Future Internet

Industrial control systems (ICS) and supervisory control and data acquisition (SCADA) systems, which control critical infrastructure such as power plants and water treatment facilities, have unique characteristics that make them vulnerable to ransomware attacks. These systems are often outdated and run on proprietary software, making them difficult to protect with traditional cybersecurity measures. The limited visibility into these systems and the lack of effective threat intelligence pose significant challenges to the early detection and prediction of ransomware attacks. Ransomware attacks on ICS and SCADA systems have become a growing concern in recent years. These attacks can cause significant disruptions to critical infrastructure and result in significant financial losses. Despite the increasing threat, the prediction of ransomware attacks on ICS remains a significant challenge for the cybersecurity community. This is due to the unique characteristics of these systems, including the use of proprietary software and limited visibility into their operations. In this review paper, we will examine the challenges associated with predicting ransomware attacks on industrial systems and the existing approaches for mitigating these risks. We will also discuss the need for a multi-disciplinary approach that involves a close collaboration between the cybersecurity and ICS communities. We aim to provide a comprehensive overview of the current state of ransomware prediction on industrial systems and to identify opportunities for future research and development in this area. Full article

The immutability of data stored in a blockchain is a crucial pillar of trust in this technology, which has led to its increasing adoption in various use cases. However, there are situations where the inability to change or delete data may be illegal. European Union’s General Data Protection Regulation (GDPR)—applying to any company processing personal data from European citizens—explicitly entitles individuals to the right to rectification and the right to be forgotten. In this paper, we describe the design of a system to deploy and process survey data in a GDPR-compliant manner. It combines an Hyperledger Fabric blockchain to ensure that data cannot be tampered with and InterPlanetary File Systems (IPFS) for storage. With the proposed arrangement, we reap several security benefits enabled by blockchain’s immutability without running afoul of the regulations. Furthermore, the proof-of-concept is generic and can easily be adapted to various domains. Full article

The global spread of COVID-19 highlights the urgency of quickly finding drugs and vaccines and suggests that similar challenges will arise in the future. This underscores the need for ongoing efforts to overcome the obstacles involved in the development of potential treatments. Although some progress has been made in the use of Artificial Intelligence (AI) in drug discovery, virologists, pharmaceutical companies, and investors seek more long-term solutions and greater investment in emerging technologies. One potential solution to aid in the drug-development process is to combine the capabilities of the Internet of Medical Things (IoMT), edge computing (EC), and deep learning (DL). Some practical frameworks and techniques utilizing EC, IoMT, and DL have been proposed for the monitoring and tracking of infected individuals or high-risk areas. However, these technologies have not been widely utilized in drug clinical trials. Given the time-consuming nature of traditional drug- and vaccine-development methods, there is a need for a new AI-based platform that can revolutionize the industry. One approach involves utilizing smartphones equipped with medical sensors to collect and transmit real-time physiological and healthcare information on clinical-trial participants to the nearest edge nodes (EN). This allows the verification of a vast amount of medical data for a large number of individuals in a short time frame, without the restrictions of latency, bandwidth, or security constraints. The collected information can be monitored by physicians and researchers to assess a vaccine’s performance. Full article

This research presents an experience of post-digital learning of biotechnology in rural areas in Colombia by implementing a massive open online course (MOOC) for biotechnology education called Open Biotec. The objective was to improve Colombian rural development by creating learning communities around five topics: waste management, environmental biotechnology, bioprocesses, alternative energies, and bio-entrepreneurship. The study utilized various methods, including a socioeconomic diagnosis of a subregion of the department of Antioquia, Colombia, and the creation of MOOCs using the Action Research methodology. The pilot test of the training route in biotechnology involved the progressive development of the MOOC courses that comprise it. Around 918 students from rural areas were trained, and statistical analysis showed that the average grade of the students increased significantly from 6.13 to 7.53 and the median from 6.15 to 8.00. The study results demonstrate how the learning experience designed in the Open Biotec MOOC increases the degree of knowledge of students in this field of biotechnology, offering an opportunity to establish sustainable learning communities with participation and collaborative action mediated by virtual tools. The study concludes that rural education in Colombia could be strengthened with a training strategy for rural communities supported by MOOCs focused on the responsible use of local biodiversity from a biotechnological perspective. Full article

The new educational reality requires teachers to have a series of skills and competences that allow them to improve the teaching–learning process and therefore the quality of teaching, integrating technology and emerging technologies. In order to assess the competence level of teachers, a descriptive study was designed, in which 101 teachers from different stages and geographical locations in Spain took part and were administered the DigCompEdu Check-in questionnaire. The results show average levels of teachers’ digital competence (B1 and B2, particularly), and an incipient use of emerging technologies by teachers, with less than 50% of the sample not using these technologies in their daily classroom activities, although those who show a higher level of digital competence are also those who integrate them more in their daily work. The results correspond with similar studies, corroborating the average level of teachers’ digital skills. Full article

Cyber-Physical Systems (CPS) are physical systems whose operations are coordinated, monitored, and controlled by computing and communication functions. These systems are typically heterogeneous, including Internet of Things and information technology subsystems, and can present a myriad of implementation details, making them very complex systems. An important type of CPS is a maritime container terminal (cargo port), which is a facility where cargo containers are transported between ships and land vehicles for onward transportation and vice versa. A cargo port performs four basic functions: receiving, storing, staging, and loading for both import and export containers. We present here process patterns that describe the functional aspects of cargo ports and a pattern that describes their structural properties (patterns are encapsulated solutions to recurrent problems). These patterns describe semantic aspects found in any cargo port and can be adapted to describe other CPSs. We decompose these process patterns into use cases that describe their interactions with the system. We then integrate the process patterns with structural patterns to assemble a partial reference architecture (RA) that shows the interactions of all the patterns while also indicating the typical stakeholders found in all ports. We validate the proposed reference architecture, highlighting its theoretical and practical value. Software and system designers of cargo ports need to start from a conceptual and abstract view that is subsequently refined to add more details. The use of reference architectures and patterns is an effective way to organize and describe the functional and non-functional aspects of a system, as well as to unify the design of all its aspects. This is, until now, the only published RA for cargo ports, and it can be a useful guideline for the designers of any type of cargo port. Full article

This paper is designed to explicate and analyze data acquired from experimental field tests of a Tesla Model 3 lane correction module within the vehicle’s Autopilot Suite, a component of Tesla OS. The initial problem was discovered during a nominal drive of the Tesla Model 3, where after a random number of lane correction events, the lane correction module shuts down, issues a visual disable warning on the touchscreen, and control of the vehicle is given to the driver until the next drive. That development was considered problematic, as the driver can be caught off guard or may be medically disabled and unable to respond. During a controlled stress test, a more severe issue was discovered. After a random number of lane correction events, the lane correction module shuts down without warning, then stays activated after the test driver corrects the vehicle’s trajectory. This is considered a fatal error in the system and adds a dangerous element to an otherwise standard feature in a modern automotive vehicle. The results established that the number of events needed to trigger a fatal error without warning is unpredictable. Our results also demonstrate that the system is inconsistent. Full article

In recent years, dense retrieval has emerged as the primary method for open-domain question-answering (OpenQA). However, previous research often focused on the query side, neglecting the importance of the passage side. We believe that both the query and passage sides are equally important and should be considered for improved OpenQA performance. In this paper, we propose a contrastive pseudo-labeled data constructed around passages and queries separately. We employ an improved pseudo-relevance feedback (PRF) algorithm with a knowledge-filtering strategy to enrich the semantic information in dense representations. Additionally, we proposed an Auto Text Representation Optimization Model (AOpt) to iteratively update the dense representations. Experimental results demonstrate that our methods effectively optimize dense representations, making them more distinguishable in dense retrieval, thus improving the OpenQA system’s overall performance. Full article

The Internet of Things (IoT) connects devices via the Internet. Network congestion is one of the key problems that has been identified by researchers in the IoT field. When there is a huge number of IoT devices connected to the internet, this creates network congestion. Transfer control protocol is a transport layer protocol that provides a reliable end-to-end connection between two devices. Many Congestion Control Algorithms have been proposed to solve network congestion. However, there is no perfect solution to this problem. This paper proposes an effective loss-based Congestion Control Algorithm to effectively adapt the congestion window in the IoT environment. It uses simple experiment scenarios to test the algorithm for wired and wireless channels and observes important performance metrics: link utilization, inter-protocol fairness, intra-protocol fairness and throughput. The results are impressive, and the proposed algorithm is shown to outperform other standard algorithms. Full article

This paper focuses on Internet of Things (IoT) architectures and knowledge generation out of streams of events as the primary elements concerning the creation of user-centric IoT services. We provide a general, symmetrical IoT architecture, which enables two-way bidirectional communication between things and users within an application domain. We focus on two main components of the architecture (i.e., Event Engine and Process Engine) that handle event transformation by implementing parametric Complex Event Processing (CEP). More specifically, we describe and implement the transformation cycle of events starting from raw IoT data to their processing and transformation of events for calculating information that we need in an IoT-enabled application context. The implementation includes a library of composite transformations grouping the gradual and sequential steps for transforming basic IoT events into business events, which include ingestion, event splitting, and calculation of measurements’ average value. The appropriateness and possibility of inclusion and integration of the implementation in an IoT environment are demonstrated by providing our implementation for a smart farming application domain with four scenarios that each reflect a user’s requirements. Further, we discuss the quality properties of each scenario. Ultimately, we propose an IoT architecture and, specifically, a parametric CEP model and implementation for future researchers and practitioners who aspire to build IoT applications. Full article

Accurately looking into the future was a significantly major challenge prior to the era of big data, but with rapid advancements in the Internet of Things (IoT), Artificial Intelligence (AI), and the data availability around us, this has become relatively easier. Nevertheless, in order to ensure high-accuracy forecasting, it is crucial to consider suitable algorithms and the impact of the extracted features. This paper presents a framework to evaluate a total of nine forecasting algorithms categorised into single and multistage models, constructed from the Prophet, Support Vector Regression (SVR), Long Short-Term Memory (LSTM), and the Least Absolute Shrinkage and Selection Operator (LASSO) approaches, applied to an electricity demand dataset from an NHS hospital. The aim is to see such techniques widely used in accurately predicting energy consumption, limiting the negative impacts of future waste on energy, and making a contribution towards the 2050 net zero carbon target. The proposed method accounts for patterns in demand and temperature to accurately forecast consumption. The Coefficient of Determination ($R^2$), Mean Absolute Error (MAE), and Root Mean Square Error (RMSE) were used to evaluate the algorithms’ performance. The results show the superiority of the Long Short-Term Memory (LSTM) model and the multistage Facebook Prophet model, with $R^2$ values of $87.20\%$ and $68.06\%$, respectively. Full article

SQL injection is a highly detrimental web attack technique that can result in significant data leakage and compromise system integrity. To counteract the harm caused by such attacks, researchers have devoted much attention to the examination of SQL injection detection techniques, which have progressed from traditional signature-based detection methods to machine- and deep-learning-based detection models. These detection techniques have demonstrated promising results on existing datasets; however, most studies have overlooked the impact of adversarial attacks, particularly black-box adversarial attacks, on detection methods. This study addressed the shortcomings of current SQL injection detection techniques and proposed a reinforcement-learning-based black-box adversarial attack method. The proposal included an innovative vector transformation approach for the original SQL injection payload, a comprehensive attack-rule matrix, and a reinforcement-learning-based method for the adaptive generation of adversarial examples. Our approach was evaluated on existing web application firewalls (WAF) and detection models based on machine- and deep-learning methods, and the generated adversarial examples successfully bypassed the detection method at a rate of up to 97.39%. Furthermore, there was a substantial decrease in the detection accuracy of the model after multiple attacks had been carried out on the detection model via the adversarial examples. Full article

In this paper, we study via simulation the performance of irregular repetition slotted ALOHA under multi-packet detection and different patterns of the load process. On the one hand, we model the arrival process with a version of the M/G/∞ process able to exhibit a correlation structure decaying slowly in time. Given the independence among frames in frame-synchronous coded-slotted ALOHA (CSA), this variation should only take effect on frame-asynchronous CSA. On the other hand, we vary the marginal distribution of the arrival process using discrete versions of the Lognormal and Pareto distributions, with the objective of investigating the influence of the right tail. In this case, both techniques should be affected by the change, albeit to a different degree. Our results confirm these hypotheses and show that these factors must be taken into account when designing and analyzing these systems. In frameless operations, both the shape of the packet arrivals tail distribution and the existence of short-range and long-range correlations strongly impact the packet loss ratio and the average delay. Nevertheless, these effects emerge only weakly in the case of frame-aligned operations, because this enforces the system to introduce a delay in the newly arrived packets (until the beginning of the next frame), and implies that the backlog of accumulated packets is the key quantity for calculating the performance. Full article

This paper summarizes the work of many different authors, industries, and countries by introducing important and influential factors that will help in the development, successful adoption, and sustainable use of the Web3/metaverse and its applications. We introduce a few important factors derived from the current state-of-the-art literature, including four essential elements including (1) appropriate decentralization, (2) good user experience, (3) appropriate translation and synchronization to the real world, and (4) a viable economy, which are required for appropriate implementation of a metaverse and its applications. The future of Web3 is all about decentralization, and blockchain can play a significant part in the development of the Metaverse. This paper also sheds light on some of the most relevant open issues and challenges currently facing the Web3/metaverse and its applications, with the hope that this discourse will help to encourage the development of appropriate solutions. Full article

This study, focusing on identifying rare attacks in imbalanced network intrusion datasets, explored the effect of using different ratios of oversampled to undersampled data for binary classification. Two designs were compared: random undersampling before splitting the training and testing data and random undersampling after splitting the training and testing data. This study also examines how oversampling/undersampling ratios affect random forest classification rates in datasets with minority dataor rare attacks. The results suggest that random undersampling before splitting gives better classification rates; however, random undersampling after oversampling with BSMOTE allows for the use of lower ratios of oversampled data. Full article

Undoubtedly, we are witnessing a new era of computer networks that aspire to support modern demanding applications by providing the highest Quality of Experience (QoE) to the end user. Next Generations Networks (NGNs) ensure that characteristics such as ultra-low latency, high availability and wide service coverage can be met across the network regardless of the network infrastructure ownership. To accomplish that, beyond the necessary improvements in the radio propagation field, changes have been made in the core network functions which are now characterized as programmable, and software defined. Software Defined Networks (SDNs) and Network Function Virtualization (NFV) are the keystones of the NGNs flexibility. The high expectations of NGNs’ performance and the continuous changes in the network conditions lead to the development of new network management frameworks that add elasticity and dynamicity and minimize human intervention. ETSI (the European Standards Organization) presents the Zero-touch Service Management (ZSM) framework that uses hyped technologies such as Artificial Intelligence (AI) and Machine Learning (ML) to achieve full end-to-end automation of the network services’ management across one or many different domains. Focusing on multi-domain network service management, there are several security issues identified by the standardization team which mostly derive from the lack of trust among network providers. In the present research, we explore the suitability of blockchain technology adoption for facing these security issues. Blockchain technology inherently addresses security in trustless environments such as the infrastructures defined by the ZSM team. Our contribution is three-fold: (a) we define the architecture of a multi-domain network infrastructure that adopts the ZSM approach and integrates blockchain functionality, (b) we explore the adoption of different blockchain and distributed ledger technologies (DLT) approaches to address ZSM security needs and (c) we provide guidelines to prospective solution designers/implementers on the detailed requirements that this solution has to meet to maximize the offered value. Full article

For the current stage of complex and changing network environments and correlated and synchronized vulnerability attacks, this study first fuses attack graph technology and Bayesian networks and constructs Bayesian attack graphs toportray the correlation relationships between vulnerabilities and discovering attackers’ intentions. Meanwhile, improving the Bayesian attack graph is difficult because it is difficult to achieve active updates and adapt to the changing network environment and other problems. The study proposed a detection method that integrated the Bayesian attack graph and the XGBoost incremental learning (IL) approach. Experiments showed that the IL model had an accuracy of 0.951, an accuracy of 0.999, a recall of 0.815, an F1 value of 0.898, and an Area Under Curve (AUC) value of 0.907. The prediction ability of this method was better than that of the base model. Bayesian attack graphs fused with IL can detect attacks in the network more efficiently and accurately, so the probability of each node in the network system being attacked can be updated in real time. Full article

In this paper, considering the problem that the common defensive means in the current cyber confrontation often fall into disadvantage, honeypot technology is adopted to turn reactive into proactive to deal with the increasingly serious cyberspace security problem. We address the issue of common defensive measures in current cyber confrontations that frequently lead to disadvantages. To tackle the progressively severe cyberspace security problem, we propose the adoption of honeypot technology to shift from a reactive to a proactive approach. This system uses honeypot technology for active defense, tempting attackers into a predetermined sandbox to observe the attacker’s behavior and attack methods to better protect equipment and information security. During the research, it was found that due to the singularity of traditional honeypots and the limitations of low-interactivity honeypots, the application of honeypot technology has difficulty in achieving the desired protective effect. Therefore, the system adopts a highly interactive honeypot and a modular design idea to distinguish the honeypot environment from the central node of data processing, so that the honeypot can obtain more sufficient information and the honeypot technology can be used more easily. By managing honeypots at the central node, i.e., adding, deleting, and modifying honeypots and other operations, it is easy to maintain and upgrade the system, while reducing the difficulty of using honeypots. The high-interactivity honeypot technology not only attracts attackers into pre-set sandboxes to observe their behavior and attack methods, but also performs a variety of advanced functions, such as network threat analysis, virtualization, vulnerability perception, tracing reinforcement, and camouflage detection. We have conducted a large number of experimental comparisons and proven that our method has significant advantages compared to traditional honeypot technology and provides detailed data support. Our research provides new ideas and effective methods for network security protection. Full article

Image-based localization has been widely used for autonomous vehicles, robotics, augmented reality, etc., and this is carried out by matching a query image taken from a cell phone or vehicle dashcam to a large scale of geo-tagged reference images, such as satellite/aerial images or Google Street Views. However, the problem remains challenging due to the inconsistency between the query images and the large-scale reference datasets regarding various light and weather conditions. To tackle this issue, this work proposes a novel view synthesis framework equipped with deep generative models, which can merge the unique features from the outdated reference dataset with features from the images containing seasonal changes. Our design features a unique scheme to ensure that the synthesized images contain the important features from both reference and patch images, covering seasonable features and minimizing the gap for the image-based localization tasks. The performance evaluation shows that the proposed framework can synthesize the views in various weather and lighting conditions. Full article