-
Exploring Spectrum Sensing Techniques in Cognitive Radio Systems Using Time-Domain Symbol Cross-correlation
Authors:
Ahmed Temtam,
Dimitrie Popescu
Abstract:
In order to enable spectrum sharing, spectrum sensing plays a crucial role in wireless communication. The challenges in wireless spectrum require collaboration among stakeholders to devise innovative solutions. This research explores the use of a Cognitive Radio (CR) system that employs a Time-Domain Symbol Cross-correlation (TDSC) based spectrum sensing algorithm. WiMAX and LTE standards are util…
▽ More
In order to enable spectrum sharing, spectrum sensing plays a crucial role in wireless communication. The challenges in wireless spectrum require collaboration among stakeholders to devise innovative solutions. This research explores the use of a Cognitive Radio (CR) system that employs a Time-Domain Symbol Cross-correlation (TDSC) based spectrum sensing algorithm. WiMAX and LTE standards are utilized as case studies to demonstrate the efficacy of the TDSC method. The study presents theoretical and simulation results and also suggests future research to investigate the performance of the TDSC method in WiMAX and LTE systems. Additionally, this study compares the spectrum sensing capabilities of WiMAX and LTE.
△ Less
Submitted 16 October, 2023;
originally announced October 2023.
-
Mitigating IoT Botnet DDos Attacks through MUD and eBPF based Traffic Filtering
Authors:
Angelo Feraudo,
Diana Andreea Popescu,
Poonam Yadav,
Richard Mortier,
Paolo Bellavista
Abstract:
As the prevalence of Internet-of-Things (IoT) devices becomes more and more dominant, so too do the associated management and security challenges. One such challenge is the exploitation of vulnerable devices for recruitment into botnets, which can be used to carry out Distributed Denial-of-Service (DDoS) attacks. The recent Manufacturer Usage Description (MUD) standard has been proposed as a way t…
▽ More
As the prevalence of Internet-of-Things (IoT) devices becomes more and more dominant, so too do the associated management and security challenges. One such challenge is the exploitation of vulnerable devices for recruitment into botnets, which can be used to carry out Distributed Denial-of-Service (DDoS) attacks. The recent Manufacturer Usage Description (MUD) standard has been proposed as a way to mitigate this problem, by allowing manufacturers to define communication patterns that are permitted for their IoT devices, with enforcement at the gateway home router. In this paper, we present a novel integrated system implementation that uses a MUD manager (osMUD) to parse an extended set of MUD rules, which also allow for rate-limiting of traffic and for setting appropriate thresholds. Additionally, we present two new backends for MUD rule enforcement, one based on eBPF and the other based on the Linux standard iptables. The reported evaluation results show that these techniques are feasible and effective in protecting against attacks and in terms of their impact on legitimate traffic and on the home gateway.
△ Less
Submitted 3 May, 2023;
originally announced May 2023.
-
Human-centred home network security
Authors:
Derek McAuley,
Jiahong Chen,
Tom Lodge,
Richard Mortier,
Stanislaw Piasecki,
Diana Andreea Popescu,
Lachlan Urquhart
Abstract:
This chapter draws from across the foregoing chapters discussing many core HDI approaches and disciplinary perspectives to consider the specific application of HDI in home network security. While much work has considered the challenges of securing in home IoT devices and their communications, especially for those with limited power or computational capacity, scant attention has been paid by the re…
▽ More
This chapter draws from across the foregoing chapters discussing many core HDI approaches and disciplinary perspectives to consider the specific application of HDI in home network security. While much work has considered the challenges of securing in home IoT devices and their communications, especially for those with limited power or computational capacity, scant attention has been paid by the research community to home network security, and its acceptability and usability, from the viewpoint of ordinary citizens. It will be clear that we need a radical transformation in our approach to designing domestic networking infrastructure to guard against widespread cyber-attacks that threaten to counter the benefits of the IoT. Our aim has to be to defend against enemies inside the walls, to protect critical functionality in the home against rogue devices and prevent the proliferation of disruptive wide-scale IoT DDOS attacks that are already occurring [1].
△ Less
Submitted 26 March, 2022;
originally announced March 2022.
-
Revisiting IoT Device Identification
Authors:
Roman Kolcun,
Diana Andreea Popescu,
Vadim Safronov,
Poonam Yadav,
Anna Maria Mandalari,
Richard Mortier,
Hamed Haddadi
Abstract:
Internet-of-Things (IoT) devices are known to be the source of many security problems, and as such, they would greatly benefit from automated management. This requires robustly identifying devices so that appropriate network security policies can be applied. We address this challenge by exploring how to accurately identify IoT devices based on their network behavior, while leveraging approaches pr…
▽ More
Internet-of-Things (IoT) devices are known to be the source of many security problems, and as such, they would greatly benefit from automated management. This requires robustly identifying devices so that appropriate network security policies can be applied. We address this challenge by exploring how to accurately identify IoT devices based on their network behavior, while leveraging approaches previously proposed by other researchers.
We compare the accuracy of four different previously proposed machine learning models (tree-based and neural network-based) for identifying IoT devices. We use packet trace data collected over a period of six months from a large IoT test-bed. We show that, while all models achieve high accuracy when evaluated on the same dataset as they were trained on, their accuracy degrades over time, when evaluated on data collected outside the training set. We show that on average the models' accuracy degrades after a couple of weeks by up to 40 percentage points (on average between 12 and 21 percentage points). We argue that, in order to keep the models' accuracy at a high level, these need to be continuously updated.
△ Less
Submitted 16 July, 2021;
originally announced July 2021.
-
Connecting flying backhauls of UAVs to enhance vehicular networks with fixed 5G NR infrastructure
Authors:
Dalia Popescu,
Philippe Jacquet,
Bernard Mans
Abstract:
This paper investigates moving networks of Unmanned Aerial Vehicles (UAVs), such as drones, as one of the innovative opportunities brought by the 5G. With a main purpose to extend connectivity and guarantee data rates, the drones require hovering locations due to limitations such as flight time and coverage surface. We provide analytic bounds on the requirements in terms of connectivity extension…
▽ More
This paper investigates moving networks of Unmanned Aerial Vehicles (UAVs), such as drones, as one of the innovative opportunities brought by the 5G. With a main purpose to extend connectivity and guarantee data rates, the drones require hovering locations due to limitations such as flight time and coverage surface. We provide analytic bounds on the requirements in terms of connectivity extension for vehicular networks served by fixed Enhanced Mobile BroadBand (eMBB) infrastructure, where both vehicular networks and infrastructures are modeled using stochastic and fractal geometry as a model for urban environment. We prove that assuming $n$ mobile nodes (distributed according to a hyperfractal distribution of dimension $d_F$) and an average of $ρ$ Next Generation NodeB (gNBs), distributed like an hyperfractal of dimension $d_r$ if $ρ=n^θ$ with $θ>d_r/4$ and letting $n$ tending to infinity (to reflect megalopolis cities), then the average fraction of mobile nodes not covered by a gNB tends to zero like $O\left(n^{-\frac{(d_F-2)}{d_r}(2θ-\frac{d_r}{2})}\right)$. Interestingly, we then prove that the average number of drones, needed to connect each mobile node not covered by gNBs is comparable to the number of isolated mobile nodes. We complete the characterisation by proving that when $θ<d_r/4$ the proportion of covered mobile nodes tends to zero. We provide insights on the intelligent placement of the "garage of drones", the home location of these nomadic infrastructure nodes, such as to minimize what we call the "flight-to-coverage time". We provide a fast procedure to select the relays that will be garages (and store drones) in order to minimize the number of garages and minimize the delay. Finally we confirm our analytical results using simulations carried out in Matlab.
△ Less
Submitted 5 February, 2021;
originally announced February 2021.
-
Characterizing the Energy Trade-Offs of End-to-End Vehicular Communications using an Hyperfractal Urban Modelling
Authors:
Dalia Popescu,
Philippe Jacquet,
Bernard Mans,
Bartomiej Blaszczyszyn
Abstract:
We characterize trade-offs between the end-to-end communication delay and the energy in urban vehicular communications with infrastructure assistance. Our study exploits the self-similarity of the location of communication entities in cities by modeling them with an innovative model called "hyperfractal". We show that the hyperfractal model can be extended to incorporate road-side infrastructure a…
▽ More
We characterize trade-offs between the end-to-end communication delay and the energy in urban vehicular communications with infrastructure assistance. Our study exploits the self-similarity of the location of communication entities in cities by modeling them with an innovative model called "hyperfractal". We show that the hyperfractal model can be extended to incorporate road-side infrastructure and provide stochastic geometry tools to allow a rigorous analysis. We compute theoretical bounds for the end-to-end communication hop count considering two different energy-minimizing goals: either total accumulated energy or maximum energy per node. We prove that the hop count for an end-to-end transmission is bounded by $O(n^{1-α/(d_F-1)})$ where $α<1$ and $d_F>2$ is the fractal dimension of the mobile nodes process. This proves that for both constraints the energy decreases as we allow choosing routing paths of higher length. The asymptotic limit of the energy becomes significantly small when the number of nodes becomes asymptotically large. A lower bound on the network throughput capacity with constraints on path energy is also given. We show that our model fits real deployments where open data sets are available. The results are confirmed through simulations using different fractal dimensions in a Matlab simulator.
△ Less
Submitted 1 February, 2021;
originally announced February 2021.
-
The Case for Retraining of ML Models for IoT Device Identification at the Edge
Authors:
Roman Kolcun,
Diana Andreea Popescu,
Vadim Safronov,
Poonam Yadav,
Anna Maria Mandalari,
Yiming Xie,
Richard Mortier,
Hamed Haddadi
Abstract:
Internet-of-Things (IoT) devices are known to be the source of many security problems, and as such they would greatly benefit from automated management. This requires robustly identifying devices so that appropriate network security policies can be applied. We address this challenge by exploring how to accurately identify IoT devices based on their network behavior, using resources available at th…
▽ More
Internet-of-Things (IoT) devices are known to be the source of many security problems, and as such they would greatly benefit from automated management. This requires robustly identifying devices so that appropriate network security policies can be applied. We address this challenge by exploring how to accurately identify IoT devices based on their network behavior, using resources available at the edge of the network.
In this paper, we compare the accuracy of five different machine learning models (tree-based and neural network-based) for identifying IoT devices by using packet trace data from a large IoT test-bed, showing that all models need to be updated over time to avoid significant degradation in accuracy. In order to effectively update the models, we find that it is necessary to use data gathered from the deployment environment, e.g., the household. We therefore evaluate our approach using hardware resources and data sources representative of those that would be available at the edge of the network, such as in an IoT deployment. We show that updating neural network-based models at the edge is feasible, as they require low computational and memory resources and their structure is amenable to being updated. Our results show that it is possible to achieve device identification and categorization with over 80% and 90% accuracy respectively at the edge.
△ Less
Submitted 17 November, 2020;
originally announced November 2020.
-
Anatomically-Informed Deep Learning on Contrast-Enhanced Cardiac MRI for Scar Segmentation and Clinical Feature Extraction
Authors:
Haley G. Abramson,
Dan M. Popescu,
Rebecca Yu,
Changxin Lai,
Julie K. Shade,
Katherine C. Wu,
Mauro Maggioni,
Natalia A. Trayanova
Abstract:
Visualizing disease-induced scarring and fibrosis in the heart on cardiac magnetic resonance (CMR) imaging with contrast enhancement (LGE) is paramount in characterizing disease progression and quantifying pathophysiological substrates of arrhythmias. However, segmentation and scar/fibrosis identification from LGE-CMR is an intensive manual process prone to large inter-observer variability. Here,…
▽ More
Visualizing disease-induced scarring and fibrosis in the heart on cardiac magnetic resonance (CMR) imaging with contrast enhancement (LGE) is paramount in characterizing disease progression and quantifying pathophysiological substrates of arrhythmias. However, segmentation and scar/fibrosis identification from LGE-CMR is an intensive manual process prone to large inter-observer variability. Here, we present a novel fully-automated anatomically-informed deep learning solution for left ventricle (LV) and scar/fibrosis segmentation and clinical feature extraction from LGE-CMR. The technology involves three cascading convolutional neural networks that segment myocardium and scar/fibrosis from raw LGE-CMR images and constrain these segmentations within anatomical guidelines, thus facilitating seamless derivation of clinically-significant parameters. In addition to available LGE-CMR images, training used "LGE-like" synthetically enhanced cine scans. Results show excellent agreement with those of trained experts in terms of segmentation (balanced accuracy of $96\%$ and $75\%$ for LV and scar segmentation), clinical features ($2\%$ difference in mean scar-to-LV wall volume fraction), and anatomical fidelity. Our segmentation technology is extendable to other computer vision medical applications and to problems requiring guidelines adherence of predicted outputs.
△ Less
Submitted 8 January, 2021; v1 submitted 21 October, 2020;
originally announced October 2020.
-
Vision-Aided Radio: User Identity Match in Radio and Video Domains Using Machine Learning
Authors:
Vinicius M. de Pinho,
Marcello L. R. de Campos,
Luis Uzeda Garcia,
Dalia Popescu
Abstract:
5G is designed to be an essential enabler and a leading infrastructure provider in the communication technology industry by supporting the demand for the growing data traffic and a variety of services with distinct requirements. The use of deep learning and computer vision tools has the means to increase the environmental awareness of the network with information from visual data. Information extr…
▽ More
5G is designed to be an essential enabler and a leading infrastructure provider in the communication technology industry by supporting the demand for the growing data traffic and a variety of services with distinct requirements. The use of deep learning and computer vision tools has the means to increase the environmental awareness of the network with information from visual data. Information extracted via computer vision tools such as user position, movement direction, and speed can be promptly available for the network. However, the network must have a mechanism to match the identity of a user in both visual and radio systems. This mechanism is absent in the present literature. Therefore, we propose a framework to match the information from both visual and radio domains. This is an essential step to practical applications of computer vision tools in communications. We detail the proposed framework training and deployment phases for a presented setup. We carried out practical experiments using data collected in different types of environments. The work compares the use of Deep Neural Network and Random Forest classifiers and shows that the former performed better across all experiments, achieving classification accuracy greater than 99%.
△ Less
Submitted 14 December, 2020; v1 submitted 14 October, 2020;
originally announced October 2020.
-
WSN and Fog Computing Integration for Intelligent Data Processing
Authors:
Viorel Mihai,
Cristina Elena Hanganu,
Grigore Stamatescu,
Dan Popescu
Abstract:
Networked embedded systems endowed with sensing, computing, control and communication capabilities allow the development of various application scenarios and represent the building blocks of the Internet of Things (IoT) paradigm. Traditional data collection methods include multiple field level IoT systems that can relay data stemming from a network of distributed ground sensors directly to a cloud…
▽ More
Networked embedded systems endowed with sensing, computing, control and communication capabilities allow the development of various application scenarios and represent the building blocks of the Internet of Things (IoT) paradigm. Traditional data collection methods include multiple field level IoT systems that can relay data stemming from a network of distributed ground sensors directly to a cloud platform for storage, analysis and processing. In such applications however, rapid sensor deployment in unstructured environments represents a challenge to the overall robustness of the system. We discuss the fog and mist computing approaches to hierarchically process data along its path from source to destination. The several stages of intermediate data processing reduce the computational and communication effort in a gradual manner. A three-layer topology for smart data monitoring and processing is thus proposed and illustrated to improve the information to noise ratio in a reference scenario.
△ Less
Submitted 22 March, 2019;
originally announced March 2019.
-
No Delay: Latency-Driven, Application Performance-Aware, Cluster Scheduling
Authors:
Diana Andreea Popescu,
Andrew W. Moore
Abstract:
Given the network latency variability observed in data centers, applications' performance is also determined by their placement within the data centre. We present NoMora, a cluster scheduling architecture whose core is represented by a latency-driven, application performance-aware, cluster scheduling policy. The policy places the tasks of an application taking into account the expected performance…
▽ More
Given the network latency variability observed in data centers, applications' performance is also determined by their placement within the data centre. We present NoMora, a cluster scheduling architecture whose core is represented by a latency-driven, application performance-aware, cluster scheduling policy. The policy places the tasks of an application taking into account the expected performance based on the measured network latency between pairs of hosts in the data center. Furthermore, if a tenant's application experiences increased network latency, and thus lower application performance, their application may be migrated to a better placement. Preliminary results show that our policy improves the overall average application performance by up to 13.4% and by up to 42% if preemption is enabled, and improves the task placement latency by a factor of 1.79x and the median algorithm runtime by 1.16x compared to a random policy on the Google cluster workload. This demonstrates that application performance can be improved by exploiting the relationship between network latency and application performance, and the current network conditions in a data center, while preserving the demands of low-latency cluster scheduling.
△ Less
Submitted 18 August, 2019; v1 submitted 17 March, 2019;
originally announced March 2019.
-
Seek and Push: Detecting Large Traffic Aggregates in the Dataplane
Authors:
Jan Kučera,
Diana Andreea Popescu,
Gianni Antichi,
Jan Kořenek,
Andrew W. Moore
Abstract:
High level goals such as bandwidth provisioning, accounting and network anomaly detection can be easily met if high-volume traffic clusters are detected in real time. This paper presents Elastic Trie, an alternative to approaches leveraging controller-dataplane architectures.
Our solution is a novel push-based network monitoring approach that allows detection, within the dataplane, of high-volum…
▽ More
High level goals such as bandwidth provisioning, accounting and network anomaly detection can be easily met if high-volume traffic clusters are detected in real time. This paper presents Elastic Trie, an alternative to approaches leveraging controller-dataplane architectures.
Our solution is a novel push-based network monitoring approach that allows detection, within the dataplane, of high-volume traffic clusters. Notifications from the switch to the controller can be sent only as required, avoiding the transmission or processing of unnecessary data. Furthermore, the dataplane can iteratively refine the responsible IP prefixes allowing a controller to receive a flexible granularity information. We report and discuss an evaluation of our P4-based prototype, showing our solution to be able to detect (with 95% of precision), hierarchical heavy hitters and superspreaders using less than 8KB or 80KB of active memory respectively. Finally, Elastic Trie can identify changes in the network traffic patterns, symptomatic of Denial-of-Service attack events.
△ Less
Submitted 15 May, 2018;
originally announced May 2018.
-
Information Dissemination Speed in Delay Tolerant Urban Vehicular Networks in a Hyperfractal Setting
Authors:
Dalia Popescu,
Philippe Jacquet,
Bernard Mans,
Robert Dumitru,
Andra Pastrav,
Emanuel Puschita
Abstract:
This paper studies the fundamental communication properties of urban vehicle networks by exploiting the self-similarity and hierarchical organization of modern cities. We use an innovative model called "hyperfractal" that captures the self-similarities of both the traffic and vehicle locations but avoids the extremes of regularity and randomness. We use analytical tools to derive theoretical upper…
▽ More
This paper studies the fundamental communication properties of urban vehicle networks by exploiting the self-similarity and hierarchical organization of modern cities. We use an innovative model called "hyperfractal" that captures the self-similarities of both the traffic and vehicle locations but avoids the extremes of regularity and randomness. We use analytical tools to derive theoretical upper and lower bounds for the information propagation speed in an urban delay tolerant network (i.e., a network that is disconnected at all time, and thus uses a store-carry-and-forward routing model). We prove that the average broadcast time behaves as $n^{1-δ}$ times a slowly varying function, where $δ$ depends on the precise fractal dimension.
Furthermore, we show that the broadcast speedup is due in part to an interesting self-similar phenomenon, that we denote as {\em information teleportation}. This phenomenon arises as a consequence of the topology of the vehicle traffic, and triggers an acceleration of the broadcast time. We show that our model fits real cities where open traffic data sets are available. We present simulations confirming the validity of the bounds in multiple realistic settings, including scenarios with variable speed, using both QualNet and a discrete-event simulator in Matlab.
△ Less
Submitted 8 August, 2019; v1 submitted 11 December, 2017;
originally announced December 2017.
-
Hiding Malicious Content in PDF Documents
Authors:
Dan-Sabin Popescu
Abstract:
This paper is a proof-of-concept demonstration for a specific digital signatures vulnerability that shows the ineffectiveness of the WYSIWYS (What You See Is What You Sign) concept. The algorithm is fairly simple: the attacker generates a polymorphic file that has two different types of content (text, as a PDF document for example, and image: TIFF - two of the most widely used file formats). When…
▽ More
This paper is a proof-of-concept demonstration for a specific digital signatures vulnerability that shows the ineffectiveness of the WYSIWYS (What You See Is What You Sign) concept. The algorithm is fairly simple: the attacker generates a polymorphic file that has two different types of content (text, as a PDF document for example, and image: TIFF - two of the most widely used file formats). When the victim signs the dual content file, he/ she only sees a PDF document and is unaware of the hidden content inside the file. After obtaining the legally signed document from the victim, the attacker simply has to change the extension to the other file format. This will not invalidate the digital signature, as no bits were altered. The destructive potential of the attack is considerable, as the Portable Document Format (PDF) is widely used in e-government and in e-business contexts.
△ Less
Submitted 1 January, 2012;
originally announced January 2012.