Wireless Local Area Networks (WLANs) have revolutionized modern communication by providing a user-friendly and cost-efficient solution for Internet access and network resources. However, the ...increasing popularity of WLANs has also led to a rise in security threats, including jamming, flooding attacks, unfair radio channel access, user disconnection from access points, and injection attacks, among others. In this paper, we propose a machine learning algorithm to detect Layer 2 threats in WLANs through network traffic analysis. Our approach uses a deep neural network to identify malicious activity patterns. We detail the dataset used, including data preparation steps, such as preprocessing and division. We demonstrate the effectiveness of our solution through series of experiments and show that it outperforms other methods in terms of precision. The proposed algorithm can be successfully applied in Wireless Intrusion Detection Systems (WIDS) to enhance the security of WLANs and protect against potential attacks.
The Internet of Things (IoT) is an emerging technology that attracted considerable attention in the last decade to become one of the most researched topics in computer science studies. This research ...aims to develop a benchmark framework for a public multi-task IoT traffic analyzer tool that holistically extracts network traffic features from an IoT device in a smart home environment that researchers in various IoT industries can implement to collect information about IoT network behavior. A custom testbed with four IoT devices is created to collect real-time network traffic data based on seventeen comprehensive scenarios of these devices' possible interactions. The output data is fed into the IoT traffic analyzer tool for both flow and packet levels analysis to extract all possible features. Such features are ultimately classified into five categories: IoT device type, IoT device behavior, Human interaction type, IoT behavior within the network, and Abnormal behavior. The tool is then evaluated by 20 users considering three variables: usefulness, accuracy of information being extracted, performance and usability. Users in three groups were highly satisfied with the interface and ease of use of the tool, with scores ranging from 90.5% to 93.8% and with an average score between 4.52 and 4.69 with a low standard deviation range, indicating that most of the data revolve around the mean.
Abstract
Since many systems in the real world are structured and characterized by multilayer networks, more and more scholars have started to investigate the coupling mechanism in multilayer network. ...In a network, a node’s betweenness centrality reflects the load better than the node degree metric. This paper suggest a new coupling method based on the betweenness centrality of nodes in the network. Connections are made from the middle position according to the order of node betweenness. The results demonstrate that Middle-betweenness coupling makes more even distribution of traffic in the network and an increase in network capacity, as well as an increase in network throughput, compared to Assortative coupling and Disassortative coupling.
Due to high capacity and fast transmission speed, 5G plays a key role in modern electronic infrastructure. Meanwhile, sparse tensor factorization (STF) is a useful tool for dimension reduction to ...analyze high-order, high-dimension, and sparse tensor (HOHDST) data, which is transmitted on 5G Internet-of-things (IoT). Hence, HOHDST data relies on STF to obtain complete data and discover rules for real time and accurate analysis. From another view of computation and data security, the current STF solution seeks to improve the computational efficiency but neglects privacy security of the IoT data, e.g., data analysis for network traffic monitor system. To overcome these problems, this article proposes a multiple-strategies differential privacy framework on STF ( MDPSTF ) for HOHDST network traffic data analysis. MDPSTF comprises three differential privacy (DP) mechanisms, i.e., <inline-formula><tex-math notation="LaTeX">\varepsilon -</tex-math></inline-formula> DP, concentrated DP, and local DP. Furthermore, the theoretical proof of privacy bound is presented. Hence, MDPSTF can provide general data protection for HOHDST network traffic data with high-security promise. We conduct experiments on two real network traffic datasets (<inline-formula><tex-math notation="LaTeX">Abilene</tex-math></inline-formula> and <inline-formula><tex-math notation="LaTeX">G\grave{E}ANT</tex-math></inline-formula>). The experimental results show that MDPSTF has high universality on the various degrees of privacy protection demands and high recovery accuracy for the HOHDST network traffic data.
Macro-level traffic safety analysis has been undertaken at different spatial configurations. However, clear guidelines for the appropriate zonal system selection for safety analysis are unavailable. ...In this study, a comparative analysis was conducted to determine the optimal zonal system for macroscopic crash modeling considering census tracts (CTs), state-wide traffic analysis zones (STAZs), and a newly developed traffic-related zone system labeled traffic analysis districts (TADs).
Poisson lognormal models for three crash types (i.e., total, severe, and non-motorized mode crashes) are developed based on the three zonal systems without and with consideration of spatial autocorrelation. The study proposes a method to compare the modeling performance of the three types of geographic units at different spatial configurations through a grid based framework. Specifically, the study region is partitioned to grids of various sizes and the model prediction accuracy of the various macro models is considered within these grids of various sizes.
These model comparison results for all crash types indicated that the models based on TADs consistently offer a better performance compared to the others. Besides, the models considering spatial autocorrelation outperform the ones that do not consider it.
Based on the modeling results and motivation for developing the different zonal systems, it is recommended using CTs for socio-demographic data collection, employing TAZs for transportation demand forecasting, and adopting TADs for transportation safety planning.
The findings from this study can help practitioners select appropriate zonal systems for traffic crash modeling, which leads to develop more efficient policies to enhance transportation safety.
•A methodology to compare different zonal systems for macroscopic crash analysis is proposed.•Optimal zonal system is recommended for traffic safety analysis.•Effects of different variables including traffic, roadway, and socio-demographic characteristics on crashes are explored.•The viability of a newly developed transportation related zonal system for crash analysis is investigated.
Advanced Persistent Threats (APTs) are the most critical menaces to modern organizations and the most challenging attacks to detect. They span over long periods of time, use encrypted connections and ...mimic normal behaviors in order to evade detection based on traditional defensive solutions. We propose an innovative approach that is able to analyze efficiently high volumes of network traffic to reveal weak signals related to data exfiltrations and other suspect APT activities. The final result is a ranking of the most suspicious internal hosts; this rank allows security specialists to focus their analyses on a small set of hosts out of the thousands of machines that typically characterize large organizations. Experimental evaluations in a network environment consisting of about 10K hosts show the feasibility and effectiveness of the proposed approach. Our proposal based on security analytics paves the way to novel forms of automatic defense aimed at early detection of APTs in large and continuously varying networked systems.
Veracity is a critical dimension of Big Data, as it is related to the quality of data. Its role is even more important when Big Data are supposed to be a counterpart or a substitute of official data. ...While the former is usually unstructured and the collecting procedures are unsupervised, the latter is collected in accordance to strict and rigorous methodologies. Mobile phone traces, alternatively called Cellphone Big Data (CBD), can be ascribed among the most popular Big Data typology in transportation analyses, even if they are affected by some biases. This research effort is aimed to contribute to the discussion on Big Data and to shed light on the need of a rigorous assessment of the dataset quality. An in-depth evaluation process was carried out with the comparison of CBD to groundtruth data, namely traffic-related data collected by Anas S.p.A. – Gruppo Ferrovie dello Stato Italiane along a major Italian trunk road. What emerges from this paper is the sensitiveness of CBD to some variables related to both cinematic characteristics of traffic, mobile phone network characteristics and the traffic condition, namely the vehicle occupancy rate.
Crypto ransomware is a type of malware that locks access to user files by encrypting them and demands a ransom in order to obtain the decryption key. This type of malware has become a serious threat ...for most enterprises. In those cases where the infected computer has access to documents in network shared volumes, a single host can lock access to documents across several departments in the company. We propose an algorithm that can detect ransomware action and prevent further activity over shared documents. The algorithm is based on the analysis of passively monitored traffic by a network probe. 19 different ransomware families were used for testing the algorithm in action. The results show that it can detect ransomware activity in less than 20 s, before more than 10 files are lost. Recovery of even those files was also possible because their content was stored in the traffic monitored by the network probe. Several days of traffic from real corporate networks were used to validate a low rate of false alarms. This paper offers also analytical models for the probability of early detection and the probability of false alarms for an arbitrarily large population of users.