This page will give you the opportunity to view all the scientific publications from ARCADIAN-IoT.

Author: Sérgio Figueiredo, Paulo Silva, Alfonso Iacovazzi, Vitalina Holubenko, João Casal, Jose M Alcaraz Calero, Qi Wang, Pedro Colarejo, Shahid Raza, Ross Little Armitt, and Giacomo Inches

Publication: GIoT Summit, June 2022, Dublin

Publisher: Springer

Abstract. Cybersecurity incidents have been growing both in number and associated impact, as a result from society’s increased dependency in information and communication technologies – accelerated by the recent pandemic. In particular, IoT. technologies, which enable significant flexibility and cost-efficiency, but are also associated to more relaxed security mechanisms, have been quickly adopted across all sectors of the society, including critical infrastructures (e.g. smart grids) and services (e.g. eHealth). Gaps such as high dependence on 3rd party IT suppliers and device manufacturers increase the importance of trustworthy and secure solutions for future digital services.

This paper presents ARCADIAN-IoT, a framework aimed at holistically enabling trust, security, privacy and recovery in IoT systems, and enabling a Chain of Trust between the different IoT entities (persons, objects and services). It builds on features such as federated AI for effective and privacy-preserving cybersecurity, distributed ledger technologies for decentralized management of trust, or transparent, user-controllable and decentralized privacy.

Read the paper

Author: Gelayol Golcarenarenji,Ignacio Martinez-Alpiste,Qi Wang,Jose Maria Alcaraz-Calero

Publication: Expert Systems with Applications

Publisher: Elsevier

Date: 15 October 2022

Abstract: This study proposes a novel illumination-aware image fusion technique and a Convolutional Neural Network (CNN) called BlendNet to significantly enhance the robustness and real-time performance of small human objects detection from Unmanned Aerial Vehicles (UAVs) in harsh and adverse operation environments. The proposed solution is particular useful for mission-critical public safety applications such as search and rescue operations in rural areas. The operation environments of such missions are featured with poor illumination condition and complex background such as dense vegetation and undergrowth in diverse weather conditions, and the missions have to address the challenges of detecting humans from UAVs at high altitudes, with a moving platform and from various viewing angles. To overcome these challenges, the proposed solution register and fuse the images using Enhanced Correlation Coefficient (ECC) and arithmetic image addition with customised weights techniques. The result of this fusion is fuelled with our new BlendNet AI model achieving 95.01 % of accuracy with 42.2 Frames Per Second (FPS) on Titan X GPUwith input size of 608 pixels. The effectiveness of the proposed fusion method has been evaluated and compared with other methods using the KAIST public dataset. The experimental results show competitive performance of BlendNet in terms of both visual quality as well as quantitative assessment of high detection accuracy at high speed.


Author: Pablo Salva-Garcia, Ruben Ricart-Sanchez, Enrique Chirivella-Perez, Qi Wang, Jose M. Alcaraz-Calero

Publication: Journal of Network and Systems Management volume 30, Article number: 75 (2022)

Publisher: Springer

Abstract: Next-generation networks are expected to combine advanced physical and digital technologies in super-high-speed connected system infrastructures, gaining critical operation competitiveness of improved efficiency, productivity and quality of services. Towards a fully digital and connected world, these platforms will enable infrastructure virtualization and support of edge processing, making emerging sectors, such as Industry 4.0, ready to exploit its full potentials. Nevertheless, the fast growth of data-centric and automated systems may exceed the capabilities of the overall infrastructure beyond the radio access networks, becoming unable to fulfil the demands of vertical sectors and representing a bottleneck. To minimize the negative effects that could affect critical services in a heavily loaded network, it is essential for network providers to deploy highly scalable and prioritisable in-network optimisation schemes to meet industry expectations in next-generation networks. To this end, this work presents a novel framework that leverages extended Berkeley Packet Filter (eBPF) and eXpress Data Path (XDP) to offload network functions to reduce unnecessary overhead in the backbone infrastructure. The proposed solution is envisioned to be implemented as a Network Application (NetApp) service, which will greatly benefit the compatibility with next-generation networking ecosystem empowered by Artificial Intelligence (AI), advanced automation, multi-domain network slicing, and other related technologies. The achieved results demonstrate key performance improvements in terms of packet processing capacity as high as about 18 million packets per second (Mpps), system throughput up to 6.1 Mpps with 0% of packet loss, and illustrate the flexibility of the framework to adapt to multiple network policy rules dynamically on demand.


Author:Vitalina Holubenko, Paulo Silva and Carlos Bento

Publication: IEEE Consumer Communications & Networking Conference, 8–11 January 2023, Las Vegas, NV, USA

Abstract: As of recent years, the growth of data processed by devices has been exponential. This growth is the direct result of the increasing number of Internet of Things devices connected to the cloud, which came to play a very critical role in many domains, such as smart infrastructures, healthcare, supply chain or transportation. Despite its advantages, the amount of IoT devices has come to serve as a motivation for malicious entities to take advantage of such devices and use them for their own gain. One of the main catalysts of this problem is not only the lack of proper security measures applied in such devices, but also the centralization approach in AI based intelligence. To help deal with potential cyberattacks IoT devices, Machine Learning techniques can be applied to Intrusion Detection Systems. To solve the privacy issue associated with centralized approaches, Federated Learning was proposed by Google in 2016. Federated Learning is an approach that is capable of training a global AI model with the private data of clients without ever having to share it with a central entity. In summary, this work aims to present research about Host Intrusion Detection that could be applied for IoT devices, and additionally how Federated Learning can be applied in these instances for privacy preservation.

Link: available soon

Authors: Pablo Benlloch-Caballero, Qi Wang, Jose M. Alcaraz-Calero

Publication: Computer Networks, Volume 222, February 2023

Publisher: Springer

Abstract: Internet of Things (IoT) is a major application area of the Fifth-Generation (5G) and beyond capable of providing massive machine-type communications (mMTC) at a large scale. It enables a wide range of applications such as smart cities, smart grids, smart factories and so on. In light of the huge number of devices involved, it is prohibitive to manage the massive large-scale cyber security scenarios manually. Therefore, closed automation loops are essential to automate such management. This paper proposes a new cognitive closed loop system to offer distributed dual-layer self-protection capabilities to battle against Distributed Denial of Service (DDoS) attacks. The proposed system features the novel usage of concurrent autonomous closed-loops for the different stakeholders’ business roles: Digital Service Providers (DSPs) and Infrastructure Service Providers (ISPs) respectively, suitable to provide a multi-layer self-protection defence mechanisms across multiple administrative domains. It has been designed, implemented and experimentally validated. Empirical results have shown that there is a high potential in the collaboration between the stakeholders to achieve the common goal of self-protection of infrastructures. It makes a major difference in the performance of the whole infrastructure for detecting, analysing and mitigating the threat when the proposed distributed dual-layer loops are applied instead of a standalone loop. The system has achieved a 78.12% of effectiveness compared with a 4.73% of the standalone counterpart, for a large scale attack when stopping 256 infected devices. Also, the proposed system has achieved a response time of 18 s whereas the standalone has required 57 s, achieving an optimization of performance of 316%.


Authors: Alfonso Iacovazzi, Shahid Raza

Publication: 2022 IEEE International Conference on Cyber Security and Resilience (CSR)

Abstract: We propose a novel solution combining supervised and unsupervised machine learning models for intrusion detection at kernel level in cloud containers. In particular, the proposed solution is built over an ensemble of random and isolation forests trained on sequences of system calls that are collected at the hosting machine’s kernel level. The sequence of system calls are translated into a weighted and directed graph to obtain a compact description of the container behavior, which is given as input to the ensemble model. We executed a set of experiments in a controlled environment in order to test our solution against the two most common threats that have been identified in cloud containers, and our results show that we can achieve high detection rates and low false positives in the tested attacks.