Biblio

This paper presents the results of a multifaceted study of the behavior of a novel hydrokinetic energy harvester that utilizes vertical oscillations. Unlike traditional rotating turbines used in hydrokinetic energy, this particular device utilizes the fluid structure interactions of vortex-induced-vibration and gallop. Due to the unique characteristics of this vertical motion, a thorough examination of the proposed system was conducted via a three-pronged approach of simulation, emulation, and field testing. Using a permanent magnet synchronous generator as the electrical power generation source, an electrical power conversion system was simulated, emulated, and tested to achieve appropriate power smoothing for use in microgrid systems present in many Alaskan rural locations.

The security of the power grid is the first element of its operation. This paper aims at finding the vulnerability nodes in the power grid to prevent it from being destroyed. A novel comprehensive vulnerability index is proposed to the singleness of evaluation indicators for existing literature by integrating the power grid's topology information and operating state. Taking IEEE-118 as an example, the simulation analysis proves that the proposed vulnerability index has certain discriminative advantages and the best weighting factor is obtained through correlation analysis.

Professional training is essential for organizations to successfully defend their assets against cyber-attacks. Successful detection and prevention of security incidents demands that personnel is not just aware about the potential threats, but its security expertise goes far beyond the necessary background knowledge. To fill-in the gap for competent security professionals, platforms offering realistic training environments and scenarios are designed that are referred to as cyber-ranges. Multiple cyber-ranges listed under a common platform can simulate more complex environments, referred as cyber-range federations. Security education approaches often implement gamification mechanics to increase trainees’ engagement and maximize the outcome of the training process. Scoring is an integral part of a gamification scheme, allowing both the trainee and the trainer to monitor the former’s performance and progress. In this article, a novel scoring model is presented that is designed to be agnostic with respect to the source of information: either a CR or a variety of different CRs being part of a federated environment.

Considering the influence of load, This paper proposes a robust analysis method of cyber-physical power system based on the evolution of adjacency matrix. This method uses the load matrix to detect whether the system has overload failure, utilizes the reachable matrix to detect whether the system has unconnected failure, and uses the dependency matrix to reveal the cascading failure mechanism in the system. Finally, analyze the robustness of the cyber-physical power system. The IEEE30 standard node system is taken as an example for simulation experiment, and introduced the connectivity index and the load loss ratio as evaluation indexes. The robustness of the system is evaluated and analyzed by comparing the variation curves of connectivity index and load loss ratio under different tolerance coefficients. The results show that the proposed method is feasible, reduces the complexity of graph-based attack methods, and easy to research and analyze.

Software-Defined Networking (SDN) has found applications in different domains, including wired- and wireless networks. The SDN controller has a global view of the network topology, which is vulnerable to topology poisoning attacks, e.g., link fabrication and host-location hijacking. The adversaries can leverage these attacks to monitor the flows or drop them. However, current defence systems such as TopoGuard and TopoGuard+ can detect such attacks. In this paper, we introduce the Link Latency Attack (LLA) that can successfully bypass the systems' defence mechanisms above. In LLA, the adversary can add a fake link into the network and corrupt the controller's view from the network topology. This can be accomplished by compromising the end hosts without the need to attack the SDN-enabled switches. We develop a Machine Learning-based Link Guard (MLLG) system to provide the required defence for LLA. We test the performance of our system using an emulated network on Mininet, and the obtained results show an accuracy of 98.22% in detecting the attack. Interestingly, MLLG improves 16% the accuracy of TopoGuard+.

Vehicular networks have been considered as a hopeful technology to enhance road safety, which is a crossing area of Internet of Things (IoT) and Intelligent Transportation Systems (ITS). Current Internet architecture using the TCP/IP model and based on host-to-host is limited when it comes to vehicular communications which are characterized by high speed and dynamic topology. Thus, using Named Data Networking (NDN) in connected vehicles may tackle the issues faced with the TCP/IP model. In this paper, we investigate the security concerns of applying NDN in vehicular environments and discuss the remaining challenges in order to guide researchers in this field to choose their future research direction.

Network embedding, which aims to map the discrete network topology to a continuous low-dimensional representation space with the major topological properties preserved, has emerged as an essential technique to support various network inference tasks. However, incorporating both the evolutionary nature and the network's heterogeneity remains a challenge for existing network embedding methods. In this study, we propose a novel Translation-Based Dynamic Heterogeneous Network Embedding (TransDHE) approach to consider both the aspects simultaneously. For a dynamic heterogeneous network with a sequence of snapshots and multiple types of nodes and edges, we introduce a translation-based embedding module to capture the heterogeneous characteristics (e.g., type information) of each single snapshot. An orthogonal alignment module and RNN-based aggregation module are then applied to explore the evolutionary patterns among multiple successive snapshots for the final representation learning. Extensive experiments on a set of real-world networks demonstrate that TransDHE can derive the more informative embedding result for the network dynamic and heterogeneity over state-of-the-art network embedding baselines.

Wireless Sensor Network consists of hundreds to thousands of tiny sensor nodes deployed in the large field of the target phenomenon. Sensor nodes have advantages for its size, multifunctional, and inexpensive features; unfortunately, the resources are limited in terms of memory, computational, and in energy, especially. Network transmission between nodes and base station (BS) needs to be carefully designed to prolong the network life cycle. As the data transmission is energy consuming compared to data processing, designing sensor nodes into hierarchical network architecture is preferable because it can limit the network transmission. LEACH is one of the hierarchical network protocols known for simple and energy saving protocols. There are lots of modification made since LEACH was introduced for more energy efficient purposed. In this paper, hybridization of LEACH-C and LEACH-R and the modification have been presented for a more energy saving LEACH called LEACH-CR. Experimental result was compared with previous LEACH variant and showed to has advantages over the existing LEACH protocols in terms of energy consumption, dead/alive nodes, and the packet sent to Base Station. The result reflects that the consideration made for residual energy to select the cluster head and proximity transmission lead to a better energy consumption in the network.

Cloud computing systems (CCSs) enable the sharing of physical computing resources through virtualisation, where a group of virtual machines (VMs) can share the same physical resources of a given machine. However, this sharing can lead to a so-called side-channel attack (SCA), widely recognised as a potential threat to CCSs. Specifically, malicious VMs can capture information from (target) VMs, i.e., those with sensitive information, by merely co-located with them on the same physical machine. As such, a VM allocation algorithm needs to be cognizant of this issue and attempts to allocate the malicious and target VMs onto different machines, i.e., the allocation algorithm needs to be security-aware. This paper investigates the allocation patterns of VM allocation algorithms that are more likely to lead to a secure allocation. A driving objective is to reduce the number of VM migrations during allocation. We also propose a graph-based secure VMs allocation algorithm (GbSRS) to minimise SCA threats. Our results show that algorithms following a stacking-based behaviour are more likely to produce secure VMs allocation than those following spreading or random behaviours.

In recent years, the underwater sensor network has emerged as a promising solution for a wide range of marine applications. The underwater wireless sensors are usually designed to operate in open water, where eavesdropping can be a serious issue. Existing work either utilizes cryptography that is computationally intensive or requires expensive hardware. In this paper, we present a coordinated multi-point transmission based protocol to improve network security. The proposed protocol dynamically pairs sensors for coordinated communications to undermine the eavesdroppers’ capability. Our preliminary results indicate that the underwater sensor network security can be enhanced using the proposed method, especially in applications where cryptography or special hardware are not suitable.

The ongoing expansion of underwater Internet of Things techniques promote diverse categories of maritime intelligent systems, e.g., Underwater Acoustic Sensor Networks (UASNs), Underwater Wireless Networks (UWNs), especially multiple Autonomous Underwater Vehicle (AUV) based UWNs have produced many civil and military applications. To enhance the network management and scalability, in this paper, the technique of Software-Defined Networking (SDN) technique is introduced, leading to the paradigm of Software-Defined multi-AUV-based UWNs (SD-UWNs). With SD-UWNs, the network architecture is divided into three functional layers: data layer, control layer, and application layer, and the network administration is re-defined by a framework of software-defined beacon. To manage the network, a control model based on artificial potential field and network topology theory is constructed. On account of the efficient data sharing ability of SD-UWNs, a proactive alarming-enabled path planning scheme is proposed, wherein all potential categories of obstacle avoidance scenes are taken into account. Evaluation results indicate that the proposed SD-UWN is more efficient in scheduling the cooperative network function than the traditional approaches and can secure exact path planning.

We propose a method to let a source and a destination agree on a key that remains secret to a potential eavesdropper in an underwater acoustic network (UWAN). We generate the key from the propagation delay measured over a set of multihop routes: this harvests the randomness in the UWAN topology and turns the slow sound propagation in the water into an advantage for the key agreement protocol. Our scheme relies on a route discovery handshake. During this process, all intermediate relays accumulate message processing delays, so that both the source and the destination can compute the actual propagation delays along each route, and map this information to a string of bits. Finally, via a secret key agreement from the information-theoretic security framework, we obtain an equal set of bits at the source and destination, which is provably secret to a potential eavesdropper located away from both nodes. Our simulation results show that, even for small UWANs of 4 nodes, we obtain 11 secret bits per explored topology, and that the protocol is insensitive to an average node speed of up to 0.5 m/s.

This article considers the group consistency of second-order MAS with directly connected spanning tree communication topology. Because the MAS is divided into several groups, we proposed a group consistency control method based on intermittent control, and the range of parameters is given when the system achieves consensus. The protocol can realize periodic control and reduce the working hours of the controller in period. Furthermore, the group consistency of MAS is turn to the stability analysis of error, and a group consistency protocol of MAS with time-delays is designed. Finally, two examples are used for verify the theory.

Security is a key component of the network. Software Defined Networking (SDN) is a refined form of traditional network management system. It is a new encouraging approach to design-build and manage networks. SDN decouples control plane (software-based router) and data plane (software-based switch), hence it is programmable. Consequently, it facilitates implementation of security based applications for the prevention of DOS attacks. Various solutions have been proposed by researches for handling of DOS attacks in SDN. However, these solutions are very limited in scope, complex, time consuming and change resistant. In this article, we have proposed a novel model driven framework i.e. MDAP (Model Based DOS Attacks Prevention) Framework. Particularly, a meta model is proposed. As tool support, a tree editor and a Sirius based graphical modeling tool with drag drop palette have been developed in Oboe designer community edition. The tool support allows modeling and visualization of simple and complex network topology scenarios. A Model to Text transformation engine has also been made part of framework that generates java code for the Floodlight SDN controller from the modeled scenario. The validity of proposed framework has been demonstrated via case study. The results prove that the proposed framework can effectively handle DOS attacks in SDN with simplicity as per the true essence of MDSE and can be reliably used for the automation of security based applications in order to deny DOS attacks in SDN.

Named Data Networking, a future internet network architecture design that can change the network's perspective from previously host-centric to data-centric. It can reduce the network load, especially on the server part, and can provide advantages in multicast cases or re-sending of content data to users due to transmission errors. In NDN, interest messages are sent to the router, and if they are not immediately found, they will continue to be forwarded, resulting in a large load. NDNS or a DNS-Like Name Service for NDN is needed to know exactly where the content is to improve system performance. NDNS is a database that provides information about the zone location of the data contained in the network. In this study, a simulation was conducted to test the NDNS mechanism on the NDN network to support caching on the NDN network by testing various topologies with changes in the size of the content store and the number of nodes used. NDNS is outperform compared to NDN without NDNS for cache hit ratio and load parameters.

In this article we have developed a simulation model in the Mininet environment for analyzing the operation of a software-defined network (SDN) in cloud data centers. The results of the simulation model of the operation of the SDN network on the Mininet emulator and the results of the simulation of the traditional network in the Graphical Network Simulator 3 emulator are presented.

Modern Intelligent Transport Systems (ITSs) are comprehensive applications that have to cope with a multitude of challenges while meeting strict service and security standards. A novel data-centric middleware that provides the foundation of such systems is presented in this paper. This middleware is designed for high scalability, fast data processing and multimodality. To achieve these goals, an innovative spatial annotation (SpatiaIJSON) is utilised. SpatialJSON allows the representation of geometry, topology and traffic information in one dataset. Data processing is designed in such a manner that any schema or ontology can be used to express information. Further, common concerns of ITSs are addressed, such as authenticity of messages. The core task, however, is to ensure a quick exchange of evaluated information between the individual traffic participants.

Tor is a famous routing overlay network based on the Onion multi-layered encryption to support communication anonymity in a threat model in which some network nodes are malicious. However, Tor does not provide any protection against the global passive adversary. In this threat model, an idea to obtain recipient anonymity, which is enough to have relationship anonymity, is to hide the recipient among a sufficiently large anonymity set. However, this would lead to high latency both in the set-up phase (which has a quadratic cost in the number of involved nodes) and in the successive communication. In this paper, we propose a way to arrange a Tor circuit with a tree-like topology, in which the anonymity set consists of all its nodes, whereas set-up and communication latency depends on the number of the sole branch nodes (which is a small fraction of all the nodes). Basically, the cost goes down from quadratic to linear. Anonymity is obtained by applying a broadcast-based technique for the forward message, and cover traffic (generated by the terminal-chain nodes) plus mixing over branch nodes, for the response.

One of the most dynamic network is the Mobile Adhoc (MANET) network. It is a list of numerous mobile nodes. Dynamic topology and lack of centralization are the basic characteristics of MANET. MANETs are prone to many attacks due to these characteristics. One of the attacks carried out on the network layer is the blackhole attack. In a black-hole attack, by sending false routing information, malicious nodes interrupt data transmission. There are two kinds of attacks involving a black-hole, single and co-operative. There is one malicious node in a single black-hole attack that can act as the node with the highest sequence number. The node source would follow the direction of the malicious node by taking the right direction. There is more than one malicious node in the collaborative black-hole attack. One node receives a packet and sends it to another malicious node in this attack. It is very difficult to detect and avoid black-hole attacks. Many researchers have invented black-hole attack detection and prevention systems. In this paper, We find a problem in the existing solution, in which validity bit is used. This paper also provides a comparative study of many scholars. The source node is used to detect and prevent black hole attacks by using a binary partition clustering based algorithm. We compared the performance of the proposed solution with existing solution and shown that our solution outperforms the existing one.

The power terminal network has the characteristics of a large number of nodes, various types, and complex network topology. After the power terminal network is attacked, the impact of power terminals in different business scenarios is also different. Traditional impact assessment methods based on network traffic or power system operation rules are difficult to achieve comprehensive attack impact analysis. In this paper, from the three levels of terminal security itself, terminal network security and terminal business application security, it constructs quantitative indicators for analyzing the impact of power terminals after being attacked, so as to determine the depth and breadth of the impact of the attack on the power terminal network, and provide the next defense measures with realistic basis.

Mesh topology networks provide Network security in the form of redundancy of communication links. But redundancy also contributes to complexity in configuration and subsequent troubleshooting. Mesh topology deployed in Critical networks like Backbone Networks (used in Cloud Computing) deploy the Mesh topology provides additional security in terms of redundancy to ensure availability of services. One amongst most prominent attacks is Distributed Denial of Service attacks which cause an immense amount of loss of data as well as monetary losses to service providers. This paper proposes a method by which using SDN capabilities and sFlow-RT application, Distributed Denial of Service (DDoS) attacks is detected and consequently mitigated by using REST API to implement Policy Based Flow Management (PBFM) through the SDN Controller which will help in ensuring uninterrupted services in scenarios of such attacks and also further simply and enhance the management of Mesh architecture-based networks.

Software Defined Network (SDN) is a new paradigm in network architecture. The basic concept of SDN itself is to separate the control plane and forwarding plane explicitly. In the last few years, SDN technology has become one of the exciting topics for researchers, the development of SDN which was carried out, one of which was implementing the Internet of Things (IoT) devices in the SDN network architecture model. Mininet-IoT is developing the Mininet network emulator by adding virtualized IoT devices, 6LoWPAN based on wireless Linux standards, and 802.15.4 wireless simulation drivers. Mininet-IoT expands the Mininet code class by adding or modifying functions in it. This research will discuss the performance of the 6LoWPAN device on the internet of things (IoT) network by applying the SDN paradigm. We use the Mininet-IoT emulator and the Open Network Operating System (ONOS) controller using the internet of things (IoT) IPv6 forwarding. Performance testing by comparing some of the topologies of the addition of host, switch, and cluster. The test results of the two scenarios tested can be concluded; the throughput value obtained has decreased compared to the value of back-traffic traffic. While the packet loss value obtained is on average above 15%. Jitter value, delay, throughput, and packet loss are still in the category of enough, good, and very good based on TIPHON and ITU-T standards.

Low power and lossy networks (LLNs) devices resource-constrained nature make it difficult to implement security mechanisms to defend against RPL routing attacks. RPLs inbuilt security functions are not efficient in preventing a wide majority of routing attacks. RPLs optional security schemes can defend against external attacks, but cannot mitigate internal attacks. Moreover, RPL does not have any mechanism to verify the integrity of control messages used to keep topology updated and route the traffic. All these factors play a major role in increasing the RPLs threat level against routing attacks. In this paper, a comparative literature review of various researchers suggesting security mechanisms to mitigate security attacks aimed at RPL has been performed and methods have been contrasted.

Although quite a few results on resilient consensus of multi-agent systems with malicious agents and fixed topology have been reported in the literature, we lack any known results on such a problem for multi-agent systems with time-varying topologies. Herein, we study the resilient consensus problem of time-varying networked systems in the presence of misbehaving nodes. A novel concept of joint ( r, s) -robustness is firstly proposed to characterize the robustness of the time-varying topologies. It is further revealed that the resilient consensus of multi-agent systems under F-total malicious network can be reached by the Weighted Mean-Subsequence-Reduced algorithm if and only if the time-varying graph is jointly ( F+1, F+1) -robust. Numerical simulations are finally performed to verify the effectiveness of the analytical results.

RPL, the IPv6 Routing Protocol for low-power and lossy networks, was standardized by the Internet Engineering Task Force (IETF) in 2011. It is developed to connect resource constrained devices enabled by low-power and lossy networks (LLNs). RPL prominently becomes the routing protocol for IoT. However, the RPL protocol is facing many challenges such as trustworthiness among the nodes which need to be addressed and resolved to make the network secure and efficient. In this paper, a multicasting technique is developed that is based on trust mechanism to resolve this issue. This mechanism manages and protects the network from untrusted nodes which can hamper the security and result in delayed and distorted transmission of data. It allows any node to decide whether to trust other nodes or not during the construction of the topology. This is then proved efficient by comparing it with broadcasting nature of the transmission among the nodes in terms of energy, throughput, percentage of alive and dead nodes.