-
Anomaly-Flow: A Multi-domain Federated Generative Adversarial Network for Distributed Denial-of-Service Detection
Authors:
Leonardo Henrique de Melo,
Gustavo de Carvalho Bertoli,
Michele Nogueira,
Aldri Luiz dos Santos,
Lourenço Alves Pereira Junior
Abstract:
Distributed denial-of-service (DDoS) attacks remain a critical threat to Internet services, causing costly disruptions. While machine learning (ML) has shown promise in DDoS detection, current solutions struggle with multi-domain environments where attacks must be detected across heterogeneous networks and organizational boundaries. This limitation severely impacts the practical deployment of ML-b…
▽ More
Distributed denial-of-service (DDoS) attacks remain a critical threat to Internet services, causing costly disruptions. While machine learning (ML) has shown promise in DDoS detection, current solutions struggle with multi-domain environments where attacks must be detected across heterogeneous networks and organizational boundaries. This limitation severely impacts the practical deployment of ML-based defenses in real-world settings.
This paper introduces Anomaly-Flow, a novel framework that addresses this critical gap by combining Federated Learning (FL) with Generative Adversarial Networks (GANs) for privacy-preserving, multi-domain DDoS detection. Our proposal enables collaborative learning across diverse network domains while preserving data privacy through synthetic flow generation. Through extensive evaluation across three distinct network datasets, Anomaly-Flow achieves an average F1-score of $0.747$, outperforming baseline models. Importantly, our framework enables organizations to share attack detection capabilities without exposing sensitive network data, making it particularly valuable for critical infrastructure and privacy-sensitive sectors.
Beyond immediate technical contributions, this work provides insights into the challenges and opportunities in multi-domain DDoS detection, establishing a foundation for future research in collaborative network defense systems. Our findings have important implications for academic research and industry practitioners working to deploy practical ML-based security solutions.
△ Less
Submitted 18 March, 2025;
originally announced March 2025.
-
Investigating the Energy Consumption of C++ and Java Solutions Mined from a Programming Contest Site
Authors:
Sérgio Queiroz de Medeiros,
Marcelo Borges Nogueira,
Gustavo Quezado
Abstract:
The concern about global warming increased the interest in the energy efficiency of computer applications. Assuming power is constant, the general trend is that faster programs consume less energy, thus optimizing a program for speed would also improve its energy efficiency.
We investigate this tendency in a set of C++ and Java solutions mined from Code Submission Evaluation System (CSES), a pop…
▽ More
The concern about global warming increased the interest in the energy efficiency of computer applications. Assuming power is constant, the general trend is that faster programs consume less energy, thus optimizing a program for speed would also improve its energy efficiency.
We investigate this tendency in a set of C++ and Java solutions mined from Code Submission Evaluation System (CSES), a popular programming competition site, where each solution must give the correct answer under a given time limit. In such context, we can consider that all correct solutions for a problem were written with a speed concern, but not with energy efficiency in mind.
We selected 15 problems from CSES and for each of them we mined at least 30 C++ and Java solutions, evaluating time and energy efficiency of each solution in at least two different machines. In our scenario, where there is a great diversity of programming styles, execution speed, and memory usage, we could confirm the general trend: faster programs consume less energy. Moreover, we were able to use ordinary least squares to fit a linear function, with good precision, that relates energy consumption of a program based on its execution time, as well as to automatically identify programs with abnormal energy consumption. A manual analysis of these programs revealed that often they perform a different amount of allocation and deallocation operations when compared to programs with similar execution times.
We also calculated the energy consumption profile of sets of random C++ solutions for these 15 CSES problems, and we tried to associate each set with its corresponding CSES problem by using the energy consumption profiles previously computed for each one of them. With this approach, we restricted, for each set of random C++ solutions, the classification task to a subset of 7 CSES problems, a reduction of more than 50% in the search space.
△ Less
Submitted 19 December, 2024;
originally announced December 2024.
-
Harnessing TI Feeds for Exploitation Detection
Authors:
Kajal Patel,
Zubair Shafiq,
Mateus Nogueira,
Daniel Sadoc Menasché,
Enrico Lovat,
Taimur Kashif,
Ashton Woiwood,
Matheus Martins
Abstract:
Many organizations rely on Threat Intelligence (TI) feeds to assess the risk associated with security threats. Due to the volume and heterogeneity of data, it is prohibitive to manually analyze the threat information available in different loosely structured TI feeds. Thus, there is a need to develop automated methods to vet and extract actionable information from TI feeds. To this end, we present…
▽ More
Many organizations rely on Threat Intelligence (TI) feeds to assess the risk associated with security threats. Due to the volume and heterogeneity of data, it is prohibitive to manually analyze the threat information available in different loosely structured TI feeds. Thus, there is a need to develop automated methods to vet and extract actionable information from TI feeds. To this end, we present a machine learning pipeline to automatically detect vulnerability exploitation from TI feeds. We first model threat vocabulary in loosely structured TI feeds using state-of-the-art embedding techniques (Doc2Vec and BERT) and then use it to train a supervised machine learning classifier to detect exploitation of security vulnerabilities. We use our approach to identify exploitation events in 191 different TI feeds. Our longitudinal evaluation shows that it is able to accurately identify exploitation events from TI feeds only using past data for training and even on TI feeds withheld from training. Our proposed approach is useful for a variety of downstream tasks such as data-driven vulnerability risk assessment.
△ Less
Submitted 11 September, 2024;
originally announced September 2024.
-
Vulnerable Road User Detection and Safety Enhancement: A Comprehensive Survey
Authors:
Renato M. Silva,
Gregorio F. Azevedo,
Matheus V. V. Berto,
Jean R. Rocha,
Eduardo C. Fidelis,
Matheus V. Nogueira,
Pedro H. Lisboa,
Tiago A. Almeida
Abstract:
Traffic incidents involving vulnerable road users (VRUs) constitute a significant proportion of global road accidents. Advances in traffic communication ecosystems, coupled with sophisticated signal processing and machine learning techniques, have facilitated the utilization of data from diverse sensors. Despite these advancements and the availability of extensive datasets, substantial progress is…
▽ More
Traffic incidents involving vulnerable road users (VRUs) constitute a significant proportion of global road accidents. Advances in traffic communication ecosystems, coupled with sophisticated signal processing and machine learning techniques, have facilitated the utilization of data from diverse sensors. Despite these advancements and the availability of extensive datasets, substantial progress is required to mitigate traffic casualties. This paper provides a comprehensive survey of state-of-the-art technologies and methodologies to enhance the safety of VRUs. The study investigates the communication networks between vehicles and VRUs, emphasizing the integration of advanced sensors and the availability of relevant datasets. It explores preprocessing techniques and data fusion methods to enhance sensor data quality. Furthermore, our study assesses critical simulation environments essential for developing and testing VRU safety systems. Our research also highlights recent advances in VRU detection and classification algorithms, addressing challenges such as variable environmental conditions. Additionally, we cover cutting-edge research in predicting VRU intentions and behaviors, which is mandatory for proactive collision avoidance strategies. Through this survey, we aim to provide a comprehensive understanding of the current landscape of VRU safety technologies, identifying areas of progress and areas needing further research and development.
△ Less
Submitted 27 June, 2025; v1 submitted 29 May, 2024;
originally announced May 2024.
-
LLaMandement: Large Language Models for Summarization of French Legislative Proposals
Authors:
Joseph Gesnouin,
Yannis Tannier,
Christophe Gomes Da Silva,
Hatim Tapory,
Camille Brier,
Hugo Simon,
Raphael Rozenberg,
Hermann Woehrel,
Mehdi El Yakaabi,
Thomas Binder,
Guillaume Marie,
Emilie Caron,
Mathile Nogueira,
Thomas Fontas,
Laure Puydebois,
Marie Theophile,
Stephane Morandi,
Mael Petit,
David Creissac,
Pauline Ennouchy,
Elise Valetoux,
Celine Visade,
Severine Balloux,
Emmanuel Cortes,
Pierre-Etienne Devineau
, et al. (3 additional authors not shown)
Abstract:
This report introduces LLaMandement, a state-of-the-art Large Language Model, fine-tuned by the French government and designed to enhance the efficiency and efficacy of processing parliamentary sessions (including the production of bench memoranda and documents required for interministerial meetings) by generating neutral summaries of legislative proposals. Addressing the administrative challenges…
▽ More
This report introduces LLaMandement, a state-of-the-art Large Language Model, fine-tuned by the French government and designed to enhance the efficiency and efficacy of processing parliamentary sessions (including the production of bench memoranda and documents required for interministerial meetings) by generating neutral summaries of legislative proposals. Addressing the administrative challenges of manually processing a growing volume of legislative amendments, LLaMandement stands as a significant legal technological milestone, providing a solution that exceeds the scalability of traditional human efforts while matching the robustness of a specialized legal drafter. We release all our fine-tuned models and training data to the community.
△ Less
Submitted 29 January, 2024;
originally announced January 2024.
-
Multidomain transformer-based deep learning for early detection of network intrusion
Authors:
Jinxin Liu,
Murat Simsek,
Michele Nogueira,
Burak Kantarci
Abstract:
Timely response of Network Intrusion Detection Systems (NIDS) is constrained by the flow generation process which requires accumulation of network packets. This paper introduces Multivariate Time Series (MTS) early detection into NIDS to identify malicious flows prior to their arrival at target systems. With this in mind, we first propose a novel feature extractor, Time Series Network Flow Meter (…
▽ More
Timely response of Network Intrusion Detection Systems (NIDS) is constrained by the flow generation process which requires accumulation of network packets. This paper introduces Multivariate Time Series (MTS) early detection into NIDS to identify malicious flows prior to their arrival at target systems. With this in mind, we first propose a novel feature extractor, Time Series Network Flow Meter (TS-NFM), that represents network flow as MTS with explainable features, and a new benchmark dataset is created using TS-NFM and the meta-data of CICIDS2017, called SCVIC-TS-2022. Additionally, a new deep learning-based early detection model called Multi-Domain Transformer (MDT) is proposed, which incorporates the frequency domain into Transformer. This work further proposes a Multi-Domain Multi-Head Attention (MD-MHA) mechanism to improve the ability of MDT to extract better features. Based on the experimental results, the proposed methodology improves the earliness of the conventional NIDS (i.e., percentage of packets that are used for classification) by 5x10^4 times and duration-based earliness (i.e., percentage of duration of the classified packets of a flow) by a factor of 60, resulting in a 84.1% macro F1 score (31% higher than Transformer) on SCVIC-TS-2022. Additionally, the proposed MDT outperforms the state-of-the-art early detection methods by 5% and 6% on ECG and Wafer datasets, respectively.
△ Less
Submitted 3 September, 2023;
originally announced September 2023.
-
Cream Skimming the Underground: Identifying Relevant Information Points from Online Forums
Authors:
Felipe Moreno-Vera,
Mateus Nogueira,
Cainã Figueiredo,
Daniel Sadoc Menasché,
Miguel Bicudo,
Ashton Woiwood,
Enrico Lovat,
Anton Kocheturov,
Leandro Pfleger de Aguiar
Abstract:
This paper proposes a machine learning-based approach for detecting the exploitation of vulnerabilities in the wild by monitoring underground hacking forums. The increasing volume of posts discussing exploitation in the wild calls for an automatic approach to process threads and posts that will eventually trigger alarms depending on their content. To illustrate the proposed system, we use the Crim…
▽ More
This paper proposes a machine learning-based approach for detecting the exploitation of vulnerabilities in the wild by monitoring underground hacking forums. The increasing volume of posts discussing exploitation in the wild calls for an automatic approach to process threads and posts that will eventually trigger alarms depending on their content. To illustrate the proposed system, we use the CrimeBB dataset, which contains data scraped from multiple underground forums, and develop a supervised machine learning model that can filter threads citing CVEs and label them as Proof-of-Concept, Weaponization, or Exploitation. Leveraging random forests, we indicate that accuracy, precision and recall above 0.99 are attainable for the classification task. Additionally, we provide insights into the difference in nature between weaponization and exploitation, e.g., interpreting the output of a decision tree, and analyze the profits and other aspects related to the hacking communities. Overall, our work sheds insight into the exploitation of vulnerabilities in the wild and can be used to provide additional ground truth to models such as EPSS and Expected Exploitability.
△ Less
Submitted 3 August, 2023;
originally announced August 2023.
-
pmSensing: A Participatory Sensing Network for Predictive Monitoring of Particulate Matter
Authors:
Lucas L. S. Sachetti,
Enzo B. Cussuol,
José Marcos S. Nogueira,
Vinicius F. S. Mota
Abstract:
This work presents a proposal for a wireless sensor network for participatory sensing, with IoT sensing devices developed especially for monitoring and predicting air quality, as alternatives of high cost meteorological stations. The system, called pmSensing, aims to measure particulate material. A validation is done by comparing the data collected by the prototype with data from stations. The com…
▽ More
This work presents a proposal for a wireless sensor network for participatory sensing, with IoT sensing devices developed especially for monitoring and predicting air quality, as alternatives of high cost meteorological stations. The system, called pmSensing, aims to measure particulate material. A validation is done by comparing the data collected by the prototype with data from stations. The comparison shows that the results are close, which can enable low-cost solutions to the problem. The system still presents a predictive analysis using recurrent neural networks, in this case the LSTM-RNN, where the predictions presented high accuracy in relation to the real data.
△ Less
Submitted 22 November, 2021;
originally announced November 2021.
-
The CirCor DigiScope Dataset: From Murmur Detection to Murmur Classification
Authors:
Jorge Oliveira,
Francesco Renna,
Paulo Dias Costa,
Marcelo Nogueira,
Cristina Oliveira,
Carlos Ferreira,
Alipio Jorge,
Sandra Mattos,
Thamine Hatem,
Thiago Tavares,
Andoni Elola,
Ali Bahrami Rad,
Reza Sameni,
Gari D Clifford,
Miguel T. Coimbra
Abstract:
Cardiac auscultation is one of the most cost-effective techniques used to detect and identify many heart conditions. Computer-assisted decision systems based on auscultation can support physicians in their decisions. Unfortunately, the application of such systems in clinical trials is still minimal since most of them only aim to detect the presence of extra or abnormal waves in the phonocardiogram…
▽ More
Cardiac auscultation is one of the most cost-effective techniques used to detect and identify many heart conditions. Computer-assisted decision systems based on auscultation can support physicians in their decisions. Unfortunately, the application of such systems in clinical trials is still minimal since most of them only aim to detect the presence of extra or abnormal waves in the phonocardiogram signal, i.e., only a binary ground truth variable (normal vs abnormal) is provided. This is mainly due to the lack of large publicly available datasets, where a more detailed description of such abnormal waves (e.g., cardiac murmurs) exists.
To pave the way to more effective research on healthcare recommendation systems based on auscultation, our team has prepared the currently largest pediatric heart sound dataset. A total of 5282 recordings have been collected from the four main auscultation locations of 1568 patients, in the process, 215780 heart sounds have been manually annotated. Furthermore, and for the first time, each cardiac murmur has been manually annotated by an expert annotator according to its timing, shape, pitch, grading, and quality. In addition, the auscultation locations where the murmur is present were identified as well as the auscultation location where the murmur is detected more intensively. Such detailed description for a relatively large number of heart sounds may pave the way for new machine learning algorithms with a real-world application for the detection and analysis of murmur waves for diagnostic purposes.
△ Less
Submitted 24 December, 2021; v1 submitted 2 August, 2021;
originally announced August 2021.
-
An Access Control for IoT Based on Network Community Perception and Social Trust Against Sybil Attacks
Authors:
Gustavo Oliveira,
Agnaldo de Souza Batista,
Michele Nogueira,
Aldri Santos
Abstract:
The evolution of the Internet of Things (IoT) has increased the connection of personal devices, mainly taking into account the habits and behavior of their owners. These environments demand access control mechanisms to protect them against intruders, like Sybil attacks. that can compromise data privacy or disrupt the network operation. The Social IoT paradigm enables access control systems to aggr…
▽ More
The evolution of the Internet of Things (IoT) has increased the connection of personal devices, mainly taking into account the habits and behavior of their owners. These environments demand access control mechanisms to protect them against intruders, like Sybil attacks. that can compromise data privacy or disrupt the network operation. The Social IoT paradigm enables access control systems to aggregate community context and sociability information from devices to enhance robustness and security. This work introduces the ELECTRON mechanism to control access in IoT networks based on social trust between devices to protect the network from Sybil attackers. ELECTRON groups IoT devices into communities by their social similarity and evaluates their social trust, strengthening the reliability between legitimate devices and their resilience against the interaction of Sybil attackers. NS-3 Simulations show the ELECTRON performance under Sybil attacks on several IoT communities so that it has gotten to detect more than 90% of attackers in a scenario with 150 nodes into offices, schools, gyms, and~parks communities, and in other scenarios for same communities it achieved around of 90\% of detection. Furthermore, it provided high accuracy, over 90-95%, and false positive rates closer to zero.
△ Less
Submitted 21 July, 2021;
originally announced July 2021.
-
Relational Consensus-Based Cooperative Task Allocation Management for IIoT-Health Networks
Authors:
Carlos Pedroso,
Yan Uehara de Moraes,
Michele Nogueira,
Aldri Santos
Abstract:
IIoT services focused on industry-oriented services often require objects run more than one task. IIoT objects poses the challenge of distributing and managing task allocation among them. The fairness of task allocation brings flexible network reconfiguration and maximizes the tasks to be performed. Although existing approaches optimize and manage the dynamics of objects, not all them consider bot…
▽ More
IIoT services focused on industry-oriented services often require objects run more than one task. IIoT objects poses the challenge of distributing and managing task allocation among them. The fairness of task allocation brings flexible network reconfiguration and maximizes the tasks to be performed. Although existing approaches optimize and manage the dynamics of objects, not all them consider both co-relationship between tasks and object capabilities and the distributed allocation over the cluster service. This paper introduces the ACADIA mechanism for task allocation in IIoT networks in order to distribute task among objects. It relies on relational consensus strategies to allocate tasks and similarity capabilities to determine which objects can play in accomplishing those tasks. Evaluation on NS-3 showed that ACADIA achieved 98% of allocated tasks in an IIoT-Health considering all scenarios, average more than 95% of clusters apt to performed tasks in a low response time, and achieved 50% more effectiveness in task allocation compared to the literature solution CONTASKI.
△ Less
Submitted 1 February, 2021;
originally announced February 2021.
-
Improving Predictability of User-Affecting Metrics to Support Anomaly Detection in Cloud Services
Authors:
Vilc Rufino,
Mateus Nogueira,
Alberto Avritzer,
Daniel Menasché,
Barbara Russo,
Andrea Janes,
Vincenzo Ferme,
André Van Hoorn,
Henning Schulz,
Cabral Lima
Abstract:
Anomaly detection systems aim to detect and report attacks or unexpected behavior in networked systems. Previous work has shown that anomalies have an impact on system performance, and that performance signatures can be effectively used for implementing an IDS. In this paper, we present an analytical and an experimental study on the trade-off between anomaly detection based on performance signatur…
▽ More
Anomaly detection systems aim to detect and report attacks or unexpected behavior in networked systems. Previous work has shown that anomalies have an impact on system performance, and that performance signatures can be effectively used for implementing an IDS. In this paper, we present an analytical and an experimental study on the trade-off between anomaly detection based on performance signatures and system scalability. The proposed approach combines analytical modeling and load testing to find optimal configurations for the signature-based IDS. We apply a heavy-tail bi-modal modeling approach, where "long" jobs represent large resource consuming transactions, e.g., generated by DDoS attacks; the model was parametrized using results obtained from controlled experiments. For performance purposes, mean response time is the key metric to be minimized, whereas for security purposes, response time variance and classification accuracy must be taken into account. The key insights from our analysis are: (i) there is an optimal number of servers which minimizes the response time variance, (ii) the sweet-spot number of servers that minimizes response time variance and maximizes classification accuracy is typically smaller than or equal to the one that minimizes mean response time. Therefore, for security purposes, it may be worth slightly sacrificing performance to increase classification accuracy.
△ Less
Submitted 24 December, 2020;
originally announced December 2020.
-
Detecting FDI Attack on Dense IoT Network with Distributed Filtering Collaboration and Consensus
Authors:
Carlos Pedroso,
Aldri Santos,
Michele Nogueira
Abstract:
The rise of IoT has made possible the development of %increasingly personalized services, like industrial services that often deal with massive amounts of data. However, as IoT grows, its threats are even greater. The false data injection (FDI) attack stands out as being one of the most harmful to data networks like IoT. The majority of current systems to handle this attack do not take into accoun…
▽ More
The rise of IoT has made possible the development of %increasingly personalized services, like industrial services that often deal with massive amounts of data. However, as IoT grows, its threats are even greater. The false data injection (FDI) attack stands out as being one of the most harmful to data networks like IoT. The majority of current systems to handle this attack do not take into account the data validation, especially on the data clustering service. This work introduces CONFINIT, an intrusion detection system against FDI attacks on the data dissemination service into dense IoT. It combines watchdog surveillance and collaborative consensus among IoT devices for getting the swift detection of attackers. CONFINIT was evaluated in the NS-3 simulator into a dense industrial IoT and it has gotten detection rates of 99%, 3.2% of false negative and 3.6% of false positive rates, adding up to 35% in clustering without FDI attackers.
△ Less
Submitted 29 October, 2020;
originally announced October 2020.
-
GROWN: Local Data Compression in Real-Time To Support Energy Efficiency in WBAN
Authors:
Cainã Passos,
Carlos Pedroso,
Agnaldo Batista,
Michele Nogueira,
Aldri Santos
Abstract:
The evolution of wireless technologies has enabled the creation of networks for several purposes as health care monitoring. The Wireless Body Area Networks (WBANs) enable continuous and real-time monitoring of physiological signals, but that monitoring leads to an excessive data transmission usage, and drastically affects the power consumption of the devices. Although there are approaches for redu…
▽ More
The evolution of wireless technologies has enabled the creation of networks for several purposes as health care monitoring. The Wireless Body Area Networks (WBANs) enable continuous and real-time monitoring of physiological signals, but that monitoring leads to an excessive data transmission usage, and drastically affects the power consumption of the devices. Although there are approaches for reducing energy consumption, many of them do not consider information redundancy to reduce the power consumption. This paper proposes a hybrid approach of local data compression, called GROWN, to decrease information redundancy during data transmission and reduce the energy consumption. Our approach combines local data compression methods found in WSN. We have evaluated GROWN by experimentation, and the results show a decrease in energy consumption of the devices and an increase in network lifetime.
△ Less
Submitted 18 October, 2020;
originally announced October 2020.
-
Social-based Cooperation of Vehicles for Data Dissemination of Critical Urban Events
Authors:
Alisson Yury,
Everaldo Andrade,
Michele Nogueira,
Aldri Santos,
Fernando Matos
Abstract:
Critical urban events need to be efficiently handled, for instance, through rapid notification. VANETs are a promising choice in supporting notification of information on arbitrary critical events. Although the dynamicity of VANETs compromises the dissemination process, the connections among vehicles based on users' social interests allow for optimizing message exchange and data dissemination. Thi…
▽ More
Critical urban events need to be efficiently handled, for instance, through rapid notification. VANETs are a promising choice in supporting notification of information on arbitrary critical events. Although the dynamicity of VANETs compromises the dissemination process, the connections among vehicles based on users' social interests allow for optimizing message exchange and data dissemination. This paper introduces SOCIABLE, a robust data dissemination system for critical urban events that operates in a SIoV network. It is based on vehicles' community with common interests and/or similar routines and employs social influence of vehicles according to their network location to select relay vehicles. In a comparative analysis on NS3 with the MINUET system, SOCIABLE achieved 36.56% less packets transmitted in a dense VANET and a maximum packet delivery delay of 28ms in a sparse VANET, delivering critical event data in a real-time and robust way without overloading the~network.
△ Less
Submitted 9 September, 2020;
originally announced September 2020.
-
Managing Consensus-Based Cooperative Task Allocation for IIoT Networks
Authors:
Carlos Pedroso,
Yan Uehara de Moraes,
Michele Nogueira,
Aldri Santos
Abstract:
Current IoT services include industry-oriented services, which often require objects to run more than one task. However, the exponential growth of objects in IoT poses the challenge of distributing and managing task allocation among objects. One of the main goals of task allocation is to improve the quality of information and maximize the tasks to be performed. Although there are approaches that o…
▽ More
Current IoT services include industry-oriented services, which often require objects to run more than one task. However, the exponential growth of objects in IoT poses the challenge of distributing and managing task allocation among objects. One of the main goals of task allocation is to improve the quality of information and maximize the tasks to be performed. Although there are approaches that optimize and manage the dynamics of nodes, not all consider the quality of information and the distributed allocation over the cluster service. This paper proposes the mechanism CONTASKI for task allocation in IIoT networks to distribute tasks among objects. It relies on collaborative consensus to allocate tasks and similarity capabilities to know which objects can play in accomplishing those tasks. CONTASKI was evaluated on NS-3 and achieved 100% of allocated tasks incases with 75 and 100 nodes, and, on average, more than 80% clusters performed tasks in a low response time.
△ Less
Submitted 16 June, 2020;
originally announced June 2020.
-
E-Health Sensitive Data Dissemination Exploiting Trust and Mobility of Users
Authors:
Agnaldo Batista,
Michele Nogueira,
Aldri Santos
Abstract:
E-health services handle a massive amount of sensitive data, requiring reliability and privacy. The advent of new technologies drives e-health services into their continuous provision outside traditional care institutions. This creates uncertain and unreliable conditions, resulting in the challenge of controlling sensitive user data dissemination. Then, there is a gap in sensitive data disseminati…
▽ More
E-health services handle a massive amount of sensitive data, requiring reliability and privacy. The advent of new technologies drives e-health services into their continuous provision outside traditional care institutions. This creates uncertain and unreliable conditions, resulting in the challenge of controlling sensitive user data dissemination. Then, there is a gap in sensitive data dissemination under situations requiring fast response (e.g., cardiac arrest). This obligates networks to provide reliable sensitive data dissemination under user mobility, dynamic network topology, and occasional interactions between the devices. In this article, we propose STEALTH, a system that employs social trust and communities of interest to address these challenges. STEALTH follows two steps: clustering and dissemination. In the first, STEALTH groups devices based on the interests of their users, forming communities of interest. A healthcare urgency launches the second, in which STEALTH disseminates user sensitive data to devices belonging to specific communities, subjected to the level of trust between devices. Simulation results demonstrate that STEALTH ensures data dissemination to people who can contribute toward an efficient service. STEALTH has achieved up to 97.14% of reliability in accessing sensitive data with a maximum latency of 170 ms, and up to 100% of availability during emergencies.
△ Less
Submitted 14 May, 2020;
originally announced May 2020.
-
Segmentation and Optimal Region Selection of Physiological Signals using Deep Neural Networks and Combinatorial Optimization
Authors:
Jorge Oliveira,
Margarida Carvalho,
Diogo Marcelo Nogueira,
Miguel Coimbra
Abstract:
Physiological signals, such as the electrocardiogram and the phonocardiogram are very often corrupted by noisy sources. Usually, artificial intelligent algorithms analyze the signal regardless of its quality. On the other hand, physicians use a completely orthogonal strategy. They do not assess the entire recording, instead they search for a segment where the fundamental and abnormal waves are eas…
▽ More
Physiological signals, such as the electrocardiogram and the phonocardiogram are very often corrupted by noisy sources. Usually, artificial intelligent algorithms analyze the signal regardless of its quality. On the other hand, physicians use a completely orthogonal strategy. They do not assess the entire recording, instead they search for a segment where the fundamental and abnormal waves are easily detected, and only then a prognostic is attempted. Inspired by this fact, a new algorithm that automatically selects an optimal segment for a post-processing stage, according to a criteria defined by the user is proposed. In the process, a Neural Network is used to compute the output state probability distribution for each sample. Using the aforementioned quantities, a graph is designed, whereas state transition constraints are physically imposed into the graph and a set of constraints are used to retrieve a subset of the recording that maximizes the likelihood function, proposed by the user. The developed framework is tested and validated in two applications. In both cases, the system performance is boosted significantly, e.g in heart sound segmentation, sensitivity increases 2.4% when compared to the standard approaches in the literature.
△ Less
Submitted 17 March, 2020;
originally announced March 2020.
-
Towards QoS-Aware Recommendations
Authors:
Pavlos Sermpezis,
Savvas Kastanakis,
João Ismael Pinheiro,
Felipe Assis,
Mateus Nogueira,
Daniel Menasché,
Thrasyvoulos Spyropoulos
Abstract:
In this paper we propose that recommendation systems (RSs) for multimedia services should be "QoS-aware", i.e., take into account the expected QoS with which a content can be delivered, to increase the user satisfaction. Network-aware recommendations have been very recently proposed as a promising solution to improve network performance. However, the idea of QoS-aware RSs has been studied from the…
▽ More
In this paper we propose that recommendation systems (RSs) for multimedia services should be "QoS-aware", i.e., take into account the expected QoS with which a content can be delivered, to increase the user satisfaction. Network-aware recommendations have been very recently proposed as a promising solution to improve network performance. However, the idea of QoS-aware RSs has been studied from the network perspective. Its feasibility and performance performance advantages for the content-provider or user perspective have only been speculated. Hence, in this paper we aim to provide initial answers for the feasibility of the concept of QoS-aware RS, by investigating its impact on real user experience. To this end, we conduct experiments with real users on a testbed, and present initial experimental results. Our analysis demonstrates the potential of the idea: QoS-aware RSs could be beneficial for both the users (better experience) and content providers (higher user engagement). Moreover, based on the collected dataset, we build statistical models to (i) predict the user experience as a function of QoS, relevance of recommendations (QoR) and user interest, and (ii) provide useful insights for the design of QoS-aware RSs. We believe that our study is an important first step towards QoS-aware recommendations, by providing experimental evidence for their feasibility and benefits, and can help open a future research direction.
△ Less
Submitted 1 October, 2020; v1 submitted 15 July, 2019;
originally announced July 2019.
-
Can MPTCP Secure Internet Communications from Man-in-the-Middle Attacks?
Authors:
Ho-Dac-Duy Nguyen,
Chi-Dung Phung,
Stefano Secci,
Benevid Felix,
Michele Nogueira
Abstract:
-Multipath communications at the Internet scale have been a myth for a long time, with no actual protocol being deployed so that multiple paths could be taken by a same connection on the way towards an Internet destination. Recently, the Multipath Transport Control Protocol (MPTCP) extension was standardized and is undergoing a quick adoption in many use-cases, from mobile to fixed access networks…
▽ More
-Multipath communications at the Internet scale have been a myth for a long time, with no actual protocol being deployed so that multiple paths could be taken by a same connection on the way towards an Internet destination. Recently, the Multipath Transport Control Protocol (MPTCP) extension was standardized and is undergoing a quick adoption in many use-cases, from mobile to fixed access networks, from data-centers to core networks. Among its major benefits -- i.e., reliability thanks to backup path rerouting; throughput increase thanks to link aggregation; and confidentiality thanks to harder capacity to intercept a full connection -- the latter has attracted lower attention. How interesting would it be using MPTCP to exploit multiple Internet-scale paths hence decreasing the probability of man-in-the-middle (MITM) attacks is a question to which we try to answer. By analyzing the Autonomous System (AS) level graph, we identify which countries and regions show a higher level of robustness against MITM AS-level attacks, for example due to core cable tapping or route hijacking practices.
△ Less
Submitted 24 April, 2017;
originally announced April 2017.
-
Anticipating Moves to Prevent Botnet Generated DDoS Flooding Attacks
Authors:
Michele Nogueira
Abstract:
Volumetric Distributed Denial of Service (DDoS) attacks have been a recurrent issue on the Internet. These attacks generate a flooding of fake network traffic to interfere with targeted servers or network links. Despite many efforts to detect and mitigate them, attackers have played a game always circumventing countermeasures. Today, there is an increase in the number of infected devices, even mor…
▽ More
Volumetric Distributed Denial of Service (DDoS) attacks have been a recurrent issue on the Internet. These attacks generate a flooding of fake network traffic to interfere with targeted servers or network links. Despite many efforts to detect and mitigate them, attackers have played a game always circumventing countermeasures. Today, there is an increase in the number of infected devices, even more with the advent of the Internet of Things and flexible communication technologies. Leveraging device-to-device short range wireless communications and others, infected devices can coordinate sophisticated botnets, which can be employed to intensify DDoS attacks. The new generation of botnets is even harder to detect because of their adaptive and dynamic behavior yielded by infected mobile portable devices. Additionally, because there can be a large number of geographically distributed devices, botnets increase DDoS traffic significantly. In face of their new behavior and the increasing volume of DDoS traffic, novel and intelligent-driven approaches are required. Specifically, we advocate for {\em anticipating} trends of DDoS attacks in the early stages as much as possible. This work provides an overview of approaches that can be employed to anticipate trends of DDoS attacks generated by botnets in their early stages and brings an insightful discussion about the advantages of each kind of approach and open issues.
△ Less
Submitted 29 November, 2016;
originally announced November 2016.
-
MAC Protocols for IEEE 802.11ax: Avoiding Collisions on Dense Networks
Authors:
Rafael Araujo da Silva,
Michele Nogueira
Abstract:
Wireless networks have become the main form of Internet access. Statistics show that the global mobile Internet penetration should exceed 70\% until 2019. Wi-Fi is an important player in this change. Founded on IEEE 802.11, this technology has a crucial impact in how we share broadband access both in domestic and corporate networks. However, recent works have indicated performance issues in Wi-Fi…
▽ More
Wireless networks have become the main form of Internet access. Statistics show that the global mobile Internet penetration should exceed 70\% until 2019. Wi-Fi is an important player in this change. Founded on IEEE 802.11, this technology has a crucial impact in how we share broadband access both in domestic and corporate networks. However, recent works have indicated performance issues in Wi-Fi networks, mainly when they have been deployed without planning and under high user density. Hence, different collision avoidance techniques and Medium Access Control protocols have been designed in order to improve Wi-Fi performance. Analyzing the collision problem, this work strengthens the claims found in the literature about the low Wi-Fi performance under dense scenarios. Then, in particular, this article overviews the MAC protocols used in the IEEE 802.11 standard and discusses solutions to mitigate collisions. Finally, it contributes presenting future trends in MAC protocols. This assists in foreseeing expected improvements for the next generation of Wi-Fi devices.
△ Less
Submitted 20 November, 2016;
originally announced November 2016.
-
Early Signals from Volumetric DDoS Attacks: An Empirical Study
Authors:
Michele Nogueira,
Augusto Almeida Santos,
José M. F. Moura
Abstract:
Distributed Denial of Service (DDoS) is a common type of Cybercrime. It can strongly damage a company reputation and increase its costs. Attackers improve continuously their strategies. They doubled the amount of unleashed communication requests in volume, size, and frequency in the last few years. This occurs against different hosts, causing resource exhaustion. Previous studies focused on detect…
▽ More
Distributed Denial of Service (DDoS) is a common type of Cybercrime. It can strongly damage a company reputation and increase its costs. Attackers improve continuously their strategies. They doubled the amount of unleashed communication requests in volume, size, and frequency in the last few years. This occurs against different hosts, causing resource exhaustion. Previous studies focused on detecting or mitigating ongoing DDoS attacks. Yet, addressing DDoS attacks when they are already in place may be too late. In this article, we consider network resilience by early prediction of attack trends. We show empirically the advantage of using non-parametric leading indicators for early prediction of volumetric DDoS attacks. We report promising results over a real dataset from CAIDA. Our results raise new questions and opportunities for further research in early predicting trends of DDoS attacks.
△ Less
Submitted 23 May, 2017; v1 submitted 29 September, 2016;
originally announced September 2016.
-
A New Queue Discipline for Reducing Bufferbloat Effects in HetNet Concurrent Multipath Transfer
Authors:
Benevid Felix,
Aldri Santos,
Michele Nogueira
Abstract:
Heterogeneous wireless networks have evolved to reach application requirements for low latency and high throughput on Internet access. Recent studies have improved network performance employing the Multipath TCP, which aggregates flows from heterogeneous wireless interfaces in a single connection. Although existing proposals are powerful, coupled congestion control algorithms are currently limited…
▽ More
Heterogeneous wireless networks have evolved to reach application requirements for low latency and high throughput on Internet access. Recent studies have improved network performance employing the Multipath TCP, which aggregates flows from heterogeneous wireless interfaces in a single connection. Although existing proposals are powerful, coupled congestion control algorithms are currently limited because of the high variation in path delays, bandwidth and loss rate, typical from heterogeneous wireless networks, even more over concurrent multipath transmissions. These transmissions experience bufferbloat, i.e., high delays caused by long queues. Hence, to cope with the current limitations, this work presents CoDel-LIFO, a new active queue management (AQM) discipline to reduce the dropped packet ratio in the Multipath TCP congestion control mechanism. Differently from other approaches, CoDel-LIFO gives priority to the most recent packets, being then promising. This paper provides a detailed simulation analysis over congestion control algorithms by comparing CoDel-LIFO to CoDel and DropTail disciplines. Results indicate that CoDel-LIFO reduces queue drops, diminishing the impact on congestion control; improving substantially the goodput; and keeping RTT low.
△ Less
Submitted 29 September, 2016;
originally announced September 2016.
-
PBF: A New Privacy-Aware Billing Framework for Online Electric Vehicles with Bidirectional Auditability
Authors:
Rasheed Hussain,
Donghyun Kim,
Michele Nogueira,
Junggab Son,
Alade O. Tokuta,
Heekuck Oh
Abstract:
Recently an online electric vehicle (OLEV) concept has been introduced, where vehicles are propelled through the wirelessly transmitted electrical power from the infrastructure installed under the road while moving. The absence of secure-and-fair billing is one main hurdle to widely adopt this promising technology. This paper introduces a secure and privacy-aware fair billing framework for OLEV on…
▽ More
Recently an online electric vehicle (OLEV) concept has been introduced, where vehicles are propelled through the wirelessly transmitted electrical power from the infrastructure installed under the road while moving. The absence of secure-and-fair billing is one main hurdle to widely adopt this promising technology. This paper introduces a secure and privacy-aware fair billing framework for OLEV on the move through the charging plates installed under the road. We first propose two extreme lightweight mutual authentication mechanisms, a direct authentication and a hash chain-based authentication between vehicles and the charging plates that can be used for different vehicular speeds on the road. Second we propose a secure and privacy-aware wireless power transfer on move for the vehicles with bidirectional auditability guarantee by leveraging game-theoretic approach. Each charging plate transfers a fixed amount of energy to the vehicle and bills the vehicle in a privacy-aware way accordingly. Our protocol guarantees secure, privacy-aware, and fair billing mechanism for the OLEVs while receiving electric power from the road. Moreover our proposed framework can play a vital role in eliminating the security and privacy challenges in the deployment of power transfer technology to the OLEVs.
△ Less
Submitted 20 April, 2015;
originally announced April 2015.