RESUMO
Cyber competitions are usually team activities, where team performance not only depends on the members' abilities but also on team collaboration. This seems intuitive, especially given that team formation is a well-studied discipline in competitive sports and project management, but unfortunately, team performance and team formation strategies are rarely studied in the context of cybersecurity and cyber competitions. Since cyber competitions are becoming more prevalent and organized, this gap becomes an opportunity to formalize the study of team performance in the context of cyber competitions. This work follows a cross-validating two-approach methodology. The first is the computational modeling of cyber competitions using Agent-Based Modeling. Team members are modeled, in NetLogo, as collaborating agents competing over a network in a red team/blue team match. Members' abilities, team interaction and network properties are parametrized (inputs), and the match score is reported as output. The second approach is grounded in the literature of team performance (not in the context of cyber competitions), where a theoretical framework is built in accordance with the literature. The results of the first approach are used to build a causal inference model using Structural Equation Modeling. Upon comparing the causal inference model to the theoretical model, they showed high resemblance, and this cross-validated both approaches. Two main findings are deduced: first, the body of literature studying teams remains valid and applicable in the context of cyber competitions. Second, coaches and researchers can test new team strategies computationally and achieve precise performance predictions. The targeted gap used methodology and findings which are novel to the study of cyber competitions.
RESUMO
With the proliferation of IoT devices, ensuring the security and privacy of these devices and their associated data has become a critical challenge. In this paper, we propose a federated sampling and lightweight intrusion-detection system for IoT networks that use K-meansfor sampling network traffic and identifying anomalies in a semi-supervised way. The system is designed to preserve data privacy by performing local clustering on each device and sharing only summary statistics with a central aggregator. The proposed system is particularly suitable for resource-constrained IoT devices such as sensors with limited computational and storage capabilities. We evaluate the system's performance using the publicly available NSL-KDD dataset. Our experiments and simulations demonstrate the effectiveness and efficiency of the proposed intrusion-detection system, highlighting the trade-offs between precision and recall when sharing statistics between workers and the coordinator. Notably, our experiments show that the proposed federated IDS can increase the true-positive rate up to 10% when the workers and the coordinator collaborate.
RESUMO
In Body Sensor Networks (BSNs), two types of events should be addressed: periodic and emergency events. Traffic rate is usually low during periodic observation, and becomes very high upon emergency. One of the main and challenging requirements of BSNs is to design Medium Access Control (MAC) protocols that guarantee immediate and reliable transmission of data in emergency situations, while maintaining high energy efficiency in non-emergency conditions. In this paper, we propose a new emergency aware hybrid DTDMA/DS-CDMA protocol that can accommodate BSN traffic variations by addressing emergency and periodic traffic requirements. It takes advantage of the high delay efficiency of DS-CDMA in traffic burst, and the high energy efficiency of DTDMA in periodic traffic. The proposed scheme is evaluated in terms of delay, packet drop percentage, and energy consumption. Different OPNET simulations are performed for various number of nodes carrying emergency data, and for various payload sizes. The protocol performance is compared to other existing hybrid protocols. Results show that the proposed scheme outperforms the others in terms of delay and packet drop percentage for different number of nodes carrying emergency data, as well as for different payload sizes. It also offers the highest energy efficiency during periodic observation, while adjusting the energy consumption during emergency by assigning spreading codes only to nodes holding emergency data.