Computer NetworksPub Date : 2024-10-10DOI: 10.1016/j.comnet.2024.110849
Dev Gurung, Shiva Raj Pokhrel, Gang Li
{"title":"Performance analysis and evaluation of postquantum secure blockchained federated learning","authors":"Dev Gurung, Shiva Raj Pokhrel, Gang Li","doi":"10.1016/j.comnet.2024.110849","DOIUrl":"10.1016/j.comnet.2024.110849","url":null,"abstract":"<div><div>As the field of quantum computing progresses, traditional cryptographic algorithms such as RSA and ECDSA are becoming increasingly vulnerable to quantum-based attacks, underscoring the need for robust post-quantum security in critical systems like Federated Learning (FL) and Blockchain. In light of this, we propose a novel hybrid approach for blockchain-based FL (BFL) that integrates a stateless signature scheme, such as Dilithium or Falcon, with a stateful hash-based scheme like XMSS. This combination leverages the complementary strengths of both schemes to provide enhanced security. To further optimize performance, we introduce a linear formula-based device role selection method that takes into account key factors such as computational power and stake accumulation. This selection process is reinforced by a verifiable random function (VRF), which strengthens the blockchain consensus mechanism. Our extensive experimental results demonstrate that this hybrid approach significantly enhances both the security and efficiency of BFL systems, establishing a robust framework for the integration of post-quantum cryptography as we transition into the quantum computing era.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"255 ","pages":"Article 110849"},"PeriodicalIF":4.4,"publicationDate":"2024-10-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142533945","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Secure collaborative EHR Sharing using multi-authority attribute-based proxy re-encryption in Web 3.0","authors":"Pengfei Duan , Hongmin Gao , Yushi Shen , Zhetao Guo , Zhaofeng Ma , Tian Tian , Yuqing Zhang","doi":"10.1016/j.comnet.2024.110851","DOIUrl":"10.1016/j.comnet.2024.110851","url":null,"abstract":"<div><div>Web 3.0 represents a transformative shift toward a decentralized, intelligent, and user-centric Internet. Existing electronic health record (EHR) sharing systems depend on centralized cloud servers for storage and management, with hospitals serving as primary custodians. This centralization often results in patients losing control and visibility over their EHR data, including who accesses it and how it is utilized, which contradicts the decentralized principles of Web 3.0. In this context, we propose a multi-authority attribute-based proxy re-encryption scheme that facilitates collaborative EHR sharing in Web 3.0. Our design allows the updating of ciphertext policies, thereby eliminating the need for frequent re-encryption of plaintext data amid varying cross-domain access policies. Furthermore, our scheme utilizes blockchain technology to create a decentralized and transparent environment that enables traceable cross-domain EHR sharing records. Additionally, we integrate hybrid encryption with decentralized data hosting platforms, significantly reducing the on-chain storage burden. The use of smart contracts automates the cross-domain EHR sharing and guarantees a fair distribution of benefits among all participants. Security analysis confirms that our scheme is secure against chosen plaintext attacks and resistant to collusion. Performance analysis and simulation experiments validate the efficiency and robustness of our scheme.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"255 ","pages":"Article 110851"},"PeriodicalIF":4.4,"publicationDate":"2024-10-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142534628","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Computer NetworksPub Date : 2024-10-09DOI: 10.1016/j.comnet.2024.110843
Danyang Zheng , Huanlai Xing , Li Feng , Xiaojun Cao
{"title":"Provably efficient security-aware service function tree composing and embedding in multi-vendor networks","authors":"Danyang Zheng , Huanlai Xing , Li Feng , Xiaojun Cao","doi":"10.1016/j.comnet.2024.110843","DOIUrl":"10.1016/j.comnet.2024.110843","url":null,"abstract":"<div><div>Multicast greatly benefits many emerging applications such as federated learning, metaverse, and data warehouse. Recently, due to frequent cyber-attacks, multicast services have tended to request rigorous security agreements, which likely differ among the destinations. To meet such agreements, one can employ security-aware service functions (SFs) to construct the security-aware SF tree (S-SFT) for multicast services. A security-aware SF can be provided by various vendors with diverse configurations and implementation costs. The multi-configured SFs and the various security agreements will add significant complexity to the deployment process of the security-aware multicast request. In this work, for the first time, we study how to effectively compose and embed an S-SFT over the network with multiple vendors. We formulate the problem of security-aware SFT composing and embedding. We develop a new technique called cost-security-centrality (CSC) based on the pigeonhole’ s principle and propose a heuristic algorithm called CSC-based S-SFT deployment (CSC-SD). Via thorough mathematical proofs, we show that CSC-SD is logarithm approximate. Extensive simulations show that CSC-SD significantly outperforms the benchmarks and reveal that more function sharing facilitates saving implementation cost, but more routing sharing does not indicate saving routing cost.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"254 ","pages":"Article 110843"},"PeriodicalIF":4.4,"publicationDate":"2024-10-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142419304","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Computer NetworksPub Date : 2024-10-09DOI: 10.1016/j.comnet.2024.110844
Petros Amanatidis , Dimitris Karampatzakis , Georgios Michailidis , Thomas Lagkas , George Iosifidis
{"title":"Adaptive reverse task offloading in edge computing for AI processes","authors":"Petros Amanatidis , Dimitris Karampatzakis , Georgios Michailidis , Thomas Lagkas , George Iosifidis","doi":"10.1016/j.comnet.2024.110844","DOIUrl":"10.1016/j.comnet.2024.110844","url":null,"abstract":"<div><div>Nowadays, we witness the proliferation of edge IoT devices, ranging from smart cameras to autonomous vehicles, with increasing computing capabilities, used to implement AI-based services in users’ proximity, right at the edge. As these services are often computationally demanding, the popular paradigm of offloading their tasks to nearby cloud servers has gained much traction and been studied extensively. In this work, we propose a new paradigm that departs from the above typical edge computing offloading idea. Namely, we argue that it is possible to leverage these end nodes to assist larger nodes (e.g., cloudlets) in executing AI tasks. Indeed, as more and more end nodes are deployed, they create an abundance of idle computing capacity, which, when aggregated and exploited in a systematic fashion, can be proved beneficial. We introduce the idea of reverse offloading and study a scenario where a powerful node splits an AI task into a group of subtasks and assigns them to a set of nearby edge IoT nodes. The goal of each node is to minimize the overall execution time, which is constrained by the slowest subtask, while adhering to predetermined energy consumption and AI performance constraints. This is a challenging MINLP (Mixed Integer Non-Linear Problem) optimization problem that we tackle with a novel approach through our newly introduced EAI-ARO (Edge AI-Adaptive Reverse Offloading) algorithm. Furthermore, a demonstration of the efficacy of our reverse offloading proposal using an edge computing testbed and a representative AI service is performed. The findings suggest that our method optimizes the system’s performance significantly when compared with a greedy and a baseline task offloading algorithm.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"255 ","pages":"Article 110844"},"PeriodicalIF":4.4,"publicationDate":"2024-10-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142444564","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Computer NetworksPub Date : 2024-10-09DOI: 10.1016/j.comnet.2024.110804
Bernhard Brenner , Joachim Fabini , Magnus Offermanns , Sabrina Semper , Tanja Zseby
{"title":"Malware communication in smart factories: A network traffic data set","authors":"Bernhard Brenner , Joachim Fabini , Magnus Offermanns , Sabrina Semper , Tanja Zseby","doi":"10.1016/j.comnet.2024.110804","DOIUrl":"10.1016/j.comnet.2024.110804","url":null,"abstract":"<div><div>Machine learning-based intrusion detection requires suitable and realistic data sets for training and testing. However, data sets that originate from real networks are rare. Network data is considered privacy sensitive and the purposeful introduction of malicious traffic is usually not possible. In this paper we introduce a labeled data set captured at a smart factory located in Vienna, Austria during normal operation and during penetration tests with different attack types. The data set consists of 173 GB of Packet Capture (PCAP) files, which represent 16 days (395 h) of factory operation. It includes Message Queuing Telemetry Transport (MQTT), OPC Unified Architecture (OPC UA), and Modbus/TCP traffic. The captured malicious traffic was originated by a professional penetration tester who performed two types of attacks: (a) aggressive attacks that are easier to detect and (b) stealthy attacks that are harder to detect. Our data set includes the raw PCAP files and extracted flow data. Labels for packets and flows indicate whether packets (or flows) originated from a specific attack or from benign communication. We describe the methodology for creating the data set, conduct an analysis of the data and provide detailed information about the recorded traffic itself. The data set is freely available to support reproducible research and the comparability of results in the area of intrusion detection in industrial networks.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"255 ","pages":"Article 110804"},"PeriodicalIF":4.4,"publicationDate":"2024-10-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142533944","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Computer NetworksPub Date : 2024-10-09DOI: 10.1016/j.comnet.2024.110830
Kah Meng Chong , Amizah Malip
{"title":"Local Differential Privacy for correlated location data release in ITS","authors":"Kah Meng Chong , Amizah Malip","doi":"10.1016/j.comnet.2024.110830","DOIUrl":"10.1016/j.comnet.2024.110830","url":null,"abstract":"<div><div>The ubiquity of location positioning devices has facilitated the implementation of various Intelligent Transportation System (ITS) applications that generate an enormous volume of location data. Recently, Local Differential Privacy (LDP) has been proposed as a rigorous privacy framework that permits the continuous release of aggregate location statistics without relying on a trusted data curator. However, the conventional LDP was built upon the assumption of independent data, which may not be suitable for inherently correlated location data. This paper investigates the quantification of potential privacy leakage in a correlated location data release scenario under a local setting, which has not been addressed in the literature. Our analysis shows that the privacy guarantee of LDP could be degraded in the presence of spatial–temporal and user correlations, albeit the perturbation is performed locally and independently by the users. This privacy guarantee is bounded by a privacy barrier that is affected by the intensity of correlations. We derive several important closed-form expressions and design efficient algorithms to compute such privacy leakage in a correlated location data. We subsequently propose a <span><math><mi>Δ</mi></math></span>-CLDP model that enhances the conventional LDP by incorporating the data correlations, and design a generic LDP data release framework that renders adaptive personalization of privacy preservation. Extensive theoretical analyses and simulations on scalable real datasets validate the security and performance efficiency of our work.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"255 ","pages":"Article 110830"},"PeriodicalIF":4.4,"publicationDate":"2024-10-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142534635","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Computer NetworksPub Date : 2024-10-09DOI: 10.1016/j.comnet.2024.110845
Navneet Kumar , Karan Singh , Jaime Lloret
{"title":"WAOA: A hybrid whale-ant optimization algorithm for energy-efficient routing in wireless sensor networks","authors":"Navneet Kumar , Karan Singh , Jaime Lloret","doi":"10.1016/j.comnet.2024.110845","DOIUrl":"10.1016/j.comnet.2024.110845","url":null,"abstract":"<div><div>Wireless Sensor Networks (WSNs) are vital for collecting data from remote environments. Nevertheless, the limited energy resources of sensor nodes render energy-efficient routing a critical concern for the successful operation of WSNs. To address these concerns, clustering, and routing are essential tasks in WSNs; clustering aims to organize sensor nodes into groups or clusters to minimize energy usage and prolong the network's lifespan. On the other hand, routing involves determining the optimum paths for transmitting data from the source nodes to the destination nodes. Nonetheless, it has been established that the current energy-efficient routing problem is an NP-hard, requiring a trade-off between energy and overall network performance. In this paper, we proposed a Hybrid Whale-Ant Optimization Algorithm (WAOA) for energy-efficient routing in WSNs. The proposed WAOA utilizes the Whale Optimization Algorithm (WOA) to find the suitable cluster head in the predefined search space, while the Ant Colony Optimization (ACO) searches the optimal route from the source cluster sensors to the cluster head within its predefined space. Linear programming construction is employed to formulate optimization problems for cluster head selection and search for the optimal route. The performance analysis demonstrates that the proposed WAOA performs better than MOORP, MMABC, and AZEBR by 5.78 %,16.11 %, and 18.52 %, respectively, in terms of network lifetime.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"254 ","pages":"Article 110845"},"PeriodicalIF":4.4,"publicationDate":"2024-10-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142441299","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Computer NetworksPub Date : 2024-10-09DOI: 10.1016/j.comnet.2024.110846
Majid Hadi, Reza Ghazizadeh
{"title":"UAV-mounted IRS assisted wireless powered mobile edge computing systems: Joint beamforming design, resource allocation and position optimization","authors":"Majid Hadi, Reza Ghazizadeh","doi":"10.1016/j.comnet.2024.110846","DOIUrl":"10.1016/j.comnet.2024.110846","url":null,"abstract":"<div><div>Intelligent reflecting surface (IRS) and unmanned aerial vehicle (UAV) have been recently used in wireless-powered mobile edge computing (MEC) systems to enhance the computation bits and energy harvesting performance. However, in the conventional IRS- and UAV-aided MEC systems, the IRS is installed at fixed locations on a building, which restricts the computation performance. UAV-mounted IRS (UAV-IRS), as a promising technology, combines the advantages of UAV and IRS. Hence, in this work, we study a UAV-IRS wireless-powered MEC system, where multiple UAV-IRSs are considered between Internet of Things (IoT) devices and the base station to improve the computation bits and energy harvesting. The multi-antenna base station first charges the IoT devices via radio frequency signals, and then IoT devices offload their computation tasks to the base station via UAV-IRSs. We formulate a computation bits maximization problem for all IoT devices by jointly determining detection beamforming at IoT devices, active energy beamforming at the base station, power allocation, time slot assignment, CPU frequency, the phase shifts design in the wireless energy transfer (WET) and task offloading, and UAV-IRSs positions. A block coordinate descent (BCD) algorithm by decomposing the introduced problem into four blocks is proposed, while the detection beamforming, active energy beamforming, transmit power, time slot assignment, CPU frequency, and the phase shifts design in the task offloading are derived in closed-form results. Also, the successive convex approximation and semidefinite relaxation (SDR) are adopted to obtain the UAV-IRS positions and the phase shifts in the WET, respectively. The simulation results verify the effectiveness of the presented BCD method compared with the different benchmark schemes.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"254 ","pages":"Article 110846"},"PeriodicalIF":4.4,"publicationDate":"2024-10-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142441300","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Computer NetworksPub Date : 2024-10-06DOI: 10.1016/j.comnet.2024.110837
Mohammed Albishari , Mingchu Li , Majid Ayoubi , Ala Alsanabani , Jiyu Tian
{"title":"Federated deep learning models for detecting RPL attacks on large-scale hybrid IoT networks","authors":"Mohammed Albishari , Mingchu Li , Majid Ayoubi , Ala Alsanabani , Jiyu Tian","doi":"10.1016/j.comnet.2024.110837","DOIUrl":"10.1016/j.comnet.2024.110837","url":null,"abstract":"<div><div>With the rapid spread of the Internet of Things (IoT), smart applications and services become increasingly crucial, making them an easily accessible source of personally identifiable information. Over the last few years, the use of machine learning in securing routing layers, particularly routing protocol for low-power and lossy networks (RPL), has become fundamental in ensuring successful routing and privacy preservation as a crucial consideration among edge nodes. In recent works, training of collected data on a central server has increased concerns regarding data privacy. Consequently, decentralized learning is currently a solution for privacy preservation. It has gained popularity in IoT networks in which the models are trained on hybrid data located in edge nodes and enable global decision-making without sharing global data, causing high communication costs during weight updates. We propose a federated learning of routing protocol (Fed-RPL)-based gated recurrent unit (GRU) model for decentralized training rounds and quantization method (Q-8bit) to decrease the number of weight updates that can significantly mitigate the communication overhead and maintain the local model with high accuracy. Meanwhile, the ensemble unit aggregates the updates and selects the best local model to enhance the global model accuracy. Our experiments show that Fed-RPL outperforms classical machine learning (ML) methods in privacy-preserving edge data, significantly reduces the communication cost in non-IID scenarios, and achieves higher detection accuracy than recent FL approaches.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"254 ","pages":"Article 110837"},"PeriodicalIF":4.4,"publicationDate":"2024-10-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142419306","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Computer NetworksPub Date : 2024-10-05DOI: 10.1016/j.comnet.2024.110833
Jit Gupta, Sourav Das, Krishna Kant
{"title":"NeSt: A QoS differentiating end-to-end networked storage simulator","authors":"Jit Gupta, Sourav Das, Krishna Kant","doi":"10.1016/j.comnet.2024.110833","DOIUrl":"10.1016/j.comnet.2024.110833","url":null,"abstract":"<div><div>The emerging high-speed storage technologies increasingly use Nonvolatile Memory Express (NVMe) protocol to meet their high throughput and low latency needs. In a datacenter environment, applications accessing multiple such devices over the fabric (i.e. the network) tend to have Quality of Service (QoS) requirements pertaining to offered throughput and experienced latency. In this paper we describe a networked storage system simulator called NeSt that supports end-to-end (E2E) QoS differentiation across multiple classes of service. This is done by conveying the class designation end to end and using it to consistently but independently apply the differentiation in each segment of the path. We demonstrate the ability of NeSt to provide end-to-end QoS differentiation under a variety of situations. To the best of our knowledge, NeSt is the first simulator of networked storage (consisting of multiple NVMe SSDs) that supports E2E QoS differentiation.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"254 ","pages":"Article 110833"},"PeriodicalIF":4.4,"publicationDate":"2024-10-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142419364","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}