Omar Abdel Wahab

VANET QoS-OLSR: QoS-based clustering protocol for Vehicular Ad hoc Networks

In this paper, we address the problem of clustering in Vehicular Ad hoc Networks (VANETs) using Quality of Service Optimized Link State Routing (QoS-OLSR) protocol. Several clustering algorithms have been proposed for VANET and MANET. However, the mobility-based algorithms ignore the Quality of Service requirements that are important for VANET safety, emergency, and multimedia services while the QoS-based algorithms ignore the high speed mobility constraints since they are dedicated for Mobile Ad hoc Networks (MANETs). Our solution is a new QoS-based clustering algorithm that considers a tradeoff between QoS requirements and high speed mobility constraints. The goal is to form stable clusters and maintain the stability during communications and link failures while satisfying the Quality of Service requirements. This is achieved by: (1) considering the high mobility metrics while computing the QoS, (2) using Ant Colony Optimization for MPRs selection, and (3) using MPR recovery algorithm able to select alternatives and keep the network connected in case of link failures. Performance analysis and simulation results show that the proposed model can maintain the network stability, reduce the end-to-end delay, increase the packet delivery ratio, and reduce the communications overhead.

A Dempster---Shafer Based Tit-for-Tat Strategy to Regulate the Cooperation in VANET Using QoS-OLSR Protocol

In this paper, we address the problem of cooperation among vehicles in VANET using QoS-OLSR protocol in the presence of selfish nodes. QoS-OLSR is a proactive protocol that considers the Quality of Service (QoS) of the nodes while electing the cluster-heads and selecting the Multi-Point Relay (MPRs) nodes. Cluster-heads and MPRs might misbehave on the roads by over-speeding or under-speeding. Classical and generous Tit-for-Tats are proposed to analyze the interaction among vehicles. However, both strategies are not able to enforce the cooperation due the fact that they (1) count on individual watchdogs monitoring, (2) rely on the node-to-node cooperation decision, (3) and ignore the high mobility and packet collisions. Therefore, we propose a Dempster–Shafer based Tit-for-Tat strategy that is able to improve the decision and regulate the cooperation in the vehicular network. This is done by (1) launching a cooperative watchdogs monitoring, (2) correlating the observations of the different watchdogs using Dempster–Shafer theory, and (3) propagating the decisions among clusters. Thereafter, we compare the Dempster–Shafer based strategy with several strategies derived from the original Tit-for-Tat. Simulation results prove that the Dempster–Shafer based strategy is able to maintain the survivability of the vehicular network in the presence of high mobility and packet collisions with minimal time and overhead.

A Stackelberg game for distributed formation of business-driven services communities

Proposing a distributed community formation model for autonomous Web services.Modeling the community formation as a sequential Stackelberg game model.Deriving the equilibrium points of the game theoretically.Conducting simulation experiments to validate the theoretical derivations.Highlighting the industrial benefits of our model by means of a complete scenario. With the advent of cloud computing and the rapid increase in the number of deployed services, the competition between functionally-similar Web services is increasingly governing the markets of services. For example, Amazon and Google are in an intense competition to dominate the market of cloud-based Web services. Such a highly competitive environment motivates and sometimes obliges services to abandon their pure competitive strategies and adopt a cooperative behavior in order to increase their business opportunities and survive in the market. Several approaches have been advanced in the literature to model the cooperation among Web services in a community-based environment. However, the existing approaches suffer from two main drawbacks that limit their effectiveness in the real-world services market. First, they rely on a centralized architecture wherein a master entity is responsible for regulating the community formation process, which creates a single point of failure. Second, they ignore the business potential of the services and treat all of those services in the same way, which demotivates the participation of the well-positioned ones in such communities. To tackle these problems, we distinguish in this paper between two types of services: leaders and followers. Leaders are those services that enjoy high reputation, market share, and capacity of handling requests; whereas followers are those services that cannot compete against the leaders. Thereafter, we model the community formation problem as a virtual trading market between these two types of services and propose a distributed Stackelberg game for this purpose. Promisingly, the proposed model gives guidance to a cooperative model that can be applied in the real markets of Web services in order to achieve higher performance, efficient services compositions, and better resources utilization. The performance of the model is analyzed using a real-life flight booking dataset that includes 2507 services operating on the Web. Simulation results show that the proposed model is able to increase the satisfaction of Web services in terms of gained payoff and reputation and the satisfaction of users in terms of quality of service provided to their requests compared to the existing models, namely the one-stage game theoretical model and a heuristic model.

CEAP: SVM-based intelligent detection model for clustered vehicular ad hoc networks

Abstract The infrastructureless and decentralized nature of Vehicular Ad Hoc Network (VANET) makes it quite vulnerable to different types of malicious attacks. Detecting such attacks has attracted several contributions in the past few years. Nonetheless, the applicability of the current detection mechanisms in the deployed vehicular networks is hindered by two main challenges imposed by the special characteristics of VANETs. The first challenge is related to the highly mobile nature of vehicles that complicates the processes of monitoring, buffering, and analyzing observations on these vehicles as they are continuously moving and changing their locations. The second challenge is concerned with the limited resources of the vehicles especially in terms of storage space that restricts the vehicles’ capacity of storing a huge amount of observations and applying complex detection mechanisms. To tackle these challenges, we propose a multi-decision intelligent detection model called CEAP that complies with the highly mobile nature of VANET with increased detection rate and minimal overhead. The basic idea is to launch cooperative monitoring between vehicles to build a training dataset that is analyzed by the Support Vector Machine (SVM) learning technique in online and incremental fashions to classify the smart vehicles either cooperative or malicious. To adapt the proposed model to the high mobility, we design it on top of the VANET QoS-OLSR protocol, which is a clustering protocol that maintains the stability of the clusters and prolongs the network’s lifetime by considering the mobility metrics of vehicles during clusters formation. To reduce the overhead of the proposed detection model and make it feasible for the resource-constrained nodes, we reduce the size of the training dataset by (1) restricting the data collection, storage, and analysis to concern only a set of specialized nodes (i.e., Multi-Point Relays) that are responsible for forwarding packets on behalf of their clusters; and (2) migrating only few tuples (i.e., support vectors) from one detection iteration to another. We propose as well a propagation algorithm that disseminates only the final decisions (instead of the whole dataset) among clusters with the aim of reducing the overhead of either exchanging results between each set of vehicles or repeating the detection steps for the already detected malicious vehicles. Simulation results show that our model is able to increase the accuracy of detections, enhance the attack detection rate, decrease the false positive rate, and improve the packet delivery ratio in the presence of high mobility compared to the classical SVM-based, Dempster–Shafer-based, and averaging-based detection techniques.

DARM : a privacy-preserving approach for distributed association rules mining on horizontally-partitioned data

Extracting association rules helps data owners to unveil hidden patterns from their data for the purpose of analyzing and predicting the behavior of their clients. However, mining association rules in a distributed environment is not a trivial task due to privacy concerns. Data owners are interested in collaborating with each other to mine association rules on a global level; however, they are concerned that sensitive information related to the individuals involved in their database might get compromised during the mining process. In this paper, we formulate and address the problem of answering association rules queries in a distributed environment such that the mining process is confidential and the results are differentially private. We propose a privacy-preserving distributed association rules mining approach, named DARM, where global strong association rules are determined in a confidential way, and the results returned satisfy ε-differential privacy. We conduct our experiments on real-life data, and show that our approach can efficiently answer association rules queries and is scalable with increasing data records.

Optimal Load Distribution for the Detection of VM-based DDoS Attacks in the Cloud

Distributed Denial of Service (DDoS) constitutes a major threat against cloud systems owing to the large financial losses it incurs. This motivated the security research community to investigate numerous detection techniques to limit such attacks effects. Yet, the existing solutions are still not mature enough to satisfy a cloud-dedicated detection systems requirements since they overlook the attackers wily strategies that exploit the clouds elastic and multi-tenant properties, and ignore the cloud systems resources constraints. Motivated by this fact, we propose a two-fold solution that allows, first, the hypervisor to establish credible trust relationships toward guest Virtual Machines (VMs) by considering objective and subjective trust sources and employing Bayesian inference to aggregate them. On top of the trust model, we design a trust-based maximin game between DDoS attackers trying to minimize the cloud systems detection and hypervisor trying to maximize this minimization under limited budget of resources. The game solution guides the hypervisor to determine the optimal detection load distribution among VMs in real-time that maximizes DDoS attacks’ detection. Experimental results reveal that our solution maximizes attacks’ detection, decreases false positives and negatives, and minimizes CPU, memory and bandwidth consumption during DDoS attacks compared to the existing detection load distribution techniques.

Misbehavior Detection Framework for Community-Based Cloud Computing

The success and continuation of cloud computing depends to a large extent on the quality and performance of the offered services. We propose in this paper a novel architecture for cloud computing called Community-based Cloud Computing whose main goal is to improve the quality and performance of the cloud services. In this architecture, cloud services sharing the same domain of interest are partitioned into a set of communities led by a central entity called master. The advantages of such an architecture are (1) facilitating the discovery of cloud services, (2) providing efficient means for better QoS management and resources utilization, and (3) easing intra-layer and cross-layer compositions. However, one of the serious challenges against the success of such an architecture is the presence of malicious services that launch attacks either against the whole community or against some partners in that Community. Therefore, we address this problem by proposing a misbehavior detection framework based on the Support Vector Machine (SVM) learning technique. In this framework, the master of the community monitors the behavior of its community members to populate the training set of the classifier. Thereafter, SVM is used to analyze this set and predict the final classes of the cloud services. Simulation results show that our framework is able to produce highly accurate classifiers, while maximizing the attack detection rate and minimizing the false alarms. They show also that the framework is quite resilient to the increase in the number of malicious services.

I Know You Are Watching Me: Stackelberg-Based Adaptive Intrusion Detection Strategy for Insider Attacks in the Cloud

Insider attacks in which misbehaving Virtual Machines (VMs) take part of the cloud system and learn about its internal vulnerabilities constitute a major threat against cloud resources and infrastructure. This demands setting up continuous and comprehensive security arrangements to restrict the effects of such attacks. However, limited security resources prohibit full detection coverage on all VMs at all times, which can be exploited by attackers to examine the selective detection strategies and adjust their own attack plans accordingly. Motivated by the absence of any approach that accounts for such a challenge in the domain of cloud computing, we propose in this work an adaptive detection strategy that formulates a Stackelberg security game to enable the cloud system to optimally exploit its available amount of security resources to maximize the detection of distributed attacks, knowing that attackers have the ability to monitor the cloud systems strategies and adjust their own attack plans. Experiments carried out on the CloudSim framework reveal that the proposed solution maximizes the detection of distributed attacks and minimizes false negatives and positives compared to a maximin-based detection strategy, while being scalable to the increase in both the number of co-hosted VMs and percentage of co-resident attackers.

A Cooperative Detection Model Based on Artificial Neural Network for VANET QoS-OLSR Protocol

In this paper, we address the problem of detecting misbehaving vehicles in Vehicular Ad-Hoc Network using VANET QoS-OLSR, Quality of Service-Optimized Link State Routing protocol. VANET QoS-OLSR is a clustering protocol that is able to increase the stability of the network while maintaining the QoS requirements. However, in this protocol, vehicles can misbehave either by under-speeding or over- speeding the road speed limits after clusters are formed. Such misbehavior leads to a widely disconnected network, which raises the need for a detection mechanism. The majority of the existing detection mechanisms are non-cooperative in the sense that they are based on unilateral judgments, which may be untrustworthy. Others employ cooperative detection scheme with evidence-based aggregation techniques such as the Dempster-Shafer (DS) which suffers from the (1) instability when observations come from dependent sources and (2) absence of learning mechanism. To overcome these limitations, we propose a cooperative method using Artificial Neural Network (ANN), which is able to (1) aggregate judgments and prevent the unilateral decisions, and (2) benefit from the previous detection experience by continuous learning. Simulation results show that our model improves the detection probability and reduces the false alarms rate.