IRIS Institutional Research Information System - AIR Archivio Istituzionale della Ricerca

With the ever-increasing network traffic and Internet connectivity of smart devices, more attack events are being reported. As a result, network forensics remains a topic of ongoing research interest in the Internet of Things (IoT). In this article, we present a novel tensor-based forensics approach for virtualized network functions (VNFs). An event tensor model is proposed to formalize the network events, and then, it is used for effectively updating the core event tensor. We then introduce a similarity tensor model to integrate the core event tensors on the orchestration and management layer in the network function virtualization (NFV) framework. Finally, we present an evidence tensor model for network forensics, where we demonstrate how evidence tensors can be merged.

A Tensor-Based Forensics Framework for Virtualized Network Functions in the Internet of Things: Utilizing Tensor Algebra in Facilitating More Efficient Network Forensic Investigations / S. Zhang, L.T. Yang, L. Kuang, J. Feng, J. Chen, V. Piuri. - In: IEEE CONSUMER ELECTRONICS MAGAZINE. - ISSN 2162-2248. - 8:3(2019 May), pp. 8685030.23-8685030.27. [10.1109/MCE.2019.2893673]

A Tensor-Based Forensics Framework for Virtualized Network Functions in the Internet of Things: Utilizing Tensor Algebra in Facilitating More Efficient Network Forensic Investigations

S. Zhang
Primo
;V. Piuri
Ultimo
2019

Abstract

With the ever-increasing network traffic and Internet connectivity of smart devices, more attack events are being reported. As a result, network forensics remains a topic of ongoing research interest in the Internet of Things (IoT). In this article, we present a novel tensor-based forensics approach for virtualized network functions (VNFs). An event tensor model is proposed to formalize the network events, and then, it is used for effectively updating the core event tensor. We then introduce a similarity tensor model to integrate the core event tensors on the orchestration and management layer in the network function virtualization (NFV) framework. Finally, we present an evidence tensor model for network forensics, where we demonstrate how evidence tensors can be merged.
Settore ING-INF/05 - Sistemi di Elaborazione delle Informazioni
mag-2019
Article (author)
01 - Articolo su periodico
File in questo prodotto:
File Dimensione Formato  
cem19.pdf

accesso aperto

Tipologia: Post-print, accepted manuscript ecc. (versione accettata dall'editore)
Dimensione 1.85 MB
Formato Adobe PDF
Visualizza/Apri
1.85 MB Adobe PDF Visualizza/Apri
08685030.pdf

accesso riservato

Tipologia: Publisher's version/PDF
Dimensione 1.35 MB
Formato Adobe PDF
  Visualizza/Apri   Richiedi una copia
1.35 MB Adobe PDF   Visualizza/Apri   Richiedi una copia
Pubblicazioni consigliate

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/2434/652399
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 12
  • ???jsp.display-item.citation.isi??? 8
social impact