Best Project Center | Best project center in chennai, best project center in t.nagar, best project center in tnagar, Best final year project center, project center in Chennai, project center near me, best project center in mambalam, best project center in vadapalani, best project center in ashok nagar, best project center in Annanagar, best project center

Search Projects Here

34 Results Found

IMAGE RESTORATION USING SPACE-VARIANT GAUSSIAN SCALE - Exaggerated Learning For Clean-And-Sharp Image Restoration

Deep Learning Has Become A Methodology Of Choice For Image Restoration Tasks, Including Denoising, Super-resolution, Deblurring, Exposure Correction, Etc., Because Of Its Superiority To Traditional Methods In Reconstruction Quality. However, The Published Deep Learning Methods Still Have Not Solve The Old Dilemma Between Low Noise Level And Detail Sharpness. We Propose A New CNN Design Strategy, Called Exaggerated Deep Learning, To Reconcile Two Mutually Conflicting Objectives: Noise Free And Detail Sharpness. The Idea Is To Deliberately Overshoot For The Desired Attributes In The CNN Optimization Objective Function; The Cleanness Or Sharpness Is Overemphasized According To Different Semantic Contexts. The Exaggerated Learning Approach Is Experimented On The Restoration Tasks Of Super-resolution And Low Light Correction. Its Effectiveness And Advantages Have Been Empirically Affirmed.


Due To Individual Unreliable Commodity Components, Failures Are Common In Large-scale Distributed Storage Systems. Erasure Codes Are Widely Deployed In Practical Storage Systems To Provide Fault Tolerance With Low Storage Overhead

PROBABILISTIC MISBEHAVIOR DETECTION SCHEME- A Privacy-Preserving Misbehavior Detection System In Vehicular Communication Networks

5 G Based Vehicular Communication Networks Support Various Traffic Safety And Infotainment Use Cases And Rely On The Periodic Exchange Of Information. However, These Messages Are Susceptible To Several Attacks Which Can Be Detected Using Misbehavior Detection Systems (MDS). MDS Utilizes Trust Score, Feedback Score And Other Evaluation Schemes To Identify Abnormal Behavior Of The Vehicles. However, The Trust And Feedback Scores Used In MDS May Violate The Location, Trajectory, Or Identity Privacy Of The Vehicle. In This Paper, We Propose A Privacy-preserving Misbehavior Detection System That Can Detect Or Identify Misbehavior Without Violating The Privacy Of The Vehicle. In The Proposed Method, Encrypted Weighted Feedbacks Sent From Vehicles Are Combined Using Additive Homomorphic Properties Without Violating The Privacy Of The Information. The Decryption Of The Aggregate Feedback Is Done Securely At The Trusted Authority Which Updates The Reputation Score Of The Vehicle According To The Decrypted Aggregate Feedback Score. We Have Also Performed Comprehensive Security Analysis And Have Shown The Correctness And Resilience Of The Proposed Schemes Against Various Attacks. In Addition, We Have Done Extensive Performance Analysis And Have Shown That The Computation Cost Of The Proposed Scheme Is Better Compared To The Existing Schemes.


In This Article, We Investigate The Stability Analysis And Controller Synthesis Problems For A Class Of Stochastic Networked Control Systems Under Aperiodic Denial-of-service Jamming Attacks.

FAST DETECTION OF MOBILE REPLICA NODE ATTACK - Detect The Replica Node In Mobile Wireless Sensor Networks

Security Is The Main Issue In WSN Applications. One Of The Important Attacks In WSN Is Node Replication Attacks. The Adversary Can Capture The Genuine Nodes. After Capturing The Node, The Attacker Collects All The Information Like Keys And Identity. In The Existing Method, The Replica Node Is Detected By The Parameter's Mobility Speed, Node Id And Energy. The Parameters Used In The Existing System Is Not Able To Detect The Exact Replica Node. Speedily Detecting A Replicated Node Will Avoid The Misbehavior Activities Such As Collecting All The Credentials, Etc. The Proposed Approach (FEC) Will Overcome The Issues Of Existing System. It Detects The Replica Node With Speed Of The Sensor Node. The Detection Accuracy Is High.


With The Advent Of 5G, Technologies Such As Software-Defined Networks (SDNs) And Network Function Virtualization (NFV) Have Been Developed To Facilitate Simple Programmable Control Of Wireless Sensor Networks (WSNs).

DECENTRALIZED QOS - AWARE CHECKPOINTING- Scalable And QoS-aware Resource Allocation To Heterogeneous Traffic Flows

Networks Of New Generations Are Increasingly Involved In Transporting Heterogeneous Flows. Indeed, In Addition To The Usual Data And Multimedia Traffic, The Internet Of Things (IoT) Smart Applications Are Creating New Traffic Types And Relationships Involving Billions Of Active Nodes Like Sensors And Actuators. This Traffic Raises A Problem Of Scale, Particularly For Resource Management And Decision-making Mechanisms. The Present Work Addresses For The First Time The Joint Problem Of Mapping Heterogeneous Flows From Multiple Users And Applications To Transport Blocks, And Then Packing These Blocks Into The Rectangular Grid Of Time–frequency Resources Within A Flexible 5G New Radio Frame. Our Solution Is Based On A Quality-of-service-based Classification Of Flows Followed By An Offline Construction Of Two Databases. The First One Enumerates All Possible Configurations Of Transport Blocks And The Second Enumerates All Possible Configurations Of Frames. Thus, The Sole Online Processing That Remains To Be Done Is To Find The Optimal Block Configurations That Satisfy A Given Request Vector. Hence, The Resolution Of This Complex Joint Mapping And Packing Problem Is Reduced To A Simple Resolution Of A Linear Problem, Which Consists In Finding The Best Configurations. A Thorough Numerical Study Shows That Our Configuration-based Solution Can Map, Within Few Tens Of Milliseconds, More Than 100 Flow Connections To Transport Blocks Incurring Only 3% Of Overallocation, And Then Pack These Blocks Into The Grid Leading To An Upper Bound On The Optimality Gap As Low As 2.8%.

OPTIMAL MULTIPATH ROUTING - Network-Aware Multipathing In Software-Defined Data Center Networks

Data Center Networks Employ Parallel Paths To Perform Load Balancing. Existing Traffic Splitting Schemes Propose Weighted Traffic Distribution Across Multiple Paths Via A Centralized View. An SDN Controller Computes The Traffic Splitting Ratio Of A Flow Group Among All The Paths, And Implements The Ratio By Creating Multiple Rules In The Flow Table Of OpenFlow Switches. However, Since The Number Of Rules In TCAM-based Flow Table Is Limited, It Is Not Scalable To Implement The Ideal Splitting Ratio For Every Flow Group. Existing Solutions, WCMP And Niagara, Aim At Reducing The Maximum Oversubscription Of All Egress Ports And Reducing Traffic Imbalance, Respectively. However, The Transmission Time Of Flow Groups, Which Measures The Quality Of Cloud Services, Is Sub-optimal In Existing Solutions That Ignore Heterogeneous Network Bandwidth. We Propose And Implement NAMP, A Multipathing Scheme Considering The Network Heterogeneity, To Efficiently Optimize The Transmission Time Of Flow Groups. Experimental Results Show That NAMP Reduces The Transmission Time By Up To 45.4% Than Niagara, Up To 50% Than WCMP, And Up To 60% Than ECMP.

WIRELESS COMMUNICATIONS SYSTEMS SUPPORTING MULTIMEDIA SERVICES - On SDN-driven Network Optimization And QoS Aware Routing Using Multiple Paths

Software Defined Networking (SDN) Is A Driving Technology For Enabling The 5th Generation Of Mobile Communication (5G) Systems Offering Enhanced Network Management Features And Softwarization. This Paper Concentrates On Reducing The Operating Expenditure (OPEX) Costs While I) Increasing The Quality Of Service (QoS) By Leveraging The Benefits Of Queuing And Multi-path Forwarding In OpenFlow, Ii) Allowing An Operator With An SDN-enabled Network To Efficiently Allocate The Network Resources Considering Mobility, And Iii) Reducing Or Even Eliminating The Need For Over-provisioning. For Achieving These Objectives, A QoS Aware Network Configuration And Multipath Forwarding Approach Is Introduced That Efficiently Manages The Operation Of SDN Enabled Open Virtual Switches (OVSs). This Paper Proposes And Evaluates Three Solutions That Exploit The Strength Of QoS Aware Routing Using Multiple Paths. While The Two First Solutions Provide Optimal And Approximate Optimal Configurations, Respectively, Using Linear Integer Programming Optimization, The Third One Is A Heuristic That Uses Dijkstra Short-path Algorithm. The Obtained Results Demonstrate The Performance Of The Proposed Solutions In Terms Of OPEX And Execution Time.

PRIVACY-PRESERVING LOCATION PROOFS FOR MOBILE USERS - A Decentralized Location Privacy-Preserving Spatial Crowdsourcing For Internet Of Vehicles

With The Rapid Development Of Internet Of Vehicles (IoV), Vehicle-based Spatial Crowdsourcing (SC) Applications Have Been Proposed And Widely Applied To Various Fields. However, Location Privacy Leakage Is A Serious Issue In Spatial Crowdsourcing Because Workers Who Participate In A Crowdsourcing Task Are Required To Upload Their Driving Locations. In This Paper, We Propose A Decentralized Location Privacy-preserving SC For IoV, Which Allows Vehicle Users To Securely Participate In SC With Ensuring The Task's Location Policy Privacy And Providing Multi-level Privacy Preservation For Workers' Locations. Specifically, We Introduce Blockchain Technology Into SC, Which Can Eliminate The Control Of Vehicle User Data By SC-server. We Combine The Additively Homomorphic Encryption And Circle-based Location Verification To Ensure The Confidentiality Of Task's Location Policy. To Achieve Multi-level Privacy Preservation For Workers' Driving Locations, We Only Reveal A Grid Where Workers Are Located In. The Size Of The Grid Represents The Level Of Privacy Preservation. We Leverage The Order-preserving Encryption And Non-interactive Zero-knowledge Proof To Prevent Workers From Illegally Obtaining Rewards By Forging Their Driving Locations. The Security Analysis Results Show That Our Framework Can Satisfy The Above Requirements. In Addition, The Experiment Results Demonstrate That Our Framework Is Efficient And Feasible In Practice.

DDOS ATTACK - Ddos Attack Using Kpg-Mt Technique

The Transformation Of Traditional Energy Networks To Smart Grids Can Assist In Revolutionizing The Energy Industry In Terms Of Reliability, Performance And Manageability. However, Increased Connectivity Of Power Grid Assets For Bidirectional Communications Presents Severe Security Vulnerabilities. In This Letter, We Investigate Chi-square Detector And Cosine Similarity Matching Approaches For Attack Detection In Smart Grids Where Kalman Filter Estimation Is Used To Measure Any Deviation From Actual Measurements. The Cosine Similarity Matching Approach Is Found To Be Robust For Detecting False Data Injection Attacks As Well As Other Attacks In The Smart Grids. Once The Attack Is Detected, System Can Take Preventive Action And Alarm The Manager To Take Preventative Action To Limit The Risk. Numerical Results Obtained From Simulations Corroborate Our Theoretical Analysis.

SECRET KEY EXTRACTION IN REAL ENVIRONMENTS- Performance Improvement Based On Modified Lossless Quantization MLQ For Secret Key Generation Extracted From Received Signal Strength

In Symmetric Cryptography Systems Have Problems In The Distribution Of Secret Keys. The Two Users Who Will Communicate Require Sharing Keys Through The Public Channel. The Proposed Solution To Overcome These Problems Is To Utilize Information From The Physical Layer (e.g. RSS). Received Signal Strength (RSS) Is An Indicator For Measuring The Power Received By Wireless Devices. The Advantage Of Secret Key Extraction Using Physical Layer Information From A Wireless Channel Is That It Allows Both Devices Within The Transmission Range To Extract The Secret Key Together. In This Paper, We Propose A Secret Key Generation Scheme Adopted From An Existing Scheme With Modifications To Improve Performance. Our Proposed System Is Applied To Static And Dynamic Conditions To Test Performance. The Proposed Algorithm Is Able To Obtain A Reduction In KDR (Key Disagreement Rate) Up To 48.42% And An Increase In The KGR (Key Generation Rate) Up To 23.35% When Compared To The Existing Scheme. Our Proposed System Also Successfully Passed The Randomness Using The NIST Test With The Approximate Value Of Entropy Generated 0.80 In Static Conditions And 0.81 In Dynamic Conditions.

DATA-CENTRIC SENSOR NETWORKS PDCS - Data-Centric Node Selection For Machine-Type Communications With Lossy Links

The Demand For Efficient Data Dissemination/access Techniques To Find The Relevant Data From Within A Sensor Network Has Led To The Development Of Data-centric Sensor Networks (DCS), Where The Sensor Data As Contrast To Sensor Nodes Are Named Based On Attributes Such As Event Type Or Geographic Location. However, Saving Data Inside A Network Also Creates Security Problems Due To The Lack Of Tamper-resistance Of The Sensor Nodes And The Unattended Nature Of The Sensor Network. For Example, An Attacker May Simply Locate And Compromise The Node Storing The Event Of His Interest. To Address These Security Problems, We Present PDCS, A Privacy-enhanced DCS Network Which Offers Different Levels Of Data Privacy Based On Different Cryptographic Keys. In Addition, We Propose Several Query Optimization Techniques Based On Euclidean Steiner Tree And Keyed Bloom Filter To Minimize The Query Overhead While Providing Certain Query Privacy. Finally, Detailed Analysis And Simulations Show That The Keyed Bloom Filter Scheme Can Significantly Reduce The Message Overhead With The Same Level Of Query Delay And Maintain A Very High Level Of Query Privacy.

NEGATIVE PASSWORD- Authenticate Encrypted Negative Password

Secure Password Storage Is A Vital Aspect In Systems Based On Password Authentication, Which Is Still The Most Widely Used Authentication Technique, Despite Some Security Flaws. In This Paper, We Propose A Password Authentication Framework That Is Designed For Secure Password Storage And Could Be Easily Integrated Into Existing Authentication Systems. In Our Framework, First, The Received Plain Password From A Client Is Hashed Through A Cryptographic Hash Function (e.g., SHA-256). Then, The Hashed Password Is Converted Into A Negative Password. Finally, The Negative Password Is Encrypted Into An Encrypted Negative Password (ENP) Using A Symmetric-key Algorithm (e.g., AES), And Multi-iteration Encryption Could Be Employed To Further Improve Security. The Cryptographic Hash Function And Symmetric Encryption Make It Difficult To Crack Passwords From ENPs. Moreover, There Are Lots Of Corresponding ENPs For A Given Plain Password, Which Makes Precomputation Attacks (e.g., Lookup Table Attack And Rainbow Table Attack) Infeasible. The Algorithm Complexity Analyses And Comparisons Show That The ENP Could Resist Lookup Table Attack And Provide Stronger Password Protection Under Dictionary Attack. It Is Worth Mentioning That The ENP Does Not Introduce Extra Elements (e.g., Salt); Besides This, The ENP Could Still Resist Precomputation Attacks. Most Importantly, The ENP Is The First Password Protection Scheme That Combines The Cryptographic Hash Function, The Negative Password, And The Symmetric-key Algorithm, Without The Need For Additional Information Except The Plain Password.

MULTI-APPLICATION SHARING WIRELESS SENSOR NETWORKS - An Efficient Many-to-Many Wireless Big Data Delivery Scheme

Wireless Big Data Raises The Demands On The Networking Schemes To Support The Efficient Group Data Sharing Over Heterogeneous Wireless Technologies, Which Take Many-to-many Data Delivery As The Foundation. Information-centric Networking (ICN) Approach Is A Promising Networking Technology To Support Big Data Delivery, Which Has The Potential To Establish The Harmony Between Networking And Wireless Big Data Sharing. However, The Existing ICN Schemes Have Not Carefully Addressed The Many-to-many Communications. To Address This Issue, We Propose An Efficient And Secure Many-to-many Wireless Big Data Delivery Scheme (MWBS) To Provide Group-based Data Dissemination And Retrieval With Name-integrated Forwarding. In MWBS, A Bi-directional Tree Is Securely Constructed For Each Group Through The Procedures Of Group Initiation, Join, Leave, Publication, And Multi-level Inter-zone Routing. Especially, Designated Forwarding And Cacheable Nodes (DFCNs) Are Introduced To Act As The Roots For The Construction Of Such Bi-directional Trees. The Implementation Details Of MWBS Are Provided For Function Verifications. To Effectively Deploy MWBS, We Investigate The Impacts To The MWBS Performance From The Number And Locations Of DFCNs, Which Show That The Optimized Number Of DFCNs Can Reduce The Total Traffic Cost And The DFCN Close To Users Is Preferred To Be Selected For A Group. Finally, Simulations Are Performed To Evaluate The Performance Of MWBS, Which Show That MWBS Can Reduce The Control Packet Overhead And The State Storage Overhead Compared To The Existing ICN Schemes.

TRUST MANAGEMENT USING UNCERTAIN REASONING- A Novel Trust Management Mechanism For Mobile Ad Hoc Networks Based On Grey Theory

Trust Management Mechanism Is A Hot Spot In The Research Of Mobile Ad Hoc Network Security. In View Of The Many Problems Of Trust Management Mechanism In Mobile Hoc Ad Networks, Combining With The Characteristics Of Mobile Ad Hoc Network, We Present A Mobile Ad Hoc Network Trust Management Mechanism Based On Grey Theory In This Paper And Apply It To The Mobile Ad Hoc Network Management In Order To Improve The Availability And Effectiveness Of Trust Management Mechanism And Safeguard The Security Of Mobile Ad Hoc Networks.

GROUP KEY AUTHENTICATION - An Authenticated Group Key Transfer Protocol Based On Secret Sharing

Key Transfer Protocols Rely On A Mutually Trusted Key Generation Center (KGC) To Select Session Keys And Transport Session Keys To All Communication Entities Secretly. Most Often, KGC Encrypts Session Keys Under Another Secret Key Shared With Each Entity During Registration. In This Paper, We Propose An Authenticated Key Transfer Protocol Based On Secret Sharing Scheme That KGC Can Broadcast Group Key Information To All Group Members At Once And Only Authorized Group Members Can Recover The Group Key; But Unauthorized Users Cannot Recover The Group Key. The Confidentiality Of This Transformation Is Information Theoretically Secure. We Also Provide Authentication For Transporting This Group Key. Goals And Security Threats Of Our Proposed Group Key Transfer Protocol Will Be Analyzed In Detail.

COGNITIVE SENSOR NETWORK - Spectrum Availability Based Routing For Cognitive Sensor Networks

With The Occurrence Of Internet Of Things (IoT) Era, The Proliferation Of Sensors Coupled With The Increasing Usage Of Wireless Spectrums Especially The ISM Band Makes It Difficult To Deploy Real-life IoT. Currently, The Cognitive Radio Technology Enables Sensors Transmit Data Packets Over The Licensed Spectrum Bands As Well As The Free ISM Bands. The Dynamic Spectrum Access Technology Enables Secondary Users (SUs) Access Wireless Channel Bands That Are Originally Licensed To Primary Users. Due To The High Dynamic Of Spectrum Availability, It Is Challenging To Design An Efficient Routing Approach For SUs In Cognitive Sensor Networks. We Estimate The Spectrum Availability And Spectrum Quality From The View Of Both The Global Statistical Spectrum Usage And The Local Instant Spectrum Status, And Then Introduce Novel Routing Metrics To Consider The Estimation. In Our Novel Routing Metrics, One Retransmission Is Allowed To Restrict The Number Of Rerouting And Then Increase The Routing Performance. Then, The Related Two Routing Algorithms According To The Proposed Routing Metrics Are Designed. Finally, Our Routing Algorithms In Extensive Simulations Are Implemented To Evaluate The Routing Performance, And We Find That The Proposed Algorithms Achieve A Significant Performance Improvement Compared With The Reference Algorithm.

TRUST-BASED PACKET FILTERING -Towards Effective Trust-Based Packet Filtering In Collaborative Networks Environments

Overhead Network Packets Are A Big Challenge For Intrusion Detection Systems (IDSs), Which May Increase System Burden, Degrade System Performance, And Even Cause The Whole System Collapse, When The Number Of Incoming Packets Exceeds The Maximum Handling Capability. To Address This Issue, Packet Filtration Is Considered As A Promising Solution, And Our Previous Research Efforts Have Proven That Designing A Trust-based Packet Filter Was Able To Refine Unwanted Network Packets And Reduce The Workload Of A Local IDS. With The Development Of Internet Cooperation, Collaborative Intrusion Detection Environments (e.g., CIDNs) Have Been Developed, Which Allow IDS Nodes To Collect Information And Learn Experience From Others. However, It Would Not Be Effective For The Previously Built Trust-based Packet Filter To Work In Such A Collaborative Environment, Since The Process Of Trust Computation Can Be Easily Compromised By Insider Attacks. In This Paper, We Adopt The Existing CIDN Framework And Aim To Apply A Collaborative Trust-based Approach To Reduce Unwanted Packets. More Specifically, We Develop A Collaborative Trust-based Packet Filter, Which Can Be Deployed In Collaborative Networks And Be Robust Against Typical Insider Attacks (e.g., Betrayal Attacks). Experimental Results In Various Simulated And Practical Environments Demonstrate That Our Filter Can Perform Effectively In Reducing Unwanted Traffic And Can Defend Against Insider Attacks Through Identifying Malicious Nodes In A Quick Manner, As Compared To Similar Approaches.

ANOMLY DETECTION - Anomaly Detection And Attribution In Networks With Temporally Correlated Traffic

Anomaly Detection In Communication Networks Is The First Step In The Challenging Task Of Securing A Network, As Anomalies May Indicate Suspicious Behaviors, Attacks, Network Malfunctions, Or Failures. In This Paper, We Address The Problem Of Not Only Detecting The Anomalous Events But Also Of Attributing The Anomaly To The Flows Causing It. To This End, We Develop A New Statistical Decision Theoretic Framework For Temporally Correlated Traffic In Networks Via Markov Chain Modeling. We First Formulate The Optimal Anomaly Detection Problem Via The Generalized Likelihood Ratio Test (GLRT) For Our Composite Model. This Results In A Combinatorial Optimization Problem Which Is Prohibitively Expensive. We Then Develop Two Low-complexity Anomaly Detection Algorithms. The First Is Based On The Cross Entropy (CE) Method, Which Detects Anomalies As Well As Attributes Anomalies To Flows. The Second Algorithm Performs Anomaly Detection Via GLRT On The Aggregated Flows Transformation - A Compact Low-dimensional Representation Of The Raw Traffic Flows. The Two Algorithms Complement Each Other And Allow The Network Operator To First Activate The Flow Aggregation Algorithm In Order To Quickly Detect Anomalies In The System. Once An Anomaly Has Been Detected, The Operator Can Further Investigate Which Specific Flows Are Anomalous By Running The CE-based Algorithm. We Perform Extensive Performance Evaluations And Experiment Our Algorithms On Synthetic And Semi-synthetic Data, As Well As On Real Internet Traffic Data Obtained From The MAWI Archive, And Finally Make Recommendations Regarding Their Usability.

PROTECT PERSONAL DATA - Decentralized Privacy Using Block Chain To Protect Personal Data

The Recent Increase In Reported Incidents Of Surveillance And Security Breaches Compromising Users' Privacy Call Into Question The Current Model, In Which Third-parties Collect And Control Massive Amounts Of Personal Data. Bit Coin Has Demonstrated In The Financial Space That Trusted, Auditable Computing Is Possible Using A Decentralized Network Of Peers Accompanied By A Public Ledger. In This Paper, We Describe A Decentralized Personal Data Management System That Ensures Users Own And Control Their Data. We Implement A Protocol That Turns A Block Chain Into An Automated Access-control Manager That Does Not Require Trust In A Third Party. Unlike Bit Coin, Transactions In Our System Are Not Strictly Financial -- They Are Used To Carry Instructions, Such As Storing, Querying And Sharing Data. Finally, We Discuss Possible Future Extensions To Block Chains That Could Harness Them Into A Well-rounded Solution For Trusted Computing Problems In Society.

DATA AGGREGATION OF COLLUSION ATTACKS- Secure Data Aggregation In Wireless Sensor Networks In The Presence Of Collusion Attacks

Due To Limited Computational Power And Energy Resources, Aggregation Of Data From Multiple Sensor Nodes Done At The Aggregating Node Is Usually Accomplished By Simple Methods Such As Averaging. However Such Aggregation Is Known To Be Highly Vulnerable To Node Compromising Attacks. Since WSN Are Usually Unattended And Without Tamper Resistant Hardware, They Are Highly Susceptible To Such Attacks. Thus, Ascertaining Trustworthiness Of Data And Reputation Of Sensor Nodes Is Crucial For WSN. As The Performance Of Very Low Power Processors Dramatically Improves, Future Aggregator Nodes Will Be Capable Of Performing More Sophisticated Data Aggregation Algorithms, Thus Making WSN Less Vulnerable. Iterative Filtering Algorithms Hold Great Promise For Such A Purpose. Such Algorithms Simultaneously Aggregate Data From Multiple Sources And Provide Trust Assessment Of These Sources, Usually In A Form Of Corresponding Weight Factors Assigned To Data Provided By Each Source. In This Paper We Demonstrate That Several Existing Iterative Filtering Algorithms, While Significantly More Robust Against Collusion Attacks Than The Simple Averaging Methods, Are Nevertheless Susceptive To A Novel Sophisticated Collusion Attack We Introduce. To Address This Security Issue, We Propose An Improvement For Iterative Filtering Techniques By Providing An Initial Approximation For Such Algorithms Which Makes Them Not Only Collusion Robust, But Also More Accurate And Faster Converging.

MESSAGE AUTHENTICATION AND SOURCE - Hop-by-Hop Message Authentication And Source Privacy In Wireless Sensor Networks

Message Authentication Is One Of The Most Effective Ways To Thwart Unauthorized And Corrupted Messages From Being Forwarded In Wireless Sensor Networks (WSNs). For This Reason, Many Message Authentication Schemes Have Been Developed, Based On Either Symmetric-key Cryptosystems Or Public-key Cryptosystems. Most Of Them, However, Have The Limitations Of High Computational And Communication Overhead In Addition To Lack Of Scalability And Resilience To Node Compromise Attacks. To Address These Issues, A Polynomial-based Scheme Was Recently Introduced. However, This Scheme And Its Extensions All Have The Weakness Of A Built-in Threshold Determined By The Degree Of The Polynomial: When The Number Of Messages Transmitted Is Larger Than This Threshold, The Adversary Can Fully Recover The Polynomial. In This Paper, We Propose A Scalable Authentication Scheme Based On Elliptic Curve Cryptography (ECC). While Enabling Intermediate Nodes Authentication, Our Proposed Scheme Allows Any Node To Transmit An Unlimited Number Of Messages Without Suffering The Threshold Problem. In Addition, Our Scheme Can Also Provide Message Source Privacy. Both Theoretical Analysis And Simulation Results Demonstrate That Our Proposed Scheme Is More Efficient Than The Polynomial-based Approach In Terms Of Computational And Communication Overhead Under Comparable Security Levels While Providing Message Source Privacy.

MISBEHAVIOUR DETECTION SCHEME - A Probabilistic Misbehavior Detection Scheme Toward Efficient Trust Establishment In Delay-Tolerant Networks

Malicious And Selfish Behaviors Represent A Serious Threat Against Routing In Delay/disruption Tolerant Networks (DTNs). Due To The Unique Network Characteristics, Designing A Misbehavior Detection Scheme In DTN Is Regarded As A Great Challenge. In This Paper, We Propose ITrust, A Probabilistic Misbehavior Detection Scheme, For Secure DTN Routing Toward Efficient Trust Establishment. The Basic Idea Of ITrust Is Introducing A Periodically Available Trusted Authority (TA) To Judge The Node's Behavior Based On The Collected Routing Evidences And Probabilistically Checking. We Model ITrust As The Inspection Game And Use Game Theoretical Analysis To Demonstrate That, By Setting An Appropriate Investigation Probability, TA Could Ensure The Security Of DTN Routing At A Reduced Cost. To Further Improve The Efficiency Of The Proposed Scheme, We Correlate Detection Probability With A Node's Reputation, Which Allows A Dynamic Detection Probability Determined By The Trust Of The Users. The Extensive Analysis And Simulation Results Demonstrate The Effectiveness And Efficiency Of The Proposed Scheme.

KEY EXCHAGE OVER INTERNET - Privacy-Preserving Authenticated Key-Exchange Over Internet

Key-exchange, In Particular Diffie-Hellman Key-exchange (DHKE), Is Among The Core Cryptographic Mechanisms For Ensuring Network Security. For Key-exchange Over The Internet, Both Security And Privacy Are Desired. In This Paper, We Develop A Family Of Privacy-preserving Authenticated DHKE Protocols Named Deniable Internet Key-exchange (DIKE), Both In The Traditional PKI Setting And In The Identity-based Setting. The Newly Developed DIKE Protocols Are Of Conceptual Clarity And Practical (online) Efficiency. They Provide Useful Privacy Protection To Both Protocol Participants, And Add Novelty And New Value To The IKE Standard. To The Best Of Our Knowledge, Our Protocols Are The First Provably Secure DHKE Protocols That Additionally Enjoy All The Following Privacy Protection Advantages: 1) Forward Deniability, Actually Concurrent Non-malleable Statistical Zero-knowledge, For Both Protocol Participants Simultaneously; 2) The Session Transcript And Session-key Can Be Generated Merely From DH-exponents (together With Some Public Values), Which Thus Cannot Be Traced To The Pair Of Protocol Participants; And 3) Exchanged Messages Do Not Bear Peer's Identity, And Do Not Explicitly Bear Player Role Information.

TRAFFICE ANALYSIS - Click Traffic Analysis Of Short URL Spam On Twitter

With An Average Of 80% Length Reduction, The URL Shorteners Have Become The Norm For Sharing URLs On Twitter, Mainly Due To The 140-character Limit Per Message. Unfortunately, Spammers Have Also Adopted The URL Shorteners To Camouflage And Improve The User Click-through Of Their Spam URLs. In This Paper, We Measure The Misuse Of The Short URLs And Analyze The Characteristics Of The Spam And Non-spam Short URLs. We Utilize These Measurements To Enable The Detection Of Spam Short URLs. To Achieve This, We Collected Short URLs From Twitter And Retrieved Their Click Traffic Data From Bitly, A Popular URL Shortening System. We First Investigate The Creators Of Over 600,000 Bitly Short URLs To Characterize Short URL Spammers. We Then Analyze The Click Traffic Generated From Various Countries And Referrers, And Determine The Top Click Sources For Spam And Non-spam Short URLs. Our Results Show That The Majority Of The Clicks Are From Direct Sources And That The Spammers Utilize Popular Websites To Attract More Attention By Cross-posting The Links. We Then Use The Click Traffic Data To Classify The Short URLs Into Spam Vs. Non-spam And Compare The Performance Of The Selected Classifiers On The Dataset. We Determine That The Random Tree Algorithm Achieves The Best Performance With An Accuracy Of 90.81% And An F-measure Value Of 0.913.

SHORTEST DISTANCE- Approximate Shortest Distance Computing-a Query Dependent Local Landmark Scheme

Shortest Distance Query Between Two Nodes Is A Fundamental Operation In Large-scale Networks. Most Existing Methods In The Literature Take A Landmark Embedding Approach, Which Selects A Set Of Graph Nodes As Landmarks And Computes The Shortest Distances From Each Landmark To All Nodes As An Embedding. To Handle A Shortest Distance Query Between Two Nodes, The Precomputed Distances From The Landmarks To The Query Nodes Are Used To Compute An Approximate Shortest Distance Based On The Triangle Inequality. In This Paper, We Analyze The Factors That Affect The Accuracy Of The Distance Estimation In The Landmark Embedding Approach. In Particular We Find That A Globally Selected, Query-independent Landmark Set Plus The Triangulation Based Distance Estimation Introduces A Large Relative Error, Especially For Nearby Query Nodes. To Address This Issue, We Propose A Query-dependent Local Landmark Scheme, Which Identifies A Local Landmark Close To The Specific Query Nodes And Provides A More Accurate Distance Estimation Than The Traditional Global Landmark Approach. Specifically, A Local Landmark Is Defined As The Least Common Ancestor Of The Two Query Nodes In The Shortest Path Tree Rooted At A Global Landmark. We Propose Efficient Local Landmark Indexing And Retrieval Techniques, Which Are Crucial To Achieve Low Offline Indexing Complexity And Online Query Complexity. Two Optimization Techniques On Graph Compression And Graph Online Search Are Also Proposed, With The Goal To Further Reduce Index Size And Improve Query Accuracy. Our Experimental Results On Large-scale Social Networks And Road Networks Demonstrate That The Local Landmark Scheme Reduces The Shortest Distance Estimation Error Significantly When Compared With Global Landmark Embedding.

SOCIAL STREAM - Detection Of Emerging Topics In Social Stream Using Link Anomaly

Detection Of Emerging Topics Is Now Receiving Renewed Interest Motivated By The Rapid Growth Of Social Networks. Conventional-term-frequency-based Approaches May Not Be Appropriate In This Context, Because The Information Exchanged In Social-network Posts Include Not Only Text But Also Images, URLs, And Videos. We Focus On Emergence Of Topics Signaled By Social Aspects Of Theses Networks. Specifically, We Focus On Mentions Of Users--links Between Users That Are Generated Dynamically (intentionally Or Unintentionally) Through Replies, Mentions, And Retweets. We Propose A Probability Model Of The Mentioning Behavior Of A Social Network User, And Propose To Detect The Emergence Of A New Topic From The Anomalies Measured Through The Model. Aggregating Anomaly Scores From Hundreds Of Users, We Show That We Can Detect Emerging Topics Only Based On The Reply/mention Relationships In Social-network Posts. We Demonstrate Our Technique In Several Real Data Sets We Gathered From Twitter. The Experiments Show That The Proposed Mention-anomaly-based Approaches Can Detect New Topics At Least As Early As Text-anomaly-based Approaches, And In Some Cases Much Earlier When The Topic Is Poorly Identified By The Textual Contents In Posts.

SOCIAL NETWORK - Experimental Analysis On Access Control Using Trust Parameter For Social Network

Technology Made Socializing Very Simple And Easy, Connecting Everyone Is Just A Matter Of A Click Today. The Security Of Our Personal Information And Sharing That Information In The Digital World Has Always Been A Major Challenge For The Ever-growing Social Networks. When It Comes To The Relationship Between People And Technology, The Attribution Of Trust Is A Matter Of Dispute Always. This Paper Proposes An Access Control Scheme Called Trust Based Access Control For Social Networks, Or STBAC, Which Allows Users To Share Data Among Their Friends, Using A Trust Computation To Determine Which Friends Should Be Given Access. This Trust Computation Uses Previous Interactions Among A User's Friends To Classify His Or Her Peers Into Privileged Or Unprivileged Zones, Which Determine Whether That Peer Gains Access To The User's Data. The System Will Work As A Filter For Each Of The Peer And Try To Evaluate The Trust Access Control In Social Networks.

TOLERANT NETWORK ROUTING- A Novel Message Scheduling Framework For Delay Tolerant Networks Routing

Multicopy Routing Strategies Have Been Considered The Most Applicable Approaches To Achieve Message Delivery In Delay Tolerant Networks (DTNs). Epidemic Routing And Two-hop Forwarding Routing Are Two Well-reported Approaches For Delay Tolerant Networks Routing Which Allow Multiple Message Replicas To Be Launched In Order To Increase Message Delivery Ratio And/or Reduce Message Delivery Delay. This Advantage, Nonetheless, Is At The Expense Of Additional Buffer Space And Bandwidth Overhead. Thus, To Achieve Efficient Utilization Of Network Resources, It Is Important To Come Up With An Effective Message Scheduling Strategy To Determine Which Messages Should Be Forwarded And Which Should Be Dropped In Case Of Buffer Is Full. This Paper Investigates A New Message Scheduling Framework For Epidemic And Two-hop Forwarding Routing In DTNs, Such That The Forwarding/dropping Decision Can Be Made At A Node During Each Contact For Either Optimal Message Delivery Ratio Or Message Delivery Delay. Extensive Simulation Results Show That The Proposed Message Scheduling Framework Can Achieve Better Performance Than Its Counterparts.

INTERNET DISTRIBUTED SYSTEM - Optimal Client Server Assignment For Internet Distributed Systems

We Investigate An Underlying Mathematical Model And Algorithms For Optimizing The Performance Of A Class Of Distributed Systems Over The Internet. Such A System Consists Of A Large Number Of Clients Who Communicate With Each Other Indirectly Via A Number Of Intermediate Servers. Optimizing The Overall Performance Of Such A System Then Can Be Formulated As A Client-server Assignment Problem Whose Aim Is To Assign The Clients To The Servers In Such A Way To Satisfy Some Prespecified Requirements On The Communication Cost And Load Balancing. We Show That 1) The Total Communication Load And Load Balancing Are Two Opposing Metrics, And Consequently, Their Tradeoff Is Inherent In This Class Of Distributed Systems; 2) In General, Finding The Optimal Client-server Assignment For Some Prespecified Requirements On The Total Load And Load Balancing Is NP-hard, And Therefore; 3) We Propose A Heuristic Via Relaxed Convex Optimization For Finding The Approximate Solution. Our Simulation Results Indicate That The Proposed Algorithm Produces Superior Performance Than Other Heuristics, Including The Popular Normalized Cuts Algorithm.

CONTROLLING IP SPOOFING - Controlling IP Spoofing Through Inter-Domain Packet Filters

The Distributed Denial-of-service (DDoS) Attack Is A Serious Threat To The Legitimate Use Of The Internet. Prevention Mechanisms Are Thwarted By The Ability Of Attackers To Forge Or Spoof The Source Addresses In IP Packets. By Employing IP Spoofing, Attackers Can Evade Detection And Put A Substantial Burden On The Destination Network For Policing Attack Packets. In This Paper, We Propose An Interdomain Packet Filter (IDPF) Architecture That Can Mitigate The Level Of IP Spoofing On The Internet. A Key Feature Of Our Scheme Is That It Does Not Require Global Routing Information. IDPFs Are Constructed From The Information Implicit In Border Gateway Protocol (BGP) Route Updates And Are Deployed In Network Border Routers. We Establish The Conditions Under Which The IDPF Framework Correctly Works In That It Does Not Discard Packets With Valid Source Addresses. Based On Extensive Simulation Studies, We Show That, Even With Partial Deployment On The Internet, IDPFs Can Proactively Limit The Spoofing Capability Of Attackers. In Addition, They Can Help Localize The Origin Of An Attack Packet To A Small Number Of Candidate Networks.

ESM- Efficient And Scalable Data Center Multicast Routing

Multicast Benefits Group Communications In Saving Network Traffic And Improving Application Throughput, Both Of Which Are Important For Data Center Applications. However, The Technical Trend Of Data Center Design Poses New Challenges For Efficient And Scalable Multicast Routing. First, The Densely Connected Networks Make Traditional Receiver-driven Multicast Routing Protocols Inefficient In Multicast Tree Formation. Second, It Is Quite Difficult For The Low-end Switches Widely Used In Data Centers To Hold The Routing Entries Of Massive Multicast Groups. In This Paper, We Propose ESM, An Efficient And Scalable Multicast Routing Scheme For Data Center Networks. ESM Addresses The Challenges Above By Exploiting The Feature Of Modern Data Center Networks. Based On The Regular Topology Of Data Centers, ESM Uses A Source-to-receiver Expansion Approach To Build Efficient Multicast Trees, Excluding Many Unnecessary Intermediate Switches Used In Receiver-driven Multicast Routing. For Scalable Multicast Routing, ESM Combines Both In-packet Bloom Filters And In-switch Entries To Make The Tradeoff Between The Number Of Multicast Groups Supported And The Additional Bandwidth Overhead. Simulations Show That ESM Saves 40% ~ 50% Network Traffic And Doubles The Application Throughputs Compared To Receiver-driven Multicast Routing, And The Combination Routing Scheme Significantly Reduces The Number Of In-switch Entries Required. We Implement ESM On A Linux Platform. The Experimental Results Further Demonstrate That ESM Can Well Support Online Tree Building For Large-scale Groups With Churns, And The Overhead Of The Combination Forwarding Engine Is Light-weighted.

COLLABORATIVE PROTECTION NETWORK - Firecol A Collaborative Protection Network For Vehicle Safety Communication On The Freeway

Distributed Denial-of-service (DDoS) Attacks Remain A Major Security Problem, The Mitigation Of Which Is Very Hard Especially When It Comes To Highly Distributed Botnet-based Attacks. The Early Discovery Of These Attacks, Although Challenging, Is Necessary To Protect End-users As Well As The Expensive Network Infrastructure Resources. In This Paper, We Address The Problem Of DDoS Attacks And Present The Theoretical Foundation, Architecture, And Algorithms Of FireCol. The Core Of FireCol Is Composed Of Intrusion Prevention Systems (IPSs) Located At The Internet Service Providers (ISPs) Level. The IPSs Form Virtual Protection Rings Around The Hosts To Defend And Collaborate By Exchanging Selected Traffic Information. The Evaluation Of FireCol Using Extensive Simulations And A Real Dataset Is Presented, Showing FireCol Effectiveness And Low Overhead, As Well As Its Support For Incremental Deployment In Real Networks.