Ugo Fiore

A distributed approach to network anomaly detection based on independent component analysis

Network anomalies, circumstances in which the network behavior deviates from its normal operational baseline, can be due to various factors such as network overload conditions, malicious/hostile activities, denial of service attacks, and network intrusions. New detection schemes based on machine learning principles are therefore desirable as they can learn the nature of normal traffic behavior and autonomously adapt to variations in the structure of ‘normality’ as well as recognize the significant deviations as suspicious or anomalous events. The main advantages of these techniques are that, in principle, they are not restricted to any specific environment and that they can provide a way of detecting unknown attacks. Detection performance is directly correlated with the traffic model quality, in terms of ability of representing the traffic behavior from its most characterizing internal dynamics. Starting from these ideas, we developed a two‐stage anomaly detection strategy based on multiple distributed sensors located throughout the network. By using Independent Component Analysis, the first step, modeled as a Blind Source Separation problem, extracts the fundamental traffic components (the ‘source’ signals), corresponding to the independent traffic dynamics, from the multidimensional time series incoming from the sensors, corresponding to the perceived ‘mixed/aggregate’ effect of traffic on their interfaces. These components will be used to build the baseline traffic profiles needed in the second supervised phase, based on a binary classification scheme (detection is casted into an anomalous/normal classification problem) driven by machine learning‐inferred decision trees. Copyright

Energy-Aware RWA for WDM Networks with Dual Power Sources

Energy consumption and the concomitant Green House Gases (GHG) emissions of network infrastructures are becoming major issues in the Information and Communication Society (ICS). Current optical network infrastructures (routers, switches, line cards, signal regenerators, optical amplifiers, etc.) have reached huge bandwidth capacity but the development has not been compensated adequately as for their energy consumption. Renewable energy sources (e.g. solar, wind, tide, etc.) are emerging as a promising solution both to achieve drastically reduction in GHG emissions and to cope with the growing power requirements of network infrastructures. The main contribution of this paper is the formulation and the comparison of several energy-aware static routing and wavelength assignment (RWA) strategies for wavelength division multiplexed (WDM) networks where optical devices can be powered either by renewable or legacy energy sources. The objectives of such formulations are the minimization of either the GHG emissions or the overall network power consumption. The solutions of all these formulations, based on integer linear programming (ILP), have been observed to obtain a complete perspective and estimate a lower bound for the energy consumption and the GHG emissions attainable through any feasible dynamic energy-aware RWA strategy and hence can be considered as a reference for evaluating optimal energy consumption and GHG emissions within the RWA context. Optimal results of the ILP formulations show remarkable savings both on the overall power consumption and on the GHG emissions with just 25% of green energy sources.

Towards an energy-aware Internet: modeling a cross-layer optimization approach

The containment of power consumption and the use of alternative green sources of energy are the new main goals of telecommunication operators, to cope with the rising energy costs, the increasingly rigid environmental standards, and the growing power requirements of modern high-performance networking devices. To address these challenges, we envision the necessity of introducing energy-efficiency and energy-awareness in the design, configuration and management of networks, and specifically in the design and implementation of enhanced control-plane protocols to be used in next generation networks. Accordingly, we focus on research and industrial challenges that foster new developments to decrease the carbon footprint while leveraging the capacities of highly dynamic, ultra-high-speed, networking. We critically discuss current approaches, research trends and technological innovations for the coming green era and we outline future perspectives towards new energy-oriented network planning, protocols and algorithms. We also combine all the above elements into a comprehensive energy-oriented network model within the context of a general constrained routing and wavelength assignment problem framework, and analyze and quantify through ILP formulations the savings that can be attained on the next generation networks.

Analyzing local strategies for energy-efficient networking

Power management strategies that allow network infrastructures to achieve advanced functionalities with limited energy budget are expected to induce significant cost savings and positive effects on the environment, reducing Green House Gases (GHG) emissions. Power consumption can be drastically reduced on individual network elements by temporarily switching off or downclocking unloaded interfaces and line cards. At the state-of-the-art, Adaptive Link Rate (ALR) and Low Power Idle (LPI) are the most effective local-level techniques for lowering power demands during low utilization periods. In this paper, by modeling and analyzing in detail the aforementioned local strategies, we point out that the energy consumption does not depend on the data being transmitted but only depends on the interface link rate, and hence is throughput-independent. In particular, faster interfaces require lower energy per bit than slower interfaces, although, with ALR, slower interfaces require less energy per throughput than faster interfaces. We also note that for current technologies the energy/bit is the same both at 1 Gbps and 10 Gbps, meaning that the increase in the link rate has not been compensated at the same pace by a decrease in the energy consumption.

An energy-aware dynamic RWA framework for next-generation wavelength-routed networks

Power demand in networking equipment is expected to become a main limiting factor and hence a fundamental challenge to ensure bandwidth scaling in the next generation Internet. Environmental effects of human activities, such as CO2 emissions and the consequent global warming have risen as one of the major issue for the ICT sector and for the society. Therefore, it is not surprising that telecom operators are devoting much of their efforts to the reduction of energy consumption and of the related CO2 emissions of their network infrastructures. In this work, we present a novel integrated routing and wavelength assignment framework that, while addressing the traditional network management objectives, introduces energy-awareness in its decision process to contain the power consumption of the underlying network infrastructure and make use of green energy sources wherever possible. This approach results in direct power, cost and CO2 emissions savings in the short term, as demonstrated by our extensive simulation studies.

Evaluating Network-Based DoS Attacks under the Energy Consumption Perspective: New Security Issues in the Coming Green ICT Area

In the green Information and Communication Society (ICS), new form of Denial of Service (DoS) attacks may be put in place: exploiting the computational and storage resources of datacenters with the aim of consuming as much energy as possible, causing detrimental effects, from high costs in the energy bill, to penalization for exceeding the agreed quantity of CO2 emissions, up to complete denial of service due to power outages. To the best of our knowledge, this is the first paper which investigates the impacts of network-based DoS attacks under the energy consumption perspective. We analyzed different types of such attacks with their impacts on the energy consumption, and showed that current energy-aware technologies may provide attackers with great opportunities for raising the target facility energy consumption and consequently its green house gases (GHG) emissions and costs.

Modeling energy-efficient secure communications in multi-mode wireless mobile devices

Mobile terminals support multiple and heterogeneous communication technologies.We study energy-related dynamics of secure communications among mobile terminals.We formulate an energy model which considers communication and security activities.The model is useful to minimize the overall energy consumption of involved terminals.The model has been validated through simulation. Despite the wide deployment of advanced wireless coverage infrastructures, finding the best way for achieving secure mobile communication in every-days life activities is still an open question. Indeed, a large number of mobile terminals, supporting multiple networking technologies, may be used to manage data from everywhere and at anytime. However, the effort required for achieving security, given the complexity of cryptographic algorithms, heavily affects the power consumption of terminals. Such energy demand, together with the one required to manage communication activities, makes energy-efficient secure communication among hardware-constrained handheld devices a challenging topic.In this work, we introduce an analytic energy model for secure communication among multi-mode terminals. This model describes the energy consumption of mobile terminals operating within a dynamic network scenario, considering both their interconnection and secure data exchange issues, in order to develop adaptive strategies for energy-efficient secure communications. Finally, the model has been validated through simulation.

Energy-oriented denial of service attacks: an emerging menace for large cloud infrastructures

This work analyzes a new and very subtle kind of security threat that can affect large-scale cloud-based IT service infrastructures, by exploiting the computational resources of their component data center to waste as much energy as possible. The consequence of these threats ranges from increased costs in the energy bill, to penalization for exceeding the agreed quantity of greenhouse gases (GHG) emissions, up to complete denial of service caused by electrical outages due to power budget exhaustion. We analyzed different types of such attacks with their potential impacts on the energy consumption, modeled their behavior and quantified how current energy-proportional technologies may provide attackers with great opportunities for raising the target facility emissions and costs. These efforts resulted in a simple model with some parametric reference values that can be used to estimate the impact of such attacks also in presence of very large infrastructures containing thousands or millions of servers.

Automatic security assessment for next generation wireless mobile networks

Wireless networks are more and more popular in our life, but their increasing pervasiveness and widespread coverage raises serious security concerns. Mobile client devices potentially migrate, usually passing through very light access control policies, between numerous and heterogeneous wireless environments, bringing with them software vulnerabilities as well as possibly malicious code. To cope with these new security threats the paper proposes a new active third party authentication, authorization and security assessment strategy in which, once a device enters a new Wi-Fi environment, it is subjected to analysis by the infrastructure, and if it is found to be dangerously insecure, it is immediately taken out from the network and denied further access until its vulnerabilities have been fixed. The security assessment module, that is the fundamental component of the aforementioned strategy, takes advantage from a reliable knowledge base containing semantically-rich information about the mobile node under examination, dynamically provided by network mapping and configuration assessment facilities. It implements a fully automatic security analysis framework, based on AHP, which has been conceived to be flexible and customizable, to provide automated support for real-time execution of complex security/risk evaluation tasks which depends on the results obtained from different kind of analysis tools and methodologies. Encouraging results have been achieved utilizing a proof-of-concept model based on current technology and standard open-source networking tools.

Providing true end-to-end security in converged voice over IP infrastructures

Voice over Internet Protocol (VoIP) is the future for voice communication and, by using a unique IP infrastructure as the common transport platform, it brings invaluable benefits such as deployment cost reduction, ease of management, ubiquitous coverage and convergence of data and voice together. On the other side, VoIP introduces new security vulnerabilities, since it comes with completely different operational and security settings than the old telephone network: the physical location of clients is not fixed and great flexibility is required to provide enhanced mobile services. Furthermore, the integration with wireless LANs, with their inherent security weaknesses, introduces the need of new security features: the payloads of voice packets should be protected during conversations and no-replay as well as user authentication must be ensured on and end-to-end basis. The above concerns are actually the major barrier that may prevent the wide deployment of VoIP technologies, and coping with them is a truly challenging task. Consequently, we developed a novel hybrid framework for enhanced end-to-end security in the new generation SIP-empowered VoIP environments, based on the introduction of proven technologies such as digital signatures and efficient streamline encryption to enforce calling party identification, privacy, no-replay and non-repudiation throughout the whole IP Telephony system. All the security mechanisms used have been carefully chosen so that no systematic method is known to break the framework in realistic times and the overall voice quality will not be affected.