A Bit-Tracking Knowledge-Based Query Tree for RFID Tag Identification in IoT Systems.

In an IoT (Internet of Things) system where each IoT device has one/many RFID tags, there might be many RFID tags. However, when multiple tags respond to the reader's interrogation at the same time, their signals collide. Due to the collision, the reader must request the colliding tags to retransmit their IDs, resulting in higher communication overhead and longer identification time. Therefore, this paper presents a Bit-tracking Knowledge-based Query Tree (BKQT), which uses two techniques: knowledge, which stores all the tag IDs that can possibly occur, and bit tracking, which allows the reader to detect the locations of the collided bits in a collision slot. BKQT constructs a query tree for all possible tags, called a k-tree, by using knowledge while it constructs bit-collision cases and the corresponding actions for each node in this k-tree by using bit tracking. In the identification process, BKQT traverses this constructed k-tree and thus identifies the colliding tags faster by taking the actions according to the happening bit-collision cases. From the simulation results, BKQT can improve the identification time by 44.3%, 46.4%, and 25.1%, compared with the previous knowledge-based protocols, Knowledge Query Tree (KQT), Heuristic Query Tree (H-QT), Query Tree with Shortcutting and Couple Resolution (QTSC), respectively.

A Spatiotemporal-Oriented Deep Ensemble Learning Model to Defend Link Flooding Attacks in IoT Network.

(1) Background: Link flooding attacks (LFA) are a spatiotemporal attack pattern of distributed denial-of-service (DDoS) that arranges bots to send low-speed traffic to backbone links and paralyze servers in the target area. (2) Problem: The traditional methods to defend against LFA are heuristic and cannot reflect the changing characteristics of LFA over time; the AI-based methods only detect the presence of LFA without considering the spatiotemporal series attack pattern and defense suggestion. (3) Methods: This study designs a deep ensemble learning model (Stacking-based integrated Convolutional neural network-Long short term memory model, SCL) to defend against LFA: (a) combining continuous network status as an input to represent "continuous/combination attacking action" and to help CNN operation to extract features of spatiotemporal attack pattern; (b) applying LSTM to periodically review the current evolved LFA patterns and drop the obsolete ones to ensure decision accuracy and confidence; (c) stacking System Detector and LFA Mitigator module instead of only one module to couple with LFA detection and mediation at the same time. (4) Results: The simulation results show that the accuracy rate of SCL successfully blocking LFA is 92.95%, which is 60.81% higher than the traditional method. (5) Outcomes: This study demonstrates the potential and suggested development trait of deep ensemble learning on network security.

Social-Aware Peer Discovery for Energy Harvesting-Based Device-to-Device Communications.

In Device-to-Device (D2D) communications, the first step is to find all of the neighboring peers in the network by performing a peer discovery process. Most previous studies use the social behaviors of the users to adjust the sending rates of the peer discovery messages (i.e., beacons) under the constraint of consumed power for increasing the Peer Discovery Ratio (PDR). However, these studies do not consider the potential for energy harvesting, which allows for the User Equipments (UEs) to procure additional power within charging areas. Accordingly, this paper proposes an Energy-Ratio Rate Decision (ERRD) algorithm that comprises three steps, namely Social Ratio Allocation (SRA), Energy Ratio Allocation (ERA), and Beacon Rate Decision (BRD). The SRA step determines the allocated power quantum for each UE from the total budget power based on the social behavior of the UE. The ERA step then adjusts this allocated power quantum in accordance with the power that is harvested by the UE. Finally, the BRD step computes the beacon rate for the UE based on the adjusted power quantum. The simulation results show that ERRD outperforms the previously-reported Social-Based Grouping (SBG) algorithm by 190% on the PDR for a budget power of one watt and 8% for a budget power of 20 watts.

Identifying Hybrid DDoS Attacks in Deterministic Machine-to-Machine Networks on a Per-Deterministic-Flow Basis.

The Deterministic Network (DetNet) is becoming a major feature for 5G and 6G networks to cope with the issue that conventional IT infrastructure cannot efficiently handle latency-sensitive data. The DetNet applies flow virtualization to satisfy time-critical flow requirements, but inevitably, DetNet flows and conventional flows interact/interfere with each other when sharing the same physical resources. This subsequently raises the hybrid DDoS security issue that high malicious traffic not only attacks the DetNet centralized controller itself but also attacks the links that DetNet flows pass through. Previous research focused on either the DDoS type of the centralized controller side or the link side. As DDoS attack techniques are evolving, Hybrid DDoS attacks can attack multiple targets (controllers or links) simultaneously, which are difficultly detected by previous DDoS detection methodologies. This study, therefore, proposes a Flow Differentiation Detector (FDD), a novel approach to detect Hybrid DDoS attacks. The FDD first applies a fuzzy-based mechanism, Target Link Selection, to determine the most valuable links for the DDoS link/server attacker and then statistically evaluates the traffic pattern flowing through these links. Furthermore, the contribution of this study is to deploy the FDD in the SDN controller OpenDayLight to implement a Hybrid DDoS attack detection system. The experimental results show that the FDD has superior detection accuracy (above 90%) than traditional methods under the situation of different ratios of Hybrid DDoS attacks and different types and scales of topology.