International Journal of Computer Network and Information Security @ijcnis
Статьи журнала - International Journal of Computer Network and Information Security
Все статьи: 1148
LEFT: A Latency and Energy Efficient Flexible TDMA Protocol for Wireless Sensor Networks
Статья научная
This paper proposes latency and energy efficient flexible TDMA (LEFT), a medium access control (MAC) combined with routing protocol for data gathering from number of source nodes to a master station (MS) in a wireless sensor network (WSN). TDMA provides fairness, collision-free communication and reduces idle listening, which saves network energy. Data latency is reduced by allocating same transmission slots to nodes falling out of interference range of each other. Unlike a conventional TDMA, LEFT provides flexibility through slot seizing, wherein a non-holder of a slot can use slot when holder does not have data to send. This increases channel utilization and adaption to dynamic traffic patterns of WSN applications. Further, a node on a multi-hop path towards MS decides to participate in routing based on (i) its location with respect to MS, to forward data in correct direction, (ii) its current status of residual energy, to uniformly distribute energy across network, (iii) its transit traffic load, to prevent local congestion, (iv) its communication link quality, to guarantee reliable data delivery. This decision requires simple comparisons against thresholds, and thus is very simple to implement on energy, storage and computationally constrained nodes. LEFT also encompasses techniques to cater to link and node breakdowns. Experimental analysis of LEFT; Advertisement-based TDMA; Data gathering MAC; Energy Efficient Fast Forwarding and Cross layer MAC protocols using TI's EZ430-RF2500T nodes shows that LEFT is 65% more energy efficient compared to Cross layer MAC. Data latency of LEFT is 27 % less, delivery ratio is 17 % more and goodput is 11 % more compared to Cross layer MAC.
Бесплатно
LPA 2D-DOA Estimation for Fast Nonstationary Sources Using New Array Geometry Configuration
Статья научная
This paper proposes a new array geometry configuration to improve the two dimensional direction of arrival (2D-DOA) estimation of narrowband moving sources with less complexity. This new array is denoted by verticircular configuration, which is composed of both Uniform linear array (ULA) and Uniform Circular array (UCA) to avoid too much computation for 2D-DOA estimation. The proposed verticircular array is applied with the LPA nonparametric estimator to estimate multiple rapidly moving sources’ parameters (angles and angular velocities) for both azimuth as well as elevation directions. Simulation results show that this nonparametric technique is capable of resolving closely spaced sources provided that their velocities are sufficiently different with decreased computational complexity when using the verticircular array. Different scenarios are used to show the efficient LPA beamformer to distinguish sources that can have the same angles using their different angular velocities. In addition, this paper is to compare the performance of the 2D- LPA DOA estimation algorithm when using verticircular array (proposed array geometry) or rectangular planar array geometry. Simulation results show that the performance of the proposed method with less complexity than that obtained when using rectangular planar array.
Бесплатно
Статья научная
In order to achieve the integrated optimization in developing the big network system, this paper presented the concepts and principles of layered design method and collaborative development using of different tools firstly. Then we gave a recommended layered architecture for the distributed computing network system and also analyzed its pros and cons. At last, we extended the distributed computing network system to an information server cluster based on the task scheduling of dynamic and self-adaptive algorithm. The application of real-time information system designed by layered architecture shows that the method proposed in this paper is practical and efficient.
Бесплатно
Limitations of Passively Mapping Logical Network Topologies
Статья научная
Understanding logical network connectivity is essential in network topology mapping especially in a fast growing network where knowing what is happening on the network is critical for security purposes and where knowing how network resources are being used is highly important. Mapping logical communication topology is important for network auditing, network maintenance and governance, network optimization, and network security. However, the process of capturing network traffic to generate the logical network topology may have a great influence on the operation of the network. In hierarchically structured networks such as control systems, typical active network mapping techniques are not employable as they can affect time-sensitive cyber-physical processes, hence, passive network mapping is required. Though passive network mapping does not modify or disrupt existing traffic, current passive mapping techniques ignore many practical issues when used to generate logical communication topologies. In this paper, we present a methodology which compares topologies from an idealized mapping process with what is actually achievable using passive network mapping and identify some of the factors that can cause inaccuracies in logical maps derived from passively monitored network traffic. We illustrate these factors using a case study involving a hierarchical control network.
Бесплатно
Linear Crossed Cube (LCQ): A New Interconnection Network Topology for Massively Parallel System
Статья научная
Scalability and Complexity are crucial performance parameters in the design of Interconnection networks for multiprocessor system. This paper proposed and analyzed a new scalable interconnection network topology named as Linear Crossed Cube (LCQ). LCQ designed is based on the principle of hypercube architecture however, it improves some of the drawbacks of hypercube such as complex extensibility and its VLSI Layout. It inherits most of the desirable properties of hypercube type architectures; the most notably are small diameter and symmetry. LCQ has linear extension at each level of the extension while preserving all the desired topological properties. To evaluate the performance of proposed LCQ, standard scheduling algorithms are being implemented on it. The performance parameters such as Load Imbalance Factor (LIF) and balancing time are evaluated on the proposed LCQ as well as on other similar multiprocessor architectures. To compare the performance of proposed LCQ, standard scheduling scheme is also implemented on other similar multiprocessor architectures. The comparative simulation study shows that the proposed network can be considered as low-cost multiprocessor architecture for parallel system when appropriate scheduling algorithm is implemented onto it.
Бесплатно
Статья научная
The load scheduling is one of the prime concerns for the computation of tasks in a virtual distributed environment. Many meta-heuristic swarm based optimization methods have been developed for scheduling the load in cloud computing environment. These swarm intelligence based algorithms like PSO play a key role in determining the scheduling of the cloudlets on the VMs in the datacenter. Gravitational Search algorithm based on law of gravity schedules the load in an effective manner. Its potential has not been utilized in cloud for load scheduling. This paper proposes a linear improved gravitational search algorithm in Cloud (LIGSA-C). This presents a new linear gravitational function and cost evaluation function for cloudlets using gravitational search approach in cloud. The results are computed by particles for scheduling 10 cloudlets on 8 VMs in the cloud. The detailed analysis of the result is performed. This paper states that LIGSA-C outperforms the existing algorithms like GSA and PSO for minimized cost.
Бесплатно
Load Balancing Early Handoff Scheme for Multimedia Data Transmission in Wireless Networks
Статья научная
This study developed a load balancing early handoff scheme that enables transfer part of heavy load in a base station to the others using the overlap between base stations in wireless cellular networks. The proposed scheme reduces the new call blocking probability (CBP) and handoff call connection dropping probability (CDP) as well as to increase the resource utilization of wireless networks. Since the scheme is triggered by a connection request received by the base station, it immediately reflects the loading of the base station. The proposed load balancing early handoff policy can be integrated in diverse call admission control schemes. The effectiveness of the load balancing early handoff scheme is demonstrated by integrating it with DMTBR to improve the call admission control function. Additionally, NS2 is used to simulate the load balancing early handoff scheme in a wireless network with wrap-around model. The simulation results show that the proposed scheme can effectively improve the wireless network resource utilization.
Бесплатно
Localization by Salp Swarm Optimization with Doppler Effect in Wireless Sensor Networks
Статья научная
Wireless sensor networks (WSNs) have lately been widely used due to its abundant practice in methods that have to be spread over a large range. In any wireless application, the position precision of node is an important core component. Node localization intends to calculate the geographical coordinates of unknown nodes by the assistance of known nodes. In a multidimensional space, node localization is well-thought-out as an optimization problem that can be solved by relying on any metaheuristic’s algorithms for optimal outputs. This paper presents a new localization model using Salp Swarm optimization Algorithm with Doppler Effect (LOSSADE) that exploit the strengths of both methods. The Doppler effect iteratively considers distance between the nodes to determine the position of the nodes. The location of the salp leader and the prey will get updated using the Doppler shift. The performance validation of the presented approach simulated by MATLAB in the network environment with random node deployment. A detailed experimental analysis takes place and the results are investigated under a varying number of anchor nodes, and transmission range in the given search area. The obtained simulation results are compared over the traditional algorithm along with other the state-of-the-art methods shows that the proposed LOSSADE model depicts better localization performance in terms of robustness, accuracy in locating target node position and computation time.
Бесплатно
Locating all the Frequency Hopping Components Using Multi-species Particle Swarm Optimization
Статья научная
The particle swarm optimization (PSO) algorithm is applied to the problem of blind parameter estimation of frequency hopping signals. For this target, one Time Frequency representation such as Smoothed Pseudo Wigner-Ville Distribution (SPWVD) is computed firstly. Then, the peaks on TF plane are searched using multi-species PSO. Each particle moves around two dimension time and frequency plane and will converge to different species, which seeds represent the centers of frequency hopping components. A numerical study is carried out for signals which are embedded in a very low SNR ratio noise. Results show that the new method is feasible and much more robust than some existing estimation algorithms.
Бесплатно
Location Prediction of Mobility Management Using Soft Computing Techniques in Cellular Network
Статья научная
This work describes the neural network technique to solve location management problem. A multilayer neural model is designed to predict the future prediction of the subscriber based on the past predicted information of the subscriber. In this research work, a prediction based location management scheme is proposed for locating a mobile terminal in a communication without losing quality maintains a good response. There are various methods of location management schemes for prediction of the mobile user. Based on individual characteristic of the user, prediction based location management can be implemented. This work is purely analytical which need the past movement of the subscriber and compared with the simulated one. The movement of the mobile target is considered as regular and uniform. An artificial neural network model is used for mobility management to reduce the total cost. Single or multiple mobile targets can be predicted. Among all the neural techniques multilayer perceptron is used for this work. The records are collected from the past movement and are used to train the network for the future prediction. The analytical result of the prediction method is found to be satisfactory.
Бесплатно
Location Privacy using Homomorphic Encryption over Cloud
Статья научная
Homomorphism is a concept that allows one to perform arbitrary calculations on the cipher text. One of the application of this concept is securing one's location while one uses location based services(LBS). In this paper I have discussed an approach to preserve mobile user's location while accessing some location based service. The mobile user is trying to find the nearest locations of his interest using a mobile application. While doing so he wishes to keep his location coordinates a secret from the server. This is because, these days since servers may be maintained by a third party or a middleware might be involved. There is no scope of trusting anyone in this insecure world. Therefore, since in homomorphic encryption offers a way of making calculations on the cipher text thereby not revealing anything about the plaintext to the server, it becomes a more secure and safer choice for making a system which wants to keep the data protected from the server. Problem Statement: Implementing k-nearest neighbour algorithm while preserving user location privacy using homomorphic encryption.
Бесплатно
Low Complexity Multimedia Encryption
Статья научная
Selective encryption algorithms have been proposed to encrypt syntax elements such as intra prediction modes, the sign bit of nonzero DCT coefficients, along with the sign bit of motion vectors. These syntax elements are sensitive enough to produce effective scrambling effect with a relative low computational cost. In this paper, a novel scheme is proposed to further optimize the computational overhead incurred by the encryption for energy critical multimedia applications. The proposed scheme adjusts the selection of syntax elements to be encrypted according to the scene transitions within adjacent video frames. The ratio of intra-coded macroblocks in inter (P and B) frames is calculated and compared with an adaptive threshold value to detect the scene transitions. Furthermore, based on statistical analysis for a few video sequences, a dynamic threshold model to detect the scene transition is proposed. When there is a scene transition between the previous video frame and the current video frame, intra prediction modes and the sign bit of DCT coefficients in the current frame are chosen as syntax elements to be encrypted, whereas in the absence of a scene transition, the sign bit of motion vectors is chosen as the only sensitive syntax elements to be encrypted. Experimental results show that compared with previous work in this field, the proposed scheme can efficiently lower the computational cost incurred by the encryption while maintaining a similar perceptual scrambling effect.
Бесплатно
Low Level Performance Evaluation of InfiniBand with Benchmarking Tools
Статья научная
InfiniBand is widely accepted as a high performance networking technology for datacenters and HPC clusters. It uses the Remote Direct Memory Access (RDMA) where communication tasks that are typically assigned to CPUs are offloaded to the Channel Adapters (CAs), resulting in a significant increase of the throughput and reduction of the latency and CPU load. In this paper, we make an introduction to InfiniBand and IP over InfiniBand (IPoIB), where the latter is a protocol proposed by the IETF to run traditional socket-oriented applications on top of InfiniBand networks. We also evaluate the performance of InfiniBand using different transport protocols with several benchmarking tools in a testbed. For RDMA communications, we consider three transport services: (1) Reliable Connection, (2) Unreliable Connection, and (3) Unreliable Datagram. For UDP and TCP, we use IPoIB. Our results show significant differences between RDMA and IPoIB communications, encouraging the coding of new applications with InfiniBand verbs. Also, it is noticeable that IPoIB in datagram mode and in connected mode have similar performance for small UDP and TCP payload. However, the differences get important as the payload size increases.
Бесплатно
M2KMIX: Identifying the Type of High Rate Flooding Attacks using a Mixture of Expert Systems
Статья научная
High rate flooding attacks such as SYN flood, UDP flood, and HTTP flood have been posing a perilous threat to Web servers, DNS servers, Mail servers, VoIP servers, etc. These high rate flooding attacks deplete the limited capacity of the server resources. Hence, there is a need for the protection of these critical resources from high rate flooding attacks. Existing detection techniques used in Firewalls, IPS, IDS, etc., fail to identify the illegitimate traffic due to its self-similarity nature of legitimate traffic and suffer from low detection accuracy and high false alarms. Also, very few in the literature have focused on identifying the type of attack. This paper focuses on the identification of type of high rate flooding attack with High detection accuracy and fewer false alarms. The attack type identification is achieved by training the classifiers with different feature subsets. Therefore, each trained classifier is an expert in different feature space. High detection accuracy is achieved by creating a mixture of expert classifiers and the ensemble output decisions are identified by our proposed Preferential Agreement (PA) rule. Our proposed classification algorithm, M2KMix (mixture of two Multi Layer Perceptron and one K-Nearest Neighbor models) differs from the existing solutions in feature selection, error cost reduction, and attack type identification. M2KMix was trained and tested with our own SSE Lab 2011 dataset and CAIDA dataset. Detection accuracy and False Alarms are the two metrics used to analyze the performance of the proposed M2KMix algorithm with the existing output combination methods such as mean, maximum, minimum, and product. From the simulation results, it is evident that M2KMix algorithm achieves high detection accuracy (97.8%) with fewer false alarms than the existing output combination methods. M2KMix identifies three types of flooding attacks, viz., the SYN Flood, UDP flood, and HTTP Flood, effectively with detection accuracy of 100%, 93.75%, and 97.5%, respectively.
Бесплатно
MANETs: QoS and investigations on optimized link state routing protocol
Статья научная
Mobile Ad-Hoc Networks (MANETs) are self-forming, self-healing new generation infrastructure less wireless networks. Principal behind these networks is multi hop radio relaying. MANETs are very useful at locations where networking infrastructure is not available. Major applications of these networks can be accessed at military and emergency rescue operations. MANETs may contain small or large set of network nodes; each and every node requires acting as host and the router. Due to random movements of the nodes, MANETs obtain dynamic network topologies. Routing protocols in MANETs are accountable for establishing efficient and error free communication paths between network nodes. Dynamic network topologies make routing challenging. In order to meet requirement of present day applications and to overcome from routing challenges, routing protocols in mobile ad hoc networks need to perform better in terms of certain QoS (Quality of Service) parameters such as; good throughput, sustained communication links and least delay in establishing a link. In this paper, we have discussed QoS in MANETs and analyzed the OLSR (Optimized Link State Routing), a well-known routing protocol in MANETs for possible improvements in its performance. Here, we have revised attributes of core parameters of the standard OLSR routing model in order to obtain a new OLSR design. Performances of the standard and revised OLSR models have been tested and compared under different network scenarios using network simulator-3 (NS-3). Different QoS and performance evaluating metrics such as; the throughput, packet delivery ratio, end to end delay, packet loss and normalized routing load have been considered for measuring performances of either OLSR routing models. Based on the analysis, it is concluded that the revised OLSR model has shown better performances as compared to standard OLSR routing model.
Бесплатно
MUSIC 2D-DOA Estimation using Split Vertical Linear and Circular Arrays
Статья научная
In this paper, the MUSIC 2D-DOA estimation is estimated by splitting the angle into elevation and azimuth components. This technique is based on an array that is composed by a vertical uniform linear array located perpendicularly at the center of another uniform circular array. This array configuration is proposed to reduce the computational burden faced in MUSIC 2D-DOA estimation where the vertical array is used to determine the elevation DOAs (θs) which are used subsequently to determine the azimuth DOAs (∅s) by the circular array instead of searching in all space of the two angles in the case of using circular array only. The new Split beamformer is investigated and the performance of the MUSIC 2D-DOA under several signal conditions in the presence of noise is studied.
Бесплатно
Статья научная
Software-Defined Networking is a new network architecture that separates control and data planes. It has central network control and programmability facilities, so it improves manageability, scaling, and performance. However, it may suffer from creating a single point of failure against the controller, which represents the network control plane. So, defending the controller against attacks such as a distributed denial of service attack is a valuable and urgent issue. The advances of this paper are to implement an accurate and significant method to detect this attack with high accuracy using machine learning-based algorithms exploiting new advanced features obtained from traffic flow information and statistics. The developed model is trained with kernel radial basis function. The technique uses advanced features such as unknown destination addresses, packets inter-arrival time, transport layer protocol header, and type of service header. To the best knowledge of the authors, the proposed approach of the paper had not been used before. The proposed work begins with generating both normal and attack traffic flow packets through the network. When packets reach the controller, it extracts their headers and performs necessary flow calculations to get the needed features. The features are used to create a dataset that is used as an input to linear support vector machine classifier. The classifier is used to train the model with kernel radial basis function. Methods such as Naive Bayes, K-Nearest Neighbor, Decision Tree, and Random Forest are also utilized and compared with the SVM model to improve the detection operation. Hence, suspicious senders are blocked and their information is stored. The experimental results prove that the proposed technique detects the attack with high accuracy and low false alarm, compared to other related techniques.
Бесплатно
Machine Learning-based Intrusion Detection Technique for IoT: Simulation with Cooja
Статья научная
The Internet of Things (IoT) is one of the promising technologies of the future. It offers many attractive features that we depend on nowadays with less effort and faster in real-time. However, it is still vulnerable to various threats and attacks due to the obstacles of its heterogeneous ecosystem, adaptive protocols, and self-configurations. In this paper, three different 6LoWPAN attacks are implemented in the IoT via Contiki OS to generate the proposed dataset that reflects the 6LoWPAN features in IoT. For analyzed attacks, six scenarios have been implemented. Three of these are free of malicious nodes, and the others scenarios include malicious nodes. The typical scenarios are a benchmark for the malicious scenarios for comparison, extraction, and exploration of the features that are affected by attackers. These features are used as criteria input to train and test our proposed hybrid Intrusion Detection and Prevention System (IDPS) to detect and prevent 6LoWPAN attacks in the IoT ecosystem. The proposed hybrid IDPS has been trained and tested with improved accuracy on both KoU-6LoWPAN-IoT and Edge IIoT datasets. In the proposed hybrid IDPS for the detention phase, the Artificial Neural Network (ANN) classifier achieved the highest accuracy among the models in both the 2-class and N-class. Before the accuracy improved in our proposed dataset with the 4-class and 2-class mode, the ANN classifier achieved 95.65% and 99.95%, respectively, while after the accuracy optimization reached 99.84% and 99.97%, respectively. For the Edge IIoT dataset, before the accuracy improved with the 15-class and 2-class modes, the ANN classifier achieved 95.14% and 99.86%, respectively, while after the accuracy optimized up to 97.64% and 99.94%, respectively. Also, the decision tree-based models achieved lightweight models due to their lower computational complexity, so these have an appropriate edge computing deployment. Whereas other ML models reach heavyweight models and are required more computational complexity, these models have an appropriate deployment in cloud or fog computing in IoT networks.
Бесплатно
Malware Classification with Improved Convolutional Neural Network Model
Статья научная
Malware is a threat to people in the cyber world. It steals personal information and harms computer systems. Various developers and information security specialists around the globe continuously work on strategies for detecting malware. From the last few years, machine learning has been investigated by many researchers for malware classification. The existing solutions require more computing resources and are not efficient for datasets with large numbers of samples. Using existing feature extractors for extracting features of images consumes more resources. This paper presents a Convolutional Neural Network model with pre-processing and augmentation techniques for the classification of malware gray-scale images. An investigation is conducted on the Malimg dataset, which contains 9339 gray-scale images. The dataset created from binaries of malware belongs to 25 different families. To create a precise approach and considering the success of deep learning techniques for the classification of raising the volume of newly created malware, we proposed CNN and Hybrid CNN+SVM model. The CNN is used as an automatic feature extractor that uses less resource and time as compared to the existing methods. Proposed CNN model shows (98.03%) accuracy which is better than other existing CNN models namely VGG16 (96.96%), ResNet50 (97.11%) InceptionV3 (97.22%), Xception (97.56%). The execution time of the proposed CNN model is significantly reduced than other existing CNN models. The proposed CNN model is hybridized with a support vector machine. Instead of using Softmax as activation function, SVM performs the task of classifying the malware based on features extracted by the CNN model. The proposed fine-tuned model of CNN produces a well-selected features vector of 256 Neurons with the FC layer, which is input to SVM. Linear SVC kernel transforms the binary SVM classifier into multi-class SVM, which classifies the malware samples using the one-against-one method and delivers the accuracy of 99.59%.
Бесплатно
Malware-Free Intrusions: Exploitation of Built-in Pre-Authentication Services for APT Attack Vectors
Статья научная
Advanced Persistent Threat (APT) actors seek to maintain an undetected presence over a considerable duration and therefore use a myriad of techniques to achieve this requirement. This stealthy presence might be sought on the targeted victim or one of the victims used as pawns for further attacks. However, most of the techniques involve some malicious software leveraging the vulnerability induced by an exploit or leveraging the ignorance of the benign user. But then, malware generates a substantial amount of noise in form of suspicious network traffic or unusual system calls which usually do not go undetected by intrusion detection systems. Therefore, an attack vector that generates as little noise as possible or none at all is especially attractive to ATP threat actors as this perfectly suits the objective thereof. Malware-free intrusions present such attack vectors and indeed are difficult to detect because they mimic the behavior of normal applications and add no extra code for signature detection or anomaly behavior. This paper explores malware-free intrusions via backdoors created by leveraging the available at pre-authentication system tools availed to the common user. We explore two attack vectors used to implant the backdoor and demonstrate how such is accessible over the network via remote access while providing the highest level of system access. We further look at prevention, detection and mitigation measures which can be implemented in the case of compromise.
Бесплатно
