Grégory Blanc scite author profile

The growing Internet of Things (IoT) market introduces new challenges for network activity monitoring. Legacy network monitoring is not tailored to cope with the huge diversity of smart devices. New network discovery techniques are necessary in order to find out what IoT devices are connected to the network. In this context, data analysis techniques can be leveraged to find out specific patterns that can help to recognize device types. Indeed, contrary to desktop computers, IoT devices perform very specific tasks making their networking behavior very predictable. In this paper, we present a machine learning based approach in order to recognize the type of IoT devices connected to the network by analyzing streams of packets sent and received. We built an experimental smart home network to generate network traffic data. From the generated data, we have designed a model to describe IoT device network behaviors. By leveraging the t-SNE technique to visualize our data, we are able to differentiate the network traffic generated by different IoT devices. The data describing the network behaviors are then used to train six different machine learning classifiers to predict the IoT device that generated the network traffic. The results are promising with an overall accuracy as high as 99.9% on our test set achieved by Random Forest classifier.

show abstract

Managing Uncertainties on Production Predictions Using Integrated Statistical Methods

Dejean¹,

Blanc²

1999

View full text Add to dashboard Cite

fax 01-972-952-9435. AbstractReservoir engineering requires to manage many sources of uncertainties that can be classified in two categories : (a) uncontrolled uncertainties on the physical reservoir description parameters and (b) controlled uncertainties on the reservoir development scheme parameters. In this context engineers must answer several problems : describe prior uncertainties, identify the ones that actually influence the oil production process, make safe production forecasts and optimize the reservoir production scheme.In this paper, several statistical methods dealing with these problems are presented. They are (a) Experimental Design, (b) Response Surface Methodology and (c) Monte-Carlo methods. Integrating these techniques enables to build a simplified model of a process and to estimate the uncertainties on the response predictions. The entire procedure was applied to a field case showing both types of controlled and uncontrolled uncertainties. The result is a new frame allowing engineers to quantify uncertainties on the reservoir production forecasts conditionally to uncertainties on the reservoir modeling parameters. The procedure has lower computational costs than the traditional one but is quite complex and needs adapted software to be used by reservoir engineers.

show abstract

Towards Autonomic DDoS Mitigation using Software Defined Networking

Sahay¹,

Blanc²,

Jiang³

et al. 2015

View full text Add to dashboard Cite

Distributed Denial of Service attacks (DDoS) have remained as one of the most destructive attacks in the Internet for over two decades. Despite tremendous efforts on the design of DDoS defense strategies, few of them have been considered for widespread deployment due to strong design assumptions on the Internet infrastructure, prohibitive operational costs and complexity. Recently, the emergence of Software Defined Networking (SDN) has offered a solution to reduce network management complexity. It is also believed to facilitate security management thanks to its programmability. To explore the advantages of using SDN to mitigate DDoS attacks, we propose a distributed collaborative framework that allows the customers to request DDoS mitigation service from ISPs. Upon request, ISPs can change the label of the anomalous traffic and redirect them to security middleboxes, while attack detection and analysis modules are deployed at customer side, avoiding privacy leakage and other legal concerns. Our preliminary analysis demonstrates that SDN has promising potential to enable autonomic mitigation of DDoS attacks, as well as other large-scale attacks.

show abstract

ArOMA: An SDN based autonomic DDoS mitigation framework

Sahay

Blanc

Zhang

et al. 2017

Computers & Security

View full text Add to dashboard Cite

Eye Can Tell: On the Correlation Between Eye Movement and Phishing Identification

Miyamoto

Blanc

Kadobayashi

2015

View full text Add to dashboard Cite

Anomalous Communications Detection in IoT Networks Using Sparse Autoencoders

Shahid

Blanc

Zhang

et al. 2019

View full text Add to dashboard Cite

Nowadays, IoT devices have been widely deployed for enabling various smart services, such as, smart home or ehealthcare. However, security remains as one of the paramount concern as many IoT devices are vulnerable. Moreover, IoT malware are constantly evolving and getting more sophisticated. IoT devices are intended to perform very specific tasks, so their networking behavior is expected to be reasonably stable and predictable. Any significant behavioral deviation from the normal patterns would indicate anomalous events. In this paper, we present a method to detect anomalous network communications in IoT networks using a set of sparse autoencoders. The proposed approach allows us to differentiate malicious communications from legitimate ones. So that, if a device is compromised only malicious communications can be dropped while the service provided by the device is not totally interrupted. To characterize network behavior, bidirectional TCP flows are extracted and described using statistics on the size of the first N packets sent and received, along with statistics on the corresponding interarrival times between packets. A set of sparse autoencoders is then trained to learn the profile of the legitimate communications generated by an experimental smart home network. Depending on the value of N, the developed model achieves attack detection rates ranging from 86.9% to 91.2%, and false positive rates ranging from 0.1% to 0.5%.

show abstract

Trust-Based VoIP Spam Detection Based on Call Duration and Human Relationships

Chaisamran

Okuda

Blanc

et al. 2011

View full text Add to dashboard Cite

Spam over Internet Telephony (SPIT) will become a serious threat in the near future because of the growing number of Voice over IP (VoIP) users. Due to the real-time processing requirements of voice communication, SPIT is more difficult to filter than email spam. We propose a trust-based mechanism that uses the duration of calls between users to distinguish legitimate callers and spammers. The trust value is adjustable according to the calling behavior. We also propose a trust inference mechanism in order to calculate a trust value for an unknown caller to a callee. Realistic simulation results show that our approaches are effective at discriminating spam calls from legitimate calls.

show abstract

EyeBit: Eye-Tracking Approach for Enforcing Phishing Prevention Habits

Miyamoto

Iimura

Blanc

et al. 2014

View full text Add to dashboard Cite

This paper proposes a cognitive method with the goal to get end users into the habit of checking the address bar of the web browser. Earlier surveys of end user behavior emphasized that users become victims to phishing due to the lack of knowledge about the structure of URLs, domain names, and security information. Therefore, there exist many approaches to improve the knowledge of end users. However, the knowledge gained will not be applied unless end users are aware of the importance and develop a habit to check the browser's address bar for the URL structure and relevant security information. We assume that the habit of checking the bar will improve educational effect, user awareness of secure information, and detection accuracy even in the case of sophisticated phishing attacks. To assess this assumption, this paper conducts a participant-based experiment where 23 participants' eye movement records are analyzed, and observes that novices do not tend to have the said habit. We then consider a way for them to acquire these habits, and develop a system which requires them to look at the address bar before entering some information into web input forms. Our prototype named EyeBit is developed as a browser extension, which interacts with an eye-tracking device to check if the user looks at the browser's address bar. The system deactivates all input forms of the websites, and reactivates them only if the user has looked at the bar. This paper shows the preliminary results of our participant-based experiments, and discusses the effectiveness of our proposal, while considering the potential inconvenience caused by EyeBit.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

334 Leonard St

Brooklyn, NY 11211

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Grégory Blanc

IoT Devices Recognition Through Network Traffic Analysis

Managing Uncertainties on Production Predictions Using Integrated Statistical Methods

Towards Autonomic DDoS Mitigation using Software Defined Networking

ArOMA: An SDN based autonomic DDoS mitigation framework

Eye Can Tell: On the Correlation Between Eye Movement and Phishing Identification

Anomalous Communications Detection in IoT Networks Using Sparse Autoencoders

Trust-Based VoIP Spam Detection Based on Call Duration and Human Relationships

EyeBit: Eye-Tracking Approach for Enforcing Phishing Prevention Habits

Contact Info

Product

Resources

About