Boning Feng

Simple Strong Authentication for Internet Applications Using Mobile Phones

This paper describes thoroughly an authentication solution that is adequately strong, user-friendly and cost efficient. The idea is to use the mobile phone and its SIM (subscriber identity module) as an authentication token in the authentication of the user for all Internet applications. The proposed solution is generic and offers authentication for any Internet applications on any devices connected to any networks. It is combining several standard strong authentication schemes like ISIM, generic bootstrapping architecture (GBA) with the innovative SIM strong authentication mechanisms.

Authentication in a Multi-access IMS Environment

The standard ISIM-based authentication mechanism of IMS is only intended for mobile phones and cannot be used for fixed IMS clients on stationary devices without SIM cards. This paper presents the authentication schemes dedicated for fixed IMS clients. Such schemes are necessary in order to extend the usage of IMS to fixed environments. Authentication solutions for other applications than the IMS client are also described. These applications are assumed to be located on the same stationary device as the IMS client, and might for example be browsers, contact lists and email clients. Finally, a single-sign-on mechanism is proposed. It is designed to simplify the authentication process without compromising the security.

Crowdsourcing-Based Disaster Management Using Fog Computing in Internet of Things Paradigm

In internet of things (IoT) paradigm, crowdsourcing is the process of obtaining and analyzing information or input to a particular task or project generated by a number of sources such as sensors, mobile devices, vehicles and human. Cloud computing is widely used for the services such as analyzing crowdsourced data and application implementation over the IoT. Nowadays, every country and human are prone to natural and artificial disasters. Early detection about disasters such as earthquakes, fire, storms, and floods can save thousands of peoples life and effective preventive measure can be taken for the public safety. All the crowdsourced data which are providing the information of a certain geographic region are analyzed in a cloud platform. But, by the time the crowdsourced data makes its way to the cloud for analysis, the opportunity to act on it might be gone. Moreover, thousands of peoples life will be lost. Therefore, fog computing is the new and efficient way to analyze such critical crowdsourced IoT data of disasters. In this paper, in order to detect and take necessary steps for public safety during a disaster, we propose a crowdsourcing-based disaster management using fog computing (CDMFC) model in IoT. Further, we also proposed a data offloading mechanism for our CDMFC model to send disaster-related IoT data to the fog even if a direct link to the fog is not available. Our proposed CDMFC model and its data offloading mechanism can detect real-time disasters and disseminate early information for public safety as compared to the conventional cloud computing based disaster management models.

Performance evaluation of a mesh optical burst switched network with tunable lasers and tunable wavelength converters

This paper evaluates the performance of a mesh optical burst switched (OBS) network that implements tunable lasers and tunable wavelength converters to realize the optical label setting and optical label swapping functions. We define a realistic service evolution scenario and based on that create a realistic future traffic input scenario for the OBS network. Network simulation studies are carried out in slotted operation. The mechanisms that govern the operation of this network are revealed together with a number of design tradeoffs.

Hadoop MapReduce scheduling paradigms

Apache Hadoop is one of the most prominent and early technologies for handling big data. Different scheduling algorithms within the framework of Apache Hadoop were developed in the last decade. In this paper, we attempt to provide a comprehensive overview over the different paradigms for scheduling in Apache Hadoop. The surveyed approaches fall under different categories, namely, Deadline prioritization, Resource prioritization, Job size prioritization, Hybrid approaches and recent trends for improvements upon default schedulers.

Detection of DNS Tunneling in Mobile Networks Using Machine Learning

Lately, costly and threatening DNS tunnels on the mobile networks bypassing the mobile operator’s Policy and Charging Enforcement Function (PCEF), has shown the vulnerability of the mobile networks caused by the Domain Name System (DNS) which calls for protection solutions. Unfortunately there is currently no really adequate solution. This paper proposes to use machine learning techniques in the detection and mitigation of a DNS tunneling in mobile networks. Two machine learning techniques, namely One Class Support Vector Machine (OCSVM) and K-Means are experimented and the results prove that machine learning techniques could yield quite efficient detection solutions. The paper starts with a comprehensive introduction to DNS tunneling in mobile networks. Next the challenges in DNS tunneling detections are reviewed. The main part of the paper is the description of proposed DNS tunneling detection using machine learning.

Strengthening Mobile Network Security Using Machine Learning

Lately, several episodes of tapping and tracking of mobile phones in Europe including Norway have been revealed, showing the vulnerabilities of both the mobile network and mobile phones. A better protection of the user’s confidentiality and privacy is urgently required. This paper will present an innovative mobile network security system using machine learning. The paper will start with a vulnerability and threat analysis of the evolving mobile network, which is a fusion of mobile wireless technologies and Internet technologies, complemented with the Internet of Things. The main part of the paper will concentrate on clarifying how machine learning can help improving mobile network security. The focus will be on elucidating what makes machine learning superior to other techniques. A special case study on the detection of IMSI Catcher, the fake base station that is used in mobile phone tracking and tapping, will be explained.

Identity Federation for Cellular Internet of Things

Although the vision of 5G is to accommodate billions IoT devices and applications, its success depends very much on its ability to provide enhanced and affordable security. This paper introduces an Identity Federation solution which reuses the SIM authentication for cellular IoT devices enabling single-sign-on. The proposed solution alleviates the IoT providers burden of device identity management at the same time as the operational costs are reduced considerably. The proposed solution is realized by open source software for LTE, identity management and IoT.

A Queue Model for Reliable Forecasting of Future CPU Consumption

Statistical queuing models are popular to analyze a computer systems ability to process different types requests. A common strategy is to run stress tests by sending artificial requests to the system. The rate and sizes of the requests are varied to investigate the impact on the computer system. A challenge with such an approach is that we do not know if the artificial requests processes are realistic when the system is applied in a real setting. Motivated by this challenge, we develop a method to estimate the properties of the underlying request processes to the computer system when the system is used in a real setting. In particular we look at the problem of recovering the request patterns to a CPU processor. It turns out that this is a challenging statistical estimation problem since we do not observe the request process (rate and size of the requests) to the CPU directly, but only the average CPU usage in disjoint time intervals. In this paper we demonstrate that, quite astonishingly, we are able to recover the properties of the underlying request process (rate and sizes of the requests) by using specially constructed statistics of the observed CPU data and apply a recently developed statistical framework called Approximate Bayesian Computing. Further we apply the model to forecast future CPU consumption. Our results show that the model forecast future CPU consumption with less error than both the hidden Markov model (HMM) in (Hammer et al. 2016) and an ARIMA model. Another good property of the queue model is that we can forecast the instantaneous CPU consumption at any time point in the future, while the HMM in (Hammer et al. 2016) and time series models are limited to only forecasting the average CPU consumption in disjoint time intervals.

A near real time SMS grey traffic detection

Lately, mobile operators experience threats from SMS grey routes which are used by fraudsters to evade SMS fees and to deny them millions in revenues. But more serious are the threats to the users security and privacy and consequently the operators reputation. Therefore, it is crucial for operators to have adequate solutions to protect both their network and their customers against this kind of fraud. Unfortunately, so far there is no sufficiently efficient countermeasure against grey routes. This paper proposes a near real time SMS grey traffic detection which makes use of Counting Bloom Filters combined with blacklist and whitelist to detect SMS grey traffic on the fly and to block them. The proposed detection has been implemented and proved to be quite efficient. The paper provides also comprehensive explanation of SMS grey routes and the challenges in their detection. The implementation and verification are also described thoroughly.