Distributed reflection denial of service attack: A critical review

As the world becomes increasingly connected and the number of users grows exponentially and “things” go online, the prospect of cyberspace becoming a significant target for cybercriminals is a reality. Any host or device that is exposed on the internet is a prime target for cyberattacks. A denial-of-service (DoS) attack is accountable for the majority of these cyberattacks. Although various solutions have been proposed by researchers to mitigate this issue, cybercriminals always adapt their attack approach to circumvent countermeasures. One of the modified DoS attacks is known as distributed reflection denial-of-service attack (DRDoS). This type of attack is considered to be a more severe variant of the DoS attack and can be conducted in transmission control protocol (TCP) and user datagram protocol (UDP). However, this attack is not effective in the TCP protocol due to the three-way handshake approach that prevents this type of attack from passing through the network layer to the upper layers in the network stack. On the other hand, UDP is a connectionless protocol, so most of these DRDoS attacks pass through UDP. This study aims to examine and identify the differences between TCP-based and UDP-based DRDoS attacks.

Federated learning over WiFi: Should we use TCP or UDP?

Federated learning is a distributed learning paradigm where a centralized model is trained on data distributed over a large number of clients, each with unreliable and relatively slow network connections. The client connections typically have limited bandwidth available to them when using networks such as 2G, 3G, or WiFi. As a result, communication often becomes a bottleneck. Currently, the communication between the clients and server is mostly based on TCP protocol. In this paper, we explore using the UDP protocol for the communication between the clients and server. In particular, we develop UDP-based algorithms for gradient aggregation-based federated learning and model aggregation-based federated learning. We propose methods to construct model updates in case of packet loss with the UDP protocol. We present a scalable framework for practical federated learning. We conduct experiments over WiFi and observe that the UDP-based protocols can lead to faster convergence than the TCP-based protocol -- especially in bad networks. Code available at the repository: \url{https://github.com/vineeths96/Federated-Learning}.

Spectrum Handoff Aware AODV Routing Protocol for Cognitive Radio Vehicular Ad Hoc Networks

End-to-end application performance and throughput of vehicular cognitive transport control protocol depend on how efficiently the segments (TCP header) are being transmitted from source to destination. One way to enhance the performance of vehicular cognitive TCP protocol is by reducing the packet drops in between the source and destination. In general, packet drops occur in between the source and destination of Cognitive Radio Vehicular Ad Hoc Network (CR-VANET) because of spectrum handoff or cognitive node handoff, or network congestion. In this paper, we focus on enhancing the performance of cognitive TCP protocol through “cognitive AODV routing protocol with the spectrum handoff mechanism.” In the proposed work, channel-route control messages of cognitive AODV routing protocol are updated with the support of spectrum handoff which helps to provide the backup opportunistic channel during PU active and helps to reduce the end-to-end spectrum handoff packet drops. Simulation results reveal that the overall performance of the vehicular cognitive TCP protocol with the proposed spectrum handoff aware cognitive AODV routing protocol is enhanced as compared to the existing cognitive TCP protocol.

Toward IoT fog computing-enabled system energy consumption modeling and optimization by adaptive TCP/IP protocol

Nowadays, due to the fast-growing wireless technologies and delay-sensitive applications, Internet of things (IoT) and fog computing will assemble the paradigm Fog of IoT. Since the spread of fog computing, the optimum design of networking and computing resources over the wireless access network would play a vital role in the empower of computing-intensive and delay-sensitive applications under the extent of the energy-limited wireless Fog of IoT. Such applications consume considarable amount of energy when sending and receiving data. Although there many approaches to attain energy efficiency already exist, few of them address the TCP protocol or the MTU size. In this work, we present an effective model to reduce energy consumption. Initially, we measured the consumed energy based on the actual parameters and real traffic for different values of MTU. After that, the work is generalized to estimate the energy consumption for the whole network for different values of its parameters. The experiments were made on different devices and by using different techniques. The results show clearly an inverse proportional relationship between the MTU size and the amount of the consumed energy. The results are promising and can be merged with the existing work to get the optimal solution to reduce the energy consumption in IoT and wireless networks.

Cross-Protocol Unfairness between Adaptive Streaming Clients over HTTP/3 and HTTP/2: A Root-Cause Analysis

With the introduction of HTTP/3, whose transport is no longer the traditional TCP protocol but the novel QUIC protocol, research for solutions to the unfairness of Adaptive Streaming over HTTP (HAS) has become more challenging. In other words, because of different transport layers, the HTTP/3 may not be available for some networks and the clients have to use HTTP/2 for their HAS applications instead. Therefore, the scenario in which HAS over HTTP/3 (HAS/3) competes against HTTP/2 (HAS/2) must be considered seriously. However, there has been a shortage of investigations on the performance and the origin of the unfairness in such a cross-protocol scenario in order to produce proper solutions. Therefore, this paper provides a performance evaluation and root-cause analysis of the cross-protocol unfairness between HAS/3 and HAS/2. It is concluded that, due to differences in the congestion control mechanisms of QUIC and TCP, HAS/3 clients obtain larger congestion windows, thus requesting higher video bitrates than HAS/2. As the problem lies in the transport layer, existing client-side ABR-based solutions for the unfairness from the application layer may perform suboptimally for the cross-protocol case.

Using Autoencoders for Anomaly Detection and Transfer Learning in IoT

With the development of Internet of Things (IoT) technologies, more and more smart devices are connected to the Internet. Since these devices were designed for better connections with each other, very limited security mechanisms have been considered. It would be costly to develop separate security mechanisms for the diverse behaviors in different devices. Given new and changing devices and attacks, it would be helpful if the characteristics of diverse device types could be dynamically learned for better protection. In this paper, we propose a machine learning approach to device type identification through network traffic analysis for anomaly detection in IoT. Firstly, the characteristics of different device types are learned from their generated network packets using supervised learning methods. Secondly, by learning important features from selected device types, we further compare the effects of unsupervised learning methods including One-class SVM, Isolation forest, and autoencoders for dimensionality reduction. Finally, we evaluate the performance of anomaly detection by transfer learning with autoencoders. In our experiments on real data in the target factory, the best performance of device type identification can be achieved by XGBoost with an accuracy of 97.6%. When adopting autoencoders for learning features from the network packets in Modbus TCP protocol, the best F1 score of 98.36% can be achieved. Comparable performance of anomaly detection can be achieved when using autoencoders for transfer learning from the reference dataset in the literature to our target site. This shows the potential of the proposed approach for automatic anomaly detection in smart factories. Further investigation is needed to verify the proposed approach using different types of devices in different IoT environments.

The Performance and Future of QUIC Protocol in the Modern Internet

Quick UDP Internet Connections (QUIC) protocol is a potential replacement for the TCP protocol to transport HTTP encrypted traffic. It is based on UDP and offers flexibility, speed, and low latency. The performance of QUIC is related to the everyday web browsing experience. QUIC is famous for its Forward Error Correction (Luyi, Jinyi, & Xiaohua, 2012) and congestion control (Hari, Hariharan, & Srinivasan, 1999) algorithm that improves user browsing delay by reducing the time spent on loss recovery (Jörg, Ernst, & Don, 1998). This paper will compare QUIC with other protocols such as HTTP/2 over TCP, WebSocket, and TCP fast open in terms of latency reduction and loss recovery to determine the role of each protocol in the modern internet. Furthermore, this paper will propose potential further improvements to the QUIC protocol by studying other protocols.

An Improved Algorithm to Enhance the Performance of FAST TCP Congestion Control for Personalized Healthcare Systems

The development of personalized medical systems should be supported by a fast and stable network system. The FAST TCP network system is the appropriate support system for this purpose. However, when the FAST TCP is deployed, the static mapping selection method for protocol parameters is unable to guarantee the small queuing delay and fast convergence of the network simultaneously. By conducting theoretical analysis and simulation experiments, the relationships among FAST TCP protocol slow start condition, control law gain parameters, and FAST TCP system convergence rate were examined. To ensure the stability of the FAST TCP system and to select the smallest protocol parameters, an improved method to effectively accelerate the convergence velocity of the FAST TCP system is proposed in this study. In this method, the number of packets for staying in the buffer for FAST TCP connections was taken as the criterion of the slow start, and the gain parameter of the control law was dynamically adjusted according to the local information of each FAST TCP connection. Using this improved method, the FAST TCP system can achieve a stable and small queuing delay, whilst the FAST TCP system could converge quickly to the equilibrium point simultaneously.

Cross-protocol Unfairness between Adaptive Streaming Clients over HTTP/3 and HTTP/2: A Root-Cause Analysis

With the introduction of HTTP/3, whose transport is no longer the traditional TCP protocol but the novel QUIC protocol, research for solutions to the unfairness of Adaptive Streaming over HTTP (HAS) has become more challenging. That is, because of different transport layers, the HTTP/3 may not be available for some networks and the clients have to use HTTP/2 for their HAS applications instead. Therefore, the scenario that HAS over HTTP/3 (HAS/3) compete against HTTP/2 (HAS/2) must be considered seriously. However, there have been a shortage of investigations on the performance and the origin of the unfairness in such a cross-protocol scenario in order to produce proper solutions. Therefore, this paper provides a performance evaluation and root-cause analysis of the cross-protocol unfairness between HAS/3 and HAS/2. It is concluded that, due to differences in the congestion control mechanisms of QUIC and TCP, HAS/3 clients obtain larger congestion windows, thus requesting higher video bitrates than HAS/2. As the problem lies in the transport layer, existing client-side ABR-based solutions for the unfairness from the application layer may perform suboptimally for the cross-protocol case.