/j.comnet.2024.110781","DOIUrl":"10.1016/j.comnet.2024.110781","url":null,"abstract":"<div><p>The generation of random numbers and the study of its properties have been an elusive field for a fair portion of the century. The application of random numbers is employed in many use cases such as cryptography, neural networks, numerical simulation, and gambling. The performance of each of these use cases is profoundly impacted by the employed random numbers; henceforth, the quality of randomness is of critical importance when it comes to their usage. A poorly generated random number can make a security system vulnerable, or any numerical or statistical evaluation misleading. Although various modes of classical random number generators exist and still function to provide strong cryptographic properties, emergence of quantum mechanical randomness has shed light on a novel path of generating certified randomness which supersedes the classical counterpart in terms of security. Harnessing quantum mechanical phenomena enables generation of true random numbers which can be certified and further implemented to elevate the net quality of the specific use cases. In this work, we generate and analyze random numbers from three different sources — 50: 50 beam splitter (BS), quantum key distribution (QKD) setup with classical post-processing scheme, and a commercially available quantum random number generator (QRNG) (ID Quantique (IDQ)). The quality of the generated random numbers from the various sources is checked in statistical tests and compared. Further on, we have developed a system which implements the QRNG-based random numbers to facilitate message authentication code (MAC) and one time password (OTP) protocols, demonstrating a communication network application. In this manner we discuss about a network which integrates quantum mechanics to the current classical networking approaches to enhance certain aspects of the networking protocol — in this case, the security.</p></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":null,"pages":null},"PeriodicalIF":4.4,"publicationDate":"2024-09-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S1389128624006133/pdfft?md5=b8da05387e30fc869911626fce5ac513&pid=1-s2.0-S1389128624006133-main.pdf","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142232949","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"An enhanced traceable access control scheme based on multi-authority CP-ABE for cloud-assisted e-health system","authors":"","doi":"10.1016/j.comnet.2024.110766","DOIUrl":"10.1016/j.comnet.2024.110766","url":null,"abstract":"<div><p>Due to the inherent openness of the Internet of Things (IoT), e-health systems that utilize this technology on a broad scale are susceptible to network attacks. The propose black and white box traceable multi-authority ciphertext policy attribute-based encryption scheme (BWMABE) that combines black and white box accountability with ciphertext policy attribute-based encryption (CP-ABE) to improve data security in e-health systems. The proposed BWMABE scheme enhances security by enabling traceable permissions leakage and employs distributed attribute and key management across multiple authorities. By outsourcing the decryption process to cloud service providers, the proposed BWMABE significantly reduces the computational burden on end-users, making it suitable for lightweight IoT devices with limited computing power. Compared to previous traceable CP-ABE methods, the proposed BWMABE requires less computational effort while supporting both black box and white box traceability. By means of thorough security analysis and performance assessment, the proposed BWMABE has been validated to provide robust security and high efficiency, demonstrating its effectiveness in protecting e-health systems.</p></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":null,"pages":null},"PeriodicalIF":4.4,"publicationDate":"2024-09-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142241816","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Designing the Network Intelligence Stratum for 6G networks","authors":"","doi":"10.1016/j.comnet.2024.110780","DOIUrl":"10.1016/j.comnet.2024.110780","url":null,"abstract":"<div><p>As network complexity escalates, there is an increasing need for more sophisticated methods to manage and operate these networks, focusing on enhancing efficiency, reliability, and security. A wide range of Artificial Intelligence (AI)/Machine Learning (ML) models are being developed in response. These models are pivotal in automating decision-making, conducting predictive analyses, managing networks proactively, enhancing security, and optimizing network performance. They are foundational in shaping the future of networks, collectively forming what is known as Network Intelligence (NI). Prominent Standard-Defining Organizations (SDOs) are integrating NI into future network architectures, particularly emphasizing the closed-loop approach. However, existing methods for seamlessly integrating NI into network architectures are not yet fully effective. This paper introduces an in-depth architectural design for a Network Intelligence Stratum (NI Stratum). This stratum is supported by a novel end-to-end NI orchestrator that supports closed-loop NI operations across various network domains. The primary goal of this design is to streamline the deployment and coordination of NI throughout the entire network infrastructure, tackling issues related to scalability, conflict resolution, and effective data management. We detail exhaustive workflows for managing the NI lifecycle and demonstrate a reference implementation of the NI Stratum, focusing on its compatibility and integration with current network systems and open-source platforms such as Kubernetes and Kubeflow, as well as on its validation on real-world environments. The paper also outlines major challenges and open issues in deploying and managing NI.</p></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":null,"pages":null},"PeriodicalIF":4.4,"publicationDate":"2024-09-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142169493","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"ART: Adaptive relay transmission for highly reliable communications in next-generation wireless LANs","authors":"","doi":"10.1016/j.comnet.2024.110752","DOIUrl":"10.1016/j.comnet.2024.110752","url":null,"abstract":"<div><p>The ongoing evolution of Wi-Fi technology has spurred the development of high-performance and highly efficient wireless networks. The recently introduced Institute of Electrical and Electronics Engineers (IEEE) 802.11bn standard aims to foster next-generation Wi-Fi technology, thereby ensuring ultra-high reliability by significantly enhancing data throughput, reducing latency, and minimizing power consumption. However, despite the expanding market for information technology products equipped with Wi-Fi and the escalating security risks associated with wireless local area networks, current standardization efforts fall short in bolstering security. This study proposes a transmission scheme in which a station discerns the security and latency requirements of packets and executes Adaptive Relay Transmission (ART). When low-latency transmission is imperative, the ART scheme resorts to a direct transmission approach using single-hop transmission. Conversely, when stringent security measures are warranted, it adopts a relay transmission scheme to minimize the risk of eavesdropping by transmitting packets with short hops. In scenarios necessitating both low latency and a high level of security, a transmission scheme is selected based on a comprehensive evaluation of data throughput, energy efficiency, and security, thereby enhancing the network reliability. Experimental results indicate that ART enhances the network energy efficiency by 13.1 times compared to the direct transmission scheme, which consistently employs direct packet transmission in a delay-tolerant network environment. Furthermore, it limits information leakage to the level of the relay packet transmission scheme, which utilizes multiple hops in a high-security threat environment. ART also boosts the network throughput environment by 212.4 % compared to the direct transmission scheme in a densely populated network and maintains link throughput even in scenarios affected by significant interference, thereby demonstrating effective interference mitigation. The experimental results underscore the efficacy of the ART model in mitigating strong interference and addressing security threats in high-density wireless sensor networks.</p></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":null,"pages":null},"PeriodicalIF":4.4,"publicationDate":"2024-09-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S138912862400584X/pdfft?md5=dcc9aab6c77c8f10d534578033f089c5&pid=1-s2.0-S138912862400584X-main.pdf","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142148183","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A joint helper selection and power allocation scheme for secure underwater acoustic transmission","authors":"","doi":"10.1016/j.comnet.2024.110779","DOIUrl":"10.1016/j.comnet.2024.110779","url":null,"abstract":"<div><p>Underwater acoustic sensor networks (UASNs) are usually deployed in open environments. Due to the broadcast characteristic of acoustic signals, data transmission in the network is vulnerable to eavesdropping risks from potential eavesdroppers. In this paper, we propose a joint helper selection and power allocation scheme (HSPAS) for acoustic cooperative jamming. We construct a joint multi-node jamming model and decompose the original optimization problem into two sub-problems of helper selection and jamming power allocation. On the basis of exploring the influence of node position on jamming effect, we implement the selection of helpers and propose a distributed algorithm to achieve the efficient allocation of jamming power, obtaining a feasible optimal solution with low complexity. Both simulation results and field experiments prove that the proposed scheme can effectively reduce the eavesdropping risk and improve the security of data transmission in the network.</p></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":null,"pages":null},"PeriodicalIF":4.4,"publicationDate":"2024-09-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142172857","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"DiSAuth: A DNS-based secure authorization framework for protecting data decoupled from applications","authors":"","doi":"10.1016/j.comnet.2024.110774","DOIUrl":"10.1016/j.comnet.2024.110774","url":null,"abstract":"<div><p>Nowadays, centralized applications are called for returning data ownership to owners, due to their frequent data breaches. Decoupling data from applications is a popular way to give back owners’ control over data. To control data only accessed by authorized parties, authorization is critical. When faced with the new and complex relationships between applications and data, traditional authorizations cannot meet ownership and usage protection needs, and security requirements. This paper proposes DiSAuth, a secure authorization framework based on Domain Name System (DNS) and blockchain, to provide tamper-resistant, verifiable, and privacy-preserving authorization to protect data which are decoupled from applications. Our novel tree-based data structure for authorization is backward compatible with DNS, which brings high utility. Besides, our design of a hybrid encryption schema and anonymous identities provides privacy-preserving authorization. To our knowledge, DiSAuth is the first authorization framework that utilizes a robust Internet infrastructure DNS as the basis and proposes a new Internet authorization protocol for protecting data decoupled from applications. Our evaluation demonstrates the utility of DiSAuth and shows the superior efficiency of DiSAuth in authorization verification. Compared to traditional blockchain-based solutions, our combination of DNS and blockchain achieves higher efficiency while ensuring security; especially, the read time is <span><math><mo>∼</mo></math></span>3 orders of magnitude better.</p></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":null,"pages":null},"PeriodicalIF":4.4,"publicationDate":"2024-09-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142228638","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"AHDom: Algorithmically generated domain detection using attribute heterogeneous graph neural network","authors":"","doi":"10.1016/j.comnet.2024.110770","DOIUrl":"10.1016/j.comnet.2024.110770","url":null,"abstract":"<div><p>Many cyber-attacks use Algorithmically Generated Domain (AGD) names to establish connections with command and control servers for subsequent attack behaviors. Identifying and blocking such AGDs helps detect and prevent attacks quickly. Traditional machine or deep learning detection methods rely only on individual domain features and face challenges in accurately distinguishing AGDs that attackers have crafted to evade detection. Thus, researchers leverage the inherent associated features among domains, clients, and resolved IP addresses to detect AGDs. In such research, heterogeneous graph neural networks are extensively employed. However, most existing methods rely on associated features, leading to inaccurate detection of isolated domain nodes. Besides, most existing detection methods employ transductive learning and are time-consuming. This paper proposes an AGD detection method, AHDom, to address these challenges. AHDom models DNS traffic as a Heterogeneous Information Network (HIN) to capture the intricate relationships between domains, clients, and resolved IP addresses. Besides, it extracts character and behavior features as initial attributes of domains to obtain an Attribute HIN (AHIN), enhancing the detection accuracy of isolated domain nodes. Based on the AHIN, it combines meta-path random walk, the inductive learning algorithm GraphSAGE, and the attention mechanism to obtain effective embedding representations of domain nodes. Ultimately, it achieves domain classification based on embedding representations of domain nodes. Our experimental results demonstrate that AHDom is superior to state-of-the-art methods in the performance and efficiency of detecting AGDs. AHDom achieves an average accuracy of 98.74% on our constructed dataset and costs only about 30.23% of the existing best graph neural network approach in the testing time.</p></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":null,"pages":null},"PeriodicalIF":4.4,"publicationDate":"2024-09-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142148186","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}