Carlos Becker Westphall's lab
Institution: Federal University of Santa Catarina
Department: Departamento de Informática e Estatística
Featured research (35)
Intrusion detection is one of the key points in computer security, and it aims to identify attempted attacks by unauthorized users. Several researches are being developed to solve security problems in environments involving the Internet of Things, Fog Computing, and Cloud Computing. This mini-course has a theoretical and practical profile, aims to describe aspects of the context of intrusion detection in IoT and Fog Computing, presents Machine Learning techniques commonly used in intrusion detection, expose state-of-the-art approaches, and present some results obtained in developed research. 1.1. Introduction With the development of technological resources and the popularization of the Internet, there has been significant growth in the number of computational applications. Faced with this new technological context, difficulties have arisen in maintaining the security of applications and data, given that the techniques for exploiting vulnerabilities in these computational infrastructures are constantly being improved to acquire access to systems and obtain and use improperly sensitive information. Malicious users can exploit vulnerabilities in computer systems to carry out illicit activities. The attackers' main motivation is to obtain privileged digital content that can bring some benefit to the attacker and/or cause significant damage to the target of the attacks. Currently, the Internet of Things (IoT) is spreading in all areas that apply computational resources. IoT devices allow everyday objects to be connected to the Internet, computers, and smartphones [Atzori et al. 2010]. The idea is to increasingly unite the physical and digital worlds by communicating objects with other devices, data centers, and clouds.
The growth of the Internet of Things (IoT) and computing applications creates a greater possibility of vulnerabilities, which malicious entities can use to cause damage. This makes special security techniques as intrusion detection mechanisms indispensable in modern computer systems. It is important to detect and identify the attack in a category so that specific countermeasures for the threat category are solved. However, most existing multiclass detection approaches have some weaknesses, mainly related to detecting specific categories of attacks and problems with false positives. This article addresses this research problem and advances state-of-the-art, bringing contributions to a two-stage detection architecture called DNNET-Ensemble, combining binary and multiclass detection. While the benign traffic can be quickly released on the first detection, the intrusive traffic can be subjected to a robust analysis approach without causing delay issues. Additionally, we propose the DNNET binary approach for the binary detection level, which can provide more accurate and faster binary detection. The proposed Hybrid Attribute Selection strategy can find an optimal subset of attributes through a wrapper method with a lower training cost due to pre-selection using a filter method. Furthermore, the proposed Soft-SMOTE improvement allows operating with a balanced dataset with a minor training time increase, even in scenarios where there are a large number of classes with a large imbalance among them. The results obtained in experiments with renowned intrusion datasets demonstrate that the approach can achieve superior detection rates and false positives performance compared to other state-of-the-art approaches.
An Internet of Things (IoT) device that can automatically measure water consumption can help prevent excessive water usage or leaks. However, automating too many residences or condominiums with multiple IoT devices can lead to extra energy consumption and more network congestion. We propose controlling the energy consumption of an IoT water consumption management system by dynamically controlling its duty cycle. By analyzing the energy consumption of the developed prototype and its duty cycle variation, we calculated how much energy could be saved by controlling the antenna and the water flow sensor used in the IoT device. While controlling the antenna offered some energy savings, having some way to cut down on the water flow sensor’s consumption can have a dramatic impact on the overall IoT energy consumption or its battery longevity. Our results showed that we could get up to 69% extra energy savings compared to just putting the antenna in sleep mode. There is an observable trade-off in saving so much energy, as we can also see that water reading error rates go up alongside the extra energy savings.
The security of constrained devices in Internet ofThings presents itself as a challenge due to the limitation of existing resources. It is important to analyze appropriate security mechanisms for this resource-constrained environment, specifically for authentication. This study presents an experiment that analyzes a proposal for an original Constrained Application Protocol Multi-Factor Authentication with Reputation, in comparison to simple authentication and a reference with no authentication. From this experience it was possible to prove that multi-factor authentication with reputation is also an adequate solution for Low Power Wide Area Network and constrained devices and does not require much more resources than simple authentication. With this work it is possible to evaluate the adoption of Multi Factor Authentication with Reputation on Constrained Devices and to subsidize choices of Internet of Things projects with this type of configuration.
Multi-access Edge Computing (MEC) is a type of network architecture that provides cloud computing capabilities at the edge of the network. We consider the use case of video surveillance for an university campus running on a 5G-MEC environment. A key issue is the eventual overloading of computing resources on the MEC nodes during peak demand. We propose a new strategy for distributed orchestration in MEC environments based on how load balancing strategies organize processing queue. Then, we elaborated a strategy for deadline-aware queueing prioritization that organizes requests based on pre-established thresholds. We introduce a simulation-based experimentation environment and conduct a number of tests demonstrating the benefit of our approach by reducing the number of referrals and improving the effectiveness in meeting deadlines.
- Departamento de Informática e Estatística
About Carlos Becker Westphall
- Carlos Becker Westphall is Full Professor (since 1993) in the Department of Informatics and Statistics at the Federal University of Santa Catarina - Brazil, where he acts as the leader of the Network and Management Laboratory. Obtained a degree in Electrical Engineering in 1985 and a M.Sc. degree in Computer Science in 1988, both at the Federal University of Rio Grande do Sul, Brazil. Obtained a D.Sc. degree in Computer Science at the Université Paul Sabatier, France, in 1991.
Jorge Lopes de Souza Leao
Ricardo do Nascimento Boing
Gabriel Beims Brascher
Lukas Derner Grüdtner