-
Controlling Communications Quality in V2V Platooning: a TSN-like Slot-Based Scheduler Approach
Authors:
Angelo Feraudo,
Andrea Garbugli,
Paolo Bellavista
Abstract:
Connected vehicles, facilitated by Vehicle-to-Vehicle (V2V) communications, play a key role in enhancing road safety and traffic efficiency. However, V2V communications primarily rely on wireless protocols, such as Wi-Fi, that require additional collision avoidance mechanisms to better ensure bounded latency and reliability in critical scenarios. In this paper, we introduce a novel approach to add…
▽ More
Connected vehicles, facilitated by Vehicle-to-Vehicle (V2V) communications, play a key role in enhancing road safety and traffic efficiency. However, V2V communications primarily rely on wireless protocols, such as Wi-Fi, that require additional collision avoidance mechanisms to better ensure bounded latency and reliability in critical scenarios. In this paper, we introduce a novel approach to address the challenge of message collision in V2V platooning through a slotted-based solution inspired by Time-Sensitive Networking (TSN), which is gaining momentum for in-vehicle networks. To this end, we present a controller, named TSNCtl, operating at the application level of the vehicular communications stack. TSNCtl employs a finite state machine (FSM) to manage platoon formation and slot-based scheduling for message dissemination. The reported evaluation results, based on the OMNeT++ simulation framework and INET library, demonstrate the effectiveness of TSNCtl in reducing packet collisions across various scenarios. Specifically, our experiments reveal a significant reduction in packet collisions compared to the CSMA-CA baseline used in traditional Wi-Fi-based protocols (e.g., IEEE 802.11p): for instance, with slot lengths of 2 ms, our solution achieves an average collision rate under 1%, compared to up to 50% for the baseline case.
△ Less
Submitted 2 May, 2024;
originally announced May 2024.
-
A Novel OMNeT++-based Simulation Tool for Vehicular Cloud Computing in ETSI MEC-compliant 5G Environments
Authors:
Angelo Feraudo,
Alessandro Calvio,
Paolo Bellavista
Abstract:
Vehicular cloud computing is gaining popularity thanks to the rapid advancements in next generation wireless communication networks. Similarly, Edge Computing, along with its standard proposals such as European Telecommunications Standards Institute (ETSI) Multi-access Edge Computing (MEC), will play a vital role in these scenarios, by enabling the execution of cloud-based services at the edge of…
▽ More
Vehicular cloud computing is gaining popularity thanks to the rapid advancements in next generation wireless communication networks. Similarly, Edge Computing, along with its standard proposals such as European Telecommunications Standards Institute (ETSI) Multi-access Edge Computing (MEC), will play a vital role in these scenarios, by enabling the execution of cloud-based services at the edge of the network. Together, these solutions have the potential to create real micro-datacenters at the network edge, favoring several benefits like minimal latency, real-time data processing, and data locality. However, the research community has not yet the opportunity to use integrated simulation frameworks for the easy testing of applications that exploit both the vehicular cloud paradigm and MEC-compliant 5G deployment environments. In this paper, we present our simulation tool as a platform for researchers and engineers to design, test, and enhance applications utilizing the concepts of vehicular and edge cloud. Our platform significantly extends OMNet++ and Simu5G, and implements our ETSI MEC-compliant architecture that leverages resources provided by far-edge nodes. In addition, the paper analyzes and reports performance results for our simulation platform, as well as provides a use case where our simulator is used to support the design, test, and validation of an algorithm to distribute MEC application components on vehicular cloud resources.
△ Less
Submitted 9 January, 2024;
originally announced January 2024.
-
Mitigating IoT Botnet DDos Attacks through MUD and eBPF based Traffic Filtering
Authors:
Angelo Feraudo,
Diana Andreea Popescu,
Poonam Yadav,
Richard Mortier,
Paolo Bellavista
Abstract:
As the prevalence of Internet-of-Things (IoT) devices becomes more and more dominant, so too do the associated management and security challenges. One such challenge is the exploitation of vulnerable devices for recruitment into botnets, which can be used to carry out Distributed Denial-of-Service (DDoS) attacks. The recent Manufacturer Usage Description (MUD) standard has been proposed as a way t…
▽ More
As the prevalence of Internet-of-Things (IoT) devices becomes more and more dominant, so too do the associated management and security challenges. One such challenge is the exploitation of vulnerable devices for recruitment into botnets, which can be used to carry out Distributed Denial-of-Service (DDoS) attacks. The recent Manufacturer Usage Description (MUD) standard has been proposed as a way to mitigate this problem, by allowing manufacturers to define communication patterns that are permitted for their IoT devices, with enforcement at the gateway home router. In this paper, we present a novel integrated system implementation that uses a MUD manager (osMUD) to parse an extended set of MUD rules, which also allow for rate-limiting of traffic and for setting appropriate thresholds. Additionally, we present two new backends for MUD rule enforcement, one based on eBPF and the other based on the Linux standard iptables. The reported evaluation results show that these techniques are feasible and effective in protecting against attacks and in terms of their impact on legitimate traffic and on the home gateway.
△ Less
Submitted 3 May, 2023;
originally announced May 2023.
-
A Novel Design for Advanced 5G Deployment Environments with Virtualized Resources at Vehicular and MEC Nodes
Authors:
Angelo Feraudo,
Alessando Calvio,
Armir Bujari,
Paolo Bellavista
Abstract:
IoT and edge computing are profoundly changing the information era, bringing a hyper-connected and context-aware computing environment to reality. Connected vehicles are a critical outcome of this synergy, allowing for the seamless interconnection of autonomous mobile/fixed objects, giving rise to a decentralized vehicle-to-everything (V2X) paradigm. On this front, the European Telecommunications…
▽ More
IoT and edge computing are profoundly changing the information era, bringing a hyper-connected and context-aware computing environment to reality. Connected vehicles are a critical outcome of this synergy, allowing for the seamless interconnection of autonomous mobile/fixed objects, giving rise to a decentralized vehicle-to-everything (V2X) paradigm. On this front, the European Telecommunications Standards Institute (ETSI) proposed the Multi-Access Edge Computing (MEC) standard, addressing the execution of cloud-like services at the very edge of the infrastructure, thus facilitating the support of low-latency services at the far-edge. In this article, we go a step further and propose a novel ETSI MEC-compliant architecture that fully exploits the synergies between the edge and far-edge, extending the pool of virtualized resources available at MEC nodes with vehicular ones found in the vicinity. In particular, our approach allows vehicle entities to access and partake in a negotiation process embodying a rewarding scheme, while addressing resource volatility as vehicles join and leave the resource pool. To demonstrate the viability and flexibility of our proposed approach, we have built an ETSI MEC-compliant simulation model, which could be tailored to distribute application requests based on the availability of both local and remote resources, managing their transparent migration and execution. In addition, the paper reports on the experimental validation of our proposal in a 5G network setting, contrasting different service delivery modes, by highlighting the potential of the dynamic exploitation of far-edge vehicular resources.
△ Less
Submitted 28 March, 2023;
originally announced March 2023.
-
Position paper: A systematic framework for categorising IoT device fingerprinting mechanisms
Authors:
Poonam Yadav,
Angelo Feraudo,
Budi Arief,
Siamak F. Shahandashti,
Vassilios G. Vassilakis
Abstract:
The popularity of the Internet of Things (IoT) devices makes it increasingly important to be able to fingerprint them, for example in order to detect if there are misbehaving or even malicious IoT devices in one's network. The aim of this paper is to provide a systematic categorisation of machine learning augmented techniques that can be used for fingerprinting IoT devices. This can serve as a bas…
▽ More
The popularity of the Internet of Things (IoT) devices makes it increasingly important to be able to fingerprint them, for example in order to detect if there are misbehaving or even malicious IoT devices in one's network. The aim of this paper is to provide a systematic categorisation of machine learning augmented techniques that can be used for fingerprinting IoT devices. This can serve as a baseline for comparing various IoT fingerprinting mechanisms, so that network administrators can choose one or more mechanisms that are appropriate for monitoring and maintaining their network. We carried out an extensive literature review of existing papers on fingerprinting IoT devices -- paying close attention to those with machine learning features. This is followed by an extraction of important and comparable features among the mechanisms outlined in those papers. As a result, we came up with a key set of terminologies that are relevant both in the fingerprinting context and in the IoT domain. This enabled us to construct a framework called IDWork, which can be used for categorising existing IoT fingerprinting mechanisms in a way that will facilitate a coherent and fair comparison of these mechanisms. We found that the majority of the IoT fingerprinting mechanisms take a passive approach -- mainly through network sniffing -- instead of being intrusive and interactive with the device of interest. Additionally, a significant number of the surveyed mechanisms employ both static and dynamic approaches, in order to benefit from complementary features that can be more robust against certain attacks such as spoofing and replay attacks.
△ Less
Submitted 19 October, 2020; v1 submitted 16 October, 2020;
originally announced October 2020.
-
SoK: Beyond IoT MUD Deployments -- Challenges and Future Directions
Authors:
Angelo Feraudo,
Poonam Yadav,
Richard Mortier,
Paolo Bellavista,
Jon Crowcroft
Abstract:
Due to the advancement of IoT devices in both domestic and industrial environments, the need to incorporate a mechanism to build accountability in the IoT ecosystem is paramount. In the last few years, various initiatives have been started in this direction addressing many socio-technical concerns and challenges to build an accountable system. The solution that has received a lot of attention in b…
▽ More
Due to the advancement of IoT devices in both domestic and industrial environments, the need to incorporate a mechanism to build accountability in the IoT ecosystem is paramount. In the last few years, various initiatives have been started in this direction addressing many socio-technical concerns and challenges to build an accountable system. The solution that has received a lot of attention in both industry and academia is the Manufacturer Usage Description (MUD) specification. It gives the possibility to the IoT device manufacturers to describe communications needed by each device to work properly. MUD implementation is challenging not only due to the diversity of IoT devices and manufacturer/operator/regulators but also due to the incremental integration of MUD-based flow control in the already existing Internet infrastructure. To provide a better understanding of these challenges, in this work, we explore and investigate the prototypes of three implementations proposed by different research teams and organisations, useful for the community to understand which are the various features implemented by the existing technologies. By considering that there exist some behaviours which can be only defined by local policy, we propose a MUD capable network integrating our User Policy Server(UPS). The UPS provides network administrators and endusers an opportunity to interact with MUD components through a user-friendly interface. Hence, we present a comprehensive survey of the challenges.
△ Less
Submitted 22 April, 2020; v1 submitted 16 April, 2020;
originally announced April 2020.