Mario Di Mauro

Università degli Studi di Salerno | UNISA · Department of Information Engineering, Electrical Engineering and Applied Mathematics (DIEM)

The Network Function Virtualization (NFV) paradigm has been devised as an enabler of next generation network infrastructures by speeding up the provisioning and the composition of novel network services. The latter are implemented via a chain of virtualized network functions, a process known as Service Function Chaining. In this paper, we evaluate...

A network attacker wants to transmit Voice-over-IP (VoIP) traffic streams covertly. He tries to evade the detection system by manipulating the VoIP streams through padding, shifting and splitting operations, so as to conceal them amidst the Internet traffic. A defender wants to detect the manipulated VoIP streams. Tackling this problem from an adve...

Mobile telecommunications are converging towards all-IP solutions. This is the case of the Long Term Evolution (LTE) technology that, having no circuit-switched bearer to support voice traffic, needs a dedicated VoIP infrastructure, which often relies on the IP Multimedia Subsystem architecture. Most telecom operators implement LTE-A, an advanced v...

Nowadays, the Security Information and Event Management (SIEM) systems take on great relevance in handling security issues for critical infrastructures as Internet Service Providers. Basically, a SIEM has two main functions: i) the collection and the aggregation of log data and security information from disparate network devices (routers, firewalls...

The Network Function Virtualization (NFV) has been conceived as an enabler of novel network infrastructures and services that can be deployed by combining virtualized network elements. In particular, NFV is suited to boost the deployment flexibility of Service Function Chains (SFCs). In this paper, we address an availability evaluation of a chain o...

Predicting the behavior of real-time traffic (e.g., VoIP) in mobility scenarios could help the operators to better plan their network infrastructures and to optimize the allocation of resources. Accordingly, in this work the authors propose a forecasting analysis of crucial QoS/QoE descriptors (some of which neglected in the technical literature) o...

In modern telecommunication networks, services are provided through Service Function Chains (SFC), where network resources are implemented by leveraging virtualization and containerization technologies. In particular, the possibility of easily adding or removing network resources has prompted service providers to redefine some concepts including pe...

Subjective video quality assessment (SVQA) is essential in order to produce a sufficient benchmark dataset, which is especially important for extreme environments such as underwater videos. However, SVQA has always been plagued by its disadvantages, such as high cost and time-consuming. In this paper, we propose an effective SVQA method based on ac...

Nowadays, most telecommunication services adhere to the Service Function Chain (SFC) paradigm, where network functions are implemented via software. In particular, container virtualization is becoming a popular approach to deploy network functions and to enable resource slicing among several tenants. The resulting infrastructure is a complex system...

The advances within the Internet of Things and sensor systems put the focus on the improvement of the data reliability as close to the edge as possible. This work investigates how well-established techniques can be used for the imputation of contaminated data. We look at the performance of four algorithms for different contamination rates and error...

Nowadays, Intrusion Detection Systems (IDSs) are becoming more and more effective since they can benefit from the flexibility offered by Machine Learning (ML) techniques. In this work we investigate the potentiality of the Weightless Neural Networks (WNNs) as a classification method of network attacks. Traditionally, WNNs have been exploited in the...

Subjective video quality assessment (VQA) is the most reliable way to get accurate quality scores, providing first-hand data on the research of quality of experience (QoE). However, traditional subjective VQA has the disadvantage of being cumbersome and time-consuming. In this paper, we propose an efficient subjective VQA framework based on hybrid...

Recent developments in cloud computing and the Internet of Things have enabled smart environments, in terms of both monitoring and actuation. Unfortunately, this often results in unsustainable cloud-based solutions, whereby, in the interest of simplicity, a wealth of raw (unprocessed) data are pushed from sensor nodes to the cloud. Herein, we advoc...

Most softwarized telco services are conveniently framed as service function chains (SFCs). Indeed, being structured as a combination of interconnected nodes, service chains may suffer from the single point of failure problem, meaning that an individual node malfunctioning could compromise the whole chain operation. To guarantee highly available (HA...

In a Distributed Denial of Service (DDoS) attack, a network (botnet) of dispersed agents (bots) sends requests to a website to saturate its resources. Since the requests are sent by automata, the typical way to detect them is to look for some repetition pattern or commonalities between requests of the same user or from different users. For this rea...

This work examines propagation of cyber-threats over networks under an adversarial formulation. Exploiting Kendall’s birth-death-immigration model, we propose an analytical framework to describe the stochastic dynamics of cyber-threat propagation in a collection of heterogeneous sub-networks characterized by different attributes. We propose two for...

Service provisioning mechanisms implemented across 5G infrastructures take broadly into use the network service chain concept. Typically, it is coupled with Network Function Virtualization (NFV) paradigm, and consists in defining a pre-determined path traversed by a set of softwarized network nodes to provide specific services. A well known chain-l...

Machine Learning (ML) techniques are becoming an invaluable support for network intrusion detection, especially in revealing anomalous flows, which often hide cyber-threats. Typically, ML algorithms are exploited to classify/recognize data traffic on the basis of statistical features such as inter-arrival times, packets length distribution, mean nu...

Most softwarized telco services are conveniently framed as Service Function Chains (SFCs). Indeed, being structured as a combination of interconnected nodes, service chains may suffer from the single point of failure problem, meaning that an individual node malfunctioning could compromise the whole chain operation. To guarantee "highly available" (...

Machine Learning (ML) techniques are becoming an invaluable support for network intrusion detection, especially in revealing anomalous flows, which often hide cyber-threats. Typically, ML algorithms are exploited to classify/recognize data traffic on the basis of statistical features such as inter-arrival times, packets length distribution, mean nu...

The failure of a single network element composing a Service Function Chain (SFC) unavoidably leads to some degradation in terms of availability (ability of guaranteeing working conditions), and/or performance (ability of sustaining a certain workload) for the whole SFC. By considering both of these aspects, we propose, as a case study, a joint anal...

Anomaly detection is concerned with identifying data patterns that deviate remarkably from the expected behaviour. This is an important research problem, due to its broad set of application domains, from data analysis to e-health, cybersecurity, predictive maintenance, fault prevention, and industrial automation. Herein, we review state-of-the-art...

The Network Function Virtualization (NFV) paradigm has been devised as an enabler of next generation network infrastructures by speeding up the provisioning and the composition of novel network services. The latter are implemented via a chain of virtualized network functions, a process known as Service Function Chaining. In this paper, we evaluate...

Mobile telecommunications are converging towards all-IP solutions. This is the case of the Long Term Evolution (LTE) technology that, having no circuit-switched bearer to support voice traffic, needs a dedicated VoIP infrastructure, which often relies on the IP Multimedia Subsystem architecture. Most telecom operators implement LTE-A, an advanced v...

The use of Machine Learning (ML) techniques in Intrusion Detection Systems (IDS) has taken a prominent role in the network security management field, due to the substantial number of sophisticated attacks that often pass undetected through classic IDSs. These are typically aimed at recognising attacks based on a specific signature, or at detecting...

Mobile telecommunications are converging towards all-IP solutions. This is the case of the Long Term Evolution (LTE) technology that, having no circuit-switched bearer to support voice traffic, needs a dedicated VoIP infrastructure, which often relies on the IP Multimedia Subsystem architecture. Most telecom operators implement LTE-A, an advanced v...

The Next Generation 5G Networks can greatly benefit from the synergy between virtualization paradigms, such as the Network Function Virtualization (NFV), and service provisioning platforms such as the IP Multimedia Subsystem (IMS). The NFV concept is evolving towards a lightweight solution based on containers that, by contrast to classic virtual ma...

Thanks to advances in Internet of Things and crowd-sensing, it is possible to collect vast amounts of urban data, to better understand how citizens interact with cities and, in turn, improve human well-being in urban environments. This is a scientifically challenging proposition, as it requires new methods to fuse objective (heterogeneous) data (e....

Network Function Virtualization (NFV) is considered one of the most influencing concepts in modern telecommunication frameworks, since it has the merit of transposing (and adapting) the virtualization paradigms from the computer world to the networking context. An instance of NFV is known as a Virtual Network Function (VNF), and represents a virtua...

The Network Function Virtualization (NFV) has been conceived as an enabler of novel network infrastructures and services that can be deployed by combining virtualized network elements. In particular, NFV is suited to boost the deployment flexibility of Service Function Chains (SFCs). In this paper, we address an availability evaluation of a chain o...

In the era of fifth generation (5G) telecommunication systems, a flexible, cost saving and reliable deployment of the network infrastructures appears to be a crucial issue. The European Telecommunications Standard Institute jointly with a group of telecom providers, proposed a novel networking paradigm considered as an enabler for future 5G network...

Object Storage Systems (OSSs) have been conceived to manage a bulk of highly unstructured data (videos, images, social resources etc.) by storing them in the form of objects accessible via REST APIs. An interesting implementation of OSS is based on Swift, a component of OpenStack, the most important platform exploited to deploy the Infrastructure a...

Recent variants of Distributed Denial-of-Service (DDoS) attacks leverage the flexibility of application-layer protocols to disguise malicious activities as normal traffic patterns, while concurrently overwhelming the target destination with a large request rate. New countermeasures are necessary, aimed at guaranteeing an early and reliable identifi...

Distributed Denial-of-Service (DDoS) attacks are usually launched through the $botnet$, an "army" of compromised nodes hidden in the network. Inferential tools for DDoS mitigation should accordingly enable an early and reliable discrimination of the normal users from the compromised ones. Unfortunately, the recent emergence of attacks performed at...

The detection of encrypted streamed traffic (like VoIP or Video) is an increasingly important issue for authorities involved in lawful interception. Aside from well established technologies like Skype, Facetime and MSN Messenger a new one is recently spreading: Web Real-Time Communication (WebRTC), which, with the support of powerful encryption met...

The classification of data sessions on the Internet is a crucial issue for Authorities involved in lawful interception. Some Internet Service Providers (ISP) can provide a panel of IP nodes that, tuned to detect specific data patterns, are able to send an alert when a data session in a targeted class is found. Unluckily, several applications genera...

Nowadays, the Internet Service Providers have to keep track of and in some cases to analyze for legal issues, a great amount of Internet data. Real-time big data processing and analysis introduce new challenges that must be addressed by system engineers. This is because: 1) traditional technologies exploiting databases are not designed to process a...

The paper presents an architectural proposal that integrates a vehicle parking system, which offers a series of specific services (billing, targeted marketing, etc.), into the 3GPP IP Multimedia Subsystem (IMS), with a specific focus on the localization of the vehicle in indoor areas. The vehicle is equipped with a device hosting an ad-hoc software...

The growing of mobile communication market is attracting the prospects of "cyber-criminals" to eavesdrop personal and financial data through mobile devices. Typically, such devices do not have enough hardware resources to provide a secure environment against phishing attacks, spywares, malwares, identity theft and so on. In this paper, we propose a...

One of the most important values deriving from WLAN (Wireless Local Access Network) technology is the possibility to provide a huge amount of mobility services based on a very cheap infrastructure. In this paper we propose a WLAN-based network architecture implementing an advanced location-determination service. The testing area is an indoor parkin...

Nowadays, provisioning of advanced multimedia services represents one of the most important research fields in Telecommunications world. The 3GPP Ip Multimedia Subsystem (IMS) infrastructure is the best choice to implement new multimedia services based on the SIP protocol and addressed to converged environment of fixed and mobile devices. IMS allow...

Wireless Local Access Network (WLAN) technology provides mobility services to network users. In this paper a significant value was added to this technology, by proposing an inexpensive framework providing advanced location determination services. Our target environment is an indoor parking area. For this area a comprehensive architecture and infras...