Computer NetworksPub Date : 2024-09-26DOI: 10.1016/j.comnet.2024.110828
{"title":"ASAP: Automatic Synthesis of Attack Prototypes, an online-learning, end-to-end approach","authors":"","doi":"10.1016/j.comnet.2024.110828","DOIUrl":"10.1016/j.comnet.2024.110828","url":null,"abstract":"<div><div>Zero-day attack detection and categorization is an open-research field where four main context factors need to be taken into account: novel or zero-day attacks (i) are unlabeled by definition, (ii) may correspond to out-of-distribution data, (iii) can arise concurrently, and (iv) distribution shifts in the feature space need online-learning. Given such constraints, the online detection and categorization of new cyber threats can be modeled as a heterogeneous collective anomaly detection problem, for which no online-learning solutions exist purely based on back-propagation. To this respect, this paper presents an online-learning, end-to-end back-propagation strategy for Automatically Synthesizing the potential signatures or Attack Prototypes of novel cyber threats (<span>asap</span>). The presented framework incorporates automatic feature engineering, operating over raw data from the OpenFlow monitoring API and raw bytes of traffic captures. In <span>asap</span>, specialized inductive biases enhance the training data efficiency and accommodate the inference machinery to resource-constrained scenarios such as the Internet of Things. Finally, the validity of this framework is demonstrated in a live training experiment comprising IoT traffic emulation <span><span><sup>3</sup></span></span>.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":null,"pages":null},"PeriodicalIF":4.4,"publicationDate":"2024-09-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142327850","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Computer NetworksPub Date : 2024-09-26DOI: 10.1016/j.comnet.2024.110822
{"title":"Local differential privacy federated learning based on heterogeneous data multi-privacy mechanism","authors":"","doi":"10.1016/j.comnet.2024.110822","DOIUrl":"10.1016/j.comnet.2024.110822","url":null,"abstract":"<div><div>Federated learning enables the development of robust models without accessing users data directly. However, recent studies indicate that federated learning remains vulnerable to privacy leakage. To address this issue, local differential privacy mechanisms have been incorporated into federated learning. Nevertheless, local differential privacy will reduce the availability of data. To explore the balance between privacy budgets and data availability in federated learning, we propose federated learning for clustering hierarchical aggregation with adaptive piecewise mechanisms under multiple privacy-FedAPCA as a way to balance the relationship between privacy preservation and model accuracy. First, we introduce an adaptive piecewise mechanism that dynamically adjusts perturbation intervals based on the data ranges across different layers of the model, ensuring minimized perturbation variance while maintaining the same level of privacy. Second, we propose two dynamic privacy budget allocation methods, which are allocating the privacy budget based on global accuracy and global loss, and allocating the privacy budget based on local accuracy and loss, to ensure that better model accuracy can be achieved under the same privacy budget. Finally, we propose a clustering hierarchical aggregation method in the model aggregation stage, and the model is updated and aggregated after the unbiased estimation of the disturbance in each cluster according to the variance of each layer. FedAPCA improves the balance between privacy preservation and model accuracy. Our experimental results, comparing FedAPCA with the SOTA multi-privacy local differential privacy federated learning frameworks on the MNIST and CIFAR-10 datasets, demonstrate that FedAPCA improves model accuracy by 1%–2%.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":null,"pages":null},"PeriodicalIF":4.4,"publicationDate":"2024-09-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142419311","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Computer NetworksPub Date : 2024-09-26DOI: 10.1016/j.comnet.2024.110824
{"title":"Open set identification of malicious encrypted traffic based on multi-feature fusion","authors":"","doi":"10.1016/j.comnet.2024.110824","DOIUrl":"10.1016/j.comnet.2024.110824","url":null,"abstract":"<div><div>In the current network environment, an increasing amount of malicious traffic is transmitted through encrypted channels, carrying control commands and data. With the continuous development of communication protocols and applications, new types of malicious encrypted traffic are emerging, posing significant challenges for network management (e.g., traffic engineering). Therefore, accurately identifying malicious traffic in complex open network spaces has become a hot research topic in network security. In this study, we draw inspiration from channel theory in image science and innovatively convert traffic data into Red-Green-Blue (RGB) image format to achieve the fusion of multiple features. Inspired by image recognition technologies, we have designed a multi-granularity network model that integrates both global and local features, serving as our core network architecture. At the top of the model, we have equipped each known category with a unique autoencoder, using its generated manifold to replace traditional prototypes for model construction. Classification is accomplished through a scoring mechanism that evaluates category membership and by setting thresholds to achieve open set recognition of unknown categories. Relying on our self-created dataset,Malicious and Encrypted Traffic 2024 (MNET2024), we conduct a series of extensive experiments. The results demonstrate that our proposed method exhibits outstanding performance in both closed-set and open-set recognition tasks.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":null,"pages":null},"PeriodicalIF":4.4,"publicationDate":"2024-09-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142419357","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Computer NetworksPub Date : 2024-09-25DOI: 10.1016/j.comnet.2024.110821
{"title":"Physical layer security for confidential transmissions in frequency hopping-based downlink NOMA networks","authors":"","doi":"10.1016/j.comnet.2024.110821","DOIUrl":"10.1016/j.comnet.2024.110821","url":null,"abstract":"<div><div>Facing the exponential number of Internet of Things (IoT) devices and the scarcity of available resources, next-generation wireless networks have to meet very challenging performance targets in terms of providing massive access and ensuring higher spectral efficiency. In this vein, Non-Orthogonal Multiple Access (NOMA) has been widely recognized as one of the advantageous techniques to handle the proliferation of the IoT. Nevertheless, from a security standpoint, enabling a user to decode the signals of the other users, while using Successive Interference Cancellation (SIC), raises serious concerns regarding confidentiality and vulnerability to malicious attacks. Meanwhile, conventional security paradigms, such as upper-layer encryption and sophisticated authentication mechanisms, require high computational complexity and additional processing, which impose an overwhelming burden on energy-efficient IoT devices. Alternatively, Physical layer Security (PLS) has sparked a significant interest as a promising complement to cryptographic techniques. The key idea of PLS is to avail wireless communication properties to secure communications without adding complex encryption mechanisms at higher layers. In this paper, we propose a PLS approach based on a network coding technique to prevent eavesdroppers from decoding users’ information transmitted through a downlink-based NOMA system. This results in correlating the packets to be transmitted with each other, making the interception of a single packet useless. We demonstrate that the eavesdropper’s decoding complexity increases exponentially with the sequence length, making the task intractable for relatively long ones.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":null,"pages":null},"PeriodicalIF":4.4,"publicationDate":"2024-09-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142419367","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Computer NetworksPub Date : 2024-09-25DOI: 10.1016/j.comnet.2024.110826
{"title":"Mobile ad hoc network access authentication mechanism based on rotation election and two-factor aggregation","authors":"","doi":"10.1016/j.comnet.2024.110826","DOIUrl":"10.1016/j.comnet.2024.110826","url":null,"abstract":"<div><div>With the continuous development and progress of computer network communication technology, mobile ad hoc networks (MANET) with strong indestructibility and no fixed infrastructure have become one of the new hot research areas in the academic community. However, due to the open wireless channel and unpredictable changes of network topology, mobile ad hoc networks are susceptible to security threats such as identity spoofing, identity tracing, and DoS attacks, and face security problems that cannot be ignored. Therefore, it is necessary to design a trusted access authentication scheme to authenticate the identity of unknown nodes and ensure the security of connected nodes. In this paper, the Certificate Authority rotation election algorithm based on improved DPoS and access authentication mechanism based on dual identity factor aggregation are proposed, which improve the authentication efficiency and the anti-attack ability of the authentication system, and ensure the security and stability of the network. At the same time, the authentication information is uploaded to the blockchain to ensure the security and immutability of the data. The safety analysis and performance simulation experiments show that the proposed scheme has high safety and good performance.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":null,"pages":null},"PeriodicalIF":4.4,"publicationDate":"2024-09-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142324125","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Computer NetworksPub Date : 2024-09-24DOI: 10.1016/j.comnet.2024.110797
{"title":"HAC-SAGIN: High-altitude computing enabled space–air–ground integrated networks for 6G","authors":"","doi":"10.1016/j.comnet.2024.110797","DOIUrl":"10.1016/j.comnet.2024.110797","url":null,"abstract":"<div><div>The space–air–ground integrated networks (SAGINs) provide a new paradigm for the development of the Internet of Things (IoT) networks by enhancing coverage and deploying computing resources near IoT devices, especially in emergency situations and disaster-hit regions. In the context of the IoT networks, aerial platforms such as unmanned aerial vehicles (UAVs) and high-altitude platforms (HAPs) present in the air layer of SAGINs with access and aerial computing (AC) capabilities have the potential to significantly expand coverage, enhance performance, reduce delay and handle complex computation tasks for IoT devices. Seeking the stated prospect, we propose a high-altitude computing (HAC)-enabled SAGIN leveraging millimeter waves (mmWave) frequency range in which the IoT devices are provided access services by low-earth orbit satellites (LEO-SATs) and HAPs while the HAPs offer AC facility as well. Non-orthogonal multiple access (NOMA) is used as a multiple-access technique with different clustering mechanisms in uplink (UL) and downlink (DL) communication. We aim to establish high-rate data transmission in DL along with minimizing the execution time of IoT devices offloading their data to the HAPs in UL communication. The mmWaves range is targeted to have high-rate data transmissions and NOMA implementation further enhances the bandwidth available for an individual IoT device. For efficient offloading in UL communication, we formulate an optimization problem aiming to minimize the execution time by using the Lagrangian function-based approach. Execution time is minimized by reducing the transmission and computation time, which is attained by the optimization of allocated power and computation resources. Simulation results demonstrate that the proposed HAC-SAGIN is able to establish high-rate transmissions in DL and exhibits a significant decrease in execution time in UL in contrast to the no optimization case. Optimum power assignment improves the achievable rate, leading to reduced transmission times, while optimum core assignment efficiently reduces the computation time. In addition, the offloaded data size-driven NOMA implementation in UL prominently improves the system effective throughput.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":null,"pages":null},"PeriodicalIF":4.4,"publicationDate":"2024-09-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142359329","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Computer NetworksPub Date : 2024-09-24DOI: 10.1016/j.comnet.2024.110792
{"title":"Comparison of energy conservation strategies for 5G NR RedCap service in industrial environment","authors":"","doi":"10.1016/j.comnet.2024.110792","DOIUrl":"10.1016/j.comnet.2024.110792","url":null,"abstract":"<div><div>The recently standardized reduced capability (RedCap) type of user equipment (UE) for 5G New Radio (NR) systems offers a useful option for energy-constrained devices. By utilizing a combination of discontinuous reception (DRX), wake-up signal (WUS), and radio resource management (RRM) relaxation functions, RedCap UE may provide excellent power efficiency for a large set of applications. In this study, we investigate power efficiency and battery lifetime for RedCap UEs for different types of applications and various combinations of energy conservation mechanisms. We utilize extended virtual reality (X-VR) and web browsing as applications of interest. To this aim, we develop a versatile mathematical framework representing the sought metrics as a function of time, accounting for specifics of millimeter wave (mmWave) propagation, micro- and macro-mobility of UEs, human body blockage, and type of application. Numerically, we show that higher micro- and macro-mobility speeds lead to worse power efficiency and the loss can be quite substantial amounting up to 30%. Antenna arrays with worse directivity show better performance in the presence of micro- and macro-mobilities when RRM Relaxation is utilized, with a difference between <span><math><mrow><mn>15</mn><mo>×</mo><mn>15</mn></mrow></math></span> and <span><math><mrow><mn>4</mn><mo>×</mo><mn>4</mn></mrow></math></span> arrays reaching 1.5 bit/J/KHz, which is approximately 40%. The energy conservation mechanisms produce no noticeable impact on the power efficiency and battery lifetime for rate-greedy applications such as X-VR. Low-data-rate applications with long pauses between transmission cycles, such as web browsing, may benefit from utilizing WUS and RRM Relaxation in addition to conventional DRX. However, their impact is rather small at a scale of 5%–10%.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":null,"pages":null},"PeriodicalIF":4.4,"publicationDate":"2024-09-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142419309","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Computer NetworksPub Date : 2024-09-24DOI: 10.1016/j.comnet.2024.110816
{"title":"BBR-R: Improving BBR performance in multi-flow competition scenarios","authors":"","doi":"10.1016/j.comnet.2024.110816","DOIUrl":"10.1016/j.comnet.2024.110816","url":null,"abstract":"<div><div>The development of network infrastructures and the evolving demands of internet services impose higher requirements on congestion control algorithms. Although Google’s BBR algorithm achieves lower latency and higher goodput compared to traditional congestion control algorithms, it still has many issues. BBR sets the congestion window larger than the calculated ideal value to prevent transmission stalling in the presence of delayed and aggregated ACKs. However, in scenarios with multi-flow competition, this compromise on the congestion window leads to large amounts of queued data, causing increased latency and decreased fairness. Additionally, the ProbeRTT mechanism deviates from its original intent. In this study, we analyze the existing issues of the BBR algorithm from a theoretical standpoint and propose the BBR-R algorithm, which incorporates an adaptive sending rate adjustment mechanism and a new ProbeRTT triggering mechanism. While maintaining the ability for dynamic bandwidth exploration, the sending rate is adjusted based on a latency-related factor called Adaptive_RTprop to control the over-injected data. Coupled with the new ProbeRTT triggering mechanism, BBR-R reduces the frequency of entering the ProbeRTT phase and thereby improves transmission stability. In conducted experiments, BBR-R decreases the frequency of entering the ProbeRTT phase in many scenarios, achieves a 41.86% reduction in latency in the dual-flow competition scenario, and improves fairness by 22.79% in the five-flow competition scenario.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":null,"pages":null},"PeriodicalIF":4.4,"publicationDate":"2024-09-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142419307","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Computer NetworksPub Date : 2024-09-23DOI: 10.1016/j.comnet.2024.110818
{"title":"Cognisseum: Cognitive radios on Colosseum facing adversaries","authors":"","doi":"10.1016/j.comnet.2024.110818","DOIUrl":"10.1016/j.comnet.2024.110818","url":null,"abstract":"<div><div>Cognitive radio technology brings a lot of interesting features which affect the transmission and reception properties of modern communication devices. Dynamic spectrum sensing, channel hopping and allocation, and software-based control are among the many. The new features allow strategic defense mechanisms while also enabling more capable adversarial attacks. In this work, we study coalitions of secondary users (SUs) against adversaries. In the presence of primary users (PUs), we inspect the behavior of SU pairs in cognitive radio networks, before and after adversarial attacks. We propose algorithms for forming coalitions among SU pairs. We consider two attack strategies for the adversaries: smart or naïve. We study how the channels are allocated if there is an attack and how the payoffs of those SU pairs vary with varying number of channels. We also show the effects of attack from the attackers’ point-of-view and how the attack strategy changes if the adversaries act smart vs. naïve. Using Colosseum, a large-scale wireless channel emulator, we construct a functional cognitive radio network and use its software-defined radio (SDR) hardware as SU and adversarial nodes. Using this setup, we run experiments and record data by running network performance measurement tool <span>iPerf3</span> for various coalitional setups.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":null,"pages":null},"PeriodicalIF":4.4,"publicationDate":"2024-09-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142419358","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Computer NetworksPub Date : 2024-09-23DOI: 10.1016/j.comnet.2024.110819
{"title":"An innovative NSGA-II-based Byzantine Fault Tolerant solution for software defined network environments","authors":"","doi":"10.1016/j.comnet.2024.110819","DOIUrl":"10.1016/j.comnet.2024.110819","url":null,"abstract":"<div><div>Byzantine fault tolerance (BFT) of the control plane in Software Defined Networking (SDN) is achieved by mapping each switch to <span><math><mrow><mn>3</mn><mi>f</mi><mo>+</mo><mn>1</mn></mrow></math></span> number of controllers, where <span><math><mi>f</mi></math></span> represents the number of faulty controllers that can be tolerated at a time. A BFT approach protects the data plane from any potential malicious activity at the control plane by detecting the inconsistency among the response messages from multiple controllers. To compute the optimal mapping of switches to the controller, the existing literature does not consider some important parameters. This paper proposes a novel approach, named NBFT-SDN, that extends an artificial intelligence algorithm (<em>i.e.</em> NSGA-II) to solve a new formulated multi-objective optimization problem associated with this mapping. NBFT-SDN considers the very important parameters link reliability and link load along with switch-to-controller minimum delay, switch-to-controllers maximum reliability, controller-to-controller minimum delay, minimum link load, minimum hop count, and controller load balancing when mapping the switches to the controllers in optimum manner. The performance of our proposed approach is evaluated in comparison to a state-of-art approach using real network traces with network topologies of diverse sizes. Our proposed approach NBFT-SDN show improved network performance in terms of reliability, delay, hop count, load balancing and link load.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":null,"pages":null},"PeriodicalIF":4.4,"publicationDate":"2024-09-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142324124","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}