Skip to main content

About this book

This book constitutes the thoroughly refereed post-conference proceedings of the 6th International Conference on Mobile, Secure and Programmable Networking, held in Paris, France, in October 2020.

The 16 full papers presented in this volume were carefully reviewed and selected from 31 submissions. They discuss new trends in networking infrastructures, security, services and applications while focusing on virtualization and cloud computing for networks, network programming, software defined networks (SDN) and their security.

Table of Contents


Graph Based Subjective Matching of Trusted Strings and Blockchain Based Filtering for Connected Vehicles

Advances in technology have lead to the creation of a connected world. Due the increase in the number of smart and autonomous cars, the safety and associated comfort level of driving has led to attempts to adopt conventional vehicular access network to the world of connected vehicles. Consolidating the cooperative safety and collected mobility management from different distributed devices are of the utmost importance. However, the prime objective of connected vehicles is not only to impose security and trust measures for individual vehicles, but the strategy of connected vehicle should also concentrate on the cooperative and collective environment on fleets of vehicles. Therefore, keeping simple authentication and access control may not be efficient to evaluate trust and assurance for all the distributed stakeholders. Trust being an important entity for this entire system, the strategy for trust evaluation becomes also, crucial. In this paper we propose a broader content matching model of trusted strings and block chain based filtering for connected Vehicles. Where a content and subject headings are first matched and then the outcome of that is consolidated by a distributed block chain consensus voting mechanism for any decision taken with respect to trust evaluation .
Mamoudou Sangare, Soumya Banerjee, Paul Mühlethaler, Thinh Le Vinh

Secure and Internet-Less Connectivity to a Blockchain Network for Limited Connectivity Bank Users

Over the past few years, we have seen the emergence of a wide range of banking architectures, technologies, and applications made possible by the significant improvements in hardware, software, and networking technologies. Nowadays, innovative solutions are being developed by banks to leverage the benefits of blockchain, to improve their business agility and performance, and to make their business operations more efficient and secure. However, there are still cases where regular access to Internet is impossible or unreliable due to saturated networks or harsh environments, hence limiting the deployment of typical blockchain based solutions. In this context, an approach using a new connectivity technology is needed in order to increase mobile Internet services for any device to reach nearly 95% of the world population, instantly, simply by drawing on existing mobile phone networks, with no additional infrastructure development. We aim to give the user full bank access from their device, even if the device is not a smart one, using ordinary mobile phone networks. However, providing efficient and secure communications over lossy and low bandwidth networks remains a challenge. The main objective of this paper will be to design an end-to-end and low overhead secure solution for the communications between mobile devices and their corresponding remote application servers that using blockchain via ordinary mobile networks .
Daniel Maldonado-Ruiz, Mohamad Badra, Nour El Madhoun, Jenny Torres

Developing Customized and Secure Blockchains with Deep Federation Learning to Prevent Successive Attacks

Recently, blockchain technology has been one of the most promising fields of research aiming to enhance the security and privacy of systems. It follows a distributed mechanism to make the storage system fault-tolerant. However, even after adopting all the security measures, there are some risks for cyberattacks in the blockchain. From a statistical point of view, attacks can be compared to anomalous transactions compared to normal transactions. In this paper, these anomalous transactions can be detected using machine learning algorithms, thus making the framework much more secure. Several machine learning algorithms can detect anomalous observations. Due to the typical nature of the transactions dataset (time-series), we choose to apply a sequence to the sequence model. In this paper, we present our approach, where we use federated learning embedded with an LSTM-based auto-encoder to detect anomalous transactions.
Soumya Banerjee, Soham Chakraborty, Paul Mühlethaler

Toward a Blockchain-Based Technology in Dealing with Emergencies in Patient-Centered Healthcare Systems

Nowadays, medical healthcare always plays a vital role for humans in society, especially problems related to personal health records due to its security and sensitivity. For each patient, personal health records are critical and vital assets, so how to manage them effectively is becoming exciting research to solve. Many types of research in aspects of managing and operating personal health records have been introduced; however, dealing with patients’ data in emergency cases remains an uncertain issue. When emergencies happen in reality, using a traditional access system is very hard for patients to give consent to staff to access their data. Besides, there is no secured record management of patient’ data, which reveals highly confidential personal information, such as what happened, when, and who has access to such information. Therefore, in this paper, an emergency access control management system is proposed to protect the patients’ data. This system is built based on permissioned Blockchain Hyperledger fabric. The proposed system will define several rules and regulations by using smart contracts and time duration to deal with emergencies. The patients also restrict the time to access the data in such urgent cases. Several algorithms that represent how the system works are also provided to make readers understand about the proposed management system.
Ha Xuan Son, Trieu Hai Le, Nga Tang Thi Quynh, Hung Nguyen Duc Huy, Nghia Duong-Trung, Huong Hoang Luong

Using Process Mining to Identify File System Metrics Impacted by Ransomware Execution

Malware authors leverage strong cryptographic primitives to hold user files as a hostage in their own devices until a ransom is paid. Indeed, victims not protected against ransomware are forced to pay the ransom or lose the files if ignoring the extortion. Devices are by no means immune from ransomware attacks. The reality is that there is a limited study on how to protect end-user devices against ransomware while there is hardly any protection available. Ransomware uses legitimate operating system processes that even state-of-the-art and advanced anti-malware products are ineffective against them. The results of our static and dynamic analysis illustrate that a local file system plays a critical role in the operation of all ransomware engines. Therefore, this study investigates the correlation existed between the file system operations to identify metrics such as the absolute occurrence frequency of a system file to identify a ransomware attack from within the kernel. We employ business process mining techniques to analyze collected log files from samples of seven recent live ransomware families and use the Naive discovery algorithm to study the absolute occurrence frequency of system files. The findings are visualized by state charts and sequence diagrams. Finally, the study identifies eight common system files that ransomware calls on in order to encrypt a victim’s files on their device.
Arash Mahboubi, Keyvan Ansari, Seyit Camtepe

Efficient and Secure Statistical Port Scan Detection Scheme

One of the most challenging problems in Cybersecurity is the identification and prevention of port scanning, which is the primary phase of further system or data exploitation. This paper proposes a new statistical method for port scan detection, in addition to preventive and corrective counter-measures. The suggested solution is intended to be implemented at the Internet Service Provider (ISP) side. The proposed solution consists of aggregating NetFlow statistics and using the Z-score and co-variance measures to detect port scan traffic as a deviation from normal traffic. The experimental results show that the proposed method achieves a high detection rate (up to 100%) within a time frame of 60 s.
Hussein Majed, Hassan N. Noura, Ola Salman, Ali Chehab, Raphaël Couturier

Fast and Flexible Elliptic Curve Cryptography for Dining Cryptographers Networks

A Dining Cryptographers network (DCnet for short) allows anonymous communication with sender and receiver untraceability even if an adversary has unlimited access to the connection metadata of the network. Originally introduced by David Chaum in the 1980s, DCnets were for a long time considered not practical for real-world applications because of the tremendous communication and computation overhead they introduce. However, technological innovations such as 5G networks and extremely powerful 64-bit processors make a good case to reassess the practicality of DCnets. In addition, recent advances in elliptic-curve based commitment schemes and Zero-Knowledge Proofs (ZKPs) provide a great opportunity to reduce the computational cost of modern DCnets that are able to detect malicious behavior of communicating parties. In this paper we introduce X64ECC, a self-contained library for Elliptic Curve Cryptography (ECC) developed from scratch to support all the public-key operations needed by modern DCnets: key exchange, digital signatures, Pedersen commitments, and ZKPs. X64ECC is written in C and uses compiler intrinsics to speed up performance-critical arithmetic operations. It is highly scalable and works with Montgomery curves and twisted Edwards curves of different cryptographic strength. Despite its high scalability and portability, X64ECC is able to compute a fixed-base scalar multiplication on a twisted Edwards curve over a 255-bit prime field in about 145,000 clock cycles on a modern Intel X64 processor. All cryptosystems can be adapted on-the-fly (i.e. without recompilation) to implement DCnets with arbitrary message sizes, and tradeoffs between the cryptographic strength and throughput of a DCnet are possible.
Briag Dupont, Christian Franck, Johann Großschädl

Efficient and Lightweight Polynomial-Based Key Management Scheme for Dynamic Networks

Wireless sensor networks and Internet of Things (IoT) are part of dynamic networks as new nodes can join while existing members can leave the system at any time. These networks mainly suffer from severe resource constraints like energy, storage and computation, which makes securing communications between nodes a real challenge. Several key establishment protocols have been proposed in the literature. Some of them are based on symmetric polynomials. However, the latter solutions have some limitations, such as the resilience to node capture attacks as well as the storage and computation overheads that are high for constrained nodes. In this paper, we propose a lightweight polynomial-based key management scheme for dynamic networks. The proposed scheme allows nodes to be able to establish secure communications between them, and ensures dynamism by supporting node addition and deletion after the setup phase. It also resists to node capture attack. The performance evaluation shows that our scheme reduces both the storage and computation overheads when compared to other related polynomial-based protocols.
Mohammed Nafi, Samia Bouzefrane, Mawloud Omar

Parallel Applications Mapping onto Heterogeneous MPSoCs Interconnected Using Network on Chip

To meet the growing requirements of today’s applications, multiprocessor architectures (MPSoCs) interconnected with a network on chip (NoC) are considered as a major solution for future powerful embedded systems. Mapping phase is one of the most critical challenge in designing these systems. It consists of assigning application’ tasks on the target platform which can have a considerable influence on the performance of the final system. Due to the large solutions’ research space generated by both the application complexity and the platforms, this mapping phase can no longer be done manually and hence it requires powerful exploration tools called DSE (Design Space Exploration Environment). This paper proposes a new tool for static mapping applications on NoC based on heterogeneous MPSoCs. This tool integrates several multiobjective optimization algorithms that can be specified in order to explore different solutions’ spaces, mainly: exact method, metaheuristics (population-based metaheuristics and single solution-based ones) as well as hybrid ones; it offers different cost functions (defined using analytical or simulation models). The user can specify them or define others easily and it provides an easy way to evaluate the performance of the Pareto front returned by different algorithms using multiple quality indicators. We also present a series of experiments by considering several scenarios and give guidelines to designers on choosing the appropriate algorithm based on the characteristics of the mapping problem considered.
Dihia Belkacemi, Mehammed Daoui, Samia Bouzefrane

Budget-Aware Performance Optimization of Workflows in Multiple Data Center Clouds

Users pay to use resources in cloud systems which makes them more demanding on performance and costs. Optimizing the response time of the applications and meeting user’s budget needs are therefore critical requirements when scheduling applications.
The approach presented in this work is a scheduling based-HEFT algorithm, which aims to optimize the makespan of tasks workflow that is constrained by the budget. For this, we propose a new budget distribution strategy named Estimated task budget that we integrate in our budget-aware HEFT algorithm. We use a multiple datacenters cloud as a real platform model, where data transfer costs are considered. The results obtained by our algorithm relative to recent work, show an improvement of makespan in the case of a restricted budget, without exceeding the given budget.
Karima Oukfif, Fares Battou, Samia Bouzefrane

IoT-Edge-Cloud Computing Framework for QoS-Aware Computation Offloading in Autonomous Mobile Agents: Modeling and Simulation

Edge-cloud computing is an emerging computational model that allows offloading of service requests by the autonomous mobile agents from the edge-server to the cloud-server. This is to reduce the network latency prevalent in the cloud-IoT model. However, Quality-of-Service (QoS)-Aware computation offloading in a heterogeneous and dynamic edge-cloud environment remains an open problem. In this paper, we propose a queuing theory-based edge-cloud computing framework for QoS-aware offloading in mobile autonomous agents. This framework model decides whether to execute an incoming request to the edge-server on the edge itself or to offload to one of the heterogeneous cloud servers such that the request’s execution time is the minimum. To model a request’s execution time, we consider the processing capabilities and the queues overheads of the edge and cloud servers, and the edge-cloud communications’ time. The details of the evaluation results, using dataset generated from real-life scenarios, are presented in the paper.
Leila Ismail, Huned Materwala

Toward a Privacy Guard for Cloud-Based Home Assistants and IoT Devices

The Internet of Things is a technology which is dominating our lives, making it more comfortable, safer and smarter. Using smart speakers as voice assistants for smart homes provides valuable service and an easy control of IoT devices, despite allowing the emergence of privacy threats and disclosing sensitive data about users. In this paper, we propose to associate with any smart personal assistant a privacy guard gateway (PGG for short) in order to mitigate privacy issues related to cloud-based devices, like profiling and linkage. In an original way, the PGG system is based on a noise addition mechanism that injects dummy requests according to some selected strategy, without the user’s activities being stored during the operation. A case study of our approach is experimented with a Google Home Assistant, in order to show its effectiveness.
Radja Boukharrou, Ahmed-Chawki Chaouche, Khaoula Mahdjar

An Intelligent Agent-Based Industrial IoT Framework for Time-Critical Data Stream Processing

The Industrial Internet of Things (IIoT) intends to speed up digital manufacturing transformation. As a crucial role, Industrial IoT aims to improve the performance and reliability of the processing of massive time-critical data continually generated by heterogeneous smart objects. To resolve these challenges, Industrial IoT incorporates the Fog computing paradigm to support intelligence near the Edge level as an additional alternative to Cloud computing. However, a Fog node allows dealing with only limited data processing, storage, and communications. Indeed, a heavy load processing task requires multiple Fog nodes to achieve its execution and may need an intelligent dynamic pooling of Cloud resources. In this paper, we propose PIAF (A Processing Intelligent Agent Running on Fog Infrastructure). An intelligent agent-based IIoT framework that runs on the Fog infrastructure to distribute the processing of time-critical data streams. We outline its several components and their interactions. Then, for this purpose, we model the PIAF framework using the Time Petri Nets modeling.
Ines Gharbi, Kamel Barkaoui, Ben Ahmed Samir

Optimal Broadcasting Algorithm for VANET System

New and innovative approaches are expected to improve road safety and prevent road traffic incidents, based on the exchange of information between vehicles. Our aim is to respond to the need for rapid and reliable exchange of messages containing information on the state of vehicles. For this purpose, we propose an algorithm that prioritize the broadcasting of emergency messages and privilege long-distance communication so as to speed up the dissemination of warning messages without saturating the VANET.
Ansam Ennaciri, Mohammed Erritali, Badreddine Cherkaoui, Françoise Sailhan

A Reaction-Diffusion and Gür Game Based Routing Algorithm for Wireless Sensor Networks

In this paper, we propose an energy-efficient, cluster-based routing algorithm to address the issue of energy constraints in wireless sensor networks. There are two components in the proposed model, the first supports the development of clusters and the second helps decide which of the sensors will sleep. Together they improve the lifetime of the clusters. Biologically inspired activator-inhibitor mechanism is employed to form clusters and select cluster heads based on the activator concentration where each sensor is associated with a pair of activator and inhibitor concentration values. In each cluster, a Gür game is applied to determine the set of active sensor nodes while inactive sensor nodes turn to sleep mode for conserving energy. The activator–inhibitor system is known to provide the mechanism for autonomous biological pattern formation, such as spots on mammals’ coats, through interactions between molecules and their diffusion rates. The Gür game is a self-organized artificial game associating voters in the game with finite state automata and a moderator with a reward function. Typically in wireless sensor networks, the base station is considered as the moderator and sensor nodes as voters in the Gür game. To further maximize the lifetime of the network, in our proposed routing algorithm, each cluster is then associated with a Gür game to determine the number of active sensor nodes where the cluster head is regarded as the moderator and the cluster members as voters. Finally, we present preliminary results on the comparison between the proposed routing algorithm and LEACH, a well-known distributed clustering protocol used in wireless sensor networks that shows our method works better than LEACH.
Shu-Yuan Wu, Theodore Brown, Hsien-Tseng Wang

Low Complexity Neural Network Based Digital Predistortion for Memory Power Amplifiers

Digital Predistortion (DPD) is an effective technique for Power Amplifier (PA) non-linear distortion and memory effects compensation. Different topoligies of DPD are presented in the literature. In this paper, we propose a mimetic neural network based DPD for Hammerstein power amplifier for OFDM signal with a reduction of Peak to Average Power Ration (PAPR) by Selective Mapping (SLM) method. This proposed model is compared with Real Valued Multilayer Perceptron (R-MLP). Simulation results show that the mimetic-R-MLP manifests more efficiency for PA linearization and for memory effect reduction in terms of Error Vector Magnitude (EVM) by a gain of 2 dB. It outperforms the R-MLP in terms of Mean Squared Error (MSE) for the convergence of the Neural Network (NN) and its complexity is \(23\%\) lower. The results in terms of Power Spectral Density (DSP) show also that our model compensates efficiently the out of band distortion (OOB) of the PA.
Meryem M. Benosman, Hmaeid Shaiek, Yassin Bendimerad, Rafik Zayani, Daniel Roviras, Fethi T. Bendimerad


Additional information

Premium Partner

    Image Credits