The application and development of a wide-area measurement system(WAMS)has enabled many applications and led to several requirements based on dynamic measurement data.Such data are transmitted as big data information ...The application and development of a wide-area measurement system(WAMS)has enabled many applications and led to several requirements based on dynamic measurement data.Such data are transmitted as big data information flow.To ensure effective transmission of wide-frequency electrical information by the communication protocol of a WAMS,this study performs real-time traffic monitoring and analysis of the data network of a power information system,and establishes corresponding network optimization strategies to solve existing transmission problems.This study utilizes the traffic analysis results obtained using the current real-time dynamic monitoring system to design an optimization strategy,covering the optimization in three progressive levels:the underlying communication protocol,source data,and transmission process.Optimization of the system structure and scheduling optimization of data information are validated to be feasible and practical via tests.展开更多
The development of communication technologies which support traffic-intensive applications presents new challenges in designing a real-time traffic analysis architecture and an accurate method that suitable for a wide...The development of communication technologies which support traffic-intensive applications presents new challenges in designing a real-time traffic analysis architecture and an accurate method that suitable for a wide variety of traffic types.Current traffic analysis methods are executed on the cloud,which needs to upload the traffic data.Fog computing is a more promising way to save bandwidth resources by offloading these tasks to the fog nodes.However,traffic analysis models based on traditional machine learning need to retrain all traffic data when updating the trained model,which are not suitable for fog computing due to the poor computing power.In this study,we design a novel fog computing based traffic analysis system using broad learning.For one thing,fog computing can provide a distributed architecture for saving the bandwidth resources.For another,we use the broad learning to incrementally train the traffic data,which is more suitable for fog computing because it can support incremental updates of models without retraining all data.We implement our system on the Raspberry Pi,and experimental results show that we have a 98%probability to accurately identify these traffic data.Moreover,our method has a faster training speed compared with Convolutional Neural Network(CNN).展开更多
A network analyzer can often comprehend many protocols, which enables it to display talks taking place between hosts over a network. A network analyzer analyzes the device or network response and measures for the oper...A network analyzer can often comprehend many protocols, which enables it to display talks taking place between hosts over a network. A network analyzer analyzes the device or network response and measures for the operator to keep an eye on the network’s or object’s performance in an RF circuit. The purpose of the following research includes analyzing the capabilities of NetFlow analyzer to measure various parts, including filters, mixers, frequency sensitive networks, transistors, and other RF-based instruments. NetFlow Analyzer is a network traffic analyzer that measures the network parameters of electrical networks. Although there are other types of network parameter sets including Y, Z, & H-parameters, these instruments are typically employed to measure S-parameters since transmission & reflection of electrical networks are simple to calculate at high frequencies. These analyzers are widely employed to distinguish between two-port networks, including filters and amplifiers. By allowing the user to view the actual data that is sent over a network, packet by packet, a network analyzer informs you of what is happening there. Also, this research will contain the design model of NetFlow Analyzer that Measurements involving transmission and reflection use. Gain, insertion loss, and transmission coefficient are measured in transmission measurements, whereas return loss, reflection coefficient, impedance, and other variables are measured in reflection measurements. These analyzers’ operational frequencies vary from 1 Hz to 1.5 THz. These analyzers can also be used to examine stability in measurements of open loops, audio components, and ultrasonics.展开更多
In order to identify any traces of suspicious activities for the networks security, Network Traffic Analysis has been the basis of network security and network management. With the continued emergence of new applicati...In order to identify any traces of suspicious activities for the networks security, Network Traffic Analysis has been the basis of network security and network management. With the continued emergence of new applications and encrypted traffic, the currently available approaches can not perform well for all kinds of network data. In this paper, we propose a novel stream pattern matching technique which is not only easily deployed but also includes the advantages of different methods. The main idea is: first, defining a formal description specification, by which any series of data stream can be unambiguously descrbed by a special stream pattern; then a tree representation is constructed by parsing the stream pattern; at last, a stream pattern engine is constructed with the Non-t-mite automata (S-CG-NFA) and Bit-parallel searching algorithms. Our stream pattern analysis system has been fully prototyped on C programming language and Xilinx Vn-tex2 FPGA. The experimental results show the method could provides a high level of recognition efficiency and accuracy.展开更多
Metaverse is a new emerging concept building up a virtual environment for the user using Virtual Reality(VR)and blockchain technology but introduces privacy risks.Now,a series of challenges arise in Metaverse security...Metaverse is a new emerging concept building up a virtual environment for the user using Virtual Reality(VR)and blockchain technology but introduces privacy risks.Now,a series of challenges arise in Metaverse security,including massive data traffic breaches,large-scale user tracking,analysis activities,unreliable Artificial Intelligence(AI)analysis results,and social engineering security for people.In this work,we concentrate on Decentraland and Sandbox,two well-known Metaverse applications in Web 3.0.Our experiments analyze,for the first time,the personal privacy data exposed by Metaverse applications and services from a combined perspective of network traffic and privacy policy.We develop a lightweight traffic processing approach suitable for the Web 3.0 environment,which does not rely on complex decryption or reverse engineering techniques.We propose a smart contract interaction traffic analysis method capable of retrieving user interactions with Metaverse applications and blockchain smart contracts.This method provides a new approach to de-anonymizing users'identities through Metaverse applications.Our system,METAseen,analyzes and compares network traffic with the privacy policies of Metaverse applications to identify controversial data collection practices.The consistency check experiment reveals that the data types exposed by Metaverse applications include Personal Identifiable Information(PII),device information,and Metaverse-related data.By comparing the data flows observed in the network traffic with assertions made in the privacy regulations of the Metaverse service provider,we discovered that far more than 49%of the Metaverse data flows needed to be disclosed appropriately.展开更多
Offiine network traffic analysis is very important for an in-depth study upon the understanding of network conditions and characteristics, such as user behavior and abnormal traffic. With the rapid growth of the amoun...Offiine network traffic analysis is very important for an in-depth study upon the understanding of network conditions and characteristics, such as user behavior and abnormal traffic. With the rapid growth of the amount of information on the Intemet, the traditional stand-alone analysis tools face great challenges in storage capacity and computing efficiency, but which is the advantages for Hadoop cluster. In this paper, we designed an offiine traffic analysis system based on Hadoop (OTASH), and proposed a MapReduce-based algorithm for TopN user statistics. In addition, we studied the computing performance and failure tolerance in OTASH. From the experiments we drew the conclusion that OTASH is suitable for handling large amounts of flow data, and are competent to calculate in the case of single node failure.展开更多
The phenomenon of data explosion represents a severe challenge for the upcoming big data era.However,the current Internet architecture is insufficient for dealing with a huge amount of traffic owing to an increase in ...The phenomenon of data explosion represents a severe challenge for the upcoming big data era.However,the current Internet architecture is insufficient for dealing with a huge amount of traffic owing to an increase in redundant content transmission and the end-point-based communication model.Information-centric networking(ICN)is a paradigm for the future Internet that can be utilized to resolve the data explosion problem.In this paper,we focus on content-centric networking(CCN),one of the key candidate ICN architectures.CCN has been studied in various network environments with the aim of relieving network and server burden,especially in name-based forwarding and in-network caching functionalities.This paper studies the effect of several caching strategies in the CCN domain from the perspective of network and server overhead.Thus,we comprehensively analyze the in-network caching performance of CCN under several popular cache replication methods(i.e.,cache placement).We evaluate the performance with respect to wellknown Internet traffic patterns that follow certain probabilistic distributions,such as the Zipf/Mandelbrot–Zipf distributions,and flashcrowds.For the experiments,we developed an OPNET-based CCN simulator with a realistic Internet-like topology.展开更多
Unmanned Aerial Vehicles(UAVs)have become indispensable for intelligent traffic monitoring,particularly in low-light conditions,where traditional surveillance systems struggle.This study presents a novel deep learning...Unmanned Aerial Vehicles(UAVs)have become indispensable for intelligent traffic monitoring,particularly in low-light conditions,where traditional surveillance systems struggle.This study presents a novel deep learning-based framework for nighttime aerial vehicle detection and classification that addresses critical challenges of poor illumination,noise,and occlusions.Our pipeline integrates MSRCR enhancement with OPTICS segmentation to overcome low-light challenges,while YOLOv10 enables accurate vehicle localization.The framework employs GLOH and Dense-SIFT for discriminative feature extraction,optimized using the Whale Optimization Algorithm to enhance classification performance.A Swin Transformer-based classifier provides the final categorization,leveraging hierarchical attention mechanisms for robust performance.Extensive experimentation validates our approach,achieving detection mAP@0.5 scores of 91.5%(UAVDT)and 89.7%(VisDrone),alongside classification accuracies of 95.50%and 92.67%,respectively.These results outperform state-of-the-art methods by up to 5.10%in accuracy and 4.2%in mAP,demonstrating the framework’s effectiveness for real-time aerial surveillance and intelligent traffic management in challenging nighttime environments.展开更多
Unmanned Aerial Vehicles(UAVs)are increasingly employed in traffic surveillance,urban planning,and infrastructure monitoring due to their cost-effectiveness,flexibility,and high-resolution imaging.However,vehicle dete...Unmanned Aerial Vehicles(UAVs)are increasingly employed in traffic surveillance,urban planning,and infrastructure monitoring due to their cost-effectiveness,flexibility,and high-resolution imaging.However,vehicle detection and classification in aerial imagery remain challenging due to scale variations from fluctuating UAV altitudes,frequent occlusions in dense traffic,and environmental noise,such as shadows and lighting inconsistencies.Traditional methods,including sliding-window searches and shallow learning techniques,struggle with computational inefficiency and robustness under dynamic conditions.To address these limitations,this study proposes a six-stage hierarchical framework integrating radiometric calibration,deep learning,and classical feature engineering.The workflow begins with radiometric calibration to normalize pixel intensities and mitigate sensor noise,followed by Conditional Random Field(CRF)segmentation to isolate vehicles.YOLOv9,equipped with a bi-directional feature pyramid network(BiFPN),ensures precise multi-scale object detection.Hybrid feature extraction employs Maximally Stable Extremal Regions(MSER)for stable contour detection,Binary Robust Independent Elementary Features(BRIEF)for texture encoding,and Affine-SIFT(ASIFT)for viewpoint invariance.Quadratic Discriminant Analysis(QDA)enhances feature discrimination,while a Probabilistic Neural Network(PNN)performs Bayesian probability-based classification.Tested on the Roundabout Aerial Imagery(15,474 images,985K instances)and AU-AIR(32,823 instances,7 classes)datasets,the model achieves state-of-the-art accuracy of 95.54%and 94.14%,respectively.Its superior performance in detecting small-scale vehicles and resolving occlusions highlights its potential for intelligent traffic systems.Future work will extend testing to nighttime and adverse weather conditions while optimizing real-time UAV inference.展开更多
The continual growth of the use of technological appliances during the COVID-19 pandemic has resulted in a massive volume of data flow on the Internet,as many employees have transitioned to working from home.Furthermo...The continual growth of the use of technological appliances during the COVID-19 pandemic has resulted in a massive volume of data flow on the Internet,as many employees have transitioned to working from home.Furthermore,with the increase in the adoption of encrypted data transmission by many people who tend to use a Virtual Private Network(VPN)or Tor Browser(dark web)to keep their data privacy and hidden,network traffic encryption is rapidly becoming a universal approach.This affects and complicates the quality of service(QoS),traffic monitoring,and network security provided by Internet Service Providers(ISPs),particularly for analysis and anomaly detection approaches based on the network traffic’s nature.The method of categorizing encrypted traffic is one of the most challenging issues introduced by a VPN as a way to bypass censorship as well as gain access to geo-locked services.Therefore,an efficient approach is especially needed that enables the identification of encrypted network traffic data to extract and select valuable features which improve the quality of service and network management as well as to oversee the overall performance.In this paper,the classification of network traffic data in terms of VPN and non-VPN traffic is studied based on the efficiency of time-based features extracted from network packets.Therefore,this paper suggests two machine learning models that categorize network traffic into encrypted and non-encrypted traffic.The proposed models utilize statistical features(SF),Pearson Correlation(PC),and a Genetic Algorithm(GA),preprocessing the traffic samples into net flow traffic to accomplish the experiment’s objectives.The GA-based method utilizes a stochastic method based on natural genetics and biological evolution to extract essential features.The PC-based method performs well in removing different features of network traffic.With a microsecond perpacket prediction time,the best model achieved an accuracy of more than 95.02 percent in the most demanding traffic classification task,a drop in accuracy of only 2.37 percent in comparison to the entire statistical-based machine learning approach.This is extremely promising for the development of real-time traffic analyzers.展开更多
A traffic matrix is a necessary parameter fornetwork management functions,and itsupplies a flow-level view of a largescale IP-over-WDM backbone network.This paper studies the problem of traffic matrix estimationand pr...A traffic matrix is a necessary parameter fornetwork management functions,and itsupplies a flow-level view of a largescale IP-over-WDM backbone network.This paper studies the problem of traffic matrix estimationand proposes an exact traffic matrix estimation approach based on network tomography techniques.The traditional network tomography model is extended to make it compatible with compressive sensing constraints.First,a stochastic perturbation is introduced in the traditional network tomography inference model.Then,an algorithm is proposed to achieve additional optical link observations via optical bypass techniques.The obtained optical link observations are used as extensions for the perturbed network tomography model to ensure that the synthetic model can meetcompressive sensing constraints.Finally,the traffic matrix is estimated from the synthetic model by means of a compressive sensing recovery algorithm.展开更多
The rapid development of Internet of Things(IoT)technology has brought great convenience to people’s life.However,the security protection capability of IoT is weak and vulnerable.Therefore,more protection needs to be...The rapid development of Internet of Things(IoT)technology has brought great convenience to people’s life.However,the security protection capability of IoT is weak and vulnerable.Therefore,more protection needs to be done for the security of IoT.The paper proposes an intrusion detection method for IoT based on multi GBDT feature reduction and hierarchical traffic detection model.Firstly,GBDT is used to filter the features of IoT traffic data sets BoT-IoT and UNSW-NB15 to reduce the traffic feature dimension.At the same time,in order to improve the reliability of feature filtering,this paper constructs multiple GBDT models to filter the features of multiple sub data sets,and comprehensively evaluates the filtered features to find out the best alternative features.Then,two neural networks are trained with the two data sets after dimensionality reduction,and the traffic will be detected with the trained neural network.In order to improve the efficiency of traffic detection,this paper proposes a hierarchical traffic detection model,which can reduce the computational cost and time cost of detection process.Experiments show that the multi GBDT dimensionality reduction method can obtain better features than the traditional PCA dimensionality reduction method.Besides,the use of dual data sets improves the comprehensiveness of the IoT intrusion detection system,which can detect more types of attacks,and the hierarchical traffic model improves the detection efficiency of the system.展开更多
Air traffic complexity is an objective metric for evaluating the operational condition of the airspace. It has several applications, such as airspace design and traffic flow management.Therefore, identifying a reliabl...Air traffic complexity is an objective metric for evaluating the operational condition of the airspace. It has several applications, such as airspace design and traffic flow management.Therefore, identifying a reliable method to accurately measure traffic complexity is important. Considering that many factors correlate with traffic complexity in complicated nonlinear ways,researchers have proposed several complexity evaluation methods based on machine learning models which were trained with large samples. However, the high cost of sample collection usually results in limited training set. In this paper, an ensemble learning model is proposed for measuring air traffic complexity within a sector based on small samples. To exploit the classification information within each factor, multiple diverse factor subsets(FSSs) are generated under guidance from factor noise and independence analysis. Then, a base complexity evaluator is built corresponding to each FSS. The final complexity evaluation result is obtained by integrating all results from the base evaluators. Experimental studies using real-world air traffic operation data demonstrate the advantages of our model for small-sample-based traffic complexity evaluation over other stateof-the-art methods.展开更多
An optimization model and its solution algorithm for alternate traffic restriction(ATR) schemes were introduced in terms of both the restriction districts and the proportion of restricted automobiles. A bi-level progr...An optimization model and its solution algorithm for alternate traffic restriction(ATR) schemes were introduced in terms of both the restriction districts and the proportion of restricted automobiles. A bi-level programming model was proposed to model the ATR scheme optimization problem by aiming at consumer surplus maximization and overload flow minimization at the upper-level model. At the lower-level model, elastic demand, mode choice and multi-class user equilibrium assignment were synthetically optimized. A genetic algorithm involving prolonging codes was constructed, demonstrating high computing efficiency in that it dynamically includes newly-appearing overload links in the codes so as to reduce the subsequent searching range. Moreover,practical processing approaches were suggested, which may improve the operability of the model-based solutions.展开更多
Extensive investigation has been performed in location-centric or geocast routing protocols for reliable and efficient dissemination of information in Vehicular Adhoc Networks (VANETs). Various location-centric rout...Extensive investigation has been performed in location-centric or geocast routing protocols for reliable and efficient dissemination of information in Vehicular Adhoc Networks (VANETs). Various location-centric routing protocols have been suggested in literature for road safety ITS applications considering urban and highway traffic environment. This paper characterizes vehicular environments based on real traffic data and investigates the evolution of location-centric data dissemination. The current study is carded out with three main objectives: (i) to analyze the impact of dynamic traffic environment on the design of data dissemination techniques, (ii) to characterize location-centric data dissemination in terms of functional and qualitative behavior of protocols, properties, and strengths and weaknesses, and (iii) to find some future research directions in information dissemination based on location. Vehicular traffic environments have been classified into three categories based on physical characteristics such as speed, inter-vehicular distance, neighborhood stability, traffic volume, etc. Real traffic data is considered to analyze on-road traffic environments based on the measurement of physical parameters and weather conditions. Design issues are identified in incorporating physical parameters and weather conditions into data dissemination. Functional and qualitative characteristics of location-centric techniques are explored considering urban and highway environments. Comparative analysis of location-centric techniques is carded out for both urban and highway environments individually based on some unique and common characteristics of the environments. Finally, some future research directions are identified in the area based on the detailed investigation of traffic environments and location-centric data dissemination techniques.展开更多
In order to understand how a network is being used or whether it is being abused, an administrator needs to inspect the flow of the traffic and "infers" the intent of the users and applications. So the network traff...In order to understand how a network is being used or whether it is being abused, an administrator needs to inspect the flow of the traffic and "infers" the intent of the users and applications. So the network traffic measurement and analysis are crucial to network monitoring, reliable DDoS detecting and attack source locating as well. In this paper, we discuss the principle of real-time network traffic measurement and analysis through embedding a traffic measurement and analysis engine into IP packet-decoding module, and emphasize the implementation of visualizing the real-time network traffic, which are helpful to network monitoring and network traffic modeling.展开更多
The popularity of the Internet of Things(IoT)has enabled a large number of vulnerable devices to connect to the Internet,bringing huge security risks.As a network-level security authentication method,device fingerprin...The popularity of the Internet of Things(IoT)has enabled a large number of vulnerable devices to connect to the Internet,bringing huge security risks.As a network-level security authentication method,device fingerprint based on machine learning has attracted considerable attention because it can detect vulnerable devices in complex and heterogeneous access phases.However,flexible and diversified IoT devices with limited resources increase dif-ficulty of the device fingerprint authentication method executed in IoT,because it needs to retrain the model network to deal with incremental features or types.To address this problem,a device fingerprinting mechanism based on a Broad Learning System(BLS)is proposed in this paper.The mechanism firstly characterizes IoT devices by traffic analysis based on the identifiable differences of the traffic data of IoT devices,and extracts feature parameters of the traffic packets.A hierarchical hybrid sampling method is designed at the preprocessing phase to improve the imbalanced data distribution and reconstruct the fingerprint dataset.The complexity of the dataset is reduced using Principal Component Analysis(PCA)and the device type is identified by training weights using BLS.The experimental results show that the proposed method can achieve state-of-the-art accuracy and spend less training time than other existing methods.展开更多
The rapid proliferation of Internet of Things(IoT)technology has facilitated automation across various sectors.Nevertheless,this advancement has also resulted in a notable surge in cyberattacks,notably botnets.As a re...The rapid proliferation of Internet of Things(IoT)technology has facilitated automation across various sectors.Nevertheless,this advancement has also resulted in a notable surge in cyberattacks,notably botnets.As a result,research on network analysis has become vital.Machine learning-based techniques for network analysis provide a more extensive and adaptable approach in comparison to traditional rule-based methods.In this paper,we propose a framework for analyzing communications between IoT devices using supervised learning and ensemble techniques and present experimental results that validate the efficacy of the proposed framework.The results indicate that using the proposed ensemble techniques improves accuracy by up to 1.7%compared to single-algorithm approaches.These results also suggest that the proposed framework can flexibly adapt to general IoT network analysis scenarios.Unlike existing frameworks,which only exhibit high performance in specific situations,the proposed framework can serve as a fundamental approach for addressing a wide range of issues.展开更多
Website fingerprinting,also known asWF,is a traffic analysis attack that enables local eavesdroppers to infer a user’s browsing destination,even when using the Tor anonymity network.While advanced attacks based on de...Website fingerprinting,also known asWF,is a traffic analysis attack that enables local eavesdroppers to infer a user’s browsing destination,even when using the Tor anonymity network.While advanced attacks based on deep neural network(DNN)can performfeature engineering and attain accuracy rates of over 98%,research has demonstrated thatDNNis vulnerable to adversarial samples.As a result,many researchers have explored using adversarial samples as a defense mechanism against DNN-based WF attacks and have achieved considerable success.However,these methods suffer from high bandwidth overhead or require access to the target model,which is unrealistic.This paper proposes CMAES-WFD,a black-box WF defense based on adversarial samples.The process of generating adversarial examples is transformed into a constrained optimization problem solved by utilizing the Covariance Matrix Adaptation Evolution Strategy(CMAES)optimization algorithm.Perturbations are injected into the local parts of the original traffic to control bandwidth overhead.According to the experiment results,CMAES-WFD was able to significantly decrease the accuracy of Deep Fingerprinting(DF)and VarCnn to below 8.3%and the bandwidth overhead to a maximum of only 14.6%and 20.5%,respectively.Specially,for Automated Website Fingerprinting(AWF)with simple structure,CMAES-WFD reduced the classification accuracy to only 6.7%and the bandwidth overhead to less than 7.4%.Moreover,it was demonstrated that CMAES-WFD was robust against adversarial training to a certain extent.展开更多
文摘The application and development of a wide-area measurement system(WAMS)has enabled many applications and led to several requirements based on dynamic measurement data.Such data are transmitted as big data information flow.To ensure effective transmission of wide-frequency electrical information by the communication protocol of a WAMS,this study performs real-time traffic monitoring and analysis of the data network of a power information system,and establishes corresponding network optimization strategies to solve existing transmission problems.This study utilizes the traffic analysis results obtained using the current real-time dynamic monitoring system to design an optimization strategy,covering the optimization in three progressive levels:the underlying communication protocol,source data,and transmission process.Optimization of the system structure and scheduling optimization of data information are validated to be feasible and practical via tests.
基金supported by JSPS KAKENHI Grant Number JP16K00117, JP19K20250KDDI Foundationthe China Scholarship Council (201808050016)
文摘The development of communication technologies which support traffic-intensive applications presents new challenges in designing a real-time traffic analysis architecture and an accurate method that suitable for a wide variety of traffic types.Current traffic analysis methods are executed on the cloud,which needs to upload the traffic data.Fog computing is a more promising way to save bandwidth resources by offloading these tasks to the fog nodes.However,traffic analysis models based on traditional machine learning need to retrain all traffic data when updating the trained model,which are not suitable for fog computing due to the poor computing power.In this study,we design a novel fog computing based traffic analysis system using broad learning.For one thing,fog computing can provide a distributed architecture for saving the bandwidth resources.For another,we use the broad learning to incrementally train the traffic data,which is more suitable for fog computing because it can support incremental updates of models without retraining all data.We implement our system on the Raspberry Pi,and experimental results show that we have a 98%probability to accurately identify these traffic data.Moreover,our method has a faster training speed compared with Convolutional Neural Network(CNN).
文摘A network analyzer can often comprehend many protocols, which enables it to display talks taking place between hosts over a network. A network analyzer analyzes the device or network response and measures for the operator to keep an eye on the network’s or object’s performance in an RF circuit. The purpose of the following research includes analyzing the capabilities of NetFlow analyzer to measure various parts, including filters, mixers, frequency sensitive networks, transistors, and other RF-based instruments. NetFlow Analyzer is a network traffic analyzer that measures the network parameters of electrical networks. Although there are other types of network parameter sets including Y, Z, & H-parameters, these instruments are typically employed to measure S-parameters since transmission & reflection of electrical networks are simple to calculate at high frequencies. These analyzers are widely employed to distinguish between two-port networks, including filters and amplifiers. By allowing the user to view the actual data that is sent over a network, packet by packet, a network analyzer informs you of what is happening there. Also, this research will contain the design model of NetFlow Analyzer that Measurements involving transmission and reflection use. Gain, insertion loss, and transmission coefficient are measured in transmission measurements, whereas return loss, reflection coefficient, impedance, and other variables are measured in reflection measurements. These analyzers’ operational frequencies vary from 1 Hz to 1.5 THz. These analyzers can also be used to examine stability in measurements of open loops, audio components, and ultrasonics.
基金This work is supported by the following projects: National Natural Science Foundation of China grant 60772136, 111 Development Program of China NO.B08038, National Science & Technology Pillar Program of China NO.2008BAH22B03 and NO. 2007BAH08B01.
文摘In order to identify any traces of suspicious activities for the networks security, Network Traffic Analysis has been the basis of network security and network management. With the continued emergence of new applications and encrypted traffic, the currently available approaches can not perform well for all kinds of network data. In this paper, we propose a novel stream pattern matching technique which is not only easily deployed but also includes the advantages of different methods. The main idea is: first, defining a formal description specification, by which any series of data stream can be unambiguously descrbed by a special stream pattern; then a tree representation is constructed by parsing the stream pattern; at last, a stream pattern engine is constructed with the Non-t-mite automata (S-CG-NFA) and Bit-parallel searching algorithms. Our stream pattern analysis system has been fully prototyped on C programming language and Xilinx Vn-tex2 FPGA. The experimental results show the method could provides a high level of recognition efficiency and accuracy.
基金supported by the National Key R&D Program of China (2021YFB2700200)the National Natural Science Foundation of China (U21B2021,61932014,61972018,62202027)+2 种基金Young Elite Scientists Sponsorship Program by CAST (2022QNRC001)Beijing Natural Science Foundation (M23016)Yunnan Key Laboratory of Blockchain Application Technology Open Project (202105AG070005,YNB202206)。
文摘Metaverse is a new emerging concept building up a virtual environment for the user using Virtual Reality(VR)and blockchain technology but introduces privacy risks.Now,a series of challenges arise in Metaverse security,including massive data traffic breaches,large-scale user tracking,analysis activities,unreliable Artificial Intelligence(AI)analysis results,and social engineering security for people.In this work,we concentrate on Decentraland and Sandbox,two well-known Metaverse applications in Web 3.0.Our experiments analyze,for the first time,the personal privacy data exposed by Metaverse applications and services from a combined perspective of network traffic and privacy policy.We develop a lightweight traffic processing approach suitable for the Web 3.0 environment,which does not rely on complex decryption or reverse engineering techniques.We propose a smart contract interaction traffic analysis method capable of retrieving user interactions with Metaverse applications and blockchain smart contracts.This method provides a new approach to de-anonymizing users'identities through Metaverse applications.Our system,METAseen,analyzes and compares network traffic with the privacy policies of Metaverse applications to identify controversial data collection practices.The consistency check experiment reveals that the data types exposed by Metaverse applications include Personal Identifiable Information(PII),device information,and Metaverse-related data.By comparing the data flows observed in the network traffic with assertions made in the privacy regulations of the Metaverse service provider,we discovered that far more than 49%of the Metaverse data flows needed to be disclosed appropriately.
基金supported by the Important National Science & Technology Specific Projects (2012ZX03002008)the National Natural Science Foundation of China (61072061)The Fundamental Research Funds for the Central Universities (2012RC0121)
文摘Offiine network traffic analysis is very important for an in-depth study upon the understanding of network conditions and characteristics, such as user behavior and abnormal traffic. With the rapid growth of the amount of information on the Intemet, the traditional stand-alone analysis tools face great challenges in storage capacity and computing efficiency, but which is the advantages for Hadoop cluster. In this paper, we designed an offiine traffic analysis system based on Hadoop (OTASH), and proposed a MapReduce-based algorithm for TopN user statistics. In addition, we studied the computing performance and failure tolerance in OTASH. From the experiments we drew the conclusion that OTASH is suitable for handling large amounts of flow data, and are competent to calculate in the case of single node failure.
基金supported by Basic Science Research Program through the National Research Foundation of Korea(NRF)funded by the Ministry of Education(2014R1A1A2057796)and(2015R1D1A1A01059049)
文摘The phenomenon of data explosion represents a severe challenge for the upcoming big data era.However,the current Internet architecture is insufficient for dealing with a huge amount of traffic owing to an increase in redundant content transmission and the end-point-based communication model.Information-centric networking(ICN)is a paradigm for the future Internet that can be utilized to resolve the data explosion problem.In this paper,we focus on content-centric networking(CCN),one of the key candidate ICN architectures.CCN has been studied in various network environments with the aim of relieving network and server burden,especially in name-based forwarding and in-network caching functionalities.This paper studies the effect of several caching strategies in the CCN domain from the perspective of network and server overhead.Thus,we comprehensively analyze the in-network caching performance of CCN under several popular cache replication methods(i.e.,cache placement).We evaluate the performance with respect to wellknown Internet traffic patterns that follow certain probabilistic distributions,such as the Zipf/Mandelbrot–Zipf distributions,and flashcrowds.For the experiments,we developed an OPNET-based CCN simulator with a realistic Internet-like topology.
基金supported through Princess Nourah bint Abdulrahman University Researchers Supporting Project number(PNURSP2025R508)Princess Nourah bint Abdulrahman University,Riyadh,Saudi Arabia。
文摘Unmanned Aerial Vehicles(UAVs)have become indispensable for intelligent traffic monitoring,particularly in low-light conditions,where traditional surveillance systems struggle.This study presents a novel deep learning-based framework for nighttime aerial vehicle detection and classification that addresses critical challenges of poor illumination,noise,and occlusions.Our pipeline integrates MSRCR enhancement with OPTICS segmentation to overcome low-light challenges,while YOLOv10 enables accurate vehicle localization.The framework employs GLOH and Dense-SIFT for discriminative feature extraction,optimized using the Whale Optimization Algorithm to enhance classification performance.A Swin Transformer-based classifier provides the final categorization,leveraging hierarchical attention mechanisms for robust performance.Extensive experimentation validates our approach,achieving detection mAP@0.5 scores of 91.5%(UAVDT)and 89.7%(VisDrone),alongside classification accuracies of 95.50%and 92.67%,respectively.These results outperform state-of-the-art methods by up to 5.10%in accuracy and 4.2%in mAP,demonstrating the framework’s effectiveness for real-time aerial surveillance and intelligent traffic management in challenging nighttime environments.
基金supported through Princess Nourah bint Abdulrahman University Researchers Supporting Project number(PNURSP2025R508)Princess Nourah bint Abdulrahman University,Riyadh,Saudi ArabiaThe research team thanks the Deanship of Graduate Studies and Scientific Research at Najran University for supporting the research project through the Nama’a program,with the project code NU/GP/SERC/13/18-5.
文摘Unmanned Aerial Vehicles(UAVs)are increasingly employed in traffic surveillance,urban planning,and infrastructure monitoring due to their cost-effectiveness,flexibility,and high-resolution imaging.However,vehicle detection and classification in aerial imagery remain challenging due to scale variations from fluctuating UAV altitudes,frequent occlusions in dense traffic,and environmental noise,such as shadows and lighting inconsistencies.Traditional methods,including sliding-window searches and shallow learning techniques,struggle with computational inefficiency and robustness under dynamic conditions.To address these limitations,this study proposes a six-stage hierarchical framework integrating radiometric calibration,deep learning,and classical feature engineering.The workflow begins with radiometric calibration to normalize pixel intensities and mitigate sensor noise,followed by Conditional Random Field(CRF)segmentation to isolate vehicles.YOLOv9,equipped with a bi-directional feature pyramid network(BiFPN),ensures precise multi-scale object detection.Hybrid feature extraction employs Maximally Stable Extremal Regions(MSER)for stable contour detection,Binary Robust Independent Elementary Features(BRIEF)for texture encoding,and Affine-SIFT(ASIFT)for viewpoint invariance.Quadratic Discriminant Analysis(QDA)enhances feature discrimination,while a Probabilistic Neural Network(PNN)performs Bayesian probability-based classification.Tested on the Roundabout Aerial Imagery(15,474 images,985K instances)and AU-AIR(32,823 instances,7 classes)datasets,the model achieves state-of-the-art accuracy of 95.54%and 94.14%,respectively.Its superior performance in detecting small-scale vehicles and resolving occlusions highlights its potential for intelligent traffic systems.Future work will extend testing to nighttime and adverse weather conditions while optimizing real-time UAV inference.
文摘The continual growth of the use of technological appliances during the COVID-19 pandemic has resulted in a massive volume of data flow on the Internet,as many employees have transitioned to working from home.Furthermore,with the increase in the adoption of encrypted data transmission by many people who tend to use a Virtual Private Network(VPN)or Tor Browser(dark web)to keep their data privacy and hidden,network traffic encryption is rapidly becoming a universal approach.This affects and complicates the quality of service(QoS),traffic monitoring,and network security provided by Internet Service Providers(ISPs),particularly for analysis and anomaly detection approaches based on the network traffic’s nature.The method of categorizing encrypted traffic is one of the most challenging issues introduced by a VPN as a way to bypass censorship as well as gain access to geo-locked services.Therefore,an efficient approach is especially needed that enables the identification of encrypted network traffic data to extract and select valuable features which improve the quality of service and network management as well as to oversee the overall performance.In this paper,the classification of network traffic data in terms of VPN and non-VPN traffic is studied based on the efficiency of time-based features extracted from network packets.Therefore,this paper suggests two machine learning models that categorize network traffic into encrypted and non-encrypted traffic.The proposed models utilize statistical features(SF),Pearson Correlation(PC),and a Genetic Algorithm(GA),preprocessing the traffic samples into net flow traffic to accomplish the experiment’s objectives.The GA-based method utilizes a stochastic method based on natural genetics and biological evolution to extract essential features.The PC-based method performs well in removing different features of network traffic.With a microsecond perpacket prediction time,the best model achieved an accuracy of more than 95.02 percent in the most demanding traffic classification task,a drop in accuracy of only 2.37 percent in comparison to the entire statistical-based machine learning approach.This is extremely promising for the development of real-time traffic analyzers.
基金supported in part by the National Natural Science Foundation of China(Nos.61571104,61071124,61501105)the General Project of Scientific Research of the Education Department of Liaoning Province(No.L20150174)+2 种基金the Program for New Century Excellent Talents in University(No.NCET-11-0075)the Fundamental Research Funds for the Central Universities(Nos.N150402003,N120804004,N130504003,N150404018)the State Scholarship Fund(201208210013)
文摘A traffic matrix is a necessary parameter fornetwork management functions,and itsupplies a flow-level view of a largescale IP-over-WDM backbone network.This paper studies the problem of traffic matrix estimationand proposes an exact traffic matrix estimation approach based on network tomography techniques.The traditional network tomography model is extended to make it compatible with compressive sensing constraints.First,a stochastic perturbation is introduced in the traditional network tomography inference model.Then,an algorithm is proposed to achieve additional optical link observations via optical bypass techniques.The obtained optical link observations are used as extensions for the perturbed network tomography model to ensure that the synthetic model can meetcompressive sensing constraints.Finally,the traffic matrix is estimated from the synthetic model by means of a compressive sensing recovery algorithm.
文摘The rapid development of Internet of Things(IoT)technology has brought great convenience to people’s life.However,the security protection capability of IoT is weak and vulnerable.Therefore,more protection needs to be done for the security of IoT.The paper proposes an intrusion detection method for IoT based on multi GBDT feature reduction and hierarchical traffic detection model.Firstly,GBDT is used to filter the features of IoT traffic data sets BoT-IoT and UNSW-NB15 to reduce the traffic feature dimension.At the same time,in order to improve the reliability of feature filtering,this paper constructs multiple GBDT models to filter the features of multiple sub data sets,and comprehensively evaluates the filtered features to find out the best alternative features.Then,two neural networks are trained with the two data sets after dimensionality reduction,and the traffic will be detected with the trained neural network.In order to improve the efficiency of traffic detection,this paper proposes a hierarchical traffic detection model,which can reduce the computational cost and time cost of detection process.Experiments show that the multi GBDT dimensionality reduction method can obtain better features than the traditional PCA dimensionality reduction method.Besides,the use of dual data sets improves the comprehensiveness of the IoT intrusion detection system,which can detect more types of attacks,and the hierarchical traffic model improves the detection efficiency of the system.
基金co-supported by the State Key Program of National Natural Science Foundation of China (No. 91538204)the National Science Fund for Distinguished Young Scholars (No. 61425014)the National Key Technologies R&D Program of China (No. 2015BAG15B01)
文摘Air traffic complexity is an objective metric for evaluating the operational condition of the airspace. It has several applications, such as airspace design and traffic flow management.Therefore, identifying a reliable method to accurately measure traffic complexity is important. Considering that many factors correlate with traffic complexity in complicated nonlinear ways,researchers have proposed several complexity evaluation methods based on machine learning models which were trained with large samples. However, the high cost of sample collection usually results in limited training set. In this paper, an ensemble learning model is proposed for measuring air traffic complexity within a sector based on small samples. To exploit the classification information within each factor, multiple diverse factor subsets(FSSs) are generated under guidance from factor noise and independence analysis. Then, a base complexity evaluator is built corresponding to each FSS. The final complexity evaluation result is obtained by integrating all results from the base evaluators. Experimental studies using real-world air traffic operation data demonstrate the advantages of our model for small-sample-based traffic complexity evaluation over other stateof-the-art methods.
基金Projects(71171200,51108465,71101155)supported by the National Natural Science Foundation of China
文摘An optimization model and its solution algorithm for alternate traffic restriction(ATR) schemes were introduced in terms of both the restriction districts and the proportion of restricted automobiles. A bi-level programming model was proposed to model the ATR scheme optimization problem by aiming at consumer surplus maximization and overload flow minimization at the upper-level model. At the lower-level model, elastic demand, mode choice and multi-class user equilibrium assignment were synthetically optimized. A genetic algorithm involving prolonging codes was constructed, demonstrating high computing efficiency in that it dynamically includes newly-appearing overload links in the codes so as to reduce the subsequent searching range. Moreover,practical processing approaches were suggested, which may improve the operability of the model-based solutions.
文摘Extensive investigation has been performed in location-centric or geocast routing protocols for reliable and efficient dissemination of information in Vehicular Adhoc Networks (VANETs). Various location-centric routing protocols have been suggested in literature for road safety ITS applications considering urban and highway traffic environment. This paper characterizes vehicular environments based on real traffic data and investigates the evolution of location-centric data dissemination. The current study is carded out with three main objectives: (i) to analyze the impact of dynamic traffic environment on the design of data dissemination techniques, (ii) to characterize location-centric data dissemination in terms of functional and qualitative behavior of protocols, properties, and strengths and weaknesses, and (iii) to find some future research directions in information dissemination based on location. Vehicular traffic environments have been classified into three categories based on physical characteristics such as speed, inter-vehicular distance, neighborhood stability, traffic volume, etc. Real traffic data is considered to analyze on-road traffic environments based on the measurement of physical parameters and weather conditions. Design issues are identified in incorporating physical parameters and weather conditions into data dissemination. Functional and qualitative characteristics of location-centric techniques are explored considering urban and highway environments. Comparative analysis of location-centric techniques is carded out for both urban and highway environments individually based on some unique and common characteristics of the environments. Finally, some future research directions are identified in the area based on the detailed investigation of traffic environments and location-centric data dissemination techniques.
文摘In order to understand how a network is being used or whether it is being abused, an administrator needs to inspect the flow of the traffic and "infers" the intent of the users and applications. So the network traffic measurement and analysis are crucial to network monitoring, reliable DDoS detecting and attack source locating as well. In this paper, we discuss the principle of real-time network traffic measurement and analysis through embedding a traffic measurement and analysis engine into IP packet-decoding module, and emphasize the implementation of visualizing the real-time network traffic, which are helpful to network monitoring and network traffic modeling.
基金supported by National Key R&D Program of China(2019YFB2102303)National Natural Science Foundation of China(NSFC61971014,NSFC11675199)Young Backbone Teacher Training Program of Henan Colleges and Universities(2021GGJS170).
文摘The popularity of the Internet of Things(IoT)has enabled a large number of vulnerable devices to connect to the Internet,bringing huge security risks.As a network-level security authentication method,device fingerprint based on machine learning has attracted considerable attention because it can detect vulnerable devices in complex and heterogeneous access phases.However,flexible and diversified IoT devices with limited resources increase dif-ficulty of the device fingerprint authentication method executed in IoT,because it needs to retrain the model network to deal with incremental features or types.To address this problem,a device fingerprinting mechanism based on a Broad Learning System(BLS)is proposed in this paper.The mechanism firstly characterizes IoT devices by traffic analysis based on the identifiable differences of the traffic data of IoT devices,and extracts feature parameters of the traffic packets.A hierarchical hybrid sampling method is designed at the preprocessing phase to improve the imbalanced data distribution and reconstruct the fingerprint dataset.The complexity of the dataset is reduced using Principal Component Analysis(PCA)and the device type is identified by training weights using BLS.The experimental results show that the proposed method can achieve state-of-the-art accuracy and spend less training time than other existing methods.
基金supported by Innovative Human Resource Development for Local Intellectualization program through the Institute of Information&Communications Technology Planning&Evaluation(IITP)grant funded by the Korea government(MSIT)(IITP2024-00156287,50%)funded by the Institute for Information&Communications Technology Planning&Evaluation(IITP)grant funded by the Korea government(MSIT)(No.2022-0-01203,Regional Strategic Industry Convergence Security Core Talent Training Business,50%).
文摘The rapid proliferation of Internet of Things(IoT)technology has facilitated automation across various sectors.Nevertheless,this advancement has also resulted in a notable surge in cyberattacks,notably botnets.As a result,research on network analysis has become vital.Machine learning-based techniques for network analysis provide a more extensive and adaptable approach in comparison to traditional rule-based methods.In this paper,we propose a framework for analyzing communications between IoT devices using supervised learning and ensemble techniques and present experimental results that validate the efficacy of the proposed framework.The results indicate that using the proposed ensemble techniques improves accuracy by up to 1.7%compared to single-algorithm approaches.These results also suggest that the proposed framework can flexibly adapt to general IoT network analysis scenarios.Unlike existing frameworks,which only exhibit high performance in specific situations,the proposed framework can serve as a fundamental approach for addressing a wide range of issues.
基金the Key JCJQ Program of China:2020-JCJQ-ZD-021-00 and 2020-JCJQ-ZD-024-12.
文摘Website fingerprinting,also known asWF,is a traffic analysis attack that enables local eavesdroppers to infer a user’s browsing destination,even when using the Tor anonymity network.While advanced attacks based on deep neural network(DNN)can performfeature engineering and attain accuracy rates of over 98%,research has demonstrated thatDNNis vulnerable to adversarial samples.As a result,many researchers have explored using adversarial samples as a defense mechanism against DNN-based WF attacks and have achieved considerable success.However,these methods suffer from high bandwidth overhead or require access to the target model,which is unrealistic.This paper proposes CMAES-WFD,a black-box WF defense based on adversarial samples.The process of generating adversarial examples is transformed into a constrained optimization problem solved by utilizing the Covariance Matrix Adaptation Evolution Strategy(CMAES)optimization algorithm.Perturbations are injected into the local parts of the original traffic to control bandwidth overhead.According to the experiment results,CMAES-WFD was able to significantly decrease the accuracy of Deep Fingerprinting(DF)and VarCnn to below 8.3%and the bandwidth overhead to a maximum of only 14.6%and 20.5%,respectively.Specially,for Automated Website Fingerprinting(AWF)with simple structure,CMAES-WFD reduced the classification accuracy to only 6.7%and the bandwidth overhead to less than 7.4%.Moreover,it was demonstrated that CMAES-WFD was robust against adversarial training to a certain extent.
