This paper evaluates the performance of Internet Protocol Security (IPSec) based Multiprotocol Label Switching (MPLS) virtual private network (VPN) in a small to medium sized organization. The demand for security in d...This paper evaluates the performance of Internet Protocol Security (IPSec) based Multiprotocol Label Switching (MPLS) virtual private network (VPN) in a small to medium sized organization. The demand for security in data networks has been increasing owing to the high cyber attacks and potential risks associated with networks spread over distant geographical locations. The MPLS networks ride on the public network backbone that is porous and highly susceptible to attacks and so the need for reliable security mechanisms to be part of the deployment plan. The evaluation criteria concentrated on Voice over Internet Protocol (VoIP) and Video conferencing with keen interest in jitter, end to end delivery and general data flow. This study used both structured questionnaire and observation methods. The structured questionnaire was administered to a group of 70 VPN users in a company. This provided the study with precise responses. The observation method was used in data simulations using OPNET Version 14.5 Simulation software. The results show that the IPSec features increase the size of data packets by approximately 9.98% translating into approximately 90.02% effectiveness. The tests showed that the performance metrics are all well within the recommended standards. The IPSec Based MPLS Virtual private network is more stable and secure than one without IPSec.展开更多
The Internet of Healthcare Things(IoHT)marks a significant breakthrough in modern medicine by enabling a new era of healthcare services.IoHT supports real-time,continuous,and personalized monitoring of patients’healt...The Internet of Healthcare Things(IoHT)marks a significant breakthrough in modern medicine by enabling a new era of healthcare services.IoHT supports real-time,continuous,and personalized monitoring of patients’health conditions.However,the security of sensitive data exchanged within IoHT remains a major concern,as the widespread connectivity and wireless nature of these systems expose them to various vulnerabilities.Potential threats include unauthorized access,device compromise,data breaches,and data alteration,all of which may compromise the confidentiality and integrity of patient information.In this paper,we provide an in-depth security analysis of LAP-IoHT,an authentication scheme designed to ensure secure communication in Internet of Healthcare Things environments.This analysis reveals several vulnerabilities in the LAP-IoHT protocol,namely its inability to resist various attacks,including user impersonation and privileged insider threats.To address these issues,we introduce LSAP-IoHT,a secure and lightweight authentication protocol for the Internet of Healthcare Things(IoHT).This protocol leverages Elliptic Curve Cryptography(ECC),Physical Unclonable Functions(PUFs),and Three-Factor Authentication(3FA).Its security is validated through both informal analysis and formal verification using the Scyther tool and the Real-Or-Random(ROR)model.The results demonstrate strong resistance against man-in-the-middle(MITM)attacks,replay attacks,identity spoofing,stolen smart device attacks,and insider threats,while maintaining low computational and communication costs.展开更多
The Internet of Things (IoT) and edge-assisted networking infrastructures are capable of bringing data processing and accessibility services locally at the respective edge rather than at a centralized module. These in...The Internet of Things (IoT) and edge-assisted networking infrastructures are capable of bringing data processing and accessibility services locally at the respective edge rather than at a centralized module. These infrastructures are very effective in providing a fast response to the respective queries of the requesting modules, but their distributed nature has introduced other problems such as security and privacy. To address these problems, various security-assisted communication mechanisms have been developed to safeguard every active module, i.e., devices and edges, from every possible vulnerability in the IoT. However, these methodologies have neglected one of the critical issues, which is the prediction of fraudulent devices, i.e., adversaries, preferably as early as possible in the IoT. In this paper, a hybrid communication mechanism is presented where the Hidden Markov Model (HMM) predicts the legitimacy of the requesting device (both source and destination), and the Advanced Encryption Standard (AES) safeguards the reliability of the transmitted data over a shared communication medium, preferably through a secret shared key, i.e., , and timestamp information. A device becomes trusted if it has passed both evaluation levels, i.e., HMM and message decryption, within a stipulated time interval. The proposed hybrid, along with existing state-of-the-art approaches, has been simulated in the realistic environment of the IoT to verify the security measures. These evaluations were carried out in the presence of intruders capable of launching various attacks simultaneously, such as man-in-the-middle, device impersonations, and masquerading attacks. Moreover, the proposed approach has been proven to be more effective than existing state-of-the-art approaches due to its exceptional performance in communication, processing, and storage overheads, i.e., 13%, 19%, and 16%, respectively. Finally, the proposed hybrid approach is pruned against well-known security attacks in the IoT.展开更多
Internet of Vehicles(IoV)is an evolution of the Internet of Things(IoT)to improve the capabilities of vehicular ad-hoc networks(VANETs)in intelligence transport systems.The network topology in IoV paradigm is highly d...Internet of Vehicles(IoV)is an evolution of the Internet of Things(IoT)to improve the capabilities of vehicular ad-hoc networks(VANETs)in intelligence transport systems.The network topology in IoV paradigm is highly dynamic.Clustering is one of the promising solutions to maintain the route stability in the dynamic network.However,existing algorithms consume a considerable amount of time in the cluster head(CH)selection process.Thus,this study proposes a mobility aware dynamic clustering-based routing(MADCR)protocol in IoV to maximize the lifespan of networks and reduce the end-to-end delay of vehicles.The MADCR protocol consists of cluster formation and CH selection processes.A cluster is formed on the basis of Euclidean distance.The CH is then chosen using the mayfly optimization algorithm(MOA).The CH subsequently receives vehicle data and forwards such data to the Road Side Unit(RSU).The performance of the MADCR protocol is compared with that ofAnt Colony Optimization(ACO),Comprehensive Learning Particle Swarm Optimization(CLPSO),and Clustering Algorithm for Internet of Vehicles based on Dragonfly Optimizer(CAVDO).The proposed MADCR protocol decreases the end-toend delay by 5–80 ms and increases the packet delivery ratio by 5%–15%.展开更多
In order to incorporate smart elements into distribution networks at ITELCA laboratories in Bogotá-Colombia, a Machine-to-Machine-based solution has been developed. This solution aids in the process of low-cost e...In order to incorporate smart elements into distribution networks at ITELCA laboratories in Bogotá-Colombia, a Machine-to-Machine-based solution has been developed. This solution aids in the process of low-cost electrical fault location, which contributes to improving quality of service, particularly by shortening interruption time spans in mid-voltage grids. The implementation makes use of MQTT protocol with an intensive use of Internet of things (IoT) environment which guarantees the following properties within the automation process: Advanced reports and statistics, remote command execution on one or more units (groups of units), detailed monitoring of remote units and custom alarm mechanism and firmware upgrade on one or more units (groups of units). This kind of implementation is the first one in Colombia and it is able to automatically recover from an N-1 fault.展开更多
This study focuses on testing and quality measurement and analysis of VoIPv6 performance. A client, server codes were developed using FreeBSD. This is a step before analyzing the Architectures of VoIPv6 in the current...This study focuses on testing and quality measurement and analysis of VoIPv6 performance. A client, server codes were developed using FreeBSD. This is a step before analyzing the Architectures of VoIPv6 in the current internet in order for it to cope with IPv6 traffic transmission requirements in general and specifically voice traffic, which is being attracting the efforts of research, bodes currently. These tests were conducted in the application level without looking into the network level of the network. VoIPv6 performance tests were conducted in the current tunneled and native IPv6 aiming for better end-to-end VoIPv6 performance. The results obtained in this study were shown in deferent codec's for different bit rates in Kilo bits per second, which act as an indicator for the better performance of G.711 compared with the rest of the tested codes.展开更多
A novel Wireless Fidelity (WiFi) over fiber link and a wavelength assignment protocol are proposed to provide sufficient bandwidth and extensive coverage range for the various applications in the Internet of Things (I...A novel Wireless Fidelity (WiFi) over fiber link and a wavelength assignment protocol are proposed to provide sufficient bandwidth and extensive coverage range for the various applications in the Internet of Things (IoT).The performance of the WiFi over fiber-based wireless IoT network is evaluated in terms of error vector magnitude (EVM) and data throughput for both the up and down links between the WiFi central control system and remote radio units (RRUs).The experimental results illustrate the reliability of the fiber transmission of 64 Quadrature Amplitude Modulation (64QAM) WiFi signals by direct analog modulation.In order to efficiently utilize the wavelength resources,we also demonstrated the wavelength assignment protocol by employing optical switching configurations in Central Station (CS) to realize the wavelength switching,and the simulation results indicate the queuing size and the corresponding queue delay for different numbers of available wavelengths.展开更多
Internet voting protocols is the base of the Internet voting systems. In this paper a new practical Internet voting protocol is introduced. The proposed Internet voting protocol does not apply the strong physical assu...Internet voting protocols is the base of the Internet voting systems. In this paper a new practical Internet voting protocol is introduced. The proposed Internet voting protocol does not apply the strong physical assumptions and has the properties of privacy, completeness, soundness, fairness, invariableness, and universal verifiability, receipt-free and coercion-resistant. At the same time it solves some problems in other internet voting protocols and the verification progress of universal verifiability is simple and efficient.展开更多
As an essential function of encrypted Internet traffic analysis,encrypted traffic service classification can support both coarse-grained network service traffic management and security supervision.However,the traditio...As an essential function of encrypted Internet traffic analysis,encrypted traffic service classification can support both coarse-grained network service traffic management and security supervision.However,the traditional plaintext-based Deep Packet Inspection(DPI)method cannot be applied to such a classification.Moreover,machine learning-based existing methods encounter two problems during feature selection:complex feature overcost processing and Transport Layer Security(TLS)version discrepancy.In this paper,we consider differences between encryption network protocol stacks and propose a composite deep learning-based method in multiprotocol environments using a sliding multiple Protocol Data Unit(multiPDU)length sequence as features by fully utilizing the Markov property in a multiPDU length sequence and maintaining suitability with a TLS-1.3 environment.Control experiments show that both Length-Sensitive(LS)composite deep learning model using a capsule neural network and LS-long short time memory achieve satisfactory effectiveness in F1-score and performance.Owing to faster feature extraction,our method is suitable for actual network environments and superior to state-of-the-art methods.展开更多
Energy conservation is a significant task in the Internet of Things(IoT)because IoT involves highly resource-constrained devices.Clustering is an effective technique for saving energy by reducing duplicate data.In a c...Energy conservation is a significant task in the Internet of Things(IoT)because IoT involves highly resource-constrained devices.Clustering is an effective technique for saving energy by reducing duplicate data.In a clustering protocol,the selection of a cluster head(CH)plays a key role in prolonging the lifetime of a network.However,most cluster-based protocols,including routing protocols for low-power and lossy networks(RPLs),have used fuzzy logic and probabilistic approaches to select the CH node.Consequently,early battery depletion is produced near the sink.To overcome this issue,a lion optimization algorithm(LOA)for selecting CH in RPL is proposed in this study.LOA-RPL comprises three processes:cluster formation,CH selection,and route establishment.A cluster is formed using the Euclidean distance.CH selection is performed using LOA.Route establishment is implemented using residual energy information.An extensive simulation is conducted in the network simulator ns-3 on various parameters,such as network lifetime,power consumption,packet delivery ratio(PDR),and throughput.The performance of LOA-RPL is also compared with those of RPL,fuzzy rule-based energyefficient clustering and immune-inspired routing(FEEC-IIR),and the routing scheme for IoT that uses shuffled frog-leaping optimization algorithm(RISARPL).The performance evaluation metrics used in this study are network lifetime,power consumption,PDR,and throughput.The proposed LOARPL increases network lifetime by 20%and PDR by 5%–10%compared with RPL,FEEC-IIR,and RISA-RPL.LOA-RPL is also highly energy-efficient compared with other similar routing protocols.展开更多
The Internet Control Message Protocol(ICMP)covert tunnel refers to a network attack that encapsulates malicious data in the data part of the ICMP protocol for transmission.Its concealment is stronger and it is not eas...The Internet Control Message Protocol(ICMP)covert tunnel refers to a network attack that encapsulates malicious data in the data part of the ICMP protocol for transmission.Its concealment is stronger and it is not easy to be discovered.Most detection methods are detecting the existence of channels instead of clarifying specific attack intentions.In this paper,we propose an ICMP covert tunnel attack intent detection framework ICMPTend,which includes five steps:data collection,feature dictionary construction,data preprocessing,model construction,and attack intent prediction.ICMPTend can detect a variety of attack intentions,such as shell attacks,sensitive directory access,communication protocol traffic theft,filling tunnel reserved words,and other common network attacks.We extract features from five types of attack intent found in ICMP channels.We build a multi-dimensional dictionary of malicious features,including shell attacks,sensitive directory access,communication protocol traffic theft,filling tunnel reserved words,and other common network attack keywords.For the high-dimensional and independent characteristics of ICMP traffic,we use a support vector machine(SVM)as a multi-class classifier.The experimental results show that the average accuracy of ICMPTend is 92%,training ICMPTend only takes 55 s,and the prediction time is only 2 s,which can effectively identify the attack intention of ICMP.展开更多
With recent advances made in Internet of Vehicles(IoV)and Cloud Computing(CC),the Intelligent Transportation Systems(ITS)find it advantageous in terms of improvement in quality and interactivity of urban transportatio...With recent advances made in Internet of Vehicles(IoV)and Cloud Computing(CC),the Intelligent Transportation Systems(ITS)find it advantageous in terms of improvement in quality and interactivity of urban transportation service,mitigation of costs incurred,reduction in resource utilization,and improvement in traffic management capabilities.Many trafficrelated problems in future smart cities can be sorted out with the incorporation of IoV in transportation.IoV communication enables the collection and distribution of real-time essential data regarding road network condition.In this scenario,energy-efficient and reliable intercommunication routes are essential among vehicular nodes in sustainable urban computing.With this motivation,the current research article presents a new Artificial Intelligence-based Energy Efficient Clustering with Routing(AI-EECR)Protocol for IoV in urban computing.The proposed AI-EECR protocol operates under three stages namely,network initialization,Cluster Head(CH)selection,and routing protocol.The presented AI-EECR protocol determines the CHs from vehicles with the help of Quantum Chemical Reaction Optimization(QCRO)algorithm.QCROalgorithmderives a fitness function with the help of vehicle speed,trust level,and energy level of the vehicle.In order to make appropriate routing decisions,a set of relay nodeswas selected usingGroup Teaching Optimization Algorithm(GTOA).The performance of the presented AI-EECR model,in terms of energy efficiency,was validated against different aspects and a brief comparative analysis was conducted.The experimental outcomes established that AI-EECR model outperformed the existing methods under different measures.展开更多
BACKGROUND The coronavirus disease 2019(COVID-19)pandemic has been an emotionally challenging time,especially for young adults.It is associated with a substantial increase in the prevalence of mental health problems,n...BACKGROUND The coronavirus disease 2019(COVID-19)pandemic has been an emotionally challenging time,especially for young adults.It is associated with a substantial increase in the prevalence of mental health problems,negative symptoms,and stressful experiences that compromise well-being.In low-income countries,internet-delivered psychological services could have a remarkable impact on the population’s mental health,given the lack of mental health professionals.AIM To investigate the efficacy of internet-delivered cognitive-behavior therapy(CBT)-transdiagnostic intervention for adults with emotional disorders.METHODS In this internet-delivered randomized controlled trial,102 students with an emotional disorder(mean age=28.20 years,standard deviation=5.07)were randomly allocated to receive unified protocol(UP)(n=51)or treatment as the usual intervention.Following a semi-structured clinical interview,participants completed an online survey including the Overall Anxiety Severity and Impairment Scale,Overall Depression Severity and Impairment Scale,Difficulties in Emotion Regulation Scale,Positive and Negative Affect Schedule,and Emotional Style Questionnaire.RESULTS The participants showed a high degree of adherence.In total,78%(n=40)of the experimental group participants completed the UP treatment.Considering the intention to treat procedure,the results of the analysis of covariance indicated that participants who received UP showed statistically significant changes in depression symptoms[Cohen’s d=-1.50 with 95%confidence interval(CI):-1.90 to-1.10],anxiety(Cohen’s d=-1.06 with 95%CI:-1.48 to-0.65),difficulties with emotion regulation(Cohen’s d=-0.33 with 95%CI:-0.7 to-0.06),positive affect(Cohen's d=1.27 with 95%CI:0.85 to 1.68),negative affect(Cohen’s d=-1.04 with 95%CI:-1.46 to-0.63),and healthy emotionality(Cohen’s d=0.53 with 95%CI:0.09 to 0.13)compared with the control group.CONCLUSION This study’s findings highlight the potential value of transdiagnostic internet-delivered programs for young adults with an emotional disorder during the COVID-19 pandemic,and expand the research examining emotional well-being improvements resulting from CBT-transdiagnostic interventions.The findings suggest that UP,which generally concentrates on reducing negative effects,can increase positive effects.展开更多
This paper illustrates the development of Internet Protocol Television (IPTV) and its implication for education. IPTV is a new type of educational technology that provides digital content (text, graphic, audio and vid...This paper illustrates the development of Internet Protocol Television (IPTV) and its implication for education. IPTV is a new type of educational technology that provides digital content (text, graphic, audio and video) which users watch as television broadcasting on the Internet. With the capabilities of IPTV that could be used for educational purpose. Therefore, the IPTV project’s (Suan Dusit Internet Broadcasting: SDIB) aim has been to develop into a platform that increase educational opportunities that support distant education. The IPTV system was designed to broadcast in four channels (kids, video on demand, variety and radio). More than seven hundred program are being transmitted both trough live and video on demand streams via computer, set top boxes and mobile devices. The IPTV system has been implemented and used in 80 pilot schools. The data of an evaluation of the IPTV system was collected from questionnaires and interviews. The results indicated that IPTV users were highly satisfied with the contents, set top boxes, LCD television, and overall IPTV systems.展开更多
The Internet of Things(IoT)is where almost anything can be controlled and managed remotely by means of sensors.Although the IoT evolution led to quality of life enhancement,many of its devices are insecure.The lack of...The Internet of Things(IoT)is where almost anything can be controlled and managed remotely by means of sensors.Although the IoT evolution led to quality of life enhancement,many of its devices are insecure.The lack of robust key management systems,efficient identity authentication,low fault tolerance,and many other issues lead to IoT devices being easily targeted by attackers.In this paper we propose a new authentication protocol called Authenblue that improve the authentication process of IoT devices and Coordinators of Personal Area Network(CPANs)in an Industrial IoT(IIoT)environment.This study proposed Authenblue protocol as a new Blockchainbased authentication protocol.To enhance the authentication process and make it more secure,Authenblue modified the way of generating IIoT identifiers and the shared secret keys used by the IIoT devices to raise the efficiency of the authentication protocol.Authenblue enhance the authentication protocol that other models rely on by enhancing the approach used to generate the User Identifier(UI).The UI values changed from being static values,sensors MAC addresses,to be generated values in the inception phase.This approach makes the process of renewing the sensor keys more secure by renewing their UI values instead of changing the secret key.In this study,Authenblue has been simulated in the Network Simulator 3(NS3).Simulation results show an improved performance compared to the related work.展开更多
The performance of Wireless Sensor Networks(WSNs)is an important fragment of the Internet of Things(IoT),where the current WSNbuilt IoT network’s sensor hubs are enticing due to their critical resources.By grouping h...The performance of Wireless Sensor Networks(WSNs)is an important fragment of the Internet of Things(IoT),where the current WSNbuilt IoT network’s sensor hubs are enticing due to their critical resources.By grouping hubs,a clustering convention offers a useful solution for ensuring energy-saving of hubs andHybridMedia Access Control(HMAC)during the course of the organization.Nevertheless,current grouping standards suffer from issues with the grouping structure that impacts the exhibition of these conventions negatively.In this investigation,we recommend an Improved Energy-Proficient Algorithm(IEPA)for HMAC throughout the lifetime of the WSN-based IoT.Three consecutive segments are suggested.For the covering of adjusted clusters,an ideal number of clusters is determined first.Then,fair static clusters are shaped,based on an updated calculation for fluffy cluster heads,to reduce and adapt the energy use of the sensor hubs.Cluster heads(CHs)are,ultimately,selected in optimal locations,with the pivot of the cluster heads working among cluster members.Specifically,the proposed convention diminishes and balances the energy utilization of hubs by improving the grouping structure,where the IEPAis reasonable for systems that need a long time.The assessment results demonstrate that the IEPA performs better than existing conventions.展开更多
Message structure reconstruction is a critical task in protocol reverse engineering,aiming to recover protocol field structures without access to source code.It enables important applications in network security,inclu...Message structure reconstruction is a critical task in protocol reverse engineering,aiming to recover protocol field structures without access to source code.It enables important applications in network security,including malware analysis and protocol fuzzing.However,existing methods suffer from inaccurate field boundary delineation and lack hierarchical relationship recovery,resulting in imprecise and incomplete reconstructions.In this paper,we propose ProRE,a novel method for reconstructing protocol field structures based on program execution slice embedding.ProRE extracts code slices from protocol parsing at runtime,converts them into embedding vectors using a data flow-sensitive assembly language model,and performs hierarchical clustering to recover complete protocol field structures.Evaluation on two datasets containing 12 protocols shows that ProRE achieves an average F1 score of 0.85 and a cophenetic correlation coefficient of 0.189,improving by 19%and 0.126%respectively over state-of-the-art methods(including BinPRE,Tupni,Netlifter,and QwQ-32B-preview),demonstrating significant superiority in both accuracy and completeness of field structure recovery.Case studies further validate the effectiveness of ProRE in practical malware analysis scenarios.展开更多
Blockchain offers a promising solution to the security challenges faced by the Internet of Vehicles(IoV).However,due to the dynamic connectivity of IoV,blockchain based on a single-chain structure or Directed Acyclic ...Blockchain offers a promising solution to the security challenges faced by the Internet of Vehicles(IoV).However,due to the dynamic connectivity of IoV,blockchain based on a single-chain structure or Directed Acyclic Graph(DAG)structure often suffer from performance limitations.The DAG lattice structure is a novel blockchain model in which each node maintains its own account chain,and only the node itself is allowed to update it.This feature makes the DAG lattice structure particularly suitable for addressing the challenges in dynamically connected IoV environment.In this paper,we propose a blockchain architecture based on the DAG lattice structure,specifically designed for dynamically connected IoV.In the proposed system,nodes must obtain authorization from a trusted authority before joining,forming a permissioned blockchain.Each node is assigned an individual account chain,allowing vehicles with limited storage capacity to participate in the blockchain by storing transactions only from nearby vehicles’account chains.Every transmitted message is treated as a transaction and added to the blockchain,enablingmore efficient data transmission in a dynamic network environment.Areputation-based incentivemechanism is introduced to encourage nodes to behave normally.Experimental results demonstrate that the proposed architecture achieves better performance compared with traditional single-chain and DAG-based approaches in terms of average transmission delay and storage cost.展开更多
The Internet of Vehicles,or IoV,is expected to lessen pollution,ease traffic,and increase road safety.IoV entities’interconnectedness,however,raises the possibility of cyberattacks,which can have detrimental effects....The Internet of Vehicles,or IoV,is expected to lessen pollution,ease traffic,and increase road safety.IoV entities’interconnectedness,however,raises the possibility of cyberattacks,which can have detrimental effects.IoV systems typically send massive volumes of raw data to central servers,which may raise privacy issues.Additionally,model training on IoV devices with limited resources normally leads to slower training times and reduced service quality.We discuss a privacy-preserving Federated Split Learning with Tiny Machine Learning(TinyML)approach,which operates on IoV edge devices without sharing sensitive raw data.Specifically,we focus on integrating split learning(SL)with federated learning(FL)and TinyML models.FL is a decentralisedmachine learning(ML)technique that enables numerous edge devices to train a standard model while retaining data locally collectively.The article intends to thoroughly discuss the architecture and challenges associated with the increasing prevalence of SL in the IoV domain,coupled with FL and TinyML.The approach starts with the IoV learning framework,which includes edge computing,FL,SL,and TinyML,and then proceeds to discuss how these technologies might be integrated.We elucidate the comprehensive operational principles of Federated and split learning by examining and addressingmany challenges.We subsequently examine the integration of SL with FL and various applications of TinyML.Finally,exploring the potential integration of FL and SL with TinyML in the IoV domain is referred to as FSL-TM.It is a superior method for preserving privacy as it conducts model training on individual devices or edge nodes,thereby obviating the necessity for centralised data aggregation,which presents considerable privacy threats.The insights provided aim to help both researchers and practitioners understand the complicated terrain of FL and SL,hence facilitating advancement in this swiftly progressing domain.展开更多
Based on the analysis of the covert channel's working mechanism of the internet control message protocol (ICMP) in internet protocol version 4 (IPv4) and Internet Protocol version 6 (IPv6), the ICMP covert cha...Based on the analysis of the covert channel's working mechanism of the internet control message protocol (ICMP) in internet protocol version 4 (IPv4) and Internet Protocol version 6 (IPv6), the ICMP covert channd's algorithms of the IPv4 and IPv6 are presented, which enable automatic channeling upon IPv4/v6 nodes with non-IPv4-compatible address, and the key transmission is achieved by using this channel in the embedded Internet terminal. The result shows that the covert channel's algorithm, which we implemented if, set correct, the messages of this covert channel might go through the gateway and enter the local area network.展开更多
文摘This paper evaluates the performance of Internet Protocol Security (IPSec) based Multiprotocol Label Switching (MPLS) virtual private network (VPN) in a small to medium sized organization. The demand for security in data networks has been increasing owing to the high cyber attacks and potential risks associated with networks spread over distant geographical locations. The MPLS networks ride on the public network backbone that is porous and highly susceptible to attacks and so the need for reliable security mechanisms to be part of the deployment plan. The evaluation criteria concentrated on Voice over Internet Protocol (VoIP) and Video conferencing with keen interest in jitter, end to end delivery and general data flow. This study used both structured questionnaire and observation methods. The structured questionnaire was administered to a group of 70 VPN users in a company. This provided the study with precise responses. The observation method was used in data simulations using OPNET Version 14.5 Simulation software. The results show that the IPSec features increase the size of data packets by approximately 9.98% translating into approximately 90.02% effectiveness. The tests showed that the performance metrics are all well within the recommended standards. The IPSec Based MPLS Virtual private network is more stable and secure than one without IPSec.
文摘The Internet of Healthcare Things(IoHT)marks a significant breakthrough in modern medicine by enabling a new era of healthcare services.IoHT supports real-time,continuous,and personalized monitoring of patients’health conditions.However,the security of sensitive data exchanged within IoHT remains a major concern,as the widespread connectivity and wireless nature of these systems expose them to various vulnerabilities.Potential threats include unauthorized access,device compromise,data breaches,and data alteration,all of which may compromise the confidentiality and integrity of patient information.In this paper,we provide an in-depth security analysis of LAP-IoHT,an authentication scheme designed to ensure secure communication in Internet of Healthcare Things environments.This analysis reveals several vulnerabilities in the LAP-IoHT protocol,namely its inability to resist various attacks,including user impersonation and privileged insider threats.To address these issues,we introduce LSAP-IoHT,a secure and lightweight authentication protocol for the Internet of Healthcare Things(IoHT).This protocol leverages Elliptic Curve Cryptography(ECC),Physical Unclonable Functions(PUFs),and Three-Factor Authentication(3FA).Its security is validated through both informal analysis and formal verification using the Scyther tool and the Real-Or-Random(ROR)model.The results demonstrate strong resistance against man-in-the-middle(MITM)attacks,replay attacks,identity spoofing,stolen smart device attacks,and insider threats,while maintaining low computational and communication costs.
基金supported by the Deanship of Graduate Studies and Scientific Research at Qassim University via Grant No.(QU-APC-2025).
文摘The Internet of Things (IoT) and edge-assisted networking infrastructures are capable of bringing data processing and accessibility services locally at the respective edge rather than at a centralized module. These infrastructures are very effective in providing a fast response to the respective queries of the requesting modules, but their distributed nature has introduced other problems such as security and privacy. To address these problems, various security-assisted communication mechanisms have been developed to safeguard every active module, i.e., devices and edges, from every possible vulnerability in the IoT. However, these methodologies have neglected one of the critical issues, which is the prediction of fraudulent devices, i.e., adversaries, preferably as early as possible in the IoT. In this paper, a hybrid communication mechanism is presented where the Hidden Markov Model (HMM) predicts the legitimacy of the requesting device (both source and destination), and the Advanced Encryption Standard (AES) safeguards the reliability of the transmitted data over a shared communication medium, preferably through a secret shared key, i.e., , and timestamp information. A device becomes trusted if it has passed both evaluation levels, i.e., HMM and message decryption, within a stipulated time interval. The proposed hybrid, along with existing state-of-the-art approaches, has been simulated in the realistic environment of the IoT to verify the security measures. These evaluations were carried out in the presence of intruders capable of launching various attacks simultaneously, such as man-in-the-middle, device impersonations, and masquerading attacks. Moreover, the proposed approach has been proven to be more effective than existing state-of-the-art approaches due to its exceptional performance in communication, processing, and storage overheads, i.e., 13%, 19%, and 16%, respectively. Finally, the proposed hybrid approach is pruned against well-known security attacks in the IoT.
基金This work was supported by National Natural Science Foundation of China(No.61821001)Science and Tech-nology Key Project of Guangdong Province,China(2019B010157001).
文摘Internet of Vehicles(IoV)is an evolution of the Internet of Things(IoT)to improve the capabilities of vehicular ad-hoc networks(VANETs)in intelligence transport systems.The network topology in IoV paradigm is highly dynamic.Clustering is one of the promising solutions to maintain the route stability in the dynamic network.However,existing algorithms consume a considerable amount of time in the cluster head(CH)selection process.Thus,this study proposes a mobility aware dynamic clustering-based routing(MADCR)protocol in IoV to maximize the lifespan of networks and reduce the end-to-end delay of vehicles.The MADCR protocol consists of cluster formation and CH selection processes.A cluster is formed on the basis of Euclidean distance.The CH is then chosen using the mayfly optimization algorithm(MOA).The CH subsequently receives vehicle data and forwards such data to the Road Side Unit(RSU).The performance of the MADCR protocol is compared with that ofAnt Colony Optimization(ACO),Comprehensive Learning Particle Swarm Optimization(CLPSO),and Clustering Algorithm for Internet of Vehicles based on Dragonfly Optimizer(CAVDO).The proposed MADCR protocol decreases the end-toend delay by 5–80 ms and increases the packet delivery ratio by 5%–15%.
文摘In order to incorporate smart elements into distribution networks at ITELCA laboratories in Bogotá-Colombia, a Machine-to-Machine-based solution has been developed. This solution aids in the process of low-cost electrical fault location, which contributes to improving quality of service, particularly by shortening interruption time spans in mid-voltage grids. The implementation makes use of MQTT protocol with an intensive use of Internet of things (IoT) environment which guarantees the following properties within the automation process: Advanced reports and statistics, remote command execution on one or more units (groups of units), detailed monitoring of remote units and custom alarm mechanism and firmware upgrade on one or more units (groups of units). This kind of implementation is the first one in Colombia and it is able to automatically recover from an N-1 fault.
文摘This study focuses on testing and quality measurement and analysis of VoIPv6 performance. A client, server codes were developed using FreeBSD. This is a step before analyzing the Architectures of VoIPv6 in the current internet in order for it to cope with IPv6 traffic transmission requirements in general and specifically voice traffic, which is being attracting the efforts of research, bodes currently. These tests were conducted in the application level without looking into the network level of the network. VoIPv6 performance tests were conducted in the current tunneled and native IPv6 aiming for better end-to-end VoIPv6 performance. The results obtained in this study were shown in deferent codec's for different bit rates in Kilo bits per second, which act as an indicator for the better performance of G.711 compared with the rest of the tested codes.
基金supported by the National Natural Science Foundation of China (Nos.60702006,60736002,60837004,60736036,60932004and61001121)the MOST International Cooperation Program(No.2008DFA11670)+1 种基金the 111 Project(No.B07005)the project funded by State Key Laboratory of AOCSN,China
文摘A novel Wireless Fidelity (WiFi) over fiber link and a wavelength assignment protocol are proposed to provide sufficient bandwidth and extensive coverage range for the various applications in the Internet of Things (IoT).The performance of the WiFi over fiber-based wireless IoT network is evaluated in terms of error vector magnitude (EVM) and data throughput for both the up and down links between the WiFi central control system and remote radio units (RRUs).The experimental results illustrate the reliability of the fiber transmission of 64 Quadrature Amplitude Modulation (64QAM) WiFi signals by direct analog modulation.In order to efficiently utilize the wavelength resources,we also demonstrated the wavelength assignment protocol by employing optical switching configurations in Central Station (CS) to realize the wavelength switching,and the simulation results indicate the queuing size and the corresponding queue delay for different numbers of available wavelengths.
基金Supported by the National Natural Science Foundation of China (60373087,60473023)
文摘Internet voting protocols is the base of the Internet voting systems. In this paper a new practical Internet voting protocol is introduced. The proposed Internet voting protocol does not apply the strong physical assumptions and has the properties of privacy, completeness, soundness, fairness, invariableness, and universal verifiability, receipt-free and coercion-resistant. At the same time it solves some problems in other internet voting protocols and the verification progress of universal verifiability is simple and efficient.
基金supported by the General Program of the National Natural Science Foundation of China under Grant No.62172093the National Key R&D Program of China under Grant No.2018YFB1800602+1 种基金2019 Industrial Internet Innovation and Development Project,Ministry of Industry and Information Technology(MIIT)under Grant No.6709010003Ministry of Education-China Mobile Research Fund under Grant No.MCM20180506。
文摘As an essential function of encrypted Internet traffic analysis,encrypted traffic service classification can support both coarse-grained network service traffic management and security supervision.However,the traditional plaintext-based Deep Packet Inspection(DPI)method cannot be applied to such a classification.Moreover,machine learning-based existing methods encounter two problems during feature selection:complex feature overcost processing and Transport Layer Security(TLS)version discrepancy.In this paper,we consider differences between encryption network protocol stacks and propose a composite deep learning-based method in multiprotocol environments using a sliding multiple Protocol Data Unit(multiPDU)length sequence as features by fully utilizing the Markov property in a multiPDU length sequence and maintaining suitability with a TLS-1.3 environment.Control experiments show that both Length-Sensitive(LS)composite deep learning model using a capsule neural network and LS-long short time memory achieve satisfactory effectiveness in F1-score and performance.Owing to faster feature extraction,our method is suitable for actual network environments and superior to state-of-the-art methods.
基金This research was supported by X-mind Corps program of National Research Foundation of Korea(NRF)funded by the Ministry of Science,ICT(No.2019H1D8A1105622)the Soonchunhyang University Research Fund.
文摘Energy conservation is a significant task in the Internet of Things(IoT)because IoT involves highly resource-constrained devices.Clustering is an effective technique for saving energy by reducing duplicate data.In a clustering protocol,the selection of a cluster head(CH)plays a key role in prolonging the lifetime of a network.However,most cluster-based protocols,including routing protocols for low-power and lossy networks(RPLs),have used fuzzy logic and probabilistic approaches to select the CH node.Consequently,early battery depletion is produced near the sink.To overcome this issue,a lion optimization algorithm(LOA)for selecting CH in RPL is proposed in this study.LOA-RPL comprises three processes:cluster formation,CH selection,and route establishment.A cluster is formed using the Euclidean distance.CH selection is performed using LOA.Route establishment is implemented using residual energy information.An extensive simulation is conducted in the network simulator ns-3 on various parameters,such as network lifetime,power consumption,packet delivery ratio(PDR),and throughput.The performance of LOA-RPL is also compared with those of RPL,fuzzy rule-based energyefficient clustering and immune-inspired routing(FEEC-IIR),and the routing scheme for IoT that uses shuffled frog-leaping optimization algorithm(RISARPL).The performance evaluation metrics used in this study are network lifetime,power consumption,PDR,and throughput.The proposed LOARPL increases network lifetime by 20%and PDR by 5%–10%compared with RPL,FEEC-IIR,and RISA-RPL.LOA-RPL is also highly energy-efficient compared with other similar routing protocols.
基金This research was supported by National Natural Science Foundation of China(Grant Nos.61972048,62072051).
文摘The Internet Control Message Protocol(ICMP)covert tunnel refers to a network attack that encapsulates malicious data in the data part of the ICMP protocol for transmission.Its concealment is stronger and it is not easy to be discovered.Most detection methods are detecting the existence of channels instead of clarifying specific attack intentions.In this paper,we propose an ICMP covert tunnel attack intent detection framework ICMPTend,which includes five steps:data collection,feature dictionary construction,data preprocessing,model construction,and attack intent prediction.ICMPTend can detect a variety of attack intentions,such as shell attacks,sensitive directory access,communication protocol traffic theft,filling tunnel reserved words,and other common network attacks.We extract features from five types of attack intent found in ICMP channels.We build a multi-dimensional dictionary of malicious features,including shell attacks,sensitive directory access,communication protocol traffic theft,filling tunnel reserved words,and other common network attack keywords.For the high-dimensional and independent characteristics of ICMP traffic,we use a support vector machine(SVM)as a multi-class classifier.The experimental results show that the average accuracy of ICMPTend is 92%,training ICMPTend only takes 55 s,and the prediction time is only 2 s,which can effectively identify the attack intention of ICMP.
基金The authors extend their appreciation to the Deanship of Scientific Research at King Khalid University for funding this work under grant number(RGP 2/25/42),Received by Fahd N.Al-Wesabi.www.kku.edu.sa.This research was funded by the Deanship of Scientific Research at Princess Nourah bint Abdulrahman University through the Fast-track Research Funding Program.
文摘With recent advances made in Internet of Vehicles(IoV)and Cloud Computing(CC),the Intelligent Transportation Systems(ITS)find it advantageous in terms of improvement in quality and interactivity of urban transportation service,mitigation of costs incurred,reduction in resource utilization,and improvement in traffic management capabilities.Many trafficrelated problems in future smart cities can be sorted out with the incorporation of IoV in transportation.IoV communication enables the collection and distribution of real-time essential data regarding road network condition.In this scenario,energy-efficient and reliable intercommunication routes are essential among vehicular nodes in sustainable urban computing.With this motivation,the current research article presents a new Artificial Intelligence-based Energy Efficient Clustering with Routing(AI-EECR)Protocol for IoV in urban computing.The proposed AI-EECR protocol operates under three stages namely,network initialization,Cluster Head(CH)selection,and routing protocol.The presented AI-EECR protocol determines the CHs from vehicles with the help of Quantum Chemical Reaction Optimization(QCRO)algorithm.QCROalgorithmderives a fitness function with the help of vehicle speed,trust level,and energy level of the vehicle.In order to make appropriate routing decisions,a set of relay nodeswas selected usingGroup Teaching Optimization Algorithm(GTOA).The performance of the presented AI-EECR model,in terms of energy efficiency,was validated against different aspects and a brief comparative analysis was conducted.The experimental outcomes established that AI-EECR model outperformed the existing methods under different measures.
基金Supported by Shaanxi Province Education Science"13th Five-Year"Planning Topic:Drama Teaching Method in Application of Research of Psychological Education of Primary School students,No.SGH17H472Research Team Cultivation Project of Xi'an Eurasia University:Regional Children’s Psychological Development Research,No.2021XJTD.
文摘BACKGROUND The coronavirus disease 2019(COVID-19)pandemic has been an emotionally challenging time,especially for young adults.It is associated with a substantial increase in the prevalence of mental health problems,negative symptoms,and stressful experiences that compromise well-being.In low-income countries,internet-delivered psychological services could have a remarkable impact on the population’s mental health,given the lack of mental health professionals.AIM To investigate the efficacy of internet-delivered cognitive-behavior therapy(CBT)-transdiagnostic intervention for adults with emotional disorders.METHODS In this internet-delivered randomized controlled trial,102 students with an emotional disorder(mean age=28.20 years,standard deviation=5.07)were randomly allocated to receive unified protocol(UP)(n=51)or treatment as the usual intervention.Following a semi-structured clinical interview,participants completed an online survey including the Overall Anxiety Severity and Impairment Scale,Overall Depression Severity and Impairment Scale,Difficulties in Emotion Regulation Scale,Positive and Negative Affect Schedule,and Emotional Style Questionnaire.RESULTS The participants showed a high degree of adherence.In total,78%(n=40)of the experimental group participants completed the UP treatment.Considering the intention to treat procedure,the results of the analysis of covariance indicated that participants who received UP showed statistically significant changes in depression symptoms[Cohen’s d=-1.50 with 95%confidence interval(CI):-1.90 to-1.10],anxiety(Cohen’s d=-1.06 with 95%CI:-1.48 to-0.65),difficulties with emotion regulation(Cohen’s d=-0.33 with 95%CI:-0.7 to-0.06),positive affect(Cohen's d=1.27 with 95%CI:0.85 to 1.68),negative affect(Cohen’s d=-1.04 with 95%CI:-1.46 to-0.63),and healthy emotionality(Cohen’s d=0.53 with 95%CI:0.09 to 0.13)compared with the control group.CONCLUSION This study’s findings highlight the potential value of transdiagnostic internet-delivered programs for young adults with an emotional disorder during the COVID-19 pandemic,and expand the research examining emotional well-being improvements resulting from CBT-transdiagnostic interventions.The findings suggest that UP,which generally concentrates on reducing negative effects,can increase positive effects.
文摘This paper illustrates the development of Internet Protocol Television (IPTV) and its implication for education. IPTV is a new type of educational technology that provides digital content (text, graphic, audio and video) which users watch as television broadcasting on the Internet. With the capabilities of IPTV that could be used for educational purpose. Therefore, the IPTV project’s (Suan Dusit Internet Broadcasting: SDIB) aim has been to develop into a platform that increase educational opportunities that support distant education. The IPTV system was designed to broadcast in four channels (kids, video on demand, variety and radio). More than seven hundred program are being transmitted both trough live and video on demand streams via computer, set top boxes and mobile devices. The IPTV system has been implemented and used in 80 pilot schools. The data of an evaluation of the IPTV system was collected from questionnaires and interviews. The results indicated that IPTV users were highly satisfied with the contents, set top boxes, LCD television, and overall IPTV systems.
文摘The Internet of Things(IoT)is where almost anything can be controlled and managed remotely by means of sensors.Although the IoT evolution led to quality of life enhancement,many of its devices are insecure.The lack of robust key management systems,efficient identity authentication,low fault tolerance,and many other issues lead to IoT devices being easily targeted by attackers.In this paper we propose a new authentication protocol called Authenblue that improve the authentication process of IoT devices and Coordinators of Personal Area Network(CPANs)in an Industrial IoT(IIoT)environment.This study proposed Authenblue protocol as a new Blockchainbased authentication protocol.To enhance the authentication process and make it more secure,Authenblue modified the way of generating IIoT identifiers and the shared secret keys used by the IIoT devices to raise the efficiency of the authentication protocol.Authenblue enhance the authentication protocol that other models rely on by enhancing the approach used to generate the User Identifier(UI).The UI values changed from being static values,sensors MAC addresses,to be generated values in the inception phase.This approach makes the process of renewing the sensor keys more secure by renewing their UI values instead of changing the secret key.In this study,Authenblue has been simulated in the Network Simulator 3(NS3).Simulation results show an improved performance compared to the related work.
文摘The performance of Wireless Sensor Networks(WSNs)is an important fragment of the Internet of Things(IoT),where the current WSNbuilt IoT network’s sensor hubs are enticing due to their critical resources.By grouping hubs,a clustering convention offers a useful solution for ensuring energy-saving of hubs andHybridMedia Access Control(HMAC)during the course of the organization.Nevertheless,current grouping standards suffer from issues with the grouping structure that impacts the exhibition of these conventions negatively.In this investigation,we recommend an Improved Energy-Proficient Algorithm(IEPA)for HMAC throughout the lifetime of the WSN-based IoT.Three consecutive segments are suggested.For the covering of adjusted clusters,an ideal number of clusters is determined first.Then,fair static clusters are shaped,based on an updated calculation for fluffy cluster heads,to reduce and adapt the energy use of the sensor hubs.Cluster heads(CHs)are,ultimately,selected in optimal locations,with the pivot of the cluster heads working among cluster members.Specifically,the proposed convention diminishes and balances the energy utilization of hubs by improving the grouping structure,where the IEPAis reasonable for systems that need a long time.The assessment results demonstrate that the IEPA performs better than existing conventions.
文摘Message structure reconstruction is a critical task in protocol reverse engineering,aiming to recover protocol field structures without access to source code.It enables important applications in network security,including malware analysis and protocol fuzzing.However,existing methods suffer from inaccurate field boundary delineation and lack hierarchical relationship recovery,resulting in imprecise and incomplete reconstructions.In this paper,we propose ProRE,a novel method for reconstructing protocol field structures based on program execution slice embedding.ProRE extracts code slices from protocol parsing at runtime,converts them into embedding vectors using a data flow-sensitive assembly language model,and performs hierarchical clustering to recover complete protocol field structures.Evaluation on two datasets containing 12 protocols shows that ProRE achieves an average F1 score of 0.85 and a cophenetic correlation coefficient of 0.189,improving by 19%and 0.126%respectively over state-of-the-art methods(including BinPRE,Tupni,Netlifter,and QwQ-32B-preview),demonstrating significant superiority in both accuracy and completeness of field structure recovery.Case studies further validate the effectiveness of ProRE in practical malware analysis scenarios.
基金funded in part by the Supported by Natural Science Foundation of Inner Mongolia Autonomous Region of China under Grants 2024QN06022 and 2023QN06008in part by the First-Class Discipline Research Special Project under Grant YLXKZX-NGD-015in part by the Inner Mongolia University of Technology Scientific Research Start-Up Project under Grant BS2024067.
文摘Blockchain offers a promising solution to the security challenges faced by the Internet of Vehicles(IoV).However,due to the dynamic connectivity of IoV,blockchain based on a single-chain structure or Directed Acyclic Graph(DAG)structure often suffer from performance limitations.The DAG lattice structure is a novel blockchain model in which each node maintains its own account chain,and only the node itself is allowed to update it.This feature makes the DAG lattice structure particularly suitable for addressing the challenges in dynamically connected IoV environment.In this paper,we propose a blockchain architecture based on the DAG lattice structure,specifically designed for dynamically connected IoV.In the proposed system,nodes must obtain authorization from a trusted authority before joining,forming a permissioned blockchain.Each node is assigned an individual account chain,allowing vehicles with limited storage capacity to participate in the blockchain by storing transactions only from nearby vehicles’account chains.Every transmitted message is treated as a transaction and added to the blockchain,enablingmore efficient data transmission in a dynamic network environment.Areputation-based incentivemechanism is introduced to encourage nodes to behave normally.Experimental results demonstrate that the proposed architecture achieves better performance compared with traditional single-chain and DAG-based approaches in terms of average transmission delay and storage cost.
文摘The Internet of Vehicles,or IoV,is expected to lessen pollution,ease traffic,and increase road safety.IoV entities’interconnectedness,however,raises the possibility of cyberattacks,which can have detrimental effects.IoV systems typically send massive volumes of raw data to central servers,which may raise privacy issues.Additionally,model training on IoV devices with limited resources normally leads to slower training times and reduced service quality.We discuss a privacy-preserving Federated Split Learning with Tiny Machine Learning(TinyML)approach,which operates on IoV edge devices without sharing sensitive raw data.Specifically,we focus on integrating split learning(SL)with federated learning(FL)and TinyML models.FL is a decentralisedmachine learning(ML)technique that enables numerous edge devices to train a standard model while retaining data locally collectively.The article intends to thoroughly discuss the architecture and challenges associated with the increasing prevalence of SL in the IoV domain,coupled with FL and TinyML.The approach starts with the IoV learning framework,which includes edge computing,FL,SL,and TinyML,and then proceeds to discuss how these technologies might be integrated.We elucidate the comprehensive operational principles of Federated and split learning by examining and addressingmany challenges.We subsequently examine the integration of SL with FL and various applications of TinyML.Finally,exploring the potential integration of FL and SL with TinyML in the IoV domain is referred to as FSL-TM.It is a superior method for preserving privacy as it conducts model training on individual devices or edge nodes,thereby obviating the necessity for centralised data aggregation,which presents considerable privacy threats.The insights provided aim to help both researchers and practitioners understand the complicated terrain of FL and SL,hence facilitating advancement in this swiftly progressing domain.
基金Supported by the National Natural Science Foun-dation of China (90104005 ,66973034)
文摘Based on the analysis of the covert channel's working mechanism of the internet control message protocol (ICMP) in internet protocol version 4 (IPv4) and Internet Protocol version 6 (IPv6), the ICMP covert channd's algorithms of the IPv4 and IPv6 are presented, which enable automatic channeling upon IPv4/v6 nodes with non-IPv4-compatible address, and the key transmission is achieved by using this channel in the embedded Internet terminal. The result shows that the covert channel's algorithm, which we implemented if, set correct, the messages of this covert channel might go through the gateway and enter the local area network.
