Search Results (67)

An electronic nose is a device capable of characterizing samples of substances and products by their aroma. The development of such devices relies on a series of non-specific sensors that react to gases and generate different signals, which can be used for compound identification and sample classification. The deployment of such devices often requires the possibility of having remote access over the Internet to manage their operation and to collect the sampled data. In this context, the application of web technologies to the monitoring and supervision of these systems connected to the Internet, which can be considered as an Internet of Things (IoT) device, offers the advantage of not requiring the development of client-side applications. Users can employ a browser to connect to the IoT device and monitor or control its operation. Moreover, web design enables the development of cross-platform web monitoring systems. In addition, the inclusion of the MQTT protocol and the utilization of a virtual private network (VPN) enable a secure transmission and collection of the sampled data. In this work, all these technologies have been applied in the development of a system to manage and collect data to monitor rot in lemons treated with sodium benzoate before harvest. Full article

Integrating Electric Vehicle (EV) charging stations into buildings is becoming increasingly important due to the rapid growth of private EV ownership and prolonged parking durations in residential areas. This paper proposes robust, building-integrated charging solutions that combine mobile energy storage systems (ESSs), station linkage data, and traffic volume data. The proposed system promotes eco-friendly EV usage, flexible energy management, and carbon neutrality through a polyfunctional Vehicle-to-Grid (V2G) architecture that integrates decentralized energy networks. Two core strategies are implemented: (1) configuring Virtual Power Plant (VPP)-based charging packages tailored to station types, and (2) utilizing EV batteries as distributed ESS units. K-means clustering based on spatial proximity and energy demand is followed by heuristic algorithms to improve the efficiency of mobile ESS operation. A three-layer framework is used to assess improvements in energy demand distribution, with demand-oriented VPPs deployed in high-demand zones to maximize ESS utilization. This approach enhances station stability, increases the load factor to 132.7%, and reduces emissions by 271.5 kgCO₂. Economically, the system yields an annual benefit of USD 47,860, a Benefit–Cost Ratio (BCR) of 6.67, and a Levelized Cost of Energy (LCOE) of USD 37.78 per MWh. These results demonstrate the system’s economic viability and resilience, contributing to the development of a flexible and sustainable energy infrastructure for cities. Full article

Current improvements in quantum computing present a substantial challenge to classical cryptographic systems, which typically rely on problems that can be solved in polynomial time using quantum algorithms. Consequently, post-quantum cryptography (PQC) has emerged as a promising solution to emerging quantum-based cryptographic challenges. The greatest threat is public-key cryptosystems, which are primarily responsible for key exchanges. In PQC, key encapsulation mechanisms (KEMs) are crucial for securing key exchange protocols, particularly in Internet communication, virtual private networks (VPNs), and secure messaging applications. CRYSTALS-Kyber and NTRU are two well-known PQC KEMs offering robust security in the quantum world. However, even when quantum computers are functional, they are not easily accessible. IoT devices will not be able to utilize them directly, so there will still be a requirement to protect IoT devices from quantum attacks. Concerns such as limited computational power, energy efficiency, and memory constraints in devices such as those used in IoTs, embedded systems, and smart cards limit the use of these techniques in constrained environments. These concerns always arise there. To address this issue, this study conducts a broad comparative analysis of Kyber and NTRU, with special focus on their security, performance, and implementation efficiency in such environments (IOT/constrained environments). In addition, a case study was conducted by applying KEMs to a low-power embedded device to analyze their performance in real-world scenarios. These results offer an important comparison for cyber security engineers and cryptographers who are involved in integrating post-quantum cryptography into resource-constrained devices. Full article

Fifth-Generation (5G) cellular networks extensively utilize subscriber identifiers throughout the protocol stack, thereby linking subscribers to their activities on the network. With the inherent use of linked identifiers comes the potential capability to track subscribers’ location and behavior, which poses critical challenges for user identity protections and privacy in sensitive applications like military or healthcare operating over public 5G infrastructure. The reliance on such personal identifiers threatens a user’s right to privacy and brings to light the importance of proper mechanisms to mitigate these risks for current and future cellular network technologies. In this paper, we explore the 5G specifications to understand the most important list of identifiers and their use across Virtual Network Functions (VNF), and points of exposure within the Core Network (CN). We also examine the existing literature regarding identity protections and efforts to mitigate privacy concerns targeted in the CN. Findings include the need for a trust relationship between users and their network providers to protect and safeguard their identity. While 5G technology has greater user identity protections compared to previous cellular generations, our analysis shows that several areas of concern remain, particularly in the exchange of subscriber metadata. This work also finds that new technologies adopted in 5G networks add further complexity to maintaining a strict posture for safeguarding user identity and privacy protections. This paper also reviews the scientific community’s proposed enhancements for future 6G networks’ user identity and privacy protections, with a focus on emerging Artificial Intelligence (AI) and Machine Learning (ML) applications. The ethical implications of private or anonymous communications are also carefully weighed and examined to understand the multifaceted nature of this topic. Our work is concluded by proposing important further research to reduce the prevalence and reliance on personal identifiers such as the SUPI (Subscription Permanent Identifier) within 5G Core operations to help better protect user identity. We also propose replacing the widespread use of the SUPI between VNFs with ephemeral identifiers, building upon efforts by 3GPP aiming for 5G to protect the SUPI from eavesdroppers. Full article

The main task of the research involves creating a Digital Twin (DT) application serving as a framework for Virtual Commissioning (VC) with Supervisory Control and Data Acquisition (SCADA) and Cloud storage solutions. An Internet of Things (IoT) integrated automation system with Virtual Private Network (VPN) remote control for assembly and disassembly robotic cell (A/DRC) equipped with a six-Degree of Freedom (6-DOF) ABB 120 industrial robotic manipulator (IRM) is presented in this paper. A three-dimensional (3D) virtual model is developed using Siemens NX Mechatronics Concept Designer (MCD), while the Programmable Logic Controller (PLC) is programmed in the Siemens Totally Integrated Automation (TIA) Portal. A Hardware-in-the-Loop (HIL) simulation strategy is primarily used. This concept is implemented and executed as part of a VC approach, where the designed PLC programs are integrated and tested against the physical controller. Closed loop control and RM inverse kinematics model are validated and tested in PLC, following HIL strategy by integrating Industry 4.0/5.0 concepts. A SCADA application is also deployed, serving as a DT operator panel for process monitoring and simulation. Cloud data collection, analysis, supervising, and synchronizing DT tasks are also integrated and explored. Additionally, it provides communication interfaces via PROFINET IO to SCADA and Human Machine Interface (HMI), and through Open Platform Communication—Unified Architecture (OPC-UA) for Siemens NX-MCD with DT virtual model. Virtual A/DRC simulations are performed using the Synchronized Timed Petri Nets (STPN) model for control strategy validation based on task planning integration and synchronization with other IoT devices. The objective is to obtain a clear and understandable representation layout of the A/DRC and to validate the DT model by comparing process dynamics and robot motion kinematics between physical and virtual replicas. Thus, following the results of the current research work, integrating digital technologies in manufacturing, like VC, IoT, and Cloud, is useful for validating and optimizing manufacturing processes, error detection, and reducing the risks before the actual physical system is built or deployed. Full article

The integration of edge-to-cloud infrastructures in smart grid (SG) data center networks requires scalable, efficient, and secure architecture. Traditional server-based SG data center architectures face high computational loads and delays. To address this problem, a lightweight data center network (DCN) with low-cost, and fast-converging optimization is required. This paper introduces a container-based time synchronization model (CTSM) within a spine–leaf virtual private cloud (SL-VPC), deployed via AWS CloudFormation stack as a practical use case. The CTSM optimizes resource utilization, security, and traffic management while reducing computational overhead. The model was benchmarked against five DCN topologies—DCell, Mesh, Skywalk, Dahu, and Ficonn—using Mininet simulations and a software-defined CloudFormation stack on an Amazon EC2 HPC testbed under realistic SG traffic patterns. The results show that CTSM achieved near-100% reliability, with the highest received energy data (29.87%), lowest packetization delay (13.11%), and highest traffic availability (70.85%). Stateless container engines improved resource allocation, reducing administrative overhead and enhancing grid stability. Software-defined Network (SDN)-driven adaptive routing and load balancing further optimized performance under dynamic demand conditions. These findings position CTSM-SL-VPC as a secure, scalable, and efficient solution for next-generation smart grid automation. Full article

The growing use of VPNs, proxy servers, and Tor browsers has significantly enhanced online privacy and anonymity. However, these technologies are also exploited by cybercriminals to obscure their identities, posing serious cybersecurity threats. Existing detection methods face challenges in accurately tracing the real IP addresses hidden behind these anonymization tools. This study presents a novel approach to unmasking true identities by leveraging honeypots and Canarytokens to track concealed connections. By embedding deceptive tracking mechanisms within decoy systems, we successfully capture the real IP addresses of users attempting to evade detection. Our methodology was rigorously tested across various network environments and payload types, ensuring effectiveness in real-world scenarios. The findings demonstrate the practicality and scalability of using Canarytokens for IP unmasking, providing a non-intrusive, legally compliant solution to combat online anonymity misuse. This research contributes to strengthening cyber threat intelligence, offering actionable insights for law enforcement, cybersecurity professionals, and digital forensics. Future work will focus on enhancing detection accuracy and addressing the advanced evasion tactics used by sophisticated attackers. Full article

This paper deals with a “digital twin” (DT) approach for processing, reprocessing, and scrapping (P/R/S) technology running on a modular production system (MPS) assisted by a mobile cyber–physical robotic system (MCPRS). The main hardware architecture consists of four line-shaped workstations (WSs), a wheeled mobile robot (WMR) equipped with a robotic manipulator (RM) and a mobile visual servoing system (MVSS) mounted on the end effector. The system architecture integrates a hierarchical control system where each of the four WSs, in the MPS, is controlled by a Programable Logic Controller (PLC), all connected via Profibus DP to a central PLC. In addition to the connection via Profibus of the four PLCs, related to the WSs, to the main PLC, there are also the connections of other devices to the local networks, LAN Profinet and LAN Ethernet. There are the connections to the Internet, Cloud and Virtual Private Network (VPN) via WAN Ethernet by open platform communication unified architecture (OPC-UA). The overall system follows a DT approach that enables task planning through augmented reality (AR) and uses virtual reality (VR) for visualization through Synchronized Hybrid Petri Net (SHPN) simulation. Timed Petri Nets (TPNs) are used to control the processes within the MPS’s workstations. Continuous Petri Nets (CPNs) handle the movement of the MCPRS. Task planning in AR enables users to interact with the system in real time using AR technology to visualize and plan tasks. SHPN in VR is a combination of TPNs and CPNs used in the virtual representation of the system to synchronize tasks between the MPS and MCPRS. The workpiece (WP) visits stations successively as it is moved along the line for processing. If the processed WP does not pass the quality test, it is taken from the last WS and is transported, by MCPRS, to the first WS where it will be considered for reprocessing or scrapping. Full article

The monitoring and control of an assembly/disassembly/replacement (A/D/R) multifunctional robotic cell (MRC) with the ABB 120 Industrial Robotic Manipulator (IRM), based on IoT (Internet of Things)-cloud, VPN (Virtual Private Network), and digital twin (DT) technology, are presented in this paper. The approach integrates modern principles of smart manufacturing as outlined in Industry/Education 4.0 (automation, data exchange, smart systems, machine learning, and predictive maintenance) and Industry/Education 5.0 (human–robot collaboration, customization, robustness, and sustainability). Artificial intelligence (AI), based on machine learning (ML), enhances system flexibility, productivity, and user-centered collaboration. Several IoT edge devices are engaged, connected to local networks, LAN-Profinet, and LAN-Ethernet and to the Internet via WAN-Ethernet and OPC-UA, for remote and local processing and data acquisition. The system is connected to the Internet via Wireless Area Network (WAN) and allows remote control via the cloud and VPN. IoT dashboards, as human–machine interfaces (HMIs), SCADA (Supervisory Control and Data Acquisition), and OPC-UA (Open Platform Communication-Unified Architecture), facilitate remote monitoring and control of the MRC, as well as the planning and management of A/D/R tasks. The assignment, planning, and execution of A/D/R tasks were carried out using an augmented reality (AR) tool. Synchronized timed Petri nets (STPN) were used as a digital twin akin to a virtual reality (VR) representation of A/D/R MRC operations. This integration of advanced technology into a laboratory mechatronic system, where the devices are organized in a decentralized, multilevel architecture, creates a smart, flexible, and scalable environment that caters to both industrial applications and educational frameworks. Full article

Modern organizations have migrated from localized physical offices to work-from-home environments. This surge in remote work culture has exponentially increased the demand for and usage of Virtual Private Networks (VPNs), which permit remote employees to access corporate offices effectively. However, the technology raises concerns, including security threats, latency, throughput, and scalability, among others. These newer-generation threats are more complex and frequent, which makes the legacy approach to security ineffective. This research paper gives an overview of contemporary technologies used across enterprises, including the VPNs, Zero Trust Network Access (ZTNA), proxy servers, Secure Shell (SSH) tunnels, the software-defined wide area network (SD-WAN), and Secure Access Service Edge (SASE). This paper also presents a comprehensive cybersecurity framework named Zero Trust VPN (ZT-VPN), which is a VPN solution based on Zero Trust principles. The proposed framework aims to enhance IT security and privacy for modern enterprises in remote work environments and address concerns of latency, throughput, scalability, and security. Finally, this paper demonstrates the effectiveness of the proposed framework in various enterprise scenarios, highlighting its ability to prevent data leaks, manage access permissions, and provide seamless security transitions. The findings underscore the importance of adopting ZT-VPN to fortify cybersecurity frameworks, offering an effective protection tool against contemporary cyber threats. This research serves as a valuable reference for organizations aiming to enhance their security posture in an increasingly hostile threat landscape. Full article

As organizations increasingly adopt virtualized environments for enhanced flexibility and scalability, securing virtual networks has become a critical part of current infrastructures. This research paper addresses the challenges related to intrusion detection in virtual networks, with a focus on various deep learning techniques. Since physical networks do not use encapsulation, but virtual networks do, packet analysis based on rules or machine learning outcomes for physical networks cannot be transferred directly to virtual environments. Encapsulation methods in current virtual networks include VXLAN (Virtual Extensible LAN), an EVPN (Ethernet Virtual Private Network), and NVGRE (Network Virtualization using Generic Routing Encapsulation). This paper analyzes the performance and effectiveness of network intrusion detection in virtual networks. It delves into challenges inherent in virtual network intrusion detection with deep learning, including issues such as traffic encapsulation, VM migration, and changing network internals inside the infrastructure. Experiments on detection performance demonstrate the differences between intrusion detection in virtual and physical networks. Full article

Some of the most deployed infrastructures nowadays are Overlay Networks (ONs). They consist of hardware and software components designed to establish private and secure communication channels, typically over the Internet. ONs are among the most reliable technologies for achieving this objective and represent the next-generation solution for secure communication. In this paper, we analyze important network performance metrics (RTT, bandwidth) while varying the type of Overlay Network used for interconnecting traffic between two or more hosts (within the same data center, in different data centers in the same building, or over the Internet). These networks establish connections between KVM (Kernel-based Virtual Machine) instances rather than the typical Docker/LXC/Podman containers. The first analysis will assess network performance as it is, without any overlay channels. The second will establish various types of channels without encryption, and the final one will encapsulate overlay traffic via IPsec (Transport mode), where encrypted channels like VTI are not already available for use. The obtained performance is demonstrated through a comprehensive set of traffic-simulation campaigns. Full article

Nowadays, some of the most well-deployed infrastructures are Virtual Private Networks (VPNs) and Overlay Networks (ONs). They consist of hardware and software components designed to build private/secure channels, typically over the Internet. They are currently among the most reliable technologies for achieving this objective. VPNs are well-established and can be patched to address security vulnerabilities, while overlay networks represent the next-generation solution for secure communication. In this paper, for both VPNs and ONs, we analyze some important network performance components (RTT and bandwidth) while varying the type of overlay networks utilized for interconnecting traffic between two or more hosts (in the same data center, in different data centers in the same building, or over the Internet). These networks establish connections between KVM (Kernel-based Virtual Machine) instances rather than the typical Docker/LXC/Podman containers. The first analysis aims to assess network performance as it is, without any overlay channels. Meanwhile, the second establishes various channels without encryption and the final analysis encapsulates overlay traffic via IPsec (Transport mode), where encrypted channels like VTI are not already available for use. A deep set of traffic simulation campaigns shows the obtained performance. Full article

Software-Defined Wide Area Networks (SD-WANs) are an emerging Software-Defined Network (SDN) technology to reinvent Wide Area Networks (WANs) for ubiquitous network interconnections in cloud computing, edge computing, and the Internet of Everything. The state-of-the-art overlay-based SD-WANs are simply conjunctions of Virtual Private Network (VPN) and SDN architecture to leverage the controllability and programmability of SDN, which are only applicable for specific platforms and do not comply with the extensibility of SDN. This paper motivates us to refactor traditional VPNs with SDN architecture by proposing an overlay-based SD-WAN solution named Software-Defined Virtual Private Network (SD-VPN). An SDN-based auto-constructed VPN model and its evaluating metrics are put forward to automatically construct overlay WANs by node placement and service orchestration of SD-VPN. Therefore, a joint placement algorithm of VPN nodes and algorithms for overlay WAN service loading and offloading are proposed for SD-VPN controllers. Finally, a three-layer SD-VPN system is implemented and deployed in actual network environments. Simulation experiments and system tests are conducted to prove the high-efficiency controllability, real-time programmability, and auto-constructed deployability of the proposed SD-VPN. Performance trade-off between SD-VPN control channels and data channels is evaluated, and SD-VPN controllers are proven to be extensible for other VPN protocols and advanced services. Full article

Virtual private network (VPN) gateways are widely applied to provide secure end-to-end remote access and to relay reliable interconnected communication in cloud computing. As network convergence nodes, the performance of VPN gateways is limited by traditional methods of packet receiving and sending, the kernel protocol stack and the virtual network interface card. This paper proposes a generic high-performance architecture (GHPA) for VPN gateways in consideration of its generality and performance. In terms of generality, we redesign a generic VPN core framework by modeling a generic VPN communication model, formulating generic VPN core technologies and presenting corresponding core algorithms. In terms of performance, we propose a three-layer GHPA for VPN gateways by designing a VPN packet processing layer based on a data plane development kit (DPDK), implementing a user space basic protocol stack and applying our proposed generic VPN core framework. On the basis of the research work above, we implement a high-performance VPN (HP-VPN) and a traditional VPN (T-VPN) that complies with GHPA and traditional methods, respectively. Experimental results prove that the performance of HP-VPN based on GHPA is superior to T-VPN and other common VPNs in RTT, system throughput, packet forwarding rate and jitter. In addition, GHPA is extensible and applicable for other VPN gateways to improve their performance. Full article