With the ever-increasing network traffic and Internet connectivity of smart devices, more attack events are being reported. As a result, network forensics remains a topic of ongoing research interest in the Internet of Things (IoT). In this article, we present a novel tensor-based forensics approach for virtualized network functions (VNFs). An event tensor model is proposed to formalize the network events, and then, it is used for effectively updating the core event tensor. We then introduce a similarity tensor model to integrate the core event tensors on the orchestration and management layer in the network function virtualization (NFV) framework. Finally, we present an evidence tensor model for network forensics, where we demonstrate how evidence tensors can be merged.
A Tensor-Based Forensics Framework for Virtualized Network Functions in the Internet of Things: Utilizing Tensor Algebra in Facilitating More Efficient Network Forensic Investigations / S. Zhang, L.T. Yang, L. Kuang, J. Feng, J. Chen, V. Piuri. - In: IEEE CONSUMER ELECTRONICS MAGAZINE. - ISSN 2162-2248. - 8:3(2019 May), pp. 8685030.23-8685030.27. [10.1109/MCE.2019.2893673]
A Tensor-Based Forensics Framework for Virtualized Network Functions in the Internet of Things: Utilizing Tensor Algebra in Facilitating More Efficient Network Forensic Investigations
S. Zhang
Primo
;V. PiuriUltimo
2019
Abstract
With the ever-increasing network traffic and Internet connectivity of smart devices, more attack events are being reported. As a result, network forensics remains a topic of ongoing research interest in the Internet of Things (IoT). In this article, we present a novel tensor-based forensics approach for virtualized network functions (VNFs). An event tensor model is proposed to formalize the network events, and then, it is used for effectively updating the core event tensor. We then introduce a similarity tensor model to integrate the core event tensors on the orchestration and management layer in the network function virtualization (NFV) framework. Finally, we present an evidence tensor model for network forensics, where we demonstrate how evidence tensors can be merged.File | Dimensione | Formato | |
---|---|---|---|
cem19.pdf
accesso aperto
Tipologia:
Post-print, accepted manuscript ecc. (versione accettata dall'editore)
Dimensione
1.85 MB
Formato
Adobe PDF
|
1.85 MB | Adobe PDF | Visualizza/Apri |
08685030.pdf
accesso riservato
Tipologia:
Publisher's version/PDF
Dimensione
1.35 MB
Formato
Adobe PDF
|
1.35 MB | Adobe PDF | Visualizza/Apri Richiedi una copia |
Pubblicazioni consigliate
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.