Computer Networks最新文献

筛选
英文 中文
Provably efficient security-aware service function tree composing and embedding in multi-vendor networks 多供应商网络中可证明的高效安全感知服务功能树合成与嵌入
IF 4.4 2区 计算机科学
Computer Networks Pub Date : 2024-10-09 DOI: 10.1016/j.comnet.2024.110843
{"title":"Provably efficient security-aware service function tree composing and embedding in multi-vendor networks","authors":"","doi":"10.1016/j.comnet.2024.110843","DOIUrl":"10.1016/j.comnet.2024.110843","url":null,"abstract":"<div><div>Multicast greatly benefits many emerging applications such as federated learning, metaverse, and data warehouse. Recently, due to frequent cyber-attacks, multicast services have tended to request rigorous security agreements, which likely differ among the destinations. To meet such agreements, one can employ security-aware service functions (SFs) to construct the security-aware SF tree (S-SFT) for multicast services. A security-aware SF can be provided by various vendors with diverse configurations and implementation costs. The multi-configured SFs and the various security agreements will add significant complexity to the deployment process of the security-aware multicast request. In this work, for the first time, we study how to effectively compose and embed an S-SFT over the network with multiple vendors. We formulate the problem of security-aware SFT composing and embedding. We develop a new technique called cost-security-centrality (CSC) based on the pigeonhole’ s principle and propose a heuristic algorithm called CSC-based S-SFT deployment (CSC-SD). Via thorough mathematical proofs, we show that CSC-SD is logarithm approximate. Extensive simulations show that CSC-SD significantly outperforms the benchmarks and reveal that more function sharing facilitates saving implementation cost, but more routing sharing does not indicate saving routing cost.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":null,"pages":null},"PeriodicalIF":4.4,"publicationDate":"2024-10-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142419304","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Adaptive reverse task offloading in edge computing for AI processes 为人工智能进程提供边缘计算中的自适应反向任务卸载
IF 4.4 2区 计算机科学
Computer Networks Pub Date : 2024-10-09 DOI: 10.1016/j.comnet.2024.110844
{"title":"Adaptive reverse task offloading in edge computing for AI processes","authors":"","doi":"10.1016/j.comnet.2024.110844","DOIUrl":"10.1016/j.comnet.2024.110844","url":null,"abstract":"<div><div>Nowadays, we witness the proliferation of edge IoT devices, ranging from smart cameras to autonomous vehicles, with increasing computing capabilities, used to implement AI-based services in users’ proximity, right at the edge. As these services are often computationally demanding, the popular paradigm of offloading their tasks to nearby cloud servers has gained much traction and been studied extensively. In this work, we propose a new paradigm that departs from the above typical edge computing offloading idea. Namely, we argue that it is possible to leverage these end nodes to assist larger nodes (e.g., cloudlets) in executing AI tasks. Indeed, as more and more end nodes are deployed, they create an abundance of idle computing capacity, which, when aggregated and exploited in a systematic fashion, can be proved beneficial. We introduce the idea of reverse offloading and study a scenario where a powerful node splits an AI task into a group of subtasks and assigns them to a set of nearby edge IoT nodes. The goal of each node is to minimize the overall execution time, which is constrained by the slowest subtask, while adhering to predetermined energy consumption and AI performance constraints. This is a challenging MINLP (Mixed Integer Non-Linear Problem) optimization problem that we tackle with a novel approach through our newly introduced EAI-ARO (Edge AI-Adaptive Reverse Offloading) algorithm. Furthermore, a demonstration of the efficacy of our reverse offloading proposal using an edge computing testbed and a representative AI service is performed. The findings suggest that our method optimizes the system’s performance significantly when compared with a greedy and a baseline task offloading algorithm.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":null,"pages":null},"PeriodicalIF":4.4,"publicationDate":"2024-10-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142444564","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Malware communication in smart factories: A network traffic data set 智能工厂中的恶意软件通信:网络流量数据集
IF 4.4 2区 计算机科学
Computer Networks Pub Date : 2024-10-09 DOI: 10.1016/j.comnet.2024.110804
{"title":"Malware communication in smart factories: A network traffic data set","authors":"","doi":"10.1016/j.comnet.2024.110804","DOIUrl":"10.1016/j.comnet.2024.110804","url":null,"abstract":"<div><div>Machine learning-based intrusion detection requires suitable and realistic data sets for training and testing. However, data sets that originate from real networks are rare. Network data is considered privacy sensitive and the purposeful introduction of malicious traffic is usually not possible. In this paper we introduce a labeled data set captured at a smart factory located in Vienna, Austria during normal operation and during penetration tests with different attack types. The data set consists of 173 GB of Packet Capture (PCAP) files, which represent 16 days (395 h) of factory operation. It includes Message Queuing Telemetry Transport (MQTT), OPC Unified Architecture (OPC UA), and Modbus/TCP traffic. The captured malicious traffic was originated by a professional penetration tester who performed two types of attacks: (a) aggressive attacks that are easier to detect and (b) stealthy attacks that are harder to detect. Our data set includes the raw PCAP files and extracted flow data. Labels for packets and flows indicate whether packets (or flows) originated from a specific attack or from benign communication. We describe the methodology for creating the data set, conduct an analysis of the data and provide detailed information about the recorded traffic itself. The data set is freely available to support reproducible research and the comparability of results in the area of intrusion detection in industrial networks.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":null,"pages":null},"PeriodicalIF":4.4,"publicationDate":"2024-10-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142533944","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Local Differential Privacy for correlated location data release in ITS 在智能交通系统中发布相关位置数据的本地差分保密功能
IF 4.4 2区 计算机科学
Computer Networks Pub Date : 2024-10-09 DOI: 10.1016/j.comnet.2024.110830
{"title":"Local Differential Privacy for correlated location data release in ITS","authors":"","doi":"10.1016/j.comnet.2024.110830","DOIUrl":"10.1016/j.comnet.2024.110830","url":null,"abstract":"<div><div>The ubiquity of location positioning devices has facilitated the implementation of various Intelligent Transportation System (ITS) applications that generate an enormous volume of location data. Recently, Local Differential Privacy (LDP) has been proposed as a rigorous privacy framework that permits the continuous release of aggregate location statistics without relying on a trusted data curator. However, the conventional LDP was built upon the assumption of independent data, which may not be suitable for inherently correlated location data. This paper investigates the quantification of potential privacy leakage in a correlated location data release scenario under a local setting, which has not been addressed in the literature. Our analysis shows that the privacy guarantee of LDP could be degraded in the presence of spatial–temporal and user correlations, albeit the perturbation is performed locally and independently by the users. This privacy guarantee is bounded by a privacy barrier that is affected by the intensity of correlations. We derive several important closed-form expressions and design efficient algorithms to compute such privacy leakage in a correlated location data. We subsequently propose a <span><math><mi>Δ</mi></math></span>-CLDP model that enhances the conventional LDP by incorporating the data correlations, and design a generic LDP data release framework that renders adaptive personalization of privacy preservation. Extensive theoretical analyses and simulations on scalable real datasets validate the security and performance efficiency of our work.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":null,"pages":null},"PeriodicalIF":4.4,"publicationDate":"2024-10-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142534635","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
WAOA: A hybrid whale-ant optimization algorithm for energy-efficient routing in wireless sensor networks WAOA:用于无线传感器网络高能效路由选择的鲸蚂蚁混合优化算法
IF 4.4 2区 计算机科学
Computer Networks Pub Date : 2024-10-09 DOI: 10.1016/j.comnet.2024.110845
{"title":"WAOA: A hybrid whale-ant optimization algorithm for energy-efficient routing in wireless sensor networks","authors":"","doi":"10.1016/j.comnet.2024.110845","DOIUrl":"10.1016/j.comnet.2024.110845","url":null,"abstract":"<div><div>Wireless Sensor Networks (WSNs) are vital for collecting data from remote environments. Nevertheless, the limited energy resources of sensor nodes render energy-efficient routing a critical concern for the successful operation of WSNs. To address these concerns, clustering, and routing are essential tasks in WSNs; clustering aims to organize sensor nodes into groups or clusters to minimize energy usage and prolong the network's lifespan. On the other hand, routing involves determining the optimum paths for transmitting data from the source nodes to the destination nodes. Nonetheless, it has been established that the current energy-efficient routing problem is an NP-hard, requiring a trade-off between energy and overall network performance. In this paper, we proposed a Hybrid Whale-Ant Optimization Algorithm (WAOA) for energy-efficient routing in WSNs. The proposed WAOA utilizes the Whale Optimization Algorithm (WOA) to find the suitable cluster head in the predefined search space, while the Ant Colony Optimization (ACO) searches the optimal route from the source cluster sensors to the cluster head within its predefined space. Linear programming construction is employed to formulate optimization problems for cluster head selection and search for the optimal route. The performance analysis demonstrates that the proposed WAOA performs better than MOORP, MMABC, and AZEBR by 5.78 %,16.11 %, and 18.52 %, respectively, in terms of network lifetime.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":null,"pages":null},"PeriodicalIF":4.4,"publicationDate":"2024-10-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142441299","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
UAV-mounted IRS assisted wireless powered mobile edge computing systems: Joint beamforming design, resource allocation and position optimization 无人机安装的 IRS 辅助无线供电移动边缘计算系统:联合波束成形设计、资源分配和位置优化
IF 4.4 2区 计算机科学
Computer Networks Pub Date : 2024-10-09 DOI: 10.1016/j.comnet.2024.110846
{"title":"UAV-mounted IRS assisted wireless powered mobile edge computing systems: Joint beamforming design, resource allocation and position optimization","authors":"","doi":"10.1016/j.comnet.2024.110846","DOIUrl":"10.1016/j.comnet.2024.110846","url":null,"abstract":"<div><div>Intelligent reflecting surface (IRS) and unmanned aerial vehicle (UAV) have been recently used in wireless-powered mobile edge computing (MEC) systems to enhance the computation bits and energy harvesting performance. However, in the conventional IRS- and UAV-aided MEC systems, the IRS is installed at fixed locations on a building, which restricts the computation performance. UAV-mounted IRS (UAV-IRS), as a promising technology, combines the advantages of UAV and IRS. Hence, in this work, we study a UAV-IRS wireless-powered MEC system, where multiple UAV-IRSs are considered between Internet of Things (IoT) devices and the base station to improve the computation bits and energy harvesting. The multi-antenna base station first charges the IoT devices via radio frequency signals, and then IoT devices offload their computation tasks to the base station via UAV-IRSs. We formulate a computation bits maximization problem for all IoT devices by jointly determining detection beamforming at IoT devices, active energy beamforming at the base station, power allocation, time slot assignment, CPU frequency, the phase shifts design in the wireless energy transfer (WET) and task offloading, and UAV-IRSs positions. A block coordinate descent (BCD) algorithm by decomposing the introduced problem into four blocks is proposed, while the detection beamforming, active energy beamforming, transmit power, time slot assignment, CPU frequency, and the phase shifts design in the task offloading are derived in closed-form results. Also, the successive convex approximation and semidefinite relaxation (SDR) are adopted to obtain the UAV-IRS positions and the phase shifts in the WET, respectively. The simulation results verify the effectiveness of the presented BCD method compared with the different benchmark schemes.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":null,"pages":null},"PeriodicalIF":4.4,"publicationDate":"2024-10-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142441300","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Federated deep learning models for detecting RPL attacks on large-scale hybrid IoT networks 用于检测大规模混合物联网网络 RPL 攻击的联合深度学习模型
IF 4.4 2区 计算机科学
Computer Networks Pub Date : 2024-10-06 DOI: 10.1016/j.comnet.2024.110837
{"title":"Federated deep learning models for detecting RPL attacks on large-scale hybrid IoT networks","authors":"","doi":"10.1016/j.comnet.2024.110837","DOIUrl":"10.1016/j.comnet.2024.110837","url":null,"abstract":"<div><div>With the rapid spread of the Internet of Things (IoT), smart applications and services become increasingly crucial, making them an easily accessible source of personally identifiable information. Over the last few years, the use of machine learning in securing routing layers, particularly routing protocol for low-power and lossy networks (RPL), has become fundamental in ensuring successful routing and privacy preservation as a crucial consideration among edge nodes. In recent works, training of collected data on a central server has increased concerns regarding data privacy. Consequently, decentralized learning is currently a solution for privacy preservation. It has gained popularity in IoT networks in which the models are trained on hybrid data located in edge nodes and enable global decision-making without sharing global data, causing high communication costs during weight updates. We propose a federated learning of routing protocol (Fed-RPL)-based gated recurrent unit (GRU) model for decentralized training rounds and quantization method (Q-8bit) to decrease the number of weight updates that can significantly mitigate the communication overhead and maintain the local model with high accuracy. Meanwhile, the ensemble unit aggregates the updates and selects the best local model to enhance the global model accuracy. Our experiments show that Fed-RPL outperforms classical machine learning (ML) methods in privacy-preserving edge data, significantly reduces the communication cost in non-IID scenarios, and achieves higher detection accuracy than recent FL approaches.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":null,"pages":null},"PeriodicalIF":4.4,"publicationDate":"2024-10-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142419306","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
MC-Det: Multi-channel representation fusion for malicious domain name detection MC-Det:多通道表示融合用于恶意域名检测
IF 4.4 2区 计算机科学
Computer Networks Pub Date : 2024-10-05 DOI: 10.1016/j.comnet.2024.110847
{"title":"MC-Det: Multi-channel representation fusion for malicious domain name detection","authors":"","doi":"10.1016/j.comnet.2024.110847","DOIUrl":"10.1016/j.comnet.2024.110847","url":null,"abstract":"<div><div>As the essential fundamental infrastructure of the current network, the Domain Name System is widely abused by cyber attackers, malicious domain detection has become a crucial task in combating cyber crime. Most existing methods focus on local attributes, treating each domain name individually. Alternatively, they prioritize global associations among domain names, but ignore the attributes of the domains themselves, allowing malicious domain names to survive through sophisticated evasion techniques. In this paper, we propose MC-Det, a hybrid framework for detecting malicious domain names by fusing a Multi-channel representation of domain names. MC-Det first abstracts the domain name resolution process into three spatially independent information channels: Attribute space, which contains the intrinsic information in the domain name string itself, Constraint space, which involves the potential constraints imposed on the network activity behind the domain name, Topological space, which represents the actual usage and deployment of the domain name. Subsequently, it generates proper embedding representations of domain names for each channel. This novel Multi-channel representation provides a comprehensive understanding of domain name resolution process. Finally, a Multi-channel fusion strategy employing by attention mechanism is used to generate the final representation of domain names for the classifier, making MC-Det suitable for malicious domain name detection in different application scenarios. Experimental results demonstrate that MC-Det outperforms other state-of-the-art techniques, while only utilizing the resource information revealed in the domain name resolution phase.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":null,"pages":null},"PeriodicalIF":4.4,"publicationDate":"2024-10-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142534634","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
NeSt: A QoS differentiating end-to-end networked storage simulator NeSt:服务质量差异化端到端网络存储模拟器
IF 4.4 2区 计算机科学
Computer Networks Pub Date : 2024-10-05 DOI: 10.1016/j.comnet.2024.110833
{"title":"NeSt: A QoS differentiating end-to-end networked storage simulator","authors":"","doi":"10.1016/j.comnet.2024.110833","DOIUrl":"10.1016/j.comnet.2024.110833","url":null,"abstract":"<div><div>The emerging high-speed storage technologies increasingly use Nonvolatile Memory Express (NVMe) protocol to meet their high throughput and low latency needs. In a datacenter environment, applications accessing multiple such devices over the fabric (i.e. the network) tend to have Quality of Service (QoS) requirements pertaining to offered throughput and experienced latency. In this paper we describe a networked storage system simulator called NeSt that supports end-to-end (E2E) QoS differentiation across multiple classes of service. This is done by conveying the class designation end to end and using it to consistently but independently apply the differentiation in each segment of the path. We demonstrate the ability of NeSt to provide end-to-end QoS differentiation under a variety of situations. To the best of our knowledge, NeSt is the first simulator of networked storage (consisting of multiple NVMe SSDs) that supports E2E QoS differentiation.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":null,"pages":null},"PeriodicalIF":4.4,"publicationDate":"2024-10-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142419364","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Themis: A passive-active hybrid framework with in-network intelligence for lightweight failure localization Themis:具有网络内智能的被动-主动混合框架,用于轻量级故障定位
IF 4.4 2区 计算机科学
Computer Networks Pub Date : 2024-10-05 DOI: 10.1016/j.comnet.2024.110836
{"title":"Themis: A passive-active hybrid framework with in-network intelligence for lightweight failure localization","authors":"","doi":"10.1016/j.comnet.2024.110836","DOIUrl":"10.1016/j.comnet.2024.110836","url":null,"abstract":"<div><div>The fast and efficient failure detection and localization is essential for stable network transmission. Unfortunately, existing schemes suffer from a few drawbacks such as significant resource consumption, lack of support for fast online failure localization, and limited applicable topologies. In this paper, we design Themis, a lightweight learning-based failure localization scheme for general networks. In the data plane, Themis achieves line-speed high performance failure detection using in-network classifiers and fine-grained traffic features. To reduce communication overhead, only coarse-grained traffic features are reported to the control plane for localization when a failure occurs. In the control plane, we propose a two-stage passive-active hybrid failure localization approach to accurately locate the failure without incurring excessive probing traffic. First, passive detection is conducted through the lightweight model XGBoost to infer a Potential Failure Link Set (PFLS). Then, active detection is done by only sending out probing packets to locations in the PFLS for precise failure localization. Comprehensive experiments demonstrate that Themis achieves ms-level failure localization with at least 95.63% accuracy, while saving 87.41% of bandwidth and 41.88% of hardware resource overhead on average compared with the state-of-the-art schemes.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":null,"pages":null},"PeriodicalIF":4.4,"publicationDate":"2024-10-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142533933","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信