Search Results (30)

As anonymity-enabling technologies such as VPNs and proxies become increasingly exploited for malicious purposes, detecting traffic associated with such services emerges as a critical first step in anticipating potential cyber threats. This study analyses a network traffic dataset focused on anonymised IP addresses—not direct attacks—to evaluate and compare explainable, interpretable, and opaque machine learning models. Through advanced preprocessing and feature engineering, we examine the trade-off between model performance and transparency in the early detection of suspicious connections. We evaluate explainable ML-based models such as k-nearest neighbours, fuzzy algorithms, decision trees, and random forests, alongside interpretable models like naïve Bayes, support vector machines, and non-interpretable algorithms such as neural networks. Results show that neural networks achieve the highest performance, with a macro F1-score of 0.8786, but explainable models like HFER offer strong performance (macro F1-score = 0.6106) with greater interpretability. The choice of algorithm depends on project-specific needs: neural networks excel in accuracy, while explainable algorithms are preferred for resource efficiency and transparency, as stated in this work. This work underscores the importance of aligning cybersecurity strategies with operational requirements, providing insights into balancing performance with interpretability. Full article

An electronic nose is a device capable of characterizing samples of substances and products by their aroma. The development of such devices relies on a series of non-specific sensors that react to gases and generate different signals, which can be used for compound identification and sample classification. The deployment of such devices often requires the possibility of having remote access over the Internet to manage their operation and to collect the sampled data. In this context, the application of web technologies to the monitoring and supervision of these systems connected to the Internet, which can be considered as an Internet of Things (IoT) device, offers the advantage of not requiring the development of client-side applications. Users can employ a browser to connect to the IoT device and monitor or control its operation. Moreover, web design enables the development of cross-platform web monitoring systems. In addition, the inclusion of the MQTT protocol and the utilization of a virtual private network (VPN) enable a secure transmission and collection of the sampled data. In this work, all these technologies have been applied in the development of a system to manage and collect data to monitor rot in lemons treated with sodium benzoate before harvest. Full article

With the widespread adoption of encryption technologies, encrypted traffic classification has become essential for maintaining network security awareness and optimizing service quality. However, existing deep learning-based methods often rely on fixed-length truncation during preprocessing, which can lead to the loss of critical information and degraded classification performance. To address this issue, we propose a Multi-Feature Fusion (MFF) model that learns robust representations of encrypted traffic through a dual-path feature extraction architecture. The temporal modeling branch incorporates a Squeeze-and-Excitation (SE) attention mechanism into ResNet18 to dynamically emphasize salient temporal patterns. Meanwhile, the global statistical feature branch uses an autoencoder for the nonlinear dimensionality reduction and semantic reconstruction of 52-dimensional statistical features, effectively preserving high-level semantic information of traffic interactions. MFF integrates both feature types to achieve feature enhancement and construct a more robust representation, thereby improving classification accuracy and generalization. In addition, SHAP-based interpretability analysis further validates the model’s decision-making process and reliability. Experimental results show that MFF achieves classification accuracies of 99.61% and 99.99% on the ISCX VPN-nonVPN and USTC-TFC datasets, respectively, outperforming mainstream baselines. Full article

This paper presents TCReC, an innovative model designed for reconstructing network traffic characteristics in the presence of packet loss. With the rapid expansion of wireless networks driven by edge computing, IoT, and 5G technologies, challenges such as transmission instability, channel competition, and environmental interference have led to significant packet loss rates, adversely impacting deep learning-based network traffic analysis tasks. To address this issue, TCReC leverages masked autoencoder techniques to reconstruct missing traffic features, ensuring reliable input for downstream tasks in edge computing scenarios. Experimental results demonstrate that TCReC maintains detection model accuracy within 10% of the original data, even under packet loss rates as high as 70%. For instance, on the ISCX-VPN-2016 dataset, TCReC achieves a Reconstruction Ability Index (RAI) of 94.02%, while on the CIC-IDS-2017 dataset, it achieves an RAI of 94.99% when combined with LSTM, significantly outperforming other methods such as Transformer, KNN, and RNN. Additionally, TCReC exhibits robustness across various packet loss scenarios, consistently delivering high-quality feature reconstruction for both attack traffic and common Internet application data. TCReC provides a robust solution for network traffic analysis in high-loss edge computing scenarios, offering practical value for real-world deployment. Full article

The main task of the research involves creating a Digital Twin (DT) application serving as a framework for Virtual Commissioning (VC) with Supervisory Control and Data Acquisition (SCADA) and Cloud storage solutions. An Internet of Things (IoT) integrated automation system with Virtual Private Network (VPN) remote control for assembly and disassembly robotic cell (A/DRC) equipped with a six-Degree of Freedom (6-DOF) ABB 120 industrial robotic manipulator (IRM) is presented in this paper. A three-dimensional (3D) virtual model is developed using Siemens NX Mechatronics Concept Designer (MCD), while the Programmable Logic Controller (PLC) is programmed in the Siemens Totally Integrated Automation (TIA) Portal. A Hardware-in-the-Loop (HIL) simulation strategy is primarily used. This concept is implemented and executed as part of a VC approach, where the designed PLC programs are integrated and tested against the physical controller. Closed loop control and RM inverse kinematics model are validated and tested in PLC, following HIL strategy by integrating Industry 4.0/5.0 concepts. A SCADA application is also deployed, serving as a DT operator panel for process monitoring and simulation. Cloud data collection, analysis, supervising, and synchronizing DT tasks are also integrated and explored. Additionally, it provides communication interfaces via PROFINET IO to SCADA and Human Machine Interface (HMI), and through Open Platform Communication—Unified Architecture (OPC-UA) for Siemens NX-MCD with DT virtual model. Virtual A/DRC simulations are performed using the Synchronized Timed Petri Nets (STPN) model for control strategy validation based on task planning integration and synchronization with other IoT devices. The objective is to obtain a clear and understandable representation layout of the A/DRC and to validate the DT model by comparing process dynamics and robot motion kinematics between physical and virtual replicas. Thus, following the results of the current research work, integrating digital technologies in manufacturing, like VC, IoT, and Cloud, is useful for validating and optimizing manufacturing processes, error detection, and reducing the risks before the actual physical system is built or deployed. Full article

The growing use of VPNs, proxy servers, and Tor browsers has significantly enhanced online privacy and anonymity. However, these technologies are also exploited by cybercriminals to obscure their identities, posing serious cybersecurity threats. Existing detection methods face challenges in accurately tracing the real IP addresses hidden behind these anonymization tools. This study presents a novel approach to unmasking true identities by leveraging honeypots and Canarytokens to track concealed connections. By embedding deceptive tracking mechanisms within decoy systems, we successfully capture the real IP addresses of users attempting to evade detection. Our methodology was rigorously tested across various network environments and payload types, ensuring effectiveness in real-world scenarios. The findings demonstrate the practicality and scalability of using Canarytokens for IP unmasking, providing a non-intrusive, legally compliant solution to combat online anonymity misuse. This research contributes to strengthening cyber threat intelligence, offering actionable insights for law enforcement, cybersecurity professionals, and digital forensics. Future work will focus on enhancing detection accuracy and addressing the advanced evasion tactics used by sophisticated attackers. Full article

This paper deals with a “digital twin” (DT) approach for processing, reprocessing, and scrapping (P/R/S) technology running on a modular production system (MPS) assisted by a mobile cyber–physical robotic system (MCPRS). The main hardware architecture consists of four line-shaped workstations (WSs), a wheeled mobile robot (WMR) equipped with a robotic manipulator (RM) and a mobile visual servoing system (MVSS) mounted on the end effector. The system architecture integrates a hierarchical control system where each of the four WSs, in the MPS, is controlled by a Programable Logic Controller (PLC), all connected via Profibus DP to a central PLC. In addition to the connection via Profibus of the four PLCs, related to the WSs, to the main PLC, there are also the connections of other devices to the local networks, LAN Profinet and LAN Ethernet. There are the connections to the Internet, Cloud and Virtual Private Network (VPN) via WAN Ethernet by open platform communication unified architecture (OPC-UA). The overall system follows a DT approach that enables task planning through augmented reality (AR) and uses virtual reality (VR) for visualization through Synchronized Hybrid Petri Net (SHPN) simulation. Timed Petri Nets (TPNs) are used to control the processes within the MPS’s workstations. Continuous Petri Nets (CPNs) handle the movement of the MCPRS. Task planning in AR enables users to interact with the system in real time using AR technology to visualize and plan tasks. SHPN in VR is a combination of TPNs and CPNs used in the virtual representation of the system to synchronize tasks between the MPS and MCPRS. The workpiece (WP) visits stations successively as it is moved along the line for processing. If the processed WP does not pass the quality test, it is taken from the last WS and is transported, by MCPRS, to the first WS where it will be considered for reprocessing or scrapping. Full article

Telerobotics involves the operation of robots from a distance, often using advanced communication technologies combining wireless and wired technologies and a variety of protocols. This application domain is crucial because it allows humans to interact with and control robotic systems safely and from a distance, often performing activities in hazardous or inaccessible environments. Thus, by enabling remote operations, telerobotics not only enhances safety but also expands the possibilities for medical and industrial applications. In some use cases, telerobotics bridges the gap between human skill and robotic precision, making the completion of complex tasks requiring high accuracy possible without being physically present. With the growing availability of high-speed networks around the world, especially with the advent of 5G cellular technologies, applications of telerobotics can now span a gamut of scenarios ranging from remote control in the same room to robotic control across the globe. However, there are a variety of factors that can impact the control precision of the robotic platform and user experience of the teleoperator. One such critical factor is latency, especially across large geographical areas or complex network topologies. Consequently, military telerobotics and remote operations, for example, rely on dedicated communications infrastructure for such tasks. However, this creates a barrier to entry for many other applications and domains, as the cost of dedicated infrastructure would be prohibitive. In this paper, we examine the network latency of robotic control over shared network resources in a variety of network settings, such as a local network, access-controlled networks through Wi-Fi and cellular, and a remote transatlantic connection between Finland and the United States. The aim of this study is to quantify and evaluate the constituent latency components that comprise the control feedback loop of this telerobotics experience—of a camera feed for an operator to observe the telerobotic platform’s environment in one direction and the control communications from the operator to the robot in the reverse direction. The results show stable average round-trip latency of 6.6 ms for local network connection, 58.4 ms when connecting over Wi-Fi, 115.4 ms when connecting through cellular, and 240.7 ms when connecting from Finland to the United States over a VPN access-controlled network. These findings provide a better understanding of the capabilities and performance limitations of conducting telerobotics activities over commodity networks, and lay the foundation of our future work to use these insights for optimizing the overall user experience and the responsiveness of this control loop. Full article

The monitoring and control of an assembly/disassembly/replacement (A/D/R) multifunctional robotic cell (MRC) with the ABB 120 Industrial Robotic Manipulator (IRM), based on IoT (Internet of Things)-cloud, VPN (Virtual Private Network), and digital twin (DT) technology, are presented in this paper. The approach integrates modern principles of smart manufacturing as outlined in Industry/Education 4.0 (automation, data exchange, smart systems, machine learning, and predictive maintenance) and Industry/Education 5.0 (human–robot collaboration, customization, robustness, and sustainability). Artificial intelligence (AI), based on machine learning (ML), enhances system flexibility, productivity, and user-centered collaboration. Several IoT edge devices are engaged, connected to local networks, LAN-Profinet, and LAN-Ethernet and to the Internet via WAN-Ethernet and OPC-UA, for remote and local processing and data acquisition. The system is connected to the Internet via Wireless Area Network (WAN) and allows remote control via the cloud and VPN. IoT dashboards, as human–machine interfaces (HMIs), SCADA (Supervisory Control and Data Acquisition), and OPC-UA (Open Platform Communication-Unified Architecture), facilitate remote monitoring and control of the MRC, as well as the planning and management of A/D/R tasks. The assignment, planning, and execution of A/D/R tasks were carried out using an augmented reality (AR) tool. Synchronized timed Petri nets (STPN) were used as a digital twin akin to a virtual reality (VR) representation of A/D/R MRC operations. This integration of advanced technology into a laboratory mechatronic system, where the devices are organized in a decentralized, multilevel architecture, creates a smart, flexible, and scalable environment that caters to both industrial applications and educational frameworks. Full article

Modern organizations have migrated from localized physical offices to work-from-home environments. This surge in remote work culture has exponentially increased the demand for and usage of Virtual Private Networks (VPNs), which permit remote employees to access corporate offices effectively. However, the technology raises concerns, including security threats, latency, throughput, and scalability, among others. These newer-generation threats are more complex and frequent, which makes the legacy approach to security ineffective. This research paper gives an overview of contemporary technologies used across enterprises, including the VPNs, Zero Trust Network Access (ZTNA), proxy servers, Secure Shell (SSH) tunnels, the software-defined wide area network (SD-WAN), and Secure Access Service Edge (SASE). This paper also presents a comprehensive cybersecurity framework named Zero Trust VPN (ZT-VPN), which is a VPN solution based on Zero Trust principles. The proposed framework aims to enhance IT security and privacy for modern enterprises in remote work environments and address concerns of latency, throughput, scalability, and security. Finally, this paper demonstrates the effectiveness of the proposed framework in various enterprise scenarios, highlighting its ability to prevent data leaks, manage access permissions, and provide seamless security transitions. The findings underscore the importance of adopting ZT-VPN to fortify cybersecurity frameworks, offering an effective protection tool against contemporary cyber threats. This research serves as a valuable reference for organizations aiming to enhance their security posture in an increasingly hostile threat landscape. Full article

The low-Earth-orbit satellite internet supports the transmission of multiple business types. With increasing business volume and advancements in encryption technology, the quality of service faces challenges. Traditional models lack flexibility in optimizing network performance and ensuring service quality, particularly showing poor performance in identifying encrypted traffic. Therefore, designing a model that can accurately identify multiple business scenarios as well as encrypted traffic with strong generalization capabilities is a challenging issue to resolve. In this paper, addressing the characteristics of diverse low-Earth-orbit satellite traffic and encryption, the authors propose STC-BERT (satellite traffic classification-BERT). During the pretraining phase, this model learns contextual relationships of large-scale unlabeled traffic data, while in the fine-tuning phase, it utilizes a semantic-enhancement algorithm to highlight the significance of key tokens. Post semantic enhancement, a satellite traffic feature fusion module is introduced to integrate tokens into specific low-dimensional scales and achieve final classification in fully connected layers. The experimental results demonstrate our approach’s outstanding performance compared to other models: achieving 99.31% (0.2%↑) in the USTC-TFC task, 99.49% in the ISCX-VPN task, 98.44% (0.9%↑) in the Cross-Platform task, and 98.19% (0.8%↑) in the CSTNET-TLS1.3 task. Full article

Cloud-native technologies are widely considered the ideal candidates for the future of vertical application development due to their boost in flexibility, scalability, and especially cost efficiency. Since multi-site support is paramount for 5G, we employ a multi-cluster model that scales on demand, shifting the boundaries of both horizontal and vertical scaling for shared resources. Our approach is based on the liquid computing paradigm, which has the benefit of adapting to the changing environment. Despite being a decentralized deployment shared across data centers, the 5G mobile core can be managed as a single cluster entity running in a public cloud. We achieve this by following the cloud-native patterns for declarative configuration based on Kubernetes APIs and on-demand resource allocation. Moreover, in our setup, we analyze the offloading of both the Open5GS user and control plane functions under two different peering scenarios. A significant improvement in terms of latency and throughput is achieved for the in-band peering, considering the traffic between clusters is ensured by the Liqo control plane through a VPN tunnel. We also validate three end-to-end network slicing use cases, showcasing the full 5G core automation and leveraging the capabilities of Kubernetes multi-cluster deployments and inter-service monitoring through the applied service mesh solution. Full article

Nowadays, some of the most well-deployed infrastructures are Virtual Private Networks (VPNs) and Overlay Networks (ONs). They consist of hardware and software components designed to build private/secure channels, typically over the Internet. They are currently among the most reliable technologies for achieving this objective. VPNs are well-established and can be patched to address security vulnerabilities, while overlay networks represent the next-generation solution for secure communication. In this paper, for both VPNs and ONs, we analyze some important network performance components (RTT and bandwidth) while varying the type of overlay networks utilized for interconnecting traffic between two or more hosts (in the same data center, in different data centers in the same building, or over the Internet). These networks establish connections between KVM (Kernel-based Virtual Machine) instances rather than the typical Docker/LXC/Podman containers. The first analysis aims to assess network performance as it is, without any overlay channels. Meanwhile, the second establishes various channels without encryption and the final analysis encapsulates overlay traffic via IPsec (Transport mode), where encrypted channels like VTI are not already available for use. A deep set of traffic simulation campaigns shows the obtained performance. Full article

Software-Defined Wide Area Networks (SD-WANs) are an emerging Software-Defined Network (SDN) technology to reinvent Wide Area Networks (WANs) for ubiquitous network interconnections in cloud computing, edge computing, and the Internet of Everything. The state-of-the-art overlay-based SD-WANs are simply conjunctions of Virtual Private Network (VPN) and SDN architecture to leverage the controllability and programmability of SDN, which are only applicable for specific platforms and do not comply with the extensibility of SDN. This paper motivates us to refactor traditional VPNs with SDN architecture by proposing an overlay-based SD-WAN solution named Software-Defined Virtual Private Network (SD-VPN). An SDN-based auto-constructed VPN model and its evaluating metrics are put forward to automatically construct overlay WANs by node placement and service orchestration of SD-VPN. Therefore, a joint placement algorithm of VPN nodes and algorithms for overlay WAN service loading and offloading are proposed for SD-VPN controllers. Finally, a three-layer SD-VPN system is implemented and deployed in actual network environments. Simulation experiments and system tests are conducted to prove the high-efficiency controllability, real-time programmability, and auto-constructed deployability of the proposed SD-VPN. Performance trade-off between SD-VPN control channels and data channels is evaluated, and SD-VPN controllers are proven to be extensible for other VPN protocols and advanced services. Full article

Virtual private network (VPN) gateways are widely applied to provide secure end-to-end remote access and to relay reliable interconnected communication in cloud computing. As network convergence nodes, the performance of VPN gateways is limited by traditional methods of packet receiving and sending, the kernel protocol stack and the virtual network interface card. This paper proposes a generic high-performance architecture (GHPA) for VPN gateways in consideration of its generality and performance. In terms of generality, we redesign a generic VPN core framework by modeling a generic VPN communication model, formulating generic VPN core technologies and presenting corresponding core algorithms. In terms of performance, we propose a three-layer GHPA for VPN gateways by designing a VPN packet processing layer based on a data plane development kit (DPDK), implementing a user space basic protocol stack and applying our proposed generic VPN core framework. On the basis of the research work above, we implement a high-performance VPN (HP-VPN) and a traditional VPN (T-VPN) that complies with GHPA and traditional methods, respectively. Experimental results prove that the performance of HP-VPN based on GHPA is superior to T-VPN and other common VPNs in RTT, system throughput, packet forwarding rate and jitter. In addition, GHPA is extensible and applicable for other VPN gateways to improve their performance. Full article