Skip to main content
main-content

Über dieses Buch

This book constitutes the thoroughly refereed post-conference proceedings of the 4th International Conference on Mobile, Secure, and Programmable Networking, held in Paris, France, in June 2018.

The 27 papers presented in this volume were carefully reviewed and selected from 52 submissions. They discuss new trends in networking infrastructures, security, services and applications while focusing on virtualization and cloud computing for networks, network programming, software defined networks (SDN) and their security.

Inhaltsverzeichnis

Frontmatter

Surveying and Analyzing Urban Environment Approaches of Air Quality Monitoring

Abstract
Human beings need a regular supply of healthy food, clean water and especially intoxicated air. However, the increase in industrialization leads to high gas emissions, which effects badly the urban environment and people health. To measure, in real time, pollutants concentrations influencing the human health and natural environment, traditional equipment of air quality monitoring was substituted by new advanced wireless technologies. Using wireless technologies, air pollution data can be monitored and transmitted to remote servers in real time. In this paper, we present a survey related to the application of urban environmental monitoring. We also proposed a new methodology for air quality monitoring based on vehicular networks.
Rahim Haiahem, Cherif Ghazel, Leila Azouz Saidane, Selma Boumerdassi

A Novel Color Image Encryption Scheme Using Logistic Map and Quadratic Map Systems

Abstract
In this work, we propose a color image encryption scheme based on logistic map and quadratic map systems. First, the color image is divided into three components (red (R), green (G), and blue (B)). The three components are mixed as single grayscale image, to permute the pixels positions; we have used two permutation index vectors for changing rows and columns position. Finally, the permuted grayscale image is encrypted. In order to evaluate the security of the proposed scheme, the entropy, key space analysis, key sensitivity analysis, the correlation of two adjacent pixels and differential attack were performed. The Experimental results and analyses show that the proposed scheme enable to reduce computing effort, to allow efficient and outperform many schemes given in the literature.
Djamel Herbadji, Aissa Belmeguenai, Nadir Derouiche, Youcef Zennir, Salim Ouchtati

Evolutionary Multi Optimization Business Process Designs Using MR-Sort NSGAII

Abstract
In this paper, a research was carried out on the problem of evolutionary multi objective business process optimization. It does involve (i) to construct feasible business process designs with optimum attributes, and (ii) to classify the obtained solutions using a simple and scientific approach understandable by the decision maker. The business process evolutionary multi objective optimization (BPMOO) approach involves the generation of a series of diverse optimized business process designs for the same process requirements using an evolutionary algorithm (EA). The work presented in this paper is aimed to investigate the benefits that come from the utilization of multiple-criteria decision analysis methods (MCDA) with an evolutionary multi objective optimization algorithms (EMOA) execution process. The experimental results clearly bring that the proposed optimization Framework is capable of producing an acceptable number of optimized design alternatives to simplify the decision maker’s choice of solutions in a reasonable runtime.
Nadir Mahammed, Sidi Mohamed Benslimane, Ali Ouldkradda, Mahmoud Fahsi

Design and Implementation of an Intrusion Prevention System for Wi-Fi Networks 802.11 AC

Abstract
In this document, related works are evaluated with theory of games applied to IPS (Intrusion Prevention System) in terms of wireless networks and a model of game theory that allows the detection of intrusions in WI-FI networks 802.11 ac.
Julián Francisco Mojica Sánchez, Octavio José Salcedo Parra, Javier Medina

DoTRo: A New Dominating Tree Routing Algorithm for Efficient and Fault-Tolerant Leader Election in WSNs and IoT Networks

Abstract
A leader node in Ad hoc networks and especially in WSNs and IoT networks is needed in many cases, for example to generate keys for encryption/decryption, to find a node with minimum energy or situated in an extreme part of the network. In our work, we need as a leader the node situated on the extreme left of the network to start the process of finding its boundary nodes. These nodes will be used to monitor any sensitive, dangerous or non-accessible site. For this kind of applications, algorithms must be robust and fault-tolerant since it is difficult and even impossible to intervene if a node fails. Such a situation can be catastrophic in case that this node is the leader. In this paper, we present a new algorithm called DoTRo, which is based on a tree routing protocol. It starts from local leaders which will start the process of flooding to determine a spanning tree. During this process their value will be routed. If two spanning trees meet each other then the tree routing the best value will continue its process while the other tree will stop it. The remaining tree is the dominating one and its root will be the leader. This algorithm turns out to be low energy consuming with reduction rates that can exceed 85%. It is efficient and fault-tolerant since it works in the case where any node can fail and in the case where the network is disconnected.
Ahcène Bounceur, Madani Bezoui, Loic Lagadec, Reinhardt Euler, Laouid Abdelkader, Mohammad Hammoudeh

An Enhancement Approach for Securing Neighbor Discovery in IPv6 Networks

Abstract
IPv6 is willing to be the most used protocol in the future Internet even its deployment takes more time due to some constraints. Indeed, IPv6 allows addressing all objects on the Internet with public addresses. One of the new associated IPv6 protocols is Neighbor Discovery Protocol (NDP). Duplicate address detection (DAD) is one of the functions of NDP to make sure a generated IPv6 address is unique. However, since the NDP is not secure by default, the DAD is vulnerable to attacks. The attacker can prevent a new node from using a new address by failing the DAD procedure. The purpose of our technique is to secure the DAD process in an IPv6 network using a new field in NS message called Hash_Target_64. Our algorithm called DAD-Hide-Target is going to secure the DAD process by using a hash function SHA-256 and hiding the target address. Overall, the experimental results show a significant effect in term of Address Configuration Success Probability.
Ali El Ksimi, Cherkaoui Leghris

Dynamic Team Access Control for Collaborative Internet of Things

Abstract
The article presents a new access control model for IoT (Internet of Things), which is based on a dynamic approach. Our aim is to change the access control design concept from a static to a dynamic model in order to fit to characteristics and features of IoT. We do so by adapting TMAC (Team Access Control) model to IoT dynamic environment. DTMAC (Dynamic Team Access Control) allows the creation of dynamic teams that are deleted when the collaborative activities are over. In addition, it offers an easy management of the teams in a decentralized manner. We implement DTMAC as a web application using a relational database management to assess its security. The assessment of DTMAC shows that it adapts well to IoT dynamic network. Moreover, the model is user-driven, flexible and scalable. It also provides fine-grained access control, supports the well-known least privileges principle and separation of duties for the team members.
Hadjer Benhadj Djilali, Djamel Tandjaoui

Road Anomaly Detection Using Smartphone: A Brief Analysis

Abstract
Identification of road anomaly not only helps drivers to reduce the risk, but also support for road maintenance. Arguably, with the popularity of smartphones including multiple sensors, many road anomaly detection systems using mobile phones have been proposed. This paper aims at analyzing a number of typical road anomaly detection methods in terms of resource requirements, energy consumption, fitness conditions. From these measurements, we suggest some improvement directions to build road anomaly detection algorithms appropriate for smartphones.
Van Khang Nguyen, Éric Renault, Viet Hai Ha

Quality of Service Applied to Li-Fi Networks in 5th Generation Environments

Abstract
This document corresponds the application of services that requires QoS in Li-Fi networks oriented towards 5th generation networks. This work served as the basis to establish the quality assurance of this type of networks in a methodology that will be described in detail in a future publication. It’s taking into account the inherent characteristics of these technologies.
Jesús Manuel Paternina Durán, Octavio José Salcedo Parra, Danilo Alfonso López Sarmiento

Mobile Agent System Based Cloud Computing for Ubiquitous Telemonitoring Healthcare

Abstract
Distributed computing through a handheld/mobile device has to be considered with carefulness because of the limited capabilities on these devices. Especially in Ubiquitous Telemonitoring Healthcare, which refers to the disposition of any type of health services such that medical staff members, through mobile computing devices, can access them and expect data to be made available. In this paper, we present a new system based on mobile agent to assist monitor physician and cloud computing concept to allow him easy storage and remote access of healthcare data.
Nardjes Bouchemal, Ramdane Maamri, Naila Bouchemal

Alternative Connectivity Metric for Routing in VANETs

Abstract
In vehicular ad-hoc networks a path has to be found to send a message from one vehicle to another vehicle. This path has to have a connectivity rate that is high enough to obtain a high probability of arrival of the message. In other approaches, the average distance between vehicles on a link of the network is used as metric for connectivity. In this paper, an other metric is proposed, based on the average and standard deviation of the distances between the vehicles to reach a metric that performs better.
Frank Phillipson, Hacène Fouchal, Kim van Gulik

Num Ant Factor Based Comprehensive Investigations over Linguistic Trust and Reputations Model in Mobile Sensor Networks

Abstract
Trust is the prime concern for the evaluations of mobile sensor network-based applications. Trust in terms of human intractable levels is being expected form nowadays mobile sensor networks. In this paper, a linguistic trust and reputation model has been investigated in an exhaustive manner. The performance parameters like accuracy, path length, and energy consumption have been evaluated. Moreover, satisfaction factor has been investigated with the inference power of the fuzzy sets. Num ant factor has been considered as the major factor for this investigational analysis. The effects of num ant factor on the operations of the mobile sensor networks system have been observed. Simulations have been performed to validate the results.
Vinod Kumar Verma

Position Certainty Propagation: A Location Service for MANETs

Abstract
Localization in Mobile Ad-hoc Networks (MANETs) and Wireless Sensor Networks (WSNs) is an issue of great interest, especially in applications such as the IoT and VANETs. We propose a solution that overcomes two limiting characteristics of these types of networks. The first is the high cost of nodes with a location sensor (such as GPS) which we will refer to as anchor nodes. The second is the low computational capability of nodes in the network. The proposed algorithm addresses two issues; self-localization where each non-anchor node should discover its own position, and global localization where a node establishes knowledge of the position of all the nodes in the network. We address the problem as a graph where vertices are nodes in the network and edges indicate connectivity between nodes. The weights of edges represent the Euclidean distance between the nodes. Given a graph with at least three anchor nodes and knowing the maximum communication range for each node, we are able to localize nodes using fairly simple computations in a moderately dense graph.
Abdallah Sobehy, Eric Renault, Paul Muhlethaler

Low Energy-Efficient Clustering and Routing Based on Genetic Algorithm in WSNs

Abstract
To accommodate the limited resources of sensors and specially energy capacity, researchers are increasingly interested in their improvement by developing new aware energy protocols to relay data to the concerned application. Finding near optimal solutions for the energy problem is still an issue in Wireless Sensor Networks (WSNs). A new era is opened with algorithms inspired by nature, which are meta-heuristic imitating living systems, to solve optimization problems. For this purpose, the Low Energy-Efficient Clustering and Routing Based on Genetic Algorithm (LECR-GA) mechanism is proposed. LECR-GA aims to prolong the WSN life-time and enhance its quality of service (QoS). Extensive simulations of the proposed solution were performed and their results were compared with those of literature.
Ranida Hamidouche, Zibouda Aliouat, Abdelhak Gueroui

IoT Service QoS Guarantee Using QBAIoT Wireless Access Method

Abstract
Nowadays, providing Internet of Things (IoT) environments with service level guarantee is a challenging task. We describe in this paper a service level based IoT architecture that enables an IoT Service Level Agreement (iSLA) achievement between an IoT Service Provider and an IoT Client. This IoT SLA specifies the requirements of an IoT service in a specific application domain (e-health, smart cities, etc.). In order to guarantee these requirements, QoS mechanisms should be implemented within the IoT architecture. Thus, we propose an adaptation of the IEEE 802.15.4 slotted CSMA/CA mechanism to ensure the requirements of an IoT e-health service. Our approach called QBAIoT (QoS based Access for IoT) consists in creating different contention access periods corresponding to different specified traffic classes. Each of these periods within the QoS based adapted IEEE 802.15.4 superframe is specific for a traffic type. A QoS based contention access period called QoS CAP is configured with a number of slots during which only IoT objects belonging to the same QoS class can send data.
Ahmad Khalil, Nader Mbarek, Olivier Togni

Recognition Over Encrypted Faces

Abstract
Neural Networks (NN) are today increasingly used in Machine Learning where they have become deeper and deeper to accurately model or classify high-level abstractions of data. Their development however also gives rise to important data privacy risks. This observation motives Microsoft researchers to propose a framework, called Cryptonets. The core idea is to combine simplifications of the NN with Fully Homomorphic Encryptions (FHE) techniques to get both confidentiality of the manipulated data and efficiency of the processing. While efficiency and accuracy are demonstrated when the number of non-linear layers is small (e.g. 2), Cryptonets unfortunately becomes ineffective for deeper NNs which let the privacy preserving problem open in these contexts. This work successfully addresses this problem by combining several new ideas including the use of the batch normalization principle and the splitting of the learning phase in several iterations. We experimentally validate the soundness of our approach with a neural network with 6 non-linear layers. When applied to the MNIST database, it competes with the accuracy of the best non-secure versions, thus significantly improving Cryptonets. Additionally, we applied our approach to secure a neural network used for face recognition. This problem is usually considered much harder than the MNIST hand-written digits recognition and can definitely not be addressed with a simple network like Cryptonets. By combining our new ideas with an iterative (learning) approach we experimentally show that we can build an FHE-friendly network achieving good accuracy for face recognition.
Hervé Chabanne, Roch Lescuyer, Jonathan Milgram, Constance Morel, Emmanuel Prouff

Location Assignment of Capacitated Services in Smart Cities

Abstract
This paper introduces the Multi-Service Capacitated Facility Location Problem for assigning equipment to access points. Here multiple services should be offered to customers in a Smart City context. Purpose is to offer the total of services to fulfil the customer demand, given the coverage of the service and their capacity constraints. The problem is formulated and some practical results are presented solving the problem as an Integer Linear Programming Problem.
Gerbrich Hoekstra, Frank Phillipson

Network Slicing Architecture and Dependability

Abstract
The next generation of cellular networks known as 5G promises to be a major step in the evolution of communications technology, due to its enhanced technical features and because it is planned for a much wider set of applications and scenarios. Network slicing provides the scalability and flexibility needed to support this vision, by enabling the provision of independent and isolated network segments tailored to specific uses and requirements. The aim of this paper is to present the current status of the slicing architecture and based on that, define policies that assure its dependability. Guaranteeing dependability in network slicing is a top priority since 5G networks will be a critical infrastructure in industry sectors such as energy, health, transport and traditional telecom itself. Moreover, some slices are expected to deliver Ultra Reliable Communication (URC) with reliability requirements above 99.999%. A dependability design should be based on the system architecture. However, a standardized and final architecture for network slicing is still work in progress. This paper studies the most relevant architectural components defined to date, and based on that, it describes the dependability policies that should be used on each of them. Finally, this paper presents some analysis of the overall challenges for the integration of the different slicing components.
Andres J. Gonzalez, Min Xie, Pål Grønsund

A Hierarchical k-Anonymous Technique of Graphlet Structural Perception in Social Network Publishing

Abstract
The structural information of social network data plays an important role in many fields of research. Therefore, privacy-preserving social network publication methods should preserve more structural information, such as the higher-order organizational structure of complex networks (graphlets/motifs). Therefore, how to preserve the graphlet structure information in a social network as much as possible becomes a key problem in social network privacy protection. In this paper, to address the problem of excessive loss of graphlet structural information in the privacy process of published social network data, we proposed a technique of hierarchical k-anonymity for graphlet structural perception. The method considers the degree of social network nodes according to the characteristics of the power-law distribution. The nodes are divided according to the degrees, and the method analyzes the graphlet structural features of the graph in the privacy process and adjusts the privacy-processing strategies of the edges according to the graphlet structural features. This is done, in order to meet the privacy requirement while protecting the graphical structural information in the social network and, improving the utility of the data. This paper uses two real public data sets, WebKB and Cora, and conducted experiments and evaluations. Finally, the experimental results show that the method proposed in this paper can concurrently provide the same privacy protection intensity, better maintain the social network’s structural information and improve the data’s utility.
Dongran Yu, Huaxing Zhao, Li-e Wang, Peng Liu, Xianxian Li

Arp Attack Detection Software Poisoning and Sniffers in WLAN Networks Implementing Supervised Machine Learning

Abstract
Nowadays, the growing number of mobile device users such as tablets and smart phones, has shown an increase of wireless network usage (Wi-Fi). At the same time, the number of attacks against this network has been growing too, taking advantage of vulnerabilities typical of protocols such as ARP and 802.11 as shown in a study done by Verizon on social network attacks. The proposal is to create a tool capable of detecting man in the middle attacks such as ARP poisoning/spoofing and network sniffers that use NICs in monitor mode. A machine learning algorithm is then generated which is trained with data from networks being attacked or neutral to later be able to classify incoming network data and catalog them as an attack alert or not.
Nicolas Ricardo Enciso, Octavio José Salcedo Parra, Erika Upegui

VISECO: An Annotated Security Management Framework for 5G

Abstract
A novel security management framework is presented in this paper leveraging the current ETSI NFV MANO architecture and taking into account Software Defined Security principles. Specifically, the proposed VISECO framework allows developers, service providers to consider security across lifecycle: from embedding of security properties in the source code, parsing and interpreting for automatic deployment to active responding during operation. Mobile operator can use VISECO to secure its infrastructure and to provide “Security-as-a-Service” solution to potential customers such as IoT service providers. As an illustration, a framework prototyping and an IoT use case application are implemented and discussed.
Tran Quang Thanh, Stefan Covaci, Thomas Magedanz

Use of KRACK Attack to Obtain Sensitive Information

Abstract
This project presents an implementation of the recent KRACK attack for hacking WPA2 networks and obtaining sensitive information such as passwords, credit card numbers, messages, pages visited by the victim, etc., this attack works against any current modem, and depending on the operating system, and configuration of the network, you can inject or modify information. This project will show its operation for a Linux operating system laptop that connects to a Wi-Fi network encrypted with WPA2 protocol, and you will obtain sensitive information through KRACK attacks. Additionally, it will explain how to identify if you are being victim of this attack.
Luis Felipe Epia Realpe, Octavio José Salcedo Parra, Julio Barón Velandia

Adaptive ARMA Based Prediction of CPU Consumption of Servers into Datacenters

Abstract
The optimization of the energy consumed by data centers is a major concern. Several techniques have tried in vain to overcome this issue for many years. In this panoply, predictive approaches start to emerge. They consist in predicting in advance the resource requirement of the Datacenter’s servers in order to reserve their right quantities at the right time and thus avoid either the waste caused by their over-supplying or the performance problems caused by their under-supplying. In this article, we explored the performance of ARMA models in the realization of this type of prediction. It appears that with good selection of parameters, the ARMA models produce reliable predictions but also about 30% higher than those performed with naive methods. These results could be used to feed virtual machine management algorithms into Cloud Datacenters, particularly in the decision-making of their placement or migration for the rationalization of provisioned resources.
Fréjus A. R. Gbaguidi, Selma Boumerdassi, Ruben Milocco, Eugéne C. Ezin

Congestion Control in a Location Service for VANETs

Abstract
Vehicular ad-hoc networks are self-organized networks to provide communication between the vehicles. It is challenging to determine a routing protocol for the communication between the vehicles since the vehicles are moving in different speeds and directions, which causes a rapidly changing network topology. Other approaches in literature assign traffic to the best available path, possibly causing congestion in the network. In this paper, we determine the optimal route of intersections based on a penalty function to obtain load balancing in the network.
Kim van Gulik, Frank Phillipson, Hacène Fouchal

Latency and Network Lifetime Trade-Off in Geographic Multicast Routing for Multi-Sink Wireless Sensor Networks

Abstract
The deployment of multiple sinks in Wireless Sensor Networks may provide better reliability, timely communication and longevity, depending on the routing strategy. Moreover, geographic routing is a powerful strategy to avoid the costs related to maintaining high network knowledge. In this paper, we present a Geographic Multicast Routing solution (GeoM), focused on the latency and network lifetime trade-off. Our solution considers a linear combination of network metrics during the decision process of the next hop. Packets are forwarded to all sinks, and duplications are defined on the fly during the forwarding. The network lifetime is addressed with an energy balance strategy and a trade-off between progress and energy cost. We make use of the maximum energy consumption as an indication of the network lifetime. Simulation results show that GeoM has an overall better performance than the existing solutions, with improvements of approximately 11% for the average latency, and 54% for the maximum energy consumption.
Lucas Leão, Violeta Felea

Non-interfering Multipath Mechanism for Media Stream Transmission in Wireless Sensor Networks

Abstract
Potential applications of multimedia sensor networks cover a wide spectrum from military to industrial and from commercial to environmental monitoring. These applications require high bandwidth and are extremely delay sensitive. However, multipath routing is one of the appropriate solutions for multimedia data transmission, unlike traditional schemes using the shortest paths. Therefore, in this paper, we address the issue of interference in WMSNs and present an non-interfering multipath mechanism, integrated in our previous GMFT routing protocol. The proposed mechanism intervenes during path exploration phase in order to limit adjacent paths interactions.
Simulations results show a significant contribution and indicate that the proposed mechanism provides a higher data packets delivery rate.
Mohamed Nacer Bouatit, Selma Boumerdassi, Ruben H. Milocco

Wireless Fog-Mesh: A Communication and Computation Infrastructure for IoT Based Smart Environments

Abstract
Recently, the ideas of fog and edge computing have been proposed to move the computation near the end devices that produce or consume data. These ideas can easily be utilized in the context of IoT based smart environments. Generally, the practical implementations of smart environments rely heavily on cloud for data processing, analytics and decision making. The data captured by IoT devices is transferred via Internet towards cloud data centers which may introduce unwanted delay in real time scenarios. If we go by the popular predictions regarding number of active IoT devices, the best effort service provided by Internet may become a huge bottleneck. Further, to make the environment IoT friendly, a scalable communication infrastructure is needed which should be cost effective and can sustain the ever increasing number of devices. In this paper, we present our initial attempt to make a wireless mesh based fog computing infrastructure for IoT enabled smart environments. The important aspect of our approach is that, it can quickly be deployed for use-cases where smart environment is needed on a temporary basis, such as rock concerts, fairs, sporting events, etc. We have implemented a small scale prototype test-bed where mesh routers can also act as fog nodes. For resource discovery among fog nodes, we have utilized the concepts of Distributed Hash Table (DHT). This DHT also performs the role of distributed broker for data sharing among IoT devices. Further, we have performed simulations to test the scalability of our approach. Both implementation and simulation results are satisfactory and establish the applicability of our approach.
Shabir Ali, Shashwati Banerjea, Mayank Pandey, Neeraj Tyagi

Backmatter

Weitere Informationen

Premium Partner

    Bildnachweise