Repository logo
 
Loading...
Profile Picture

Search Results

Now showing 1 - 9 of 9
  • Efficient feature selection for intrusion detection systems with priority queue-based GRASP
    Publication . Quincozes, Vagner E.; Quincozes, Silvio E.; Albuquerque, Célio; Passos, Diego; Massé, Daniel
    The Greedy Randomized Adaptive Search Proce dure for Feature Selection (GRASP-FS) is a recently-proposed metaheuristic that optimizes the feature selection process for Intrusion Detection Systems (IDS) by combining exploration and refinement techniques for more assertive intrusion detection. However, GRASP-FS may be time and resource-consuming for large datasets. In this work, we propose GRASPQ-FS, an extended version of GRASP-FS using Priority Queues to reduce resource consumption and processing time. As an additional contribution, we provide a comprehensive analysis of the most suitable parameters for our RASPQ-FS. Our results reveal that GRASPQ-FS can speed up feature selection up to 90% over GRASP-FS, without compromising F1-Score. Also, we observed that a priority queue with 50 solutions saved 50% in execution time while increasing the F1-Score by 4.5%.
  • Blockchain for smart grid security: applications, trends, and challenges
    Publication . Mattos, Diogo; Varela De Medeiros, Dianne Scherly; Passos, Diego; Fernandes, Natalia Castro; Muchaluat-Saade, Débora Christina; Moraes, Igor Monteiro; Albuquerque, Célio
    The electric power grid is the world's largest engineering system, and its secure and reliable operation is vital to human activities. The introduction of intelligence in the electrical power grid through smart grids imposes challenges that require new techniques and approaches to provide cyber-physical security. In this article, we discuss the use of blockchain to provide security and reliability to smart grids. Blockchain allows untrusted nodes to correctly and verifiably interact with each other in a distributed peer-to-peer network, without any reliable intermediary. We explore smart contracts, codes resident in blockchain that automate multi-step processes, as a way to automatically trade electric energy. We also discuss initiatives, challenges, and research opportunities of blockchain technologies in the electrical sector.
  • A spectral clustering algorithm for intelligent grouping in Dense Wireless Networks
    Publication . Guedes, Bruna Toledo; Passos, Diego; Passos, Fernanda G. O.
    The density of wireless networks has been increasing with the popularization of mobile devices. Dense wireless networks (DWN) present challenges such as the current spectral scarcity and the growing demand for capacity. The Restricted Access Window (RAW) mechanism was introduced by the IEEE 802.11ah amendment to improve DWN performance. RAW restricts the number of stations that can access the channel by arbitrarily separating them into groups. K-Means clustering has shown potential to find more efficient groups using the geographical coordinates of each station. However, due to the mobile and dynamic nature of such networks, location information is difficult to obtain in practice. In this paper, we consider the use of spectral clustering to increase the performance of DWN with hidden terminals. We discuss how a spectral clustering algorithm that generates RAW groups can be implemented in practice without the geographic location of each node. We also compare the performance of the spectral clustering algorithm with the standard grouping method used in IEEE 802.11ah, with the K-Means clustering (i.e., based on node location information), and with the hidden matrix -based regrouping (HMR) algorithm. Simulation results considering several density levels, different traffic patterns, and different propagation models indicate that spectral clustering significantly outperforms both the standard grouping and HMR in terms of collision rate, throughput, and delay. It also closely approximates - and sometimes surpasses - the performance of the K-Means clustering while being much more practical to implement because it does not require knowledge on nodes' geographical coordinates.
  • Wireless multipath video transmission: when IoT video applications meet networking-a survey
    Publication . Bhering, Fabiano; Passos, Diego; Ochi, Luiz Satoru; Obraczka, Katia; Albuquerque, Célio
    Advances in video camera and wireless communication technology have enabled a variety of video applications over the Internet. However, meeting these applications' quality-of-service requirements poses significant challenges to the underlying network and has attracted significant attention from the networking research community. In particular, wireless multipath video transmission has been proposed as a viable alternative to deliver adequate performance to Internet video applications. This survey provides a thorough review of the current state-of-the-art in multipath video transmission focusing on IoT applications. We introduce a taxonomy to classify existing approaches based on their application-specific mechanisms (e.g., video coding techniques) as well as networking-specific techniques. In addition to describing existing approaches in light of the proposed taxonomy, we also discuss directions for future work.
  • A new methodology for evaluating the neighbor discovery time in schedule-based asynchronous duty-cycling wireless sensor networks
    Publication . Passos, Diego; Trabbold, Beatriz; Carrano, Ricardo C.; Sousa, Cledson de
    Duty cycling is a fundamental mechanism for battery-operated wireless networks, such as wireless sensor networks. Due to its importance, it is an integral part of several Medium Access Protocols and related wireless technologies. In Schedule-based Asynchronous Duty Cycle, nodes activate and deactivate their radio interfaces according to a pre-designed schedule of slots, which guarantees overlapping uptime between two neighbors, independent of the offset between their internal clocks, making communication between them possible. This paper presents a new methodology for evaluating the Neighbor Discovery Time (NDT) of Schedule-based Asynchronous Duty Cycle. Differently from previous methodologies, it accounts for the possibility of the slots in the schedules of the two neighbors not being perfectly border-aligned - an unrealistic assumption in practice. By means of simulation, we show that not taking this under consideration can lead to an overestimate of the NDT by a factor of 2 depending on the particular scenario, thus justifying the importance of our work. center dot We propose a new subslot-based methodology for computing the NDT of a wakeup schedule used for asynchronous duty cycling. center dot It replaces the traditional slot-based methodology, by dividing slots into subslots, allowing for the analysis of non-integer clock offsets between nodes, and further allowing mathematical models to consider the more realistic continuous-time case. center dot Our validation data shows that the slot-based methodology may overestimate NDT by a factor of up to 2, making the proposed subslot-based methodology much more precise.
  • Cognitive radio with machine learning to increase spectral efficiency in indoor application on the 2.5 GHz band
    Publication . Soares, Marilson Duarte; Passos, Diego; Castellanos, Pedro Vladimir Gonzalez
    Due to the propagation characteristics in the 2.5 GHz band, the signal is significantly degraded by building entry loss (BEL), making coverage in indoor environments in some cases non-existent. Signal degradation inside buildings is a challenge for planning engineers, but it can be seen as a spectrum usage opportunity for a cognitive radio communication system. This work presents a methodology based on statistical modeling of data collected by a spectrum analyzer and the application of machine learning (ML) to leverage the use of those opportunities by autonomous and decentralized cognitive radios (CRs), independent of any mobile operator or external database. The proposed design targets using as few narrowband spectrum sensors as possible in order to reduce the cost of the CRs and sensing time, as well as improving energy efficiency. Those characteristics make our design especially interesting for internet of things (IoT) applications or low-cost sensor networks that may use idle mobile spectrum with high reliability and good recall.
  • Towards feature engineering for intrusion detection in IEC-61850 communication networks
    Publication . Quincozes, Vagner; Ereno Quincozes, Silvio; Passos, Diego; Albuquerque, Célio; Mosse, Daniel
    Digital electrical substations are fundamental in providing a reliable basis for smart grids. However, the deployment of the IEC-61850 standards for communication between intelligent electronic devices (IEDs) brings new security challenges. Intrusion detection systems (IDSs) play a vital role in ensuring the proper function of digital substations services. However, the current literature lacks efficient IDS solutions for certain classes of attacks, such as the masquerade attack. In this work, we propose the extraction and correlation of relevant multi-layer information through a feature engineering process to enable the deployment of machine learning-based IDSs in digital substations. Our results demonstrate that the proposed solution can detect attacks that are considered challenging in the literature, attaining an F1-score of up to 95.6% in the evaluated scenarios.
  • LEAF: Improving handoff flexibility of IEEE 802.11 networks with an SDN-based virtual access point framework
    Publication . Vieira, Juan Lucas; Mosse, Daniel; Passos, Diego
    Mobile devices’ popularization has brought several new applications to communication networks. As we move into an increasingly denser scenario, problems such as collisions between transmissions and unbalanced load become more pronounced. Moreover, while station-based handoff is inefficient to reduce these issues, network-wide handover decisions might provide better network resource management. This paper proposes LEAF, an access point virtualization solution based on Software Defined Networking to enable station (STA) handover conducted by the network, based on a global scope. Unlike other solutions in the literature, our proposal fully supports multichannel migrations through the IEEE 802.11h Channel Switch Announcement without restricting the channel utilization by the access points. To demonstrate the feasibility of such an approach, we present experimental data regarding the behavior of several different devices in face of this mechanism. We also evaluate our complete virtualization solution, which reveals that the handoff of STAs did not lead to significant packet losses or delays in STAs’ connections, while providing a foundation to improve network’s self-management and flexibility, allowing association control and load balancing tasks to be executed on top of our solution.
  • Assessing machine learning techniques for intrusion detection in cyber-physical systems
    Publication . Santos, Vinicius F.; Albuquerque, Célio; Passos, Diego; Ereno Quincozes, Silvio; Mossé, Daniel
    Cyber-physical systems (CPS) are vital to key infrastructures such as Smart Grids and water treatment, and are increasingly vulnerable to a broad spectrum of evolving attacks. Whereas traditional security mechanisms, such as encryption and firewalls, are often inadequate for CPS architectures, the implementation of Intrusion Detection Systems (IDS) tailored for CPS has become an essential strategy for securing them. In this context, it is worth noting the difference between traditional offline Machine Learning (ML) techniques and understanding how they perform under different IDS applications. To answer these questions, this article presents a novel comparison of five offline and three online ML algorithms for intrusion detection using seven CPS-specific datasets, revealing that offline ML is superior when attack signatures are present without time constraints, while online techniques offer a quicker response to new attacks. The findings provide a pathway for enhancing CPS security through a balanced and effective combination of ML techniques.