-
Forensic Data Analytics for Anomaly Detection in Evolving Networks
Authors:
Li Yang,
Abdallah Moubayed,
Abdallah Shami,
Amine Boukhtouta,
Parisa Heidari,
Stere Preda,
Richard Brunner,
Daniel Migault,
Adel Larabi
Abstract:
In the prevailing convergence of traditional infrastructure-based deployment (i.e., Telco and industry operational networks) towards evolving deployments enabled by 5G and virtualization, there is a keen interest in elaborating effective security controls to protect these deployments in-depth. By considering key enabling technologies like 5G and virtualization, evolving networks are democratized,…
▽ More
In the prevailing convergence of traditional infrastructure-based deployment (i.e., Telco and industry operational networks) towards evolving deployments enabled by 5G and virtualization, there is a keen interest in elaborating effective security controls to protect these deployments in-depth. By considering key enabling technologies like 5G and virtualization, evolving networks are democratized, facilitating the establishment of point presences integrating different business models ranging from media, dynamic web content, gaming, and a plethora of IoT use cases. Despite the increasing services provided by evolving networks, many cybercrimes and attacks have been launched in evolving networks to perform malicious activities. Due to the limitations of traditional security artifacts (e.g., firewalls and intrusion detection systems), the research on digital forensic data analytics has attracted more attention. Digital forensic analytics enables people to derive detailed information and comprehensive conclusions from different perspectives of cybercrimes to assist in convicting criminals and preventing future crimes. This chapter presents a digital analytics framework for network anomaly detection, including multi-perspective feature engineering, unsupervised anomaly detection, and comprehensive result correction procedures. Experiments on real-world evolving network data show the effectiveness of the proposed forensic data analytics solution.
△ Less
Submitted 17 August, 2023;
originally announced August 2023.
-
Multi-Perspective Content Delivery Networks Security Framework Using Optimized Unsupervised Anomaly Detection
Authors:
Li Yang,
Abdallah Moubayed,
Abdallah Shami,
Parisa Heidari,
Amine Boukhtouta,
Adel Larabi,
Richard Brunner,
Stere Preda,
Daniel Migault
Abstract:
Content delivery networks (CDNs) provide efficient content distribution over the Internet. CDNs improve the connectivity and efficiency of global communications, but their caching mechanisms may be breached by cyber-attackers. Among the security mechanisms, effective anomaly detection forms an important part of CDN security enhancement. In this work, we propose a multi-perspective unsupervised lea…
▽ More
Content delivery networks (CDNs) provide efficient content distribution over the Internet. CDNs improve the connectivity and efficiency of global communications, but their caching mechanisms may be breached by cyber-attackers. Among the security mechanisms, effective anomaly detection forms an important part of CDN security enhancement. In this work, we propose a multi-perspective unsupervised learning framework for anomaly detection in CDNs. In the proposed framework, a multi-perspective feature engineering approach, an optimized unsupervised anomaly detection model that utilizes an isolation forest and a Gaussian mixture model, and a multi-perspective validation method, are developed to detect abnormal behaviors in CDNs mainly from the client Internet Protocol (IP) and node perspectives, therefore to identify the denial of service (DoS) and cache pollution attack (CPA) patterns. Experimental results are presented based on the analytics of eight days of real-world CDN log data provided by a major CDN operator. Through experiments, the abnormal contents, compromised nodes, malicious IPs, as well as their corresponding attack types, are identified effectively by the proposed framework and validated by multiple cybersecurity experts. This shows the effectiveness of the proposed method when applied to real-world CDN data.
△ Less
Submitted 23 July, 2021;
originally announced July 2021.
-
A new public Alsat-2B dataset for single-image super-resolution
Authors:
Achraf Djerida,
Khelifa Djerriri,
Moussa Sofiane Karoui,
Mohammed El Amin larabi
Abstract:
Currently, when reliable training datasets are available, deep learning methods dominate the proposed solutions for image super-resolution. However, for remote sensing benchmarks, it is very expensive to obtain high spatial resolution images. Most of the super-resolution methods use down-sampling techniques to simulate low and high spatial resolution pairs and construct the training samples. To so…
▽ More
Currently, when reliable training datasets are available, deep learning methods dominate the proposed solutions for image super-resolution. However, for remote sensing benchmarks, it is very expensive to obtain high spatial resolution images. Most of the super-resolution methods use down-sampling techniques to simulate low and high spatial resolution pairs and construct the training samples. To solve this issue, the paper introduces a novel public remote sensing dataset (Alsat2B) of low and high spatial resolution images (10m and 2.5m respectively) for the single-image super-resolution task. The high-resolution images are obtained through pan-sharpening. Besides, the performance of some super-resolution methods on the dataset is assessed based on common criteria. The obtained results reveal that the proposed scheme is promising and highlight the challenges in the dataset which shows the need for advanced methods to grasp the relationship between the low and high-resolution patches.
△ Less
Submitted 21 March, 2021;
originally announced March 2021.
-
Cost-optimal V2X Service Placement in Distributed Cloud/Edge Environment
Authors:
Abdallah Moubayed,
Abdallah Shami,
Parisa Heidari,
Adel Larabi,
Richard Brunner
Abstract:
Deploying V2X services has become a challenging task. This is mainly due to the fact that such services have strict latency requirements. To meet these requirements, one potential solution is adopting mobile edge computing (MEC). However, this presents new challenges including how to find a cost efficient placement that meets other requirements such as latency. In this work, the problem of cost-op…
▽ More
Deploying V2X services has become a challenging task. This is mainly due to the fact that such services have strict latency requirements. To meet these requirements, one potential solution is adopting mobile edge computing (MEC). However, this presents new challenges including how to find a cost efficient placement that meets other requirements such as latency. In this work, the problem of cost-optimal V2X service placement (CO-VSP) in a distributed cloud/edge environment is formulated. Additionally, a cost-focused delay-aware V2X service placement (DA-VSP) heuristic algorithm is proposed. Simulation results show that both CO-VSP model and DA-VSP algorithm guarantee the QoS requirements of all such services and illustrates the trade-off between latency and deployment cost.
△ Less
Submitted 14 October, 2020;
originally announced October 2020.
-
Machine Learning for Performance-Aware Virtual Network Function Placement
Authors:
Dimitrios Michael Manias,
Manar Jammal,
Hassan Hawilo,
Abdallah Shami,
Parisa Heidari,
Adel Larabi,
Richard Brunner
Abstract:
With the growing demand for data connectivity, network service providers are faced with the task of reducing their capital and operational expenses while simultaneously improving network performance and addressing the increased connectivity demand. Although Network Function Virtualization (NFV) has been identified as a solution, several challenges must be addressed to ensure its feasibility. In th…
▽ More
With the growing demand for data connectivity, network service providers are faced with the task of reducing their capital and operational expenses while simultaneously improving network performance and addressing the increased connectivity demand. Although Network Function Virtualization (NFV) has been identified as a solution, several challenges must be addressed to ensure its feasibility. In this paper, we address the Virtual Network Function (VNF) placement problem by develo** a machine learning decision tree model that learns from the effective placement of the various VNF instances forming a Service Function Chain (SFC). The model takes several performance-related features from the network as an input and selects the placement of the various VNF instances on network servers with the objective of minimizing the delay between dependent VNF instances. The benefits of using machine learning are realized by moving away from a complex mathematical modelling of the system and towards a data-based understanding of the system. Using the Evolved Packet Core (EPC) as a use case, we evaluate our model on different data center networks and compare it to the BACON algorithm in terms of the delay between interconnected components and the total delay across the SFC. Furthermore, a time complexity analysis is performed to show the effectiveness of the model in NFV applications.
△ Less
Submitted 13 January, 2020;
originally announced January 2020.
-
Edge-enabled V2X Service Placement for Intelligent Transportation Systems
Authors:
Abdallah Moubayed,
Abdallah Shami,
Parisa Heidari,
Adel Larabi,
Richard Brunner
Abstract:
Vehicle-to-everything (V2X) communication and services have been garnering significant interest from different stakeholders as part of future intelligent transportation systems (ITSs). This is due to the many benefits they offer. However, many of these services have stringent performance requirements, particularly in terms of the delay/latency. Multi-access/mobile edge computing (MEC) has been pro…
▽ More
Vehicle-to-everything (V2X) communication and services have been garnering significant interest from different stakeholders as part of future intelligent transportation systems (ITSs). This is due to the many benefits they offer. However, many of these services have stringent performance requirements, particularly in terms of the delay/latency. Multi-access/mobile edge computing (MEC) has been proposed as a potential solution for such services by bringing them closer to vehicles. Yet, this introduces a new set of challenges such as where to place these V2X services, especially given the limit computation resources available at edge nodes. To that end, this work formulates the problem of optimal V2X service placement (OVSP) in a hybrid core/edge environment as a binary integer linear programming problem. To the best of our knowledge, no previous work considered the V2X service placement problem while taking into consideration the computational resource availability at the nodes. Moreover, a low-complexity greedy-based heuristic algorithm named "Greedy V2X Service Placement Algorithm" (G-VSPA) was developed to solve this problem. Simulation results show that the OVSP model successfully guarantees and maintains the QoS requirements of all the different V2X services. Additionally, it is observed that the proposed G-VSPA algorithm achieves close to optimal performance while having lower complexity.
△ Less
Submitted 13 January, 2020;
originally announced January 2020.
-
An NFV and Microservice Based Architecture for On-the-fly Component Provisioning in Content Delivery Networks
Authors:
Narjes Tahghigh Jahromi,
Roch H. Glitho,
Adel Larabi,
Richard Brunner
Abstract:
Content Delivery Networks (CDNs) deliver content (e.g. Web pages, videos) to geographically distributed end-users over the Internet. Some contents do sometimes attract the attention of a large group of end-users. This often leads to flash crowds which can cause major issues such as outage in the CDN. Microservice architectural style aims at decomposing monolithic systems into smaller components wh…
▽ More
Content Delivery Networks (CDNs) deliver content (e.g. Web pages, videos) to geographically distributed end-users over the Internet. Some contents do sometimes attract the attention of a large group of end-users. This often leads to flash crowds which can cause major issues such as outage in the CDN. Microservice architectural style aims at decomposing monolithic systems into smaller components which can be independently deployed, upgraded and disposed. Network Function Virtualization (NFV) is an emerging technology that aims to reduce costs and bring agility by decoupling network functions from the underlying hardware. This paper leverages the NFV and microservice architectural style to propose an architecture for on-the-fly CDN component provisioning to tackle issues such as flash crowds. In the proposed architecture, CDN components are designed as sets of microservices which interact via RESTFul Web services and are provisioned as Virtual Network Functions (VNFs), which are deployed and orchestrated on-the-fly. We have built a prototype in which a CDN surrogate server, designed as a set of microservices, is deployed on-the-fly. The prototype is deployed on SAVI, a Canadian distributed test bed for future Internet applications. The performance is also evaluated.
△ Less
Submitted 13 October, 2017;
originally announced October 2017.