Biblio

The tremendous growth of cloud computing and large-scale data analytics highlight the importance of reducing datacenter power consumption and environmental impact of brown energy. While many Internet service operators have at least partially powered their datacenters by green energy, it is challenging to effectively utilize green energy due to the intermittency of renewable sources, such as solar or wind. We find that the geographical diversity of internet-scale services can be carefully scheduled to improve the efficiency of applying green energy in datacenters. In this paper, we propose a holistic heterogeneity-aware cloud workload management approach, sCloud, that aims to maximize the system goodput in distributed self-sustainable datacenters. sCloud adaptively places the transactional workload to distributed datacenters, allocates the available resource to heterogeneous workloads in each datacenter, and migrates batch jobs across datacenters, while taking into account the green power availability and QoS requirements. We formulate the transactional workload placement as a constrained optimization problem that can be solved by nonlinear programming. Then, we propose a batch job migration algorithm to further improve the system goodput when the green power supply varies widely at different locations. Finally, we extend sCloud by integrating a flexible batch job manager to dynamically control the job execution progress without violating the deadlines. We have implemented sCloud in a university cloud testbed with real-world weather conditions and workload traces. Experimental results demonstrate sCloud can achieve near-to-optimal system performance while being resilient to dynamic power availability. sCloud with the flexible batch job management approach outperforms a heterogeneity-oblivious approach by 37 percent in improving system goodput and 33 percent in reducing QoS violations.

A dynamic overlay system is presented for supporting transport service needs of dispersed computing applications for moving data and/or code between network computation points and end-users in IoT or IoBT. The Network Backhaul Layered Architecture (Nebula) system combines network discovery and QoS monitoring, dynamic path optimization, online learning, and per-hop tunnel transport protocol optimization and synthesis over paths, to carry application traffic flows transparently over overlay tunnels. An overview is provided of Nebula's overlay system, software architecture, API, and implementation in the NRL CORE network emulator. Experimental emulation results demonstrate the performance benefits that Nebula provides under challenging networking conditions.

Vehicular Ad-hoc Networks (VANETs) are generally acknowledged as an extraordinary sort of Mobile Ad hoc Network (MANET). VANETs have seen enormous development in a decade ago, giving a tremendous scope of employments in both military and in addition non-military personnel exercises. The temporary network in the vehicles can likewise build the driver's capability on the road. In this paper, an effective information dispersal approach is proposed which enhances the vehicle-to-vehicle availability as well as enhances the QoS between the source and the goal. The viability of the proposed approach is shown with regards to the noteworthy gets accomplished in the parameters in particular, end to end delay, packet drop ratio, average download delay and throughput in comparison with the existing approaches.

In this study, we conducted a survey of those who have used E-Government Services (civil servants, employees of public institutions, and the public) to empirically identify the factors affecting the continuous use intention E-Government Services, and conducted an empirical analysis using SPSS and Smart PLS with 284 valid samples except for dual, error and poor answers. Based on the success model of the information system (IS access model), we set independent variables which were divided into quality factors (service quality, system quality, information quality) and risk factors (personal information and security), and perceived ease of use and reliability, which are the main variables based on the technology acceptance model (TAM) that best describes the parameter group, were established as useful parameters. In addition, we design the research model by setting user satisfaction and the continuous use intention as dependent variables, conducted the study about how affecting factors influence to the acceptance factors through 14 hypotheses.The study found that 12 from 14 hypotheses were adopted and 2 were rejected. Looking at the results derived, it was analyzed that, firstly, 3 quality factors all affect perceived ease of use in relation to the quality of service, system quality, information quality which are perceived ease of use of E-Government Services. Second, in relation to the quality of service quality, system quality, information quality and perceived usefulness which are the quality factors of E-Government Services, the quality of service and information quality affect perceived usefulness, but system quality does not affect perceived usefulness. Third, it was analyzed that both factors influence reliability in the relationship between Privacy and security and trust which are risk factors. Fourth, the relationship between perceived ease of use and perceived usefulness has shown that perceived ease of use does not affect perceived usefulness. Finally, the relationship between user value factors (perceptual usability, perceived usefulness and trust) and user satisfaction and the continuous use intention was analyzed that user value factors affect user satisfaction while user satisfaction affects the continuous use intention. This study can be meaningful in that it theoretically presented the factors influencing the continued acceptance of e-government services through precedent research, presented the variables and measurement items verified through the empirical analysis process, and verified the causal relationship between the variables. The e-government service can contribute to the implementation of e-government in line with the era of the 4th Industrial Revolution by using it as a reference to the establishment of policies to improve the quality of people's lives and provide convenient services to the people.

The distribution of video contents generated by Content Providers (CPs) significantly contributes to increase the congestion within the networks of Internet Service Providers (ISPs). To alleviate this problem, CPs can serve a portion of their catalogues to the end users directly from servers (i.e., the caches) located inside the ISP network. Users served from caches perceive an increased QoS (e.g., average retrieval latency is reduced) and, for this reason, caching can be considered a form of traffic prioritization. Hence, since the storage of caches is limited, its subdivision among several CPs may lead to discrimination. A static subdivision that assignes to each CP the same portion of storage is a neutral but ineffective appraoch, because it does not consider the different popularities of the CPs' contents. A more effective strategy consists in dividing the cache among the CPs proportionally to the popularity of their contents. However, CPs consider this information sensitive and are reluctant to disclose it. In this work, we propose a protocol based on Shamir Secret Sharing (SSS) scheme that allows the ISP to calculate the portion of cache storage that a CP is entitled to receive while guaranteeing network neutrality and resource efficiency, but without violating its privacy. The protocol is executed by the ISP, the CPs and a Regulator Authority (RA) that guarantees the actual enforcement of a fair subdivision of the cache storage and the preservation of privacy. We perform extensive simulations and prove that our approach leads to higher hit-rates (i.e., percentage of requests served by the cache) with respect to the static one. The advantages are particularly significant when the cache storage is limited.

Advancement in communication technologies and the Internet of Things (IoT) is driving adoption in smart cities that aims to increase operational efficiency and improve the quality of services and citizen welfare, among other potential benefits. The privacy, reliability, and integrity of communications must be ensured so that actions can be appropriate, safe, accurate, and implemented promptly after receiving actionable information. In this work, we present a multi-tier methodology consisting of an authentication and trust-building/distribution framework designed to ensure the safety and validity of the information exchanged in the system. Blockchain protocols and Radio Frequency-Distinct Native Attributes (RF-DNA) combine to provide a hardware-software codesigned system for enhanced device identity and overall system trustworthiness. Our threat model accounts for counterfeiting, breakout fraud, and bad mouthing of one entity by others. Entity trust (e.g., IoT devices) depends on quality and level of participation, quality of messages, lifetime of a given entity in the system, and the number of known "bad" (non-consensus) messages sent by that entity. Based on this approach to trust, we are able to adjust trust upward and downward as a function of real-time and past behavior, providing other participants with a trust value upon which to judge information from and interactions with the given entity. This approach thereby reduces the potential for manipulation of an IoT system by a bad or byzantine actor.

In recent trends, Cyber-Physical Systems (CPS) and Internet of Things interpret an evolution of computerized integration connectivity. The specific research challenges in CPS as security, privacy, data analytics, participate sensing, smart decision making. In addition, The challenges in Wireless Sensor Network (WSN) includes secure architecture, energy efficient protocols and quality of services. In this paper, we present an architectures of CPS and its protocols and applications. We propose software related mobile sensing paradigm namely Mobile Sensor Information Agent (MSIA). It works as plug-in based for CPS middleware and scalable applications in mobile devices. The working principle MSIA is acts intermediary device and gathers data from a various external sensors and its upload to cloud on demand. CPS needs tight integration between cyber world and man-made physical world to achieve stability, security, reliability, robustness, and efficiency in the system. Emerging software-defined networking (SDN) can be integrated as the communication infrastructure with CPS infrastructure to accomplish such system. Thus we propose a possible SDN-based CPS framework to improve the performance of the system.

Fog computing faces various security and privacy threats. Internet of Things (IoTs) devices have limited computing, storage, and other resources. They are vulnerable to attack by adversaries. Although the existing privacy-preserving solutions in fog computing can be migrated to address some privacy issues, specific privacy challenges still exist because of the unique features of fog computing, such as the decentralized and hierarchical infrastructure, mobility, location and content-aware applications. Unfortunately, privacy-preserving issues and resources in fog computing have not been systematically identified, especially the privacy preservation in multiple fog node communication with end users. In this paper, we propose a dynamic MDP-based privacy-preserving model in zero-sum game to identify the efficiency of the privacy loss and payoff changes to preserve sensitive content in a fog computing environment. First, we develop a new dynamic model with MDP-based comprehensive algorithms. Then, extensive experimental results identify the significance of the proposed model compared with others in more effectively and feasibly solving the discussed issues.

This paper reports the definition, setup and obtained results of the Fed4FIRE + medium experiment ERASER, aimed to evaluate the actual Quality of Service (QoS) guarantees that the clean-slate Recursive InterNetwork Architecture (RINA) can deliver to heterogeneous applications at large-scale. To this goal, a 37-Node 5G metro/regional RINA network scenario, spanning from the end-user to the server where applications run in a datacenter has been configured in the Virtual Wall experimentation facility. This scenario has initially been loaded with synthetic application traffic flows, with diverse QoS requirements, thus reproducing different network load conditions. Next,their experienced QoS metrics end-to-end have been measured with two different QTA-Mux (i.e., the most accepted candidate scheduling policy for providing RINA with its QoS support) deployment scenarios. Moreover, on this RINA network scenario loaded with synthetic application traffic flows, a real HD (1080p) video streaming demonstration has also been conducted, setting up video streaming sessions to end-users at different network locations, illustrating the perceived Quality of Experience (QoE). Obtained results in ERASER disclose that, by appropriately deploying and configuring QTA-Mux, RINA can yield effective QoS support, which has provided perfect QoE in almost all locations in our demo when assigning video traffic flows the highest (i.e., Gold) QoS Cube.

Ubiquitous or pervasive computing is a new kind of computing, where specialized elements of hardware and software will have such high level of deployment that their use will be fully integrated with the environment. Augmented reality extends reality with virtual elements but tries to place the computer in a relatively unobtrusive, assistive role. To our knowledge, there is no specialized network middleware solution for large-scale mobile and pervasive augmented reality games. We present a work that focus on the creation of such network middleware for mobile and pervasive entertainment, applied to the area of large scale augmented reality games. In, this context, mechanisms are being studied, proposed and evaluated to deal with issues such as scalability, multimedia data heterogeneity, data distribution and replication, consistency, security, geospatial location and orientation, mobility, quality of service, management of networks and services, discovery, ad-hoc networking and dynamic configuration

Manufacturing enterprises are constantly exploring new ways to improve their own production processes to address the increasing demand of customized production. However, such enterprises show a low degree of flexibility, which mainly results from the need to configure new production equipment at design and run time. In this paper we propose self-adaptation as an approach to improve data transmission flexibility in Industry 4.0 environments. We implement an autonomic manager using a generic autonomic management framework, which applies the most appropriate data transmission configuration based on security and business process related requirements, such as performance. The experimental evaluation is carried out in a MQTT infrastructure and the results show that using self-adaptation can significantly improve the trade-off between security and performance. We then propose to integrate anomaly detection methods as a solution to support self-adaptation by monitoring and learning the normal behavior of an industrial system and show how this can be used by the generic autonomic management framework.

Autonomic resource management for distributed edge computing systems provides an effective means of enabling dynamic placement and adaptation in the face of network changes, load dynamics, and failures. However, adaptation in-and-of-itself offers a side channel by which malicious entities can extract valuable information. An attacker can take advantage of autonomic resource management techniques to fool a system into misallocating resources and crippling applications. Using a few scenarios, we outline how attacks can be launched using partial knowledge of the resource management substrate - with as little as a single compromised node. We argue that any system that provides adaptation must consider resource management as an attack surface. As such, we propose ADAPT2, a framework that incorporates concepts taken from Moving-Target Defense and state estimation techniques to ensure correctness and obfuscate resource management, thereby protecting valuable system and application information from leaking.

In the privacy protection method based on user collaboration, all participants and collaborators must share the maximum anonymity value set in the anonymous group. No user can get better quality of service by reducing the anonymity requirement. In this paper, a privacy protection algorithm random-QBE, which divides query information into blocks and exchanges randomly, is proposed. Through this method, personalized anonymity, query diversity and location anonymity in user cooperative privacy protection can be realized. And through multi-hop communication between collaborative users, this method can also satisfy the randomness of anonymous location, so that the location of the applicant is no longer located in the center of the anonymous group, which further increases the ability of privacy protection. Experiments show that the algorithm can complete the processing in a relatively short time and is suitable for deployment in real environment to protect user's location privacy.

UAANET (UAV Ad hoc Network) is defined as an autonomous system made of swarm of UAVs (Unmanned Aerial Vehicle) and GCS (Ground Control Station). Compared to other types of MANET (Mobile Ad hoc network), UAANET have some unique features and bring several challenges. One of them is the design of routing protocol. It must be efficient for creating routes between nodes and dynamically adjusting to the rapidly changing topology. It must also be secure to protect the integrity of the network against malicious attackers. In this paper, we will present the architecture and the performance evaluation (based on both real-life experimental and emulation studies) of a secure routing protocol called SUAP (Secure UAV Ad hoc routing Protocol). SUAP ensures routing services between nodes to exchange real-time traffic and also guarantees message authentication and integrity to protect the network integrity. Additional security mechanisms were added to detect Wormhole attacks. Wormhole attacks represent a high level of risk for UAV ad hoc network and this is the reason why we choose to focus on this specific multi node attack. Through performance evaluation campaign, our results show that SUAP ensures the expected security services against different types of attacks while providing an acceptable quality of service for real-time data exchanges.

In this paper, an agent-based cross-layer secure service discovery scheme has been presented. Service discovery in MANET is a critical task and it presents numerous security challenges. These threats can compromise the availability, privacy and integrity of service discovery process and infrastructure. This paper highlights various security challenges prevalent to service discovery in MANET. Then, in order to address these security challenges, the paper proposes a cross-layer, agent based secure service discovery scheme for MANET based on deep neural network. The software agents will monitor the intrusive activities in the network based on an Intrusion Detection System (IDS). The service discovery operation is performed based on periodic dissemination of service, routing and security information. The QoS provisioning is achieved by encapsulating QoS information in the periodic advertisements done by service providers. The proposed approach has been implemented in JIST/ SWANS simulator. The results show that proposed approach provides improved security, scalability, latency, packet delivery ratio and service discovery success ratio, for various simulation scenarios.

Cloud computing has a major role in the development of commercial systems. It enables companies like Microsoft, Amazon, IBM and Google to deliver their services on a large scale to its users. A cloud service provider manages cloud computing based services and applications. For any organization a cloud service provider (CSP) is an entity which works within it. So it suffers from vulnerabilities associated with organization, including internal and external attacks. So its challenge to organization to secure a cloud service provider while providing quality of service. Attribute based encryption can be used to provide data security with Key policy attribute based encryption (KP-ABE) or ciphertext policy attribute based encryption (CP-ABE). But these schemes has lack of scalability and flexibility. Hierarchical CP-ABE scheme is proposed here to provide fine grained access control. Data security is achieved using encryption, authentication and authorization mechanisms. Attribute key generation is proposed for implementing authorization of users. The proposed system is prevented by SQL Injection attack.

The intelligent production line is a complex application with a large number of independent equipment network integration. In view of the characteristics of CPS, the existing modeling methods cannot well meet the application requirements of large scale high-performance system. a formal simulation verification framework and verification method are designed for the performance constraints such as the real-time and security of the intelligent production line based on soft bus. A model-based service-oriented integration approach is employed, which adopts a model-centric way to automate the development course of the entire software life cycle. Developing experience indicate that the proposed approach based on the formal modeling and verification framework in this paper can improve the performance of the system, which is also helpful to achieve the balance of the production line and maintain the reasonable use rate of the processing equipment.

Massive multiple-input multiple-output (mMIMO) with perfect channel state information (CSI) can lead array power gain increments proportional to the number of antennas. Despite this fact constrains on power amplification still exist due to envelope variations of high order constellation signals. These constrains can be overpassed by a transmitter with several amplification branches, with each one associated to a component signal that results from the decomposition of a multilevel constellation as a sum of several quasi constant envelope signals that are sent independently. When combined with antenna arrays at the end of each amplification branch the security improves due to the energy separation achieved by beamforming. However, to avoid distortion on the signal resulting from the combination of all components at channel level all the beams of signal components should be directed in same direction. In such conditions it is crucial to assess the impact of misalignments between beams associated to each user, which is the purpose of this work. The set of results presented here show the good tolerance against misalignments of these transmission structures.

ASA systems (firewall, IDS, IPS) are probable to become communication bottlenecks in networks with growing network bandwidths. To alleviate this issue, we suggest to use Application-aware mechanism based on Deep Packet Inspection (DPI) to bypass chosen traffic around firewalls. The services of Internet video sharing gained importance and expanded their share of the multimedia market. The Internet video should meet strict service quality (QoS) criteria to make the broadcasting of broadcast television a viable and comparable level of quality. However, since the Internet video relies on packet communication, it is subject to delays, transmission failures, loss of data and bandwidth restrictions that may have a catastrophic effect on the quality of multimedia.

Identifying services constituting traffic from given IP network flows is essential to various applications, such as the management of quality of service (QoS) and the prevention of security issues. Typical methods for achieving this objective include identifications based on IP addresses and port numbers. However, such methods are not sufficiently accurate and require improvement. Deep Packet Inspection (DPI) is one of the most promising methods for improving the accuracy of identification. In addition, many current IP flows are encrypted using Transport Layer Security (TLS). Hence, it is necessary for identification methods to analyze flows encrypted by TLS. For that reason, a service identification method based on DPI and n-gram that focuses only on the non-encrypted parts in the TLS session establishment was proposed. However, there is room for improvement in identification accuracy because this method analyzes all the non-encrypted parts including Random Values without protocol analyses. In this paper, we propose a method for identifying the service from given IP flows based on analysis of Server Name Indication (SNI). The proposed method clusters flow according to the value of SNI and identify services from the occurrences of all clusters. Our evaluations, which involve identifications of services on Google and Yahoo sites, demonstrate that the proposed method can identify services more accurately than the existing method.

This paper surveys a review of Internet of Things (IoT) protocols, Service oriented Middleware in IoT. The modern development of IoT, expected to create many divorce application in health care without human intervention. Various protocols are involved in the applications development. Researchers are doing research for desirable protocol with all functionalities. Middleware for an IoT provides interoperability between the devices or applications. The engineering of an IoT dependent on Service Oriented Architecture (SOA), it operates as middleware. We survey the existing SOA based IoT middleware and its functionalities.

Edge and Fog computing paradigms are used to process big data generated by the increasing number of IoT devices. These paradigms have enabled cities to become smarter in various aspects via real-time data-driven applications. While these have addressed some flaws of cloud computing some challenges remain particularly in terms of privacy and security. We create a testbed based on a distributed processing platform called the Information flow of Things (IFoT) middleware. We briefly describe a decentralized traffic speed query and routing service implemented on this framework testbed. We configure the testbed to test countermeasure systems that aim to address the security challenges faced by prior paradigms. Using this testbed, we investigate a novel decentralized anomaly detection approach for time-sensitive distributed smart transportation systems.

Vehicular Named Data Network (VNDN) uses Named Data Network (NDN) as a communication enabler. The communication is achieved using the content name instead of the host address. NDN integrates content caching at the network level rather than the application level. Hence, the network becomes aware of content caching and delivering. The content caching is a fundamental element in VNDN communication. However, due to the limitations of the cache store, only the most used content should be cached while the less used should be evicted. Traditional caching replacement policies may not work efficiently in VNDN due to the large and diverse exchanged content. To solve this issue, we propose an efficient cache replacement policy that takes the quality of service into consideration. The idea consists of classifying the traffic into different classes, and split the cache store into a set of sub-cache stores according to the defined traffic classes with different storage capacities according to the network requirements. Each content is assigned a popularity-density value that balances the content popularity with its size. Content with the highest popularity-density value is cached while the lowest is evicted. Simulation results prove the efficiency of the proposed solution to enhance the overall network quality of service.

Mobile Adhoc Network (MANET) are the networks where network nodes uses wireless links to transfer information from one node to another without making use of existing infrastructure. There is no node in the network to control and coordinate establishment of connections between the network nodes. Hence the network nodes performs dual function of both node as well as router. Due to dynamically changing network scenarios, absence of centralization and lack of resources, MANETs have a threat of large number of security attacks. Hence security attacks need to be evaluated in order to find effective methods to avoid or remove them. In this paper malicious behavior of Blackhole attack and Rushing attack is studied and analyzed for QoS metrics.

The QoS performance of MANET routing protocols is significantly affected by the mobility conditions in network. Secondly, as MANET open nature network, there is strong possibility of different types of vulnerabilities such as blackhole attack, malicious attack, DoS attacks etc. In this research work, we are designing the novel opportunistic routing protocol in order to address the challenges of network security as well as QoS improvement. There two algorithms designed in this paper. First we proposed and designed novel QoS improvement algorithm based on optimization scheme called Ant Colony Optimization (ACO) with swarm intelligence approach. This proposed method used the RSSI measurements to determine the distance between two mobile nodes in order to select efficient path for communication. This new routing protocol is named as QoS Mobility Aware ACO (QMAA) Routing Protocol. Second, we designed security algorithm for secure communication and user's authentication in MANET under the presence attackers in network. With security algorithm the QoS aware protocol is proposed named as Secure-QMAA (SQMAA). The SQMAA achieved secure communications while guaranteed QoS performance against existing routing protocols. The simulation results shows that under the presence of malicious attackers, the performance of SQMAA are efficient as compared to QMAA and state-of-art routing protocol.