Biblio

The Internet of Things (IoT) has been growing rapidly in recent years. With the appearance of 5G, it is expected to become even more indispensable to people's lives. In accordance with the increase of Distributed Denial-of-Service (DDoS) attacks from IoT devices, DDoS defense has become a hot research topic. DDoS detection mechanisms executed on routers and SDN environments have been intensely studied. However, these methods have the disadvantage of requiring the cost and performance of the devices. In addition, there is no existing DDoS mitigation algorithm on the network edge that can be performed with the low-cost and low-performance equipment. Therefore, this paper proposes a light-weight DDoS mitigation scheme at the network edge using limited resources of inexpensive devices such as home gateways. The goal of the proposed scheme is to detect and mitigate flooding attacks. It utilizes unused queue resources to detect malicious flows by random shuffling of queue allocation and discard the packets of the detected flows. The performance of the proposed scheme was confirmed via theoretical analysis and computer simulation. The simulation results match the theoretical results and the proposed algorithm can efficiently detect malicious flows using limited resources.

It has been a hot research topic to detect and mitigate Distributed Denial-of-Service (DDoS) attacks due to the significant increase of serious threat of such attacks. The rapid growth of Internet of Things (IoT) has intensified this trend, e.g. the Mirai botnet and variants. To address this issue, a light-weight DDoS mitigation mechanism was presented. In the proposed scheme, flooding attacks are detected by stochastic queue allocation which can be executed with widespread and inexpensive commercial products at a network edge. However, the detection process is delayed when the number of incoming flows is large because of the randomness of queue allocation. Thus, in this paper we propose an efficient queue allocation algorithm for rapid DDoS mitigation using limited resources. The idea behind the proposed scheme is to avoid duplicate allocation by decreasing the randomness of the existing scheme. The performance of the proposed scheme was confirmed via theoretical analysis and computer simulation. As a result, it was confirmed that malicious flows are efficiently detected and discarded with the proposed algorithm.

In recent years, software defined networking (SDN) has been proposed for enhancing the security of industrial control networks. However, its ability to guarantee the quality of service (QoS) requirements of such networks in the presence of adversarial flow still needs to be investigated. Queueing theory and particularly queueing network models have long been employed to study the performance and QoS characteristics of networks. The latter appears to be particularly suitable to capture the behaviour of SDN owing to the dependencies between layers, planes and components in an SDN architecture. Also, several authors have used queueing network models to study the behaviour of different application of SDN architectures, but none of the existing works have considered the strong periodic network traffic in software-defined industrial control networks. In this paper, we propose a queueing network model for softwaredefined industrial control networks, taking into account the strong periodic patterns of the network traffic in the data plane. We derive the performance measures for the analytical model and apply the queueing network model to study the effect of adversarial flow in software-defined industrial control networks.

Since remote ages, queues and delays have been a rather exasperating reality of human daily life. Today, they pursue us everywhere: in technical, social, socio-technical, and even control systems, dramatically deteriorating their performance. In this variety, it is the computer systems that are sure to cause the growing anxiety in our digital era. Although for our everyday Internet surfing, experiencing long-lasting and annoying delays is an unpleasant but not dangerous situation, for industrial control systems, especially those dealing with critical infrastructures, such behavior is unacceptable. The article presents a deterministic approach to solving some digital control system problems associated with delays and backlogs. Being based on Network calculus, in contrast to statistical methods of Queuing theory, it provides worst-case results, which are eminently desirable for critical infrastructures. The article covers the basics of a theory of deterministic queuing systems Network calculus, its evolution regarding the relationship between backlog bound and delay, and a technique for handling empirical data. The problems being solved by the deterministic approach: standard calculation of network performance measures, estimation of database maximum updating time, and cybersecurity assessment including such issues as the CIA triad representation, operational technology influence, and availability understanding focusing on its correlation with a delay are thoroughly discussed as well.

Blockchain is the one of leading technology of this time; it has started to revolutionize several fields like, finance, business, industry, smart home, healthcare, social networks, Internet and the Internet of Things. It has many benefits like, decentralized network, robustness, availability, stability, anonymity, auditability and accountability. The applications of Blockchain are emerging, and it is found that most of the work is focused on its engineering implementation. While the theoretical part is very less considered and explored. In this paper we implemented the simulation of mining process in Blockchain based systems using queuing theory. We took the parameters of one of the mature Cryptocurrency, Bitcoin's real data and simulated using M/M/n/L queuing system in JSIMgraph. We have achieved realistic results; and expect that it will open up new research direction in theoretical research of Blockchain based systems.

IEC61850 and IEC62351 combined provide a set of security promises for the communications channels that are used to run a substation automation system (SAS), that use IEC61850 based technologies. However, one area that is largely untouched by these security promises is the generic object oriented substation events (GOOSE) messaging service. GOOSE is designed to multicast commands and data across a substation within hard real time quality of service (QoS) requirements. This means that GOOSE is unable to implement the required security technologies as the added latency to any message would violate the QoS.

Delay and security are both highly concerned in the Internet of Things (IoT). In this paper, we set up a secure analytical framework for IoT networks to characterize the network delay performance and secrecy performance. Firstly, stochastic geometry and queueing theory are adopted to model the location of IoT devices and the temporal arrival of packets. Based on this model, a low-complexity secure on-off scheme is proposed to improve the network performance. Then, the delay performance and secrecy performance are evaluated in terms of packet delay and packet secrecy outage probability. It is demonstrated that the intensity of IoT devices arouse a tradeoff between the delay and security and the secure on-off scheme can improve the network delay performance and secrecy performance. Moreover, secrecy transmission rate is adopted to reflect the delay-security tradeoff. The analytical and simulation results show the effects of intensity of IoT devices and secure on-off scheme on the network delay performance and secrecy performance.

Resilience in the information sciences is notoriously difficult to define much less to measure. But in mechanical engineering, the resilience of a substance is mathematically well-defined as an area under the stress-strain curve. We combined inspiration from mechanics of materials and axioms from queuing theory in an attempt to define resilience precisely for information systems. We first examine the meaning of resilience in linguistic and engineering terms and then translate these definitions to information sciences. As a general assessment of our approach's fitness, we quantify how resilience may be measured in a simple queuing system. By using a very simple model we allow clear application of established theory while being flexible enough to apply to many other engineering contexts in information science and cyber security. We tested our definitions of resilience via simulation and analysis of networked queuing systems. We conclude with a discussion of the results and make recommendations for future work.