Session Poster-1

Poster Session 1

Conference
8:00 PM — 10:00 PM EDT
Local
May 11 Tue, 8:00 PM — 10:00 PM EDT

Machine Learning Toolkit for System Log File Reduction and Detection of Malicious Behavior

Ralph P Ritchey and Richard Perry (Villanova University, USA)

0
The increasing use of encryption blinds traditional network-based intrusion detection systems (IDS) from performing deep packet inspection. An alternative data source for detecting malicious activity is necessary. Log files found on servers and desktop systems provide an alternative data source containing information about activity occurring on the device and over the network. The log files can be sizeable, making the transport, storage, and analysis difficult. Malicious behavior may appear as normal events in logs, not triggering an error or another obvious indicator, making automated detection challenging. The research described here utilizes a Python-based toolkit approach with unsupervised machine learning to reduce log file sizes and detect malicious behavior.

Virtual Credit Framework in the Remote Work Era

Justin Kim (Twitter, USA)

0
Traditional corporate device and network security principles and threat modeling are largely based on the physical location of a device. It poses significant challenges in the new-norm of remote work era since employees' devices are no longer confined within company's physical perimeter. Employees are accessing critical corporate resources from anywhere with corporate-issued devices. Zero Trust networks is a promising solution since it provides a unified network security framework regardless of its location. However, it is challenging to implement Zero Trust networks due to the lack of standard technology and interoperable solution. In this paper, we propose a framework to materialize Zero Trust networks efficiently by introducing a novel concept - virtual device credit. Based on the proposed virtual credit concept, Zero Trust network can be materialized in a seamless way allowing reuse of existing network security and access control technologies.

On the Reliability of State-of-the-art Network Testbed Components

Runsen Gong (Northeastern University, China); Weichao Li (Southern University of Science and Technology, China); Fuliang Li (Northeastern University, China); Yi Wang (Southern University of Science and Technology, China)

0
Network testbed usually produces a closer realworld environment in comparison with emulators or simulators in network research and development. However, few question whether the results derived from those testbeds are credible. In this research, we investigate the reliability of major components employed by some typical testbeds, including packet generators and packet forwarding devices. We utilize a Endace DAG card to capture the packets generated or forwarded by these components, evaluating their behavior in terms of flow throughput, accuracy and reliability. We believe that our study could shed light on network testbed design.

Enabling Lightweight Network Performance Monitoring and Troubleshooting in Data Center

Qinglin Xun, Weichao Li, Haorui Guo and Yi Wang (Southern University of Science and Technology, China)

0
Network performance monitoring and troubleshooting is a critical but challenging task in data center management. Although many solutions have been proposed in the past decades, it is still difficult to deploy them in the real world because of the expensive cost. In this work, we propose LMon, a network measurement and fault localization system for facilitating long-term maintenance of datacenter networks. LMon employs a lightweight network monitoring tool based on packet pair technique, which supports bi-directional monitoring only on one end host without replacing any device. Moreover, the least measurement deployment policy introduces very small overhead to the network. LMon has been deployed to our production data center on a scale of 50 racks and 500 servers for months. The running experience confirms the efficiency of LMon and points out the future direction of improvement.

Optimal Peak-Minimizing Online Algorithms for Large-Load Users with Energy Storage

Yanfang Mo (City University of Hong Kong, China); Qiulin Lin (The Chinese University of Hong Kong, China); Minghua Chen (City University of Hong Kong, Hong Kong); S. Joe Qin (CityU, China)

1
The introduction of peak-demand charge motivates large-load customers to flatten their demand curves, while their self-owned renewable generations aggravate demand fluctuations. Therefore, it is attractive to utilize energy storage for shaping real-time loads and reducing electricity bills. In this paper, we propose the first peak-aware competitive online algorithm for leveraging stored energy (e.g., in fuel cells) to minimize peak demand charge. Our algorithm decides the discharging quantity slot by slot to maintain the optimal worst-case performance guarantee (namely, competitive ratio) among all deterministic online algorithms. Interestingly, we show that the best competitive ratio can be computed by solving a linear number of linear-fractional problems. We can also extend our competitive algorithm and analysis to improve the average-case performance and consider short-term prediction.

C-ITS In Real Environment Using Heterogeneous Wireless Networking

Muhammad Naeem Tahir (Finnish Meteorological Institute (FMI) & University of Oulu, Center of Wireless Communication, Finland)

0
The wireless communication and pervasive technologies are the fundamental entities to make a transport system "Cooperative" and "smart". This transport system is termed as a Cooperative Intelligent Transport System (C-ITS) that is aimed to enhance the safety of road users, driving comfort as well as to reduce the CO2 emissions. The industries and academic institution all-over the world is continuously performing research and implementing field measurements to make the C-ITS technology to life. Both 3rd Generation Partnership Project (3GPP) and European Telecommunication Standards Institute (ETSI) have been working on respective standards (3GPP V2X and ETSI ITS-G5 in Europe) to provide a seamless connection in C-ITS communication. In this poster paper, we have discussed the pilot C-ITS use-case scenarios conducted on a test-track in Northern Finland. The pilot measurements are planned by using heterogeneous wireless communication technologies (ITS-G5 and 5GTN) to provide C-ITS service alerts. The C-ITS service alerts are used to avoid road traffic collisions as well as to improve traffic efficiency with CO2 reduction. The C-ITS pilot service alerts proved that the heterogeneous network considerably improves the communication link availability between vehicles and road-side-infrastructure to make it more secure, eco-friendly and efficient.

Multipath In-band Network Telemetry

Yan Zheng (Purple Mountain Laboratories, China); Tian Pan (Beijing University of Posts and Telecommunications, China); Yan Zhang (NOT & Purple Mountain Laboratories, China); Enge Song, Tao Huang and Yunjie Liu (Beijing University of Posts and Telecommunications, China)

0
Multicast is a popular way of data dissemination. How to monitor the multicast traffic is essential to tackle network bottlenecks and performance woes. The original In-band Network Telemetry (INT) provides a fine-grained and real-time monitoring solution. However, to use this method directly on the multicast traffic causes problems like telemetry data redundancy and network bandwidth wasting since the monitoring data of the same device may be duplicated several times. In this paper, we propose an optimized algorithm called MPINT for multicast traffic monitoring, which is cost-effective with minor bandwidth overhead. Compared with the original INT, the extensive evaluation shows that the percentage drop in INT overhead is over 80% during the forwarding process using MPINT. In addition, the final upload bytes for MPINT reduces by 50%, and it takes less than 0.5 seconds to complete the data analysis on 180 devices.

VXLAN-based INT: In-band Network Telemetry for Overlay Network Monitoring

Yan Zhang (NOT & Purple Mountain Laboratories, China); Tian Pan (Beijing University of Posts and Telecommunications, China); Yan Zheng (Purple Mountain Laboratories, China); Enge Song, Tao Huang and Yunjie Liu (Beijing University of Posts and Telecommunications, China)

2
With the development of virtualization technology and the growing user requirements, the overlay network is becoming more widely used in data centers. Because of the ever-increasing network complexity, overlay network monitoring becomes more significant and challenging. In-band Network Telemetry (INT) achieves fine-grained network monitoring by encapsulating device-internal status into packets. However, as an underlying device-level primitive, INT is hard to directly apply to the overlay network because of the imperceptible underlying network topology. In this work, we propose VXLAN-based INT, an INT system for overlay network monitoring based on Virtual extended Local Area Network (VXLAN) protocol. We define the probe format, control the forwarding behaviors, and design the data structure to build this framework. VXLAN-based INT can monitor single-hop and obtain the mapping relationship between the overlay network and the corresponding underlay network through a table lookup operation. The experiment shows that the processing delay of a switch under light load is about 150 us in a random example.

Implementation of Block-Wise-Transform-Reduction Method for Image Reconstruction in Ultrasound Transmission Tomography

Mariusz Mazurek (Polish Academy of Sciences, Poland); Konrad Kania (Lublin University of Technology, Poland); Tomasz Rymarczyk (Research and Development Center Netrix S.A./University of Economics and Innovation in Lublin, Poland); Dariusz Wójcik (Research and Development Center Netrix S.A., Poland); Tomasz Cieplak (Lublin University of Technology, Poland); Piotr Gołąbek (University of Economics and Innovation in Lublin, Poland)

1
The work presents image reconstruction in ultrasonic transmission tomography using the Block-Wise-Transform-Reduction method. The system consists of a tomography platform using ultrasound built by the authors, and an algorithm that can reconstruct images in a distributed system. The algorithm applies image compression techniques (Discrete Cosine Transformation) for each block of the image separately. This allows location object in the analyzed area for real-time image reconstruction using an ultrasound tomographic device. The idea behind the method used is that the reconstruction process is directly connected to the compression process.

Session Chair

Ruozhou Yu (North Carolina State University, United States)

Session Poster-2

Poster Session 2

Conference
8:00 PM — 10:00 PM EDT
Local
May 11 Tue, 8:00 PM — 10:00 PM EDT

Adaptive IoT Service Configuration Optimization in Edge Networks

Mengyu Sun (China University of Geosciences (Beijing), China); Zhangbing Zhou (Institute Telecom, France); Walid Gaaloul (Telecom SudParis, Samovar, France)

0
The collaboration of Internet of Things (IoT) devices promotes the computation at the network edge to satisfy latency-sensitive requests. The functionalities provided by IoT devices are encapsulated as IoT services, and the satisfaction of requests is reduced to the composition of services. Due to the hard-to-prediction of forthcoming requests, an adaptive service configuration is essential, when latency constraints are satisfied by composed services. This problem is formulated as a continuous time Markov decision process model constructed with updating system states, taking actions and assessing rewards constantly. A temporal-difference learning approach is developed to optimize the configuration, while taking long-term service latency and energy efficiency into consideration. Experimental results show that our approach outperforms the state-of-art's techniques for achieving close-to-optimal service configurations.

An FPGA-based High-Throughput Packet Classification Architecture Supporting Dynamic Updates for Large-Scale Rule Sets

Yao Xin (Peng Cheng Laboratory, China); Wenjun Li (Peking University, China); Yi Wang (Southern University of Science and Technology, China); Song Yao (New H3C, China)

0
A high-performance packet classification architecture based on FPGA supporting large-scale rule sets up to 100k is proposed in this poster. It supports fast dynamic rule update and tree reconstruction. The update throughput is comparable to that of classification. An efficient data structure set for decision tree is constructed to convert tree traversal to addressing process. Different levels of parallelism are fully explored with multi-core, multi-search-engine and coarse-grained pipeline. It achieves a peak throughput of more than 1000 MPPS for 10k and 1k rule set for both classification and update.

Power-Efficient Scheduling for Time-Critical Networking with Heterogeneous Traffic

Emmanouil Fountoulakis and Nikolaos Pappas (Linköping University, Sweden); Anthony Ephremides (University of Maryland, USA)

0
Future wireless networks will be characterized by users with heterogeneous requirements. Such users can require low-latency or minimum-throughput. In addition, due to the limited-power budget of the mobile devices, a power-efficient scheduling scheme is required by the network. In this work, we cast a stochastic network optimization problem for minimizing the packet drop rate while guaranteeing a minimum-throughput and taking into account the limited-power capabilities of the users.

A Semi-Supervised Approach for Network Intrusion Detection Using Generative Adversarial Networks

Hyejeong Jeong, Jieun Yu and Wonjun Lee (Korea University, Korea (South))

4
Network intrusion detection is a crucial task since malicious traffic occurs every second these days. Various research has been studied in this field and shows high performance. However, most of them are conducted in a supervised manner that needs a range of labeled data but it is hard to obtain. This paper proposes a semi-supervised Generative Adversarial Networks (GAN) model that requires only 10 labeled data per flow type. Our model is evaluated using the publicly available CICIDS-2017 dataset and outperforms other malware traffic classification models.

Pedestrian Trajectory based Calibration for Multi-Radar Network

Shuai Li, Junchen Guo and Rui Xi (Tsinghua University, China); Chunhui Duan (Beijing Institute of Technology, China); Zhengang Zhai (CETC, China); Yuan He (Tsinghua University, China)

0
In recent years, using radio frequency (RF) signal for pedestrian localization and tracking has aroused great interest of researchers due to its property of privacy protection. With the high spatial resolution, millimeter wave (mmWave) becomes one of the most promising RF technologies in human sensing tasks. Existing mmWave-based localization and tracking approaches can achieve decimeter-level accuracy. However, it's still extremely challenging to locate and track multiple pedestrians in a complex indoor environment due to target occlusion and multipath effect. To overcome these challenges, it is an opportunity to leverage multiple mmWave radars to form a multi-radar network that monitors pedestrians from different perspectives. In this poster, we address one of the fundamental challenges of building one multi-radar network: How to calibrate the perspectives of different mmWave radars before fusing their data. To reduce the overhead and improve the efficiency, we propose a multi-radar calibration method that determines the position relationship of different radars by tracking the pedestrian trajectory. Our evaluation shows that the proposed method can achieve the average error of (8.7cm, 8.5cm) in 2D position and 0.79 ◦ in angle.

Voice Recovery from Human Surroundings with Millimeter Wave Radar

Yinian Zhou, Awais Ahmad Siddiqi, Jia Zhang and Junchen Guo (Tsinghua University, China); Zhengang Zhai (CETC, China); Yuan He (Tsinghua University, China)

0
Voice assistants have become a common part of our lives and can help us convey commands conveniently. However, in a noisy environment, their microphones cannot clearly distinguish human voice commands. Some works use millimeter wave radars to detect the vibration of the human throat to recognize voice commands so that the background noise can be reduced, but they require people to be still at a fixed position in front of the radar. In this poster, we found that when the human speaks, the objects around the human body will produce vibration signals, which also contain human voice information. These vibration signals can be utilized to extract the voice while people can move freely. We first detect the vibrations of objects around human body. Then the common components of these vibration signals can be extracted to recover voices. We evaluate this method on several short sentences and the results show that there is a high correlation between the recovered voice signal and the corresponding original voice signal.

Insecticidal Performance Simulation of Solar Insecticidal Lamps Internet of Things Using the Number of Falling Edge Trigger

Xing Yang (Nanjin Agricultural University, China); Lei Shu, Kai Huang and Kailiang Li (Nanjing Agricultural University, China); Heyang Yao (Nanjin Agricultural University, China)

0
Solar insecticidal lamp (SIL) releases high voltage pulse discharge to kill migratory insects with phototaxis feature, and the insecticidal count is calculated by discharge times. However, it is hard to predict and quantify the insecticidal performance due to the unpredictable insect species. Besides, SIL may not able to kill insects when the energy is insufficient, which affects task schedule and fault detection of solar insecticidal lamps Internet of Things (SIL-IoTs). To overcome this problem, it is critical to find key factors that have a mapping relation with insecticidal performance. High voltage pulse discharge generates electromagnetic interference in form of changing of microprocessors' falling edge trigger (FET), which may conduce to evaluate insecticidal performance. Aiming to explore this issue, we designed an experiment. The experiment results indicate that the number of FET can be applied to evaluate and simulate the insecticidal performance, which contributes to task schedule and fault detection of SIL-IoTs.

Optimized BGP Simulator for Evaluation of Internet Hijacks

Markus Brandt (Technische Universität Darmstadt & Fraunhofer, Germany); Haya Shulman (Fraunhofer SIT, Germany)

0
Simulating network experiments is critical for inferring insights on the large scale Internet attacks and defences. In this work we develop a new network simulator for evaluating routing attacks and defences. We compare it to existing simulators demonstrating better performance and higher accuracy in evaluation of attacks and defences. We apply our simulator for evaluating hijacks of 1M-top Alexa domains and show that about 50\% of the targets are vulnerable.

Monitoring Android Communications for Security

José Antonio Gómez-Hernández, Pedro García-Teodoro, Juan Antonio Holgado-Terriza, Gabriel Maciá-Fernández, José Camacho and José Noguera-Comino (University of Granada, Spain)

0
Security detection procedures rely on a previous monitoring process aimed to gather specific operational information regarding the target system. For this purpose, a specific monitoring app named AMon has been developed by authors, which is a JAVA tool oriented to multidimensional device data gathering in Android environments. It collects disparate sources of information, from applications and permissions to network related activities, which allows capturing the user behavior over time.

Session Chair

Yin Sun (Auburn University, United States)

Made with in Toronto · Privacy Policy · INFOCOM 2020 · © 2021 Duetone Corp.