0000000000272134
AUTHOR
Timo Hämäläinen
Predictive pumping based on sensor data and weather forecast
In energy production, peat extraction has a significant role in Finland. However, protection of nature has become more and more important globally. How do we solve this conflict of interests respecting both views? In peat production, one important phase is to drain peat bog so that peat production becomes available. This means that we have control over how we can lead water away from peat bog to nature without water contamination with solid and other harmful substances. In this paper we describe a novel method how fouling of water bodies from peat bog can be controlled more efficiently by using weather forecast to predict rainfall and thus, minimize the effluents to nature. peerReviewed
A Novel Deep Learning Stack for APT Detection
We present a novel Deep Learning (DL) stack for detecting Advanced Persistent threat (APT) attacks. This model is based on a theoretical approach where an APT is observed as a multi-vector multi-stage attack with a continuous strategic campaign. To capture these attacks, the entire network flow and particularly raw data must be used as an input for the detection process. By combining different types of tailored DL-methods, it is possible to capture certain types of anomalies and behaviour. Our method essentially breaks down a bigger problem into smaller tasks, tries to solve these sequentially and finally returns a conclusive result. This concept paper outlines, for example, the problems an…
Providing QOS in 3G-WLAN environment with RSVP and DIFFSERV
Here we present the end-to-end QoS mechanism in 3G-multiaccess network environment. As multi-access wireless WLAN and wired xDSL wideband multi-access technologies has emerge and become more popular a need for interoperability with different technologies and domains has become necessity. There is also a need for end-to-end QoS management. We show a scenario where the UE-GGSN connection is covered by RSVP and RAN network part uses partial over dimensioning and real-time controlled ATM queuing. DiffServ covers WLAN-Core QoS and radio interface between WLAN AP and WLAN UE uses IEEE's 802.11e. Our interest is to find out how well 3G traffic classes can survive in different traffic conditions in…
Growing Hierarchical Self-organizing Maps and Statistical Distribution Models for Online Detection of Web Attacks
In modern networks, HTTP clients communicate with web servers using request messages. By manipulating these messages attackers can collect confidential information from servers or even corrupt them. In this study, the approach based on anomaly detection is considered to find such attacks. For HTTP queries, feature matrices are obtained by applying an n-gram model, and, by learning on the basis of these matrices, growing hierarchical self-organizing maps are constructed. For HTTP headers, we employ statistical distribution models based on the lengths of header values and relative frequency of symbols. New requests received by the web-server are classified by using the maps and models obtaine…
Analysis of Approaches to Internet Traffic Generation for Cyber Security Research and Exercise
Because of the severe global security threat of malwares, vulnerabilities and attacks against networked systems cyber-security research, training and exercises are required for achieving cyber resilience of organizations. Especially requirement for organizing cyber security exercises has become more and more relevant for companies or government agencies. Cyber security research, training and exercise require closed Internet like environment and generated Internet traffic. JAMK University of Applied Sciences has built a closed Internet-like network called Realistic Global Cyber Environment (RGCE). The traffic generation software for the RGCE is introduced in this paper. This paper describes …
Network and System Performance Management for Next Generation Networks
The physical and logical structures of next generation network and service environment is complex and requires increasingly sophisticated and complicated tools to be fully controllable and well managed. The main problem that has risen is that the old telemanagement model has not enough flexibility to manage rapidly and constantly changing network environment. 3G and 4G networks are basically IP based and the knowledge of IP type traffic management is somewhat new and challenging to telecom vendors. The present way of controlling and managing telecom systems is to use Non Real Time off-line PM (Performance Monitoring) and tools. Time periods between tuning can now be some days to some weeks …
Performance evaluation of OpenFlow enabled Commodity and Raspberry-pi Wireless Routers
Software defined network (SDN) allows the decoupling of data and control plane for dynamic and scalable network management. SDN is usually associated with OpenFlow protocol which is a standard interface that enables the network controllers to determine the path of network packets across a network of switches. In this paper, we evaluate openflow performance using commodity wireless router and raspberry pi with two different SDN controllers. Our test setup consists of wired and wireless client devices connected to openflow enabled commodity wireless router and raspberry pi. All clients used traffic generator tool to transmits data to a sink server host. The results are promising and paves the…
Case study for 3G/UMTS services and billing methods
The 3G/UMTS-networks and services will provide a wide range of telecommunication services. To achieve, this, we need a new view to networks, network services and service abilities. The amount of service providers in the 3G networks will be at least the same than in the present Internet. The amount of users in the 3G networks will overgrow the user amount of Internet forming a global worldwide communication society. This paper discusses customer billing in the 3G world. There are some main issues that are not very, clear to all 3G service and network providers, which however, should be settled before, 3G networks are operational. One of the most important matters is the QoS (Quality of Servi…
Revealing community structures by ensemble clustering using group diffusion
We propose an ensemble clustering approach using group diffusion to reveal community structures in data. We represent data points as a directed graph and assume each data point belong to single cluster membership instead of multiple memberships. The method is based on the concept of ensemble group diffusion with a parameter to represent diffusion depth in clustering. The ability to modulate the diffusion-depth parameter by varying it within a certain interval allows for more accurate construction of clusters. Depending on the value of the diffusion-depth parameter, the presented approach can determine very well both local clusters and global structure of data. At the same time, the ability …
Energy efficient resource allocation in heterogeneous software defined network: A reverse combinatorial auction approach
In this paper, resource allocation for energy effi- ciency in heterogeneous Software Defined Network (SDN) with multiple network service providers (NSPs) is studied. The considered problem is modeled as a reverse combinatorial auction game, which takes different quality of service (QoS) requirements into account. The heterogeneous network selection associated with power allocation problem is optimized by maximizing the energy efficiency of data transmission. By exploiting the properties of fractional programming, the resulting non-convex Winner Determination Problem (WDP) is transformed into an equivalent subtractive convex optimization problem. The proposed reverse combinatorial auction ga…
Requirements for Energy Efficient Edge Computing: A Survey
Internet of Things is evolving heavily in these times. One of the major obstacle is energy consumption in the IoT devices (sensor nodes and wireless gateways). The IoT devices are often battery powered wireless devices and thus reducing the energy consumption in these devices is essential to lengthen the lifetime of the device without battery change. It is possible to lengthen battery lifetime by efficient but lightweight sensor data analysis in close proximity of the sensor. Performing part of the sensor data analysis in the end device can reduce the amount of data needed to transmit wirelessly. Transmitting data wirelessly is very energy consuming task. At the same time, the privacy and s…
On ARQ feedback intensity of the IEEE 802.16 ARQ mechanism
The IEEE 802.16 standard defines the ARQ mechanism as a part of the MAC layer. The functioning of the ARQ mechanism depends on a number of parameters. The IEEE 802.16 specification defines them but it does not provide concrete values and solutions. We ran simulation scenarios to study how the ARQ feedback intensity impacts the performance of application protocols. The simulation results reveal that a low ARQ feedback intensity results only in a marginal improvement. Though it is possible to optimize the ARQ feedback intensity, it is reasonable to rely upon more frequent ARQ feedback messages as they do not result in a performance degradation. At the same time, ARQ connections, which work on…
Tiny Machine Learning for Resource-Constrained Microcontrollers
We use 250 billion microcontrollers daily in electronic devices that are capable of running machine learning models inside them. Unfortunately, most of these microcontrollers are highly constrained in terms of computational resources, such as memory usage or clock speed. These are exactly the same resources that play a key role in teaching and running a machine learning model with a basic computer. However, in a microcontroller environment, constrained resources make a critical difference. Therefore, a new paradigm known as tiny machine learning had to be created to meet the constrained requirements of the embedded devices. In this review, we discuss the resource optimization challenges of …
State of the Art Literature Review on Network Anomaly Detection
As network attacks are evolving along with extreme growth in the amount of data that is present in networks, there is a significant need for faster and more effective anomaly detection methods. Even though current systems perform well when identifying known attacks, previously unknown attacks are still difficult to identify under occurrence. To emphasize, attacks that might have more than one ongoing attack vectors in one network at the same time, or also known as APT (Advanced Persistent Threat) attack, may be hardly notable since it masquerades itself as legitimate traffic. Furthermore, with the help of hiding functionality, this type of attack can even hide in a network for years. Additi…
Detection of Anomalous HTTP Requests Based on Advanced N-gram Model and Clustering Techniques
Nowadays HTTP servers and applications are some of the most popular targets for network attacks. In this research, we consider an algorithm for HTTP intrusions detection based on simple clustering algorithms and advanced processing of HTTP requests which allows the analysis of all queries at once and does not separate them by resource. The method proposed allows detection of HTTP intrusions in case of continuously updated web-applications and does not require a set of HTTP requests free of attacks to build the normal user behaviour model. The algorithm is tested using logs acquired from a large real-life web service and, as a result, all attacks from these logs are detected, while the numbe…
Data Mining Approach for Detection of DDoS Attacks Utilizing SSL/TLS Protocol
Denial of Service attacks remain one of the most serious threats to the Internet nowadays. In this study, we propose an algorithm for detection of Denial of Service attacks that utilize SSL/TLS protocol. These protocols encrypt the data of network connections on the application layer which makes it impossible to detect attackers activity based on the analysis of packet payload. For this reason, we concentrate on statistics that can be extracted from packet headers. Based on these statistics, we build a model of normal user behavior by using several data mining algorithms. Once the model has been built, it is used to detect DoS attacks. The proposed framework is tested on the data obtained w…
Tuning of QoS Aware Load Balancing Algorithm (QoS–LB) for Highly Loaded Server Clusters
This paper introduces a novel algorithm for content based switching. A content based scheduling algorithm (QoS Aware Load Balancing Algorithm, QoS-LB) which can be used at the front-end of the server cluster is presented. The front-end switch uses the content information of the requests and the load on the back servers to choose the server to handle each request. At the same time, different Quality of Service (QoS) classes of the customers can be considered as one parameter in the load balancing algorithm. This novel feature becomes more important when service providers begin to offer the same services for customers with different priorities.
LoRa-Based Sensor Node Energy Consumption with Data Compression
In this paper simple temporal compression algorithms' efficiency to reduce LoRa-based sensor node energy consumption has been evaluated and measured. It is known that radio transmission is the most energy consuming operation in a wireless sensor node. In this paper three lightweight compression algorithms are implemented in an embedded LoRa platform to compress sensor data in on-line mode and the overall energy consumption is measured. Energy consumption is compared to the situation without implementing any compression algorithm. The results show that a simple compression algorithm is an effective method to improve the battery powered sensor node lifetime. Despite the radio transmission's h…
State of the Art Literature Review on Network Anomaly Detection with Deep Learning
As network attacks are evolving along with extreme growth in the amount of data that is present in networks, there is a significant need for faster and more effective anomaly detection methods. Even though current systems perform well when identifying known attacks, previously unknown attacks are still difficult to identify under occurrence. To emphasize, attacks that might have more than one ongoing attack vectors in one network at the same time, or also known as APT (Advanced Persistent Threat) attack, may be hardly notable since it masquerades itself as legitimate traffic. Furthermore, with the help of hiding functionality, this type of attack can even hide in a network for years. Additi…
The simulation and analysis of the revenue critierion based adaptive WFQ
This paper presents the simulation and analysis of the adaptive resource allocation model, which was proposed and theoretically considered in our previous works. It relies upon the Weighted Fair Queueing (WFQ) service policy and uses the revenue criterion to adjust weights. The purpose of the proposed model is to maximize a provider's revenue and, at the same time, ensure the required Quality-of-Service (QoS) for end-users. Our previous works provided the theoretical evaluation of the proposed model and considered the single-node case only. This paper presents more realistic network scenario, which includes a set of clients and several intermediate switching nodes with the proposed model. T…
Efficiency of temporal sensor data compression methods to reduce LoRa-based sensor node energy consumption
Purpose Minimizing the energy consumption in a wireless sensor node is important for lengthening the lifetime of a battery. Radio transmission is the most energy-consuming task in a wireless sensor node, and by compressing the sensor data in the online mode, it is possible to reduce the number of transmission periods. This study aims to demonstrate that temporal compression methods present an effective method for lengthening the lifetime of a battery-powered wireless sensor node. Design/methodology/approach In this study, the energy consumption of LoRa-based sensor node was evaluated and measured. The experiments were conducted with different LoRaWAN data rate parameters, with and without …
Energy Efficient Optimization for Solar-Powered UAV Communications System
In this work, we explore the energy efficiency optimization for a solar-powered unmanned aerial vehicle (UAV) communications system. We consider a scenario where a number of ground users (GUs) connect with a solar-powered multi-antenna UAV over a wireless link. First, we are able to derive the relations between the uplink data rate and heading angle of UAV and transmission power of GUs. In addition, the harvested energy from solar light is also affected by UAV’s angle. Accordingly, with the objective to maximize the energy efficiency that is related to uplink data rate and energy consumption, we propose to dynamically adjust the UAV trajectory and gesture, by optimizing its velocity, accele…
Survey: Intrusion Detection Systems in Encrypted Traffic
Intrusion detection system, IDS, traditionally inspects the payload information of packets. This approach is not valid in encrypted traffic as the payload information is not available. There are two approaches, with different detection capabilities, to overcome the challenges of encryption: traffic decryption or traffic analysis. This paper presents a comprehensive survey of the research related to the IDSs in encrypted traffic. The focus is on traffic analysis, which does not need traffic decryption. One of the major limitations of the surveyed researches is that most of them are concentrating in detecting the same limited type of attacks, such as brute force or scanning attacks. Both the …
On optimal relay placement for improved performance in non-coverage limited scenarios
Low power nodes have been a hot topic in research, standardization, and industry communities, which is typically considered under an umbrella term called heterogeneous networking. In this paper we look at the problem of deploying optimally low power nodes in the context of relay networking, when an operator connects low power nodes (or small cells) via the wireless backhaul that uses the same spectrum and the same wireless access technology. We present an analytical model that can calculate optimal coordinates for low power nodes based on the input parameters, such as preferred number of nodes, their transmission power, parameters of the environment etc. The analytical calculations are comp…
Identifying Oscillatory Hyperconnectivity and Hypoconnectivity Networks in Major Depression Using Coupled Tensor Decomposition
AbstractPrevious researches demonstrate that major depression disorder (MDD) is associated with widespread network dysconnectivity, and the dynamics of functional connectivity networks are important to delineate the neural mechanisms of MDD. Cortical electroencephalography (EEG) oscillations act as coordinators to connect different brain regions, and various assemblies of oscillations can form different networks to support different cognitive tasks. Studies have demonstrated that the dysconnectivity of EEG oscillatory networks is related with MDD. In this study, we investigated the oscillatory hyperconnectivity and hypoconnectivity networks in MDD under a naturalistic and continuous stimuli…
Exploring Nigerian University Students’ Perception towards Mobile Learning
The specific objective of this study was to better understand Nigerian university students’ perceptions and readiness towards mobile learning. Recently, the influence of mobile technology is seen to have infiltrated everyday life and the learning institutions. It is thus crucial for learning institutions to assess and understand the factors advancing the mobile learning adoption. This study offers some important insights into mobile learning adoption especially in developing countries like Nigeria. Data for this study were collected using a survey. Undergraduate students at two Nigerian universities (N = 135) were non-randomly allocated to respond to a survey. Overall, the results reveal th…
On Application-Layer DDoS Attack Detection in High-Speed Encrypted Networks
Application-layer denial-of-service attacks have become a serious threat to modern high-speed computer networks and systems. Unlike network-layer attacks, application-layer attacks can be performed by using legitimate requests from legitimately connected network machines which makes these attacks undetectable for signature-based intrusion detection systems. Moreover, the attacks may utilize protocols that encrypt the data of network connections in the application layer making it even harder to detect attacker’s activity without decrypting users network traffic and violating their privacy. In this paper, we present a method which allows us to timely detect various applicationlayer attacks ag…
UAV-Aided Secure Short-Packet Data Collection and Transmission
Benefiting from the deployment flexibility and the line-of-sight (LoS) channel conditions, unmanned aerial vehicle (UAV) has gained tremendous attention in data collection for wireless sensor networks. However, the high-quality air-ground channels also pose significant threats to the security of UAV aided wireless networks. In this paper, we propose a short-packet secure UAV-aided data collection and transmission scheme to guarantee the freshness and security of the transmission from the sensors to the remote ground base station (BS). First, during the data collection phase, the trajectory, the flight duration, and the user scheduling are jointly optimized with the objective of maximizing t…
Cyber security exercise : Literature review to pedagogical methodology
This paper is a literature review, where we try to find out pedagogical principles has used in different virtual or simulated industry learning environments. The purpose is to use these findings to create in the future a new model for teaching in cyber security exercises. Cyber security exercises are the major service at JYVSECTEC - Jyväskylä Security Technology, cyber security research, training and development center in Finland [1]. JYVSECTEC Cyber security exercises are executed in real life simulation environment, RGCE (Realistic Global Cyber Environment) [1]. It provides the same functionality as the real Internet, but it is isolated from the real Internet and fully controlled by JYVSE…
Sports Club for Health : updated guidelines for health-enhancing sports activities in a club setting
Scheduling solution for the IEEE 802.16 base station
The IEEE 802.16 standard defines a wireless broadband access network technology called WiMAX. It introduces several advantages, one of which is the support for QoS at the MAC level. To ensure meeting the QoS requirements, the 802.16 base station must run some algorithm to allocate slots between connections. This algorithm is not defined in the 802.16 specification but rather is open for alternative implementations. We propose a simple, yet efficient, solution that is capable of allocating slots based on the QoS requirements, bandwidth request sizes, and the 802.16 network parameters. To test the proposed solution, we have implemented the 802.16 MAC and PHY layers in the NS-2 simulator. Seve…
Support vector machine integrated with game-theoretic approach and genetic algorithm for the detection and classification of malware
Abstract. —In the modern world, a rapid growth of mali- cious software production has become one of the most signifi- cant threats to the network security. Unfortunately, wides pread signature-based anti-malware strategies can not help to de tect malware unseen previously nor deal with code obfuscation te ch- niques employed by malware designers. In our study, the prob lem of malware detection and classification is solved by applyin g a data-mining-based approach that relies on supervised mach ine- learning. Executable files are presented in the form of byte a nd opcode sequences and n-gram models are employed to extract essential features from these sequences. Feature vectors o btained are…
Deep in the Dark: A Novel Threat Detection System using Darknet Traffic
This paper proposes a threat detection system based on Machine Learning classifiers that are trained using darknet traffic. Traffic destined to Darknet is either malicious or by misconfiguration. Darknet traffic contains traces of several threats such as DDoS attacks, botnets, spoofing, probes and scanning attacks. We analyse darknet traffic by extracting network traffic features from it that help in finding patterns of these advanced threats. We collected the darknet traffic from the network sensors deployed at SURFnet and extracted several network-based features. In this study, we proposed a framework that uses supervised machine learning and a concept drift detector. Our experimental res…
Adaptive contention resolution parameters for the IEEE 802.16 networks
In the IEEE 802.16 networks, the base station allocates resources to subscriber stations based on their QoS requirements and bandwidth request sizes. A subscriber station can send a bandwidth request when it has an uplink grant allocated by the base station or by taking part in the contention resolution mechanism. This paper presents analytical calculations for parameters that control the contention resolution process in the IEEE 802.16 networks. In particular, the backoff start/end values and the number of request transmission opportunities are considered. The simulation results confirm the correctness of theoretical calculations. They also reveal that the adaptive parameter tuning results…
An Efficient and Privacy-Preserving Blockchain-Based Authentication Scheme for Low Earth Orbit Satellite Assisted Internet of Things
Recently, integrating satellite networks (e.g. Low-earth-orbit satellite constellation) into the Internet of Things (IoT) ecosystem has emerged as a potential paradigm to provide more reliable, ubiquitous and seamless network services. The LEO satellite networks serves as a key enabler to transform the connectivity across industries and geographical border. Despite the convenience brought from the LEO satellite networks, it arises security concerns, in which the essential one is to secure the communication between the IoT devices and the LEO satellite network. However, some challenges inheriting from the LEO satellite networks need to be considered : 1) the dynamic topology; 2) the resource…
<title>Statistical bandwidth allocation for multiservice networks</title>
Multiservice networks will carry di erent kinds of applications in the near future. Bandwidth requirements change rapidly, and the network resource management will play an important role to guarantee the use of the limited resources in the most eAEcient way. We approach the channel capacity allocation problem by developing an SLA (Service Level Agreement) based channel allocation method. In our model, the channel may be wired or wireless, so this method can be adapted in multi-technique networks. The algorithm allocates resources to several di erent service classes via several di erent capacity routes. Service provider perfroms optimization by allocating data rate in such a way that the sat…
Bandwidth allocation and pricing in multimode network
This paper presents adaptive resource sharing model that uses a revenue criterion to allocate network resources in an optimal way. The model ensures QoS requirements of data flows and, at the same time, maximizes the total revenue by adjusting parameters of the underlying scheduler. Besides, the adaptive model eliminates the need to find the optimal static weight values because they are calculated dynamically. The simulation consists of several cases that analyse the model and the way it provides the required QoS guarantees. The simulation reveals that the installation of the adaptive model increases the total revenue and ensures the QoS requirements for all service classes.
Joint User Association and Dynamic Beam Operation for High Latitude Muti-beam LEO Satellites
In Low Earth Orbit (LEO) satellites, which run in polar orbit, the area of overlap among beams becomes wider as the latitude of satellites increases, which leads to intolerable interference and extra energy consumption. To minimize the onboard power with QoS requirements, we propose an energy optimization model with considering power allocation, user association and dynamic beam ON/OFF operation jointly. Moreover, the frequent beam ON/OFF operations lead to the large number of user handovers, so handover cost is also considered in the model. The original problem is decomposed into two levels due to the high coupling of variables and the successive convex approximation is employed. A low com…
On the (In)Security of 1090ES and UAT978 Mobile Cockpit Information Systems : An Attacker Perspective on the Availability of ADS-B Safety- and Mission-Critical Systems
Automatic dependent surveillance-broadcast (ADS-B) is a key air surveillance technology and a critical component of next-generation air transportation systems. It significantly simplifies aircraft surveillance technology and improves airborne traffic situational awareness. Many types of mobile cockpit information systems (MCISs) are based on ADS-B technology. MCIS gives pilots the flight and traffic-related information they need. MCIS has two parts: an ADS-B transceiver and an electronic flight bag (EFB) application. The ADS-B transceivers transmit and receive the ADS-B radio signals while the EFB applications hosted on mobile phones display the data. Because they are cheap, lightweight, an…
Towards usable automated detection of CPU architecture and endianness for arbitrary binary files and object code sequences
Static and dynamic binary analysis techniques are actively used to reverse engineer software's behavior and to detect its vulnerabilities, even when only the binary code is available for analysis. To avoid analysis errors due to misreading op-codes for a wrong CPU architecture, these analysis tools must precisely identify the Instruction Set Architecture (ISA) of the object code under analysis. The variety of CPU architectures that modern security and reverse engineering tools must support is ever increasing due to massive proliferation of IoT devices and the diversity of firmware and malware targeting those devices. Recent studies concluded that falsely identifying the binary code's ISA ca…
Signal detection for spread spectrum communication systems with gradient algorithm
Retrieval process of original symbols of a spread spectrum based communication system is tried to be improved by Gradient Algorithm (GA) and Blind Source Separation (BSS) principles. Two simple schemes, based on two energy functions are presented. Time correlation properties of the channel are used as advantages in developing the filter coefficients for the receiver. Direct Sequence - Code Division Multiple Access (DS-CDMA) technique based system setup is used for algorithm testing purposes. This is identified as one of the most stable spread spectrum communication technique where most of the technologies developed for that are highly compatible with High Speed Packet Access (HSPA) transmis…
A Double Auction Mechanism for Virtual Resource Allocation in SDN-based Cellular Network
The explosively growing demands for mobile traffic service bring both challenges and opportunities to wireless net- works, among which, wireless network virtualization is proposed as the main evolution towards 5G. In this paper, we first propose a Software Defined Network (SDN) based wireless virtualization architecture for enabling multi-flow transmission in order to save capital expenses (CapEx) and operation expenses (OpEx) significantly with multiple Infrastructures Providers (InPs) and multiple Mobile Virtual Network Operators (MVNOs). We for- mulate the virtual resource allocation problem with diverse QoS requirements as a social welfare maximization problem with transaction cost. Due…
ARQ Aware Scheduling for the IEEE 802.16 Base Station
The IEEE 802.16 technology defines the ARQ mechanism that enables a connection to resend data at the MAC level if an error is detected. In this paper, we analyze the ARQ aware scheduling for the 802.16 base station. In particular, we consider how the BS scheduler can account for the ARQ block size, absence of the ARQ block rearrangement, and the ARQ transmission window. We propose a set of constraints that can be applied to any base station scheduler algorithm. To test them, we run a number of simulation scenarios. The simulations results confirm that the ARQ aware scheduling can improve the overall performance.
VoiP performance analysis in IEEE802.16 networks
WiMAX, as known as IEEE standard 802.16, is a wide range broadband wireless access network which has a significant good support for the quality of service. According to IEEE standard 802.16e WiMAX has support also for mobility. One of the key advantages of the WiMAX network is the possibility to assign QoS parameters as connection based. A good example of traffic type having strict QoS demands is VoIP. VoIP will probably be a killer application in the future's broadband wireless networks because of its cost efficiency compared to circuit switched networks. In this paper, we analyze by extensive simulations how QoS is applied per connection, especially for the VoIP connection.
WINSE: WiMAX NS-2 extension
IEEE 802.16 standard defines the wireless broadband technology called WiMAX. When compared to other wireless technologies, it introduces many interesting advantages at PHY, MAC, and QoS layers. Heavy simulations are needed to study IEEE 802.16 performance and propose further enhancements to this standard. Link level simulations are not always sufficient, while system level simulators are not always accurate to capture MAC and transport protocol details. We implemented a 802.16 extension for the NS-2 network simulator. It includes upper PHY modeling, almost all the features of the 802.16 MAC layer, as well as the QoS framework. This article describes the implemented features, simulation meth…
A Fast Handover Method for Real-Time Multimedia Services
Mobile IPv6 (MIPv6) has been standardized for mobility management in the IPv6 network. When a mobile node changes its point of attachment in the IPv6 network, it experiences a time due MIPv6 procedures when it cannot receive or send any packets. This time called the handover delay might also cause packet loss resulting undesired quality-of-service degradation for various types of applications. The minimization of this delay is especially important for real-time applications. In this chapter we present a fast handover method called the flow-based fast handover for Mobile IPv6 (FFHMIPv6) to speed up the MIPv6 handover processes. FFHMIPv6 employs flow information and IPv6-in-IPv6 tunneling for…
Resource Allocation for Multi-Access Edge Computing with Fronthaul and Backhaul Constraints
Edge computing is able to provide proximity solutions for the future wireless network to accommodate different types of devices with various computing service demands. Meanwhile, in order to provide ubiquitous connectivities to massive devices over a relatively large area, densely deploying remote radio head (RRH) is considered as a cost-efficient solution. In this work, we consider a vertical and heterogeneous multiaccess edge computing system. In the system, the RRHs are deployed for providing wireless access for the users and the edge node with computing capability can process the computation requests from the users. With the objective to minimize the total energy consumption for process…
Distributed GNSS-Based Time Synchronization and Applications
The paper deals with synchronization standards, applications and challenges in the modern packet switched telecommunication networks. In recent years, the number of time-dependent services and systems only increases with the development of such areas as Internet of Things (IoT), industrial Internet, remote automation and robotics, precise positioning etc. In the paper, these emerging applications are discussed. An alternative way to the traditional centralized synchronization infrastructure is proposed. Compact and low-priced devices equipped with a Global Navigation Satellite System (GNSS) receiver and a reliable internal clock can be installed specifically in the places where they are nee…
Gradient Scheduling Algorithm for Fair Delay Guarantee in Logarithmic Pricing Scenario
In this paper we propose a packet scheduling scheme for ensuring delay as a Quality of Service (QoS) requirement. For customers, fair service is given while optimizing revenue of the network service provider. Gradient type algorithm for updating the weights of a packet scheduler is derived from a revenue-based optimization problem in the logarithmic pricing scenario. Algorithm is simple to implement. We compared algorithm with optimal brute-force method. The weight updating procedure is independent on the assumption of the connection's statistical behavior, and therefore it is robust against erroneous estimates of statistics.
An Efficient Network Log Anomaly Detection System Using Random Projection Dimensionality Reduction
Network traffic is increasing all the time and network services are becoming more complex and vulnerable. To protect these networks, intrusion detection systems are used. Signature-based intrusion detection cannot find previously unknown attacks, which is why anomaly detection is needed. However, many new systems are slow and complicated. We propose a log anomaly detection framework which aims to facilitate quick anomaly detection and also provide visualizations of the network traffic structure. The system preprocesses network logs into a numerical data matrix, reduces the dimensionality of this matrix using random projection and uses Mahalanobis distance to find outliers and calculate an a…
CCTV-FullyAware: toward end-to-end feasible privacy-enhancing and CCTV forensics applications
It is estimated that over 1 billion Closed-Circuit Television (CCTV) cameras are operational worldwide. The advertised main benefits of CCTV cameras have always been the same; physical security, safety, and crime deterrence. The current scale and rate of deployment of CCTV cameras bring additional research and technical challenges for CCTV forensics as well, as for privacy enhancements. This paper presents the first end-to-end system for CCTV forensics and feasible privacy-enhancing applications such as exposure measurement, CCTV route recovery, CCTV-aware routing/navigation, and crowd-sourcing. For this, we developed and evaluated four complex and distinct modules (CCTVCV [1], OSRM-CCTV [2],…
Joint Subcarrier and Phase Shifts Optimization for RIS-aided Localization-Communication System
Joint localization and communication systems have drawn significant attention due to their high resource utilization. In this paper, we consider a reconfigurable intelligent surface (RIS)-aided simultaneously localization and communication system. We first determine the sum squared position error bound (SPEB) as the localization accuracy metric for the presented localization-communication system. Then, a joint RIS discrete phase shifts design and subcarrier assignment problem is formulated to minimize the SPEB while guaranteeing each user’s achievable data rate requirement. For the presented non-convex mixed-integer problem, we propose an iterative algorithm to obtain a suboptimal solution …
Modeling RISC-V Processor in IP-XACT
IP-XACT is the most used standard in IP (Intellectual Property) integration. It is intended as a language neutral golden reference, from which RTL and HW dependent SW is automatically generated. Despite its wide popularity in the industry, there are practically no public and open design examples for any part of the design flow from IP-XACT to synthesis. One reason is the difficulty of creating IP-XACT models for existing RTL projects. In this paper, we address the issues by modeling the PULPino RISC-V microprocessor that is written in SystemVerilog (SV) and the project distributed over several repositories. We propose how to solve the mismatching concepts between SV project and IP-XACT, and…
Revenue-Aware Resource Allocation in the Future Multi-Service IP Networks
In the future IP networks, a wide range of different service classes must be supported in a network node and different classes of customers will pay different prices for their used node resources based on their Service-Level-Agreements. In this paper, we link the resource allocation issue with pricing strategies and explore the problem of maximizing the revenue of service providers in a network node by optimally allocating a given amount of node resources among multiple service classes. Under the linear pricing strategy, the optimal resource allocation scheme is derived for the case that no firm Quality-of-Service (QoS) guarantees are required for all service classes, which can achieve the …
Multi-Antenna Covert Communication With Jamming in the Presence of a Mobile Warden
Covert communication can hide the information transmission process from the warden to prevent adversarial eavesdropping. However, it becomes challenging when the warden can move. In this paper, we propose a covert communication scheme against a mobile warden, which maximizes the connectivity throughput between a multi-antenna transmitter and a full-duplex jamming receiver with the covert outage probability (COP) limit. First, we analyze the monotonicity of the COP to obtain the optimal location the warden can move. Then, under this worst situation, we optimize the transmission rate, the transmit power and the jamming power of covert communication to maximize the connection throughput. This …
Network channel allocation and revenue maximization
This paper introduces a model that can be used to share link capacity among customers under different kind of traffic conditions. This model is suitable for different kind of networks like the 4G networks (fast wireless access to wired network) to support connections of given duration that requires a certain quality of service. We study different types of network traffic mixed in a same communication link. A single link is considered as a bottleneck and the goal is to find customer traffic profiles that maximizes the revenue of the link. Presented allocation system accepts every calls and there is not absolute blocking, but the offered data rate/user depends on the network load. Data arriva…
Security Assessment of a Distributed, Modbus-based Building Automation System
Building automation systems were designed in an era when security was not a concern as the systems were closed from outside access. However, multiple benefits can be found in connecting such systems over the Internet and controlling a number of buildings from a single location. Security breaches towards building automation systems are increasing and may cause direct or indirect damages to the target organization or even the residents of the building. This work presents an approach to apply a method of data flow recognition and environment analysis to building automation through a case study on a distributed building automation system utilizing the Modbus protocol at the sites and presents s…
A Network-Based Framework for Mobile Threat Detection
Mobile malware attacks increased three folds in the past few years and continued to expand with the growing number of mobile users. Adversary uses a variety of evasion techniques to avoid detection by traditional systems, which increase the diversity of malicious applications. Thus, there is a need for an intelligent system that copes with this issue. This paper proposes a machine learning (ML) based framework to counter rapid evolution of mobile threats. This model is based on flow-based features, that will work on the network side. This model is designed with adversarial input in mind. The model uses 40 timebased network flow features, extracted from the real-time traffic of malicious and…
Adaptive Contention Resolution for VoIP Services in the IEEE 802.16 Networks
In the IEEE 802.16 networks, a subscriber station can use the contention slots to send bandwidth requests to the base station. The contention resolution mechanism is controlled by the backoff start/end values and a number of the request transmission opportunities. These parameters are set by the base station and are announced to subscriber stations in the management messages. In the case of the VoIP services, it is critical that the contention resolution occurs within the specified time interval to meet the VoIP QoS requirements. Thus, it is the responsibility of the base station to set correct contention resolution parameters to ensure the QoS requirements. This paper presents analytical c…
CCTVCV: Computer Vision model/dataset supporting CCTV forensics and privacy applications
The increased, widespread, unwarranted, and unaccountable use of Closed-Circuit TeleVision (CCTV) cameras globally has raised concerns about privacy risks for the last several decades. Recent technological advances implemented in CCTV cameras, such as Artificial Intelligence (AI)-based facial recognition and Internet of Things (IoT) connectivity, fuel further concerns among privacy advocates. Machine learning and computer vision automated solutions may prove necessary and efficient to assist CCTV forensics of various types. In this paper, we introduce and release the first and only computer vision models are compatible with Microsoft common object in context (MS COCO) and capable of accurately…
Incentive Mechanism for Resource Allocation in Wireless Virtualized Networks with Multiple Infrastructure Providers
To accommodate the explosively growing demands for mobile traffic service, wireless network virtualization is proposed as the main evolution towards 5G. In this work, a novel contract theoretic incentive mechanism is proposed to study how to manage the resources and provide services to the users in the wireless virtualized networks. We consider that the infrastructure providers (InPs) own the physical networks and the mobile virtual network operator (MVNO) has the service information of the users and needs to lease the physical radio resources for providing services. In particular, we utilize the contract theoretic approach to model the resource trading process between the MVNO and multiple…
Leveraging the benefits of big data with fast data for effective and efficient cybersecurity analytics systems : A robust optimisation approach
In recent times, major cybersecurity breaches and cyber fraud within the public and private sectors are making international headlines. Majority of organisations are facing cybersecurity adversity and advanced threats. On the one hand, we have asynchronous cybersecurity practices, many standards and frameworks to consider while on the other hand, we have to deal and secure our organisations against cyber-criminals, organised hacktivists, insider threats, hackers and nation-states with malafide intentions. The Center for Cyber Safety and Education's Global Information Security Workforce Study (GISWS) confirms that globally we are not only loosing but also backpedalling against threats and ri…
Analysis and Simulation of the Signaling Protocols for the DiffServ Framework
This paper considers signaling protocols for the DiffServ QoS framework. Originally, DiffServ had no standardized signaling solution, which resulted in the static configuration for the DiffServ domain. However, the dynamic allocation of resources within the domain allows to ensure the per-flow QoS guarantees and achieve better performance. At the moment, several signaling solutions for DiffServ framework are available. Thus, it is crucial to analyse these solutions and interconnections between them. In particular, the RSVP, aggregated RSVP, GIST, COPS, and SIP protocols will be considered. The simulation comprises several scenarios that present that the dynamic allocation of resource within…
<title>Revenue-maximization-based adaptive WFQ</title>
In the future Internet, di erent applications such as Voice over IP (VoIP) and Video-on-Demand (VoD) arise with di erent Quality of Service (QoS) parameters including e.g. guaranteed bandwidth, delay jitter, and latency. Different kinds of service classes (e.g. gold, silver, bronze) arise. The customers of di erent classes pay di erent prices to the service provider, who must share resources in a plausible way. In a router, packets are queued using a multi-queue system, where each queue corresponds to one service class. In this paper, an adaptive Weighted Fair Queue based algorithm for traAEc allocation is presented and studied. The weights in gradient type WFQ algorithm are adapted using r…
Blind source separation based interference suppression schemes for OFDM and DS-CDMA
In statistical wireless signal processing, extraction of unobserved signals from observed mixtures can be achieved using Blind Source Separation (BSS) algorithms. Orthogonal Frequency Division Multiplexing (OFDM) and Direct Sequence-Code Division Multiple Access (DS-CDMA) can be pronounced as the well established predominant air interface communication techniques. Consequences of an effort taken and counteractive solutions to diminish the undesirable influences encountered within the wireless air interface of those techniques with aid of BSS schemes are disclosed. Filter coefficients for the receiver are ascertained with the support of a set of energy functions and the iterative fixed point…
An Analysis of the Flow-Based Fast Handover Method For Mobile IPv6 Network
Mobile IPv6 has been proposed by the IETF (Internet Engineering Task Force) to be the solution to mobility management in IPv6 network. The work is now culminating to a standard status. But, one problem still remaining is the length of the handover time, which might cause packet loss. Thus the handover time should be as short as possible. Especially the real-time traffic suffers from packet loss. Earlier we have introduced a new method for faster handover process in Mobile IPv6 network called the Flow-based Fast Handover Method for Mobile IPv6 (FFHMIPv6). FFHMIPv6 uses the flow state information stored in the routers for the fast redirection of the flow. In this paper we compare the proposed…
Feasibility of FPGA accelerated IPsec on cloud
Abstract Hardware acceleration for famous VPN solution, IPsec, has been widely researched already. Still it is not fully covered and the increasing latency, throughput, and feature requirements need further evaluation. We propose an IPsec accelerator architecture in an FPGA and explain the details that need to be considered for a production ready design. This research considers the IPsec packet processing without IKE to be offloaded on an FPGA in an SDN network. Related work performance rates in 64 byte packet size for throughput is 1–2 Gbps with 0.2 ms latency in software, and 1–4 Gbps with unknown latencies for hardware solutions. Our proposed architecture is capable to host 1000 concurre…
Resource Allocation and Computation Offloading for Multi-Access Edge Computing With Fronthaul and Backhaul Constraints
Edge computing is able to provide proximity solutions for the future wireless network to accommodate different types of devices with various computing service demands. Meanwhile, in order to provide ubiquitous connectivities to massive devices over a relatively large area, densely deploying remote radio head (RRH) is considered as a cost-efficient solution. In this work, we consider a vertical and heterogeneous multi-access edge computing system. In the system, the RRHs are deployed for providing wireless access for the users and the edge node with computing capability can process the computation requests from the users. With the objective to minimize the total energy consumption for proces…
Blind source separation for OFDM with filtering colored noise out
Two blind algorithms that are developed with the intention of improving the symbol detection of Orthogonal Frequency Division Multiplexing (OFDM) techniques are proposed in this paper. OFDM systems are easy to equalize in implementations. The schemes are based on the theories of blind source separation (BSS). They are among the premier mechanisms used for extracting unobserved signals from observed mixtures in signal processing. In this study noise component of the received signal mixture is tried to be filtered out. A scalar energy function with the iterative fixed point rule for receive signal is used in determining the filter coefficients while taking the time correlation properties of t…
On Attacking Future 5G Networks with Adversarial Examples : Survey
The introduction of 5G technology along with the exponential growth in connected devices is expected to cause a challenge for the efficient and reliable network resource allocation. Network providers are now required to dynamically create and deploy multiple services which function under various requirements in different vertical sectors while operating on top of the same physical infrastructure. The recent progress in artificial intelligence and machine learning is theorized to be a potential answer to the arising resource allocation challenges. It is therefore expected that future generation mobile networks will heavily depend on its artificial intelligence components which may result in …
A model of Cyber Threat Information Sharing with the Novel Network Topology
The digitized environments are particularly vulnerable to various attacks. In such a situation of a security attack, detecting and responding to attacks require effective actions. One of the most significant ways to improve resilience to security attacks is to obtain accurate and timely situational aspect of the security awareness. The efficient production and utilization of situation information is achieved by sharing information with other actors in the information sharing network quickly and reliably without compromising the confidential information of one's own organization. At the same time, it should also be possible to avoid a flood of irrelevant information in the sharing network, w…
AI-based quantum-safe cybersecurity automation and orchestration for edge intelligence in future networks
The AIQUSEC (AI-based quantum secure cyber security automation and orchestration in the edge intelligence of future networks) brings measurable advances to the cyber security of access and edge networks and their services, as well as Operational Service Technologies (OT). The research aims for significant cybersecurity scalability, efficiency, and effectiveness of operations through improved and enhanced device and sensor securities, security assurance, quantum security, and Artificial Intelligence (AI) based automation solutions. The new application scenarios of near future, the multiple stakeholders within each scenario, and the higher data volumes raise the need for novel cybersecurity s…
Ensemble deep clustering analysis for time window determination of event-related potentials
Objective Cluster analysis of spatio-temporal event-related potential (ERP) data is a promising tool for exploring the measurement time window of ERPs. However, even after preprocessing, the remaining noise can result in uncertain cluster maps followed by unreliable time windows while clustering via conventional clustering methods. Methods We designed an ensemble deep clustering pipeline to determine a reliable time window for the ERP of interest from temporal concatenated grand average ERP data. The proposed pipeline includes semi-supervised deep clustering methods initialized by consensus clustering and unsupervised deep clustering methods with end-to-end architectures. Ensemble clusterin…
Evaluation of Ensemble Machine Learning Methods in Mobile Threat Detection
The rapid growing trend of mobile devices continues to soar causing massive increase in cyber security threats. Most pervasive threats include ransom-ware, banking malware, premium SMS fraud. The solitary hackers use tailored techniques to avoid detection by the traditional antivirus. The emerging need is to detect these threats by any flow-based network solution. Therefore, we propose and evaluate a network based model which uses ensemble Machine Learning (ML) methods in order to identify the mobile threats, by analyzing the network flows of the malware communication. The ensemble ML methods not only protect over-fitting of the model but also cope with the issues related to the changing be…
Multicast access control concept for xDSL-customers
Multicast is a tempting possibility for many broad- band services. It makes possible to deliver one data-stream to several receivers simultaneously. IP-Multicast is based on an open group concept. This means that it is possible for all the users to join the group and thus receive the data. The open concept is also the main reason why multicast has not been taken in wider use. There is two different solution to solve this problem, group access control and multicast data encryption. Group access control mechanisms focuses on restricting the group membership at the users edge device. Traffic encryption scheme relies on end-to-end encryption, so a key management architecture is also needed. We …
Telia Crowd Insights -tietojen hyödyntäminen pandemiatietoisuuden parantamiseksi Keski-Suomessa
Telia Crowd Insights -tietojen hyödyntäminen pandemiatietoisuuden parantamiseksi KeskiSuomessa on Keski-Suomen liiton rahoittama hanke, jolla pyritään selvittämään, että pystytäänkö ihmisten ja ihmisvirtojen liikkeitä seuraamalla saavuttamaan parempi tilannekuva pandemia tilanteessa. Hankkeen tarkoituksena on keskittyä erilaisiin liikenteenseurantaratkaisuihin sekä tutkia koronaviruksen aiheuttamia vaikutuksia maakunnassa tapahtuvaan liikenteeseen ja liikkumiseen. Keväällä 2020 tuli voimaan poikkeukselliset olosuhteet, joiden takia liikenne muuttui merkittävästi erilaisten rajoitusten ja yleisen varovaisuuden vuoksi. Tämä on yksi merkittävimmistä ilmiöistä, joita projektissa pyritään tutkim…
Revenue-based adaptive deficit round robin
This paper presents an adaptive resource allocation model that is based on the DRR queuing policy. The model ensures QoS requirements and tries to maximize a service provider's revenue by manipulating quantum values of the DRR scheduler. To calculate quantum values, it is proposed to use the revenue criterion that controls the allocation of free resources. The simulation considers a single node with the implemented model that serves several service classes with different QoS requirements and traffic characteristics. It is shown that the total revenue can be increased due to the allocation of unused resources to more expensive service classes. At the same time, bandwidth and delay guarantees…
Decoding brain activities of literary metaphor comprehension: An event-related potential and EEG spectral analysis
Novel metaphors in literary texts (hereinafter referred to as literary metaphors) seem to be more creative and open-ended in meaning than metaphors in non-literary texts (non-literary metaphors). However, some disagreement still exists on how literary metaphors differ from non-literary metaphors. Therefore, this study explored the neural mechanisms of literary metaphors extracted from modern Chinese poetry by using the methods of Event-Related Potentials (ERPs) and Event-Related Spectral Perturbations (ERSPs), as compared with non-literary conventional metaphors and literal expressions outside literary texts. Forty-eight subjects were recruited to make the semantic relatedness judgment afte…
A Novel Model for Cybersecurity Economics and Analysis
In recent times, major cybersecurity breaches and cyber fraud had huge negative impact on victim organisations. The biggest impact made on major areas of business activities. Majority of organisations facing cybersecurity adversity and advanced threats suffers from huge financial and reputation loss. The current security technologies, policies and processes are providing necessary capabilities and cybersecurity mechanism to solve cyber threats and risks. However, current solutions are not providing required mechanism for decision making on impact of cybersecurity breaches and fraud. In this paper, we are reporting initial findings and proposing conceptual solution. The paper is aiming to pr…
Visualization of Memory Map Information in Embedded System Design
Data compression is a common requirement for displaying large amounts of information. The goal is to reduce visual clutter. The approach given in this paper uses an analysis of a data set to construct a visual representation. The visualization is compressed using the address ranges of the memory structure. This method produces a compressed version of the initial visualization, retaining the same information as the original. The presented method has been implemented as a Memory Designer tool for ASIC, FPGA and embedded systems using IP-XACT. The Memory Designer is a user-friendly tool for model based embedded system design, providing access and adjustment of the memory layout from a single v…
Anomaly detection approach to keystroke dynamics based user authentication
Keystroke dynamics is one of the authentication mechanisms which uses natural typing pattern of a user for identification. In this work, we introduced Dependence Clustering based approach to user authentication using keystroke dynamics. In addition, we applied a k-NN-based approach that demonstrated strong results. Most of the existing approaches use only genuine users data for training and validation. We designed a cross validation procedure with artificially generated impostor samples that improves the learning process yet allows fair comparison to previous works. We evaluated the methods using the CMU keystroke dynamics benchmark dataset. Both proposed approaches outperformed the previou…
Analysis and Visualization of Product Memory Layout in IP-XACT
Modern ASIC and FPGA based embedded products use model based design, in which both hardware and software are developed in parallel. Previously HW was completed first and the information handed over to SW team, typically in the form of register tables. The information was even manually copied to SW code, making any changes error-prone and laborious. IP-XACT is the most feasible standard to model HW also for the SW needs. The HW design connectivity and overall memory layout may change due to component instantiations, configurations and conditional operation states, which makes it difficult to create register tables even for documentation. Current register design tools fall short in serving th…
A Statistical Model of Spine Shape and Material for Population-Oriented Biomechanical Simulation
In population-oriented ergonomics product design and musculoskeletal kinetics analysis, digital spine models of different shape, pose and material property are in great demand. The purpose of this study was to construct a parameterized finite element spine model with adjustable spine shape and material property. We used statistical shape model approach to learn inter-subject shape variations from 65 CT images of training subjects. Second order polynomial regression was used to model the age-dependent changes in vertebral material property derived from spatially aligned CT images. Finally, a parametric spine generator was developed to create finite element instances of different shapes and m…