Improving Security of Future Networks Using Enhanced Customer Edge Switching and Risk-Based Analysis

Customer Edge Switching (CES) is an extension of the already known classical firewall that is often described and used in future networks like 5G. It extends its functionality by enabling information exchange with other firewalls to decide whether the inspected network traffic should be considered malicious or legitimate. In this paper, we show how the Passive DNS can be used to further improve security of this solution. First, we discuss CES solution and its internals. We also determine how it uses DNS and CETP protocols. Secondly, we describe the basics of the Passive DNS and how it impacts the DNS protocol. Thirdly, we evaluate how the Passive DNS can be extended to collect also CETP information. Finally, we integrate the solutions and present obtained experimental results.

Download Full-text

Artificial Bee Colony Optimizer with Bee-to-Bee Communication and Multipopulation Coevolution for Multilevel Threshold Image Segmentation

Mathematical Problems in Engineering ◽

10.1155/2015/272947 ◽

2015 ◽

Vol 2015 ◽

pp. 1-23 ◽

Cited By ~ 4

Author(s):

Jun-yi Li ◽

Yi-ding Zhao ◽

Jian-hua Li ◽

Xiao-jun Liu

Keyword(s):

Image Segmentation ◽

Information Exchange ◽

Artificial Bee Colony ◽

Experimental Results ◽

New Method ◽

Communication Pattern ◽

Communication Model ◽

Von Neumann ◽

Bee Colony ◽

Segmentation Problem

This paper proposes a modified artificial bee colony optimizer (MABC) by combining bee-to-bee communication pattern and multipopulation cooperative mechanism. In the bee-to-bee communication model, with the enhanced information exchange strategy, individuals can share more information from the elites through the Von Neumann topology. With the multipopulation cooperative mechanism, the hierarchical colony with different topologies can be structured, which can maintain diversity of the whole community. The experimental results on comparing the MABC to several successful EA and SI algorithms on a set of benchmarks demonstrated the advantage of the MABC algorithm. Furthermore, we employed the MABC algorithm to resolve the multilevel image segmentation problem. Experimental results of the new method on a variety of images demonstrated the performance superiority of the proposed algorithm.

Download Full-text

Health Information Systems

Yearbook of Medical Informatics ◽

10.1055/s-0038-1639435 ◽

2012 ◽

Vol 21 (01) ◽

pp. 79-82

Author(s):

C. Bréant ◽

Keyword(s):

Information Systems ◽

Health Information ◽

Information Exchange ◽

Health Information Exchange ◽

Health Information Systems ◽

Health It ◽

It Impacts

SummarySummarize excellent current research in the field of Health Information Systems.Synopsis of the articles selected for the IMIA Yearbook 2012.Three papers from international peer reviewed journals have been selected for the section on health information systems.The selected articles illustrate current research regarding health IT impacts and evaluation and the latest developments in health information exchange.

Download Full-text

Efficient Coded-Block Delivery and Caching in Information-Centric Networking

Discrete Dynamics in Nature and Society ◽

10.1155/2020/3838547 ◽

2020 ◽

Vol 2020 ◽

pp. 1-16

Author(s):

Yan Liu ◽

Jun Cai ◽

Huimin Zhao ◽

Shunzheng Yu ◽

JianLiang Ruan ◽

...

Keyword(s):

Network Coding ◽

Network Traffic ◽

Network Performance ◽

Experimental Results ◽

Superior Performance ◽

Information Centric Networking ◽

Replacement Strategy ◽

Linear Dependency ◽

Block Scheme ◽

Coded Caching

Information-centric networking (ICN) provides request aggregation and caching strategies that can improve network performance by reducing content server loads and network traffic. Incorporating network coding into ICN can offer several benefits, but a consumer may receive the same coded block from multiple content routers since the coded block may be cached by any of the content routers on its forwarding path. In this paper, we introduce a request-specific coded-block scheme to avoid linear dependency of blocks that are utilizing in-network caching. Additionally, a non-cooperative coded caching and replacement strategy is designed to guarantee that the cached blocks can be reused. Our experimental results show that the proposed scheme has superior performance to conventional CCN and two network coding-based ICN schemes.

Download Full-text

Experimental Results of Cooperative Control Applied to Multi-Vessel DP Operations

Volume 1: Offshore Technology ◽

10.1115/omae2013-10526 ◽

2013 ◽

Cited By ~ 3

Author(s):

Asdrubal N. Queiroz Filho ◽

Eduardo A. Tannuri

Keyword(s):

Information Exchange ◽

Cooperative Control ◽

Limited Range ◽

Experimental Results ◽

Relative Distance ◽

Experimental Setup ◽

Operational Parameters ◽

High Level ◽

Lifting Line ◽

Offshore Operations

Offshore operations involving several floating units are becoming more frequent nowadays. Such operations are used for sub-sea equipment installation and undersea structures launching, for example. This kind of operations requires a high level of coordination between the vessels, which today is made without the ship’s information exchange, being each ship individually commanded. Therefore, in those cases a cooperative control could be applied, ensuring that the relative distance between the ships are maintained in limited range, controlling operational parameters such as the lifting line traction. The benefits of this control are shown when compared to the non cooperative control by means of a experimental setup with two DP vessels.

Download Full-text

Effective Packet Number for 5G IM WeChat Application at Early Stage Traffic Classification

Mobile Information Systems ◽

10.1155/2017/3146868 ◽

2017 ◽

Vol 2017 ◽

pp. 1-22 ◽

Cited By ~ 4

Author(s):

Muhammad Shafiq ◽

Xiangzhan Yu

Keyword(s):

Machine Learning ◽

Mutual Information ◽

Network Traffic ◽

Early Stage ◽

Statistical Tests ◽

Internet Traffic ◽

Machine Learning Algorithms ◽

Experimental Results ◽

Traffic Classification ◽

Network Traffic Classification

Accurate network traffic classification at early stage is very important for 5G network applications. During the last few years, researchers endeavored hard to propose effective machine learning model for classification of Internet traffic applications at early stage with few packets. Nevertheless, this essential problem still needs to be studied profoundly to find out effective packet number as well as effective machine learning (ML) model. In this paper, we tried to solve the above-mentioned problem. For this purpose, five Internet traffic datasets are utilized. Initially, we extract packet size of 20 packets and then mutual information analysis is carried out to find out the mutual information of each packet onnflow type. Thereafter, we execute 10 well-known machine learning algorithms using crossover classification method. Two statistical analysis tests, Friedman and Wilcoxon pairwise tests, are applied for the experimental results. Moreover, we also apply the statistical tests for classifiers to find out effective ML classifier. Our experimental results show that 13–19 packets are the effective packet numbers for 5G IM WeChat application at early stage network traffic classification. We also find out effective ML classifier, where Random Forest ML classifier is effective classifier at early stage Internet traffic classification.

Download Full-text

Hierarchical Artificial Bee Colony Optimizer with Divide-and-Conquer and Crossover for Multilevel Threshold Image Segmentation

Discrete Dynamics in Nature and Society ◽

10.1155/2014/941534 ◽

2014 ◽

Vol 2014 ◽

pp. 1-22 ◽

Cited By ~ 2

Author(s):

Maowei He ◽

Kunyuan Hu ◽

Yunlong Zhu ◽

Lianbo Ma ◽

Hanning Chen ◽

...

Keyword(s):

Image Segmentation ◽

Information Exchange ◽

Artificial Bee Colony ◽

Complete Solution ◽

Experimental Results ◽

Divide And Conquer ◽

Foraging Strategies ◽

Artificial Bee Colony Optimization ◽

Bee Colony ◽

Bee Colony Optimization

This paper presents a novel optimization algorithm, namely, hierarchical artificial bee colony optimization (HABC), for multilevel threshold image segmentation, which employs a pool of optimal foraging strategies to extend the classical artificial bee colony framework to a cooperative and hierarchical fashion. In the proposed hierarchical model, the higher-level species incorporates the enhanced information exchange mechanism based on crossover operator to enhance the global search ability between species. In the bottom level, with the divide-and-conquer approach, each subpopulation runs the original ABC method in parallel to part-dimensional optimum, which can be aggregated into a complete solution for the upper level. The experimental results for comparing HABC with several successful EA and SI algorithms on a set of benchmarks demonstrated the effectiveness of the proposed algorithm. Furthermore, we applied the HABC to the multilevel image segmentation problem. Experimental results of the new algorithm on a variety of images demonstrated the performance superiority of the proposed algorithm.

Download Full-text

Automated defense against targeted attacks using suspiciousness tracking

10.32469/10355/85854 ◽

2021 ◽

Author(s):

◽

Travis Neely

Keyword(s):

Energy Distribution ◽

Supply Chains ◽

Network Traffic ◽

Experimental Results ◽

Sensitive Data ◽

Related Services ◽

Cloud Networks ◽

Cloud Systems ◽

Advanced Persistent Threats ◽

Targeted Attacks

Cloud ecosystems, technologies, and paradigms have transformed our world in recent years revolutionizing supply chains, healthcare, energy distribution, as well as our home functions. With everything in our lives so interconnected in these cloud systems, they are now prime targets for targeted attacks such as Advanced Persistent Threats (APTs). The targeted attacks lead to exposure of sensitive data (data exfiltration) as well as stolen computing resources (resource exfiltration). In this thesis, we present a novel methodology, which we call ADAPTs (Automated Defense of Advanced Persistent Threats), developed to assist in defending cloud systems against APTs. We show how ADAPTs can be extended to defend against other targeted attacks such as DDoS and cryptojacking. Using an open cloud testbed, we mimic multiple cloud systems, monitor network traffic between them, and generate a suspiciousness score for devices connected to said cloud networks. Using the suspiciousness scores, we demonstrate how we determine what work that device on the network is participating in, be it data exfiltration, resource exfiltration, or some other unwanted practice. Using these suspiciousness scores, we block the attacks while they are taking place and using pretense, continue to allow the attackers to believe their attack is successful. Our experimental results show how ADAPTs tricks attackers to continue to waste their own resources on an attack which is fruitless, while also protecting the targeted system by keeping the related services working as expected for actual users.

Download Full-text

CLASSIFICATION OF NETWORK PROTOCOLS WITH APPLICATION OF MACHINE LEARNING METHODS AND FUZZY LOGIC ALGORITHMS IN TRAFFIC ANALYSIS SYSTEMS

Vestnik komp iuternykh i informatsionnykh tekhnologii ◽

10.14489/vkit.2020.03.pp.037-048 ◽

2020 ◽

pp. 37-48

Author(s):

R. N. Ermakov

Keyword(s):

Machine Learning ◽

Fuzzy Logic ◽

Network Traffic ◽

Information Exchange ◽

New Technologies ◽

Internal State ◽

Network Protocols ◽

Traffic Analysis ◽

Learning Methods ◽

Machine Learning Methods

This paper presents a new effective approach to analyzing network traffic in order to determine the protocol of information exchange. A brief description of the structure of the algorithm for classifying network packets by belonging to one of the known network protocols is given. To define the protocol, the principle of high-speed one-packet classification is used, which consists in analyzing the information transmitted in each particular packet. Elements of behavioral analysis are used, namely, the transition states of information exchange protocols are classified, which allows to achieve a higher level of accuracy of classification and a higher degree of generalization in new test samples. The topic of the article is relevant in connection with the rapid growth of transmitted traffic, including malicious traffic, and the emergence of new technologies for transmitting and processing information. The article analyzes the place of traffic analysis systems among other information security systems, describes the tasks that they allow to solve. It is shown that when recognizing the internal state in which a particular protocol may be in the process of information exchange at the handshake stage, a classifier of network packets of the application level can be useful. To classify network packets, we used fuzzy logic algorithms (Mamdani model) and machine learning methods (neural network solutions based on logistic regression). The paper presents 4 stages of developing a network packet classifier – monitoring and collecting packet statistics of the most famous network traffic protocols, preprocessing primary packet statistics, building a classifier for network packets and testing. The test results of the constructed software module capable of identifying network protocols for information exchange are demonstrated.

Download Full-text

Health Information Systems

Yearbook of Medical Informatics ◽

10.1055/s-0038-1638841 ◽

2013 ◽

Vol 22 (01) ◽

pp. 114-116

Author(s):

M. Cuggia ◽

L. Toubiana

Keyword(s):

Information Technology ◽

Information Systems ◽

Health Information Technology ◽

Health Information ◽

Information Exchange ◽

Health Information Exchange ◽

Health Information Systems ◽

It Impacts

Summary Objectives: Summarize excellent current research in the field of Health Information Systems. Method: Synopsis of the articles selected for the IMIA Yearbook 2013. Results: Five papers from international peer reviewed journals have been selected for the section on health information systems. Conclusions: The selected articles illustrate current research regarding health information technology (IT) impacts and evaluation and the latest developments in health information exchange.

Download Full-text

Hierarchical Identifier: Application to User Privacy Eavesdropping on Mobile Payment App

Sensors ◽

10.3390/s19143052 ◽

2019 ◽

Vol 19 (14) ◽

pp. 3052 ◽

Cited By ~ 3

Author(s):

Yaru Wang ◽

Ning Zheng ◽

Ming Xu ◽

Tong Qiao ◽

Qiang Zhang ◽

...

Keyword(s):

Learning Strategies ◽

Ensemble Learning ◽

Network Traffic ◽

Experimental Results ◽

Mobile Payment ◽

Identification System ◽

Traffic Data ◽

User Privacy ◽

Hierarchical Identification ◽

Financial Transactions

Mobile payment apps have been widely-adopted, which brings great convenience to people’s lives. However, at the same time, user’s privacy is possibly eavesdropped and maliciously exploited by attackers. In this paper, we consider a possible way for an attacker to monitor people’s privacy on a mobile payment app, where the attacker aims to identify the user’s financial transactions at the trading stage via analyzing the encrypted network traffic. To achieve this goal, a hierarchical identification system is established, which can acquire users’ privacy information in three different manners. First, it identifies the mobile payment app from traffic data, then classifies specific actions on the mobile payment app, and finally, detects the detailed steps within the action. In our proposed system, we extract reliable features from the collected traffic data generated on the mobile payment app, then use a series of well-performing ensemble learning strategies to deal with three identification tasks. Compared with prior works, the experimental results demonstrate that our proposed hierarchical identification system performs better.

Download Full-text