Periodic Reporting for period 1 - PRISENODE (PRISENODE: Privacy- and secuRity-aware solutIons in SoftwarE-defiNed fOg Data cEnter)
Reporting period: 2020-01-01 to 2021-12-31
What is the problem/issue being addressed?
We published a paper entitled 'On Defending Against Label Flipping Attacks on Malware Detection Systems' which is published in Springer, NCAA. Specifically, we design a robust machine learning (ML) model to protect the data against the label modifications of each feature (function) in the network traffic flows gathered from Android mobiles. To measure these objectives, the fellow created software using ML metrics, such as correctness and error rate and confirmed its novelty against the literature. Also, we evaluate the effects of data manipulation and how it influences the ML model functionalities. To confirm this, the fellow used several classification algorithms and imposed some data poisoning techniques such as generative adversarial network solution to clue the data and enhance the secrecy of the information that pose an issue for the adversary to detect the correct classification algorithm. It is in line with the milestone 2.1 and Delivery 2.1 of PRISENODE. As a result, It can be the summary of the context and overall objectives of PRISENODE on these three months.
Why is it important for society?
The final result is a service that includes some trained machine learning model that is robust and resilient against the sudden software changing in the environment data (mainly Android mobile data) and can protect data and routing them as data flow in the network to satisfy CAPEXOPEX and KPI of the network.
What are the overall objectives?
- Design a robust ML model which is against the label modifications of each feature (function) in the network traffic flows gathered from Android mobiles in line with the D2.1
- How the effects of the data manipulation will affect on the ML model functionalities in line with the D2.1
The project has been terminated after three months due to the family issue raised for the fellow. However, the research activity reached to publishing a journal paper in a related venue.
We published a paper entitled 'On Defending Against Label Flipping Attacks on Malware Detection Systems' which is published in Springer, NCAA. Specifically, we design a robust machine learning (ML) model to protect the data against the label modifications of each feature (function) in the network traffic flows gathered from Android mobiles. To measure these objectives, the fellow created software using ML metrics, such as correctness and error rate and confirmed its novelty against the literature. Also, we evaluate the effects of data manipulation and how it influences the ML model functionalities. To confirm this, the fellow used several classification algorithms and imposed some data poisoning techniques such as generative adversarial network solution to clue the data and enhance the secrecy of the information that pose an issue for the adversary to detect the correct classification algorithm. It is in line with the milestone 2.1 and Delivery 2.1 of PRISENODE. As a result, It can be the summary of the context and overall objectives of PRISENODE on these three months.
Why is it important for society?
The final result is a service that includes some trained machine learning model that is robust and resilient against the sudden software changing in the environment data (mainly Android mobile data) and can protect data and routing them as data flow in the network to satisfy CAPEXOPEX and KPI of the network.
What are the overall objectives?
- Design a robust ML model which is against the label modifications of each feature (function) in the network traffic flows gathered from Android mobiles in line with the D2.1
- How the effects of the data manipulation will affect on the ML model functionalities in line with the D2.1
The project has been terminated after three months due to the family issue raised for the fellow. However, the research activity reached to publishing a journal paper in a related venue.
Here is the work performed for the PRISENODE:
1. reading and simulating the state of the art of the ML techniques for the traffic data gathered from the network like IoT and Fog nodes (data analyzing activities)
2. Simulating state of the art through iFogSim and link them to the SDN/NFV infrastructure and import the tested toy scenarios on Mininet tool for various topologies (extracted from topology zoo)
3. Contacting with CLOUDS lab postdocs and learning from them implementing verification of the source code and integration their strategies on my architecture
4. Import the learned materials, strategies, methodologies in traffic data analyzing, ML solutions and SDN/NFV programming strategy with the help of cloud/fog techniques to UNIPD
5. Integrate security and privacy challenge interplay on the SDN/NFV various traffic data (IoT users and network characteristics) to analyze the integrity and availability of the resource in the system and understand the abnormalities of the data in Fog-supported SDN network
In the end, during these three months, we published a paper on the topic which is available in Springer. Regarding the publication, the work addressed two important problems. The first problem is related to how to manipulate the data which are gathered from the IoT/mobile applications (Android dataset). Then, how to link the gathered tuned and tested model based on the android data features on the Fog nodes instantiated on the switches and how we can assure the generated machine learning model can preserve efficient network throughput with minimal resource allocation and scheduling. To do so, first, we study the problems in gathering data from fog nodes connected to the Android mobile and how can we imply attack scenarios with the help of manipulation of the features of the traffic data gathered from Android mobiles. Afterwards, we create our attack scenarios with the help of machine learning models and inject the poison data to the existing supervised traffic data and validate it by several test scenarios (simulations).
1. reading and simulating the state of the art of the ML techniques for the traffic data gathered from the network like IoT and Fog nodes (data analyzing activities)
2. Simulating state of the art through iFogSim and link them to the SDN/NFV infrastructure and import the tested toy scenarios on Mininet tool for various topologies (extracted from topology zoo)
3. Contacting with CLOUDS lab postdocs and learning from them implementing verification of the source code and integration their strategies on my architecture
4. Import the learned materials, strategies, methodologies in traffic data analyzing, ML solutions and SDN/NFV programming strategy with the help of cloud/fog techniques to UNIPD
5. Integrate security and privacy challenge interplay on the SDN/NFV various traffic data (IoT users and network characteristics) to analyze the integrity and availability of the resource in the system and understand the abnormalities of the data in Fog-supported SDN network
In the end, during these three months, we published a paper on the topic which is available in Springer. Regarding the publication, the work addressed two important problems. The first problem is related to how to manipulate the data which are gathered from the IoT/mobile applications (Android dataset). Then, how to link the gathered tuned and tested model based on the android data features on the Fog nodes instantiated on the switches and how we can assure the generated machine learning model can preserve efficient network throughput with minimal resource allocation and scheduling. To do so, first, we study the problems in gathering data from fog nodes connected to the Android mobile and how can we imply attack scenarios with the help of manipulation of the features of the traffic data gathered from Android mobiles. Afterwards, we create our attack scenarios with the help of machine learning models and inject the poison data to the existing supervised traffic data and validate it by several test scenarios (simulations).
The project outcomes can establish a foundation for addressing the research challenges that currently limit the practical usage of SDN/NFV technology. As a result, it can significantly accelerate the existing academic research in network security by developing nearly adaptive and active re-configurable defence strategies. Along with this, a vital contribution of this research would be the internet measurement and design new robust ML modelling for network traffic/flows which has not yet been investigated to date. Also, the potential impacts of the PRISENODE are to publish 2 conference papers and three journal papers.
The outcomes of this work can enhance and stimulate EU’s academic research in the field of network security, network technology.
Hence, the achieved results will help the fellow to participate in the future Horizon 2020 independent or collaborative development projects related security and privacy control in the data network using ML techniques to preserve trustworthy of the data.
Regarding the personal webpage: No website has been developed for the project.
The outcomes of this work can enhance and stimulate EU’s academic research in the field of network security, network technology.
Hence, the achieved results will help the fellow to participate in the future Horizon 2020 independent or collaborative development projects related security and privacy control in the data network using ML techniques to preserve trustworthy of the data.
Regarding the personal webpage: No website has been developed for the project.