Jean-Pierre Giacalone

Willian T. Lunardi, Martin Andreoni Lopez, Jean-Pierre Giacalone

As the number of heterogenous IP-connected devices and traffic volume increase, so does the potential for security breaches. The undetected exploitation of these breaches can bring severe cybersecurity and privacy risks. Anomaly-based \acp{IDS} play an essential role in network security. In this paper, we present a practical unsupervised anomaly-based deep learning detection system called ARCADE (Adversarially Regularized Convolutional Autoencoder for unsupervised network anomaly DEtection). With a convolutional \ac{AE}, ARCADE automatically builds a profile of the normal traffic using a subset of raw bytes of a few initial packets of network flows so that potential network anomalies and intrusions can be efficiently detected before they cause more damage to the network. ARCADE is trained exclusively on normal traffic. An adversarial training strategy is proposed to regularize and decrease the \ac{AE}'s capabilities to reconstruct network flows that are out-of-the-normal distribution, thereby improving its anomaly detection capabilities. The proposed approach is more effective than state-of-the-art deep learning approaches for network anomaly detection. Even when examining only two initial packets of a network flow, ARCADE can effectively detect malware infection and network attacks. ARCADE presents 20 times fewer parameters than baselines, achieving significantly faster detection speed and reaction time.

Martin Andreoni Lopez, Michael Baddeley, Willian T. Lunardi et al.

UAVs are increasingly appearing in swarms or formations to leverage cooperative behavior, forming flying ad hoc networks. These UAV-enabled networks can meet several complex mission requirements and are seen as a potential enabler for many of the emerging use-cases in future communication networks. Such networks, however, are characterized by a highly dynamic and mobile environment with no guarantee of a central network infrastructure which can cause both connectivity and security issues. While wireless mesh networks are envisioned as a solution for such scenarios, these networks come with their own challenges and security vulnerabilities. In this paper, we analyze the key security and resilience issues resulting from the application of wireless mesh networks within UAV swarms. Specifically, we highlight the main challenges of applying current mesh technologies within the domain of UAV swarms and expose existing vulnerabilities across the communication stack. Based on this analysis, we present a security-focused architecture for UAV mesh communications. Finally, from the identification of these vulnerabilities, we discuss research opportunities posed by the unique challenges of UAV swarm connectivity.