Reza Fotohi

Reza Fotohi, Fereidoon Shams Aliee, Bahar Farahani

The ever growing Internet of Things (IoT) connections drive a new type of organization, the Intelligent Enterprise. In intelligent enterprises, machine learning based models are adopted to extract insights from data. Due to the efficiency and privacy challenges of these traditional models, a new federated learning (FL) paradigm has emerged. In FL, multiple enterprises can jointly train a model to update a final model. However, firstly, FL trained models usually perform worse than centralized models, especially when enterprises training data is non-IID (Independent and Identically Distributed). Second, due to the centrality of FL and the untrustworthiness of local enterprises, traditional FL solutions are vulnerable to poisoning and inference attacks and violate privacy. Thirdly, the continuous transfer of parameters between enterprises and servers increases communication costs. To this end, the FedAnil+ model is proposed, a novel, lightweight, and secure Federated Deep Learning Model that includes three main phases. In the first phase, the goal is to solve the data type distribution skew challenge. Addressing privacy concerns against poisoning and inference attacks is covered in the second phase. Finally, to alleviate the communication overhead, a novel compression approach is proposed that significantly reduces the size of the updates. The experiment results validate that FedAnil+ is secure against inference and poisoning attacks with better accuracy. In addition, it shows improvements over existing approaches in terms of model accuracy (13%, 16%, and 26%), communication cost (17%, 21%, and 25%), and computation cost (7%, 9%, and 11%).

Samane Asgari, Shahram Jamali, Reza Fotohi et al.

Network functions virtualization (NFV) is a new concept that has received the attention of both researchers and network providers. NFV decouples network functions from specialized hardware devices and virtualizes these network functions as software instances called virtualized network functions (VNFs). NFV leads to various benefits, including more flexibility, high resource utilization, and easy upgrades and maintenances. Despite recent works in this field, placement and chaining of VNFs need more attention. More specifically, some of the existing works have considered only the placement of VNFs and ignored the chaining part. So, they have not provided an integrated view of host or bandwidth resources and propagation delay of paths. In this paper, we solve the VNF placement and chaining problem as an optimization problem based on the particle swarm optimization (PSO) algorithm. Our goal is to minimize the required number of used servers, the average propagation delay of paths, and the average utilization of links while meeting network demands and constraints. Based on the obtained results, the algorithm proposed in this study can find feasible and high-quality solutions.

Reza Fotohi, Hossein Pakdel

The Internet of Things, also known as the IoT, refers to the billions of devices around the world that are now connected to the Internet, collecting and sharing data. The amount of data collected through IoT sensors must be completely securely controlled. To protect the information collected by IoT sensors, a lightweight method called Discover the Flooding Attack-RPL (DFA-RPL) has been proposed. The proposed DFA-RPL method identifies intrusive nodes in several steps to exclude them from continuing routing operations. Thus, in the DFA-RPL method, it first builds a cluster and selects the most appropriate node as a cluster head in DODAG, then, due to the vulnerability of the RPL protocol to Flooding attacks, it uses an ant colony algorithm (ACO) using five steps to detect attacks. Use Flooding to prevent malicious activity on the IoT network. In other words, if it detects a node as malicious, it puts that node on the detention list and quarantines it for a certain period of time. The results obtained from the simulation show the superiority of the proposed method in terms of Packet Delivery Rate, Detection Rate, False Positive Rate, and False Negative Rate compared to IRAD and REATO methods.

Marzieh Masoumi, Ahmad Keshavarz, Reza Fotohi

Nowadays, the speed up development and use of digital devices such as smartphones have put people at risk of internet crimes. The evidence of present crimes in a computer file can be easily unreachable by changing the prefix of a file or other algorithms. In more complex cases, either file divided into different parts or the parts of a file that has information about the file type are deleted, where the file fragment recognition issue is discussed. The known files are divided into different fragments, and different classification algorithms are used to solve the problems of file fragment recognition. The issue of identifying the type of file fragment due to its importance in cybercrime issues as well as antivirus has been highly emphasized and has been addressed in many articles. Increasing the accuracy in this field on the types of widely used files due to the sensitivity of the subject of recognizing the type of file under study is the main goal of researchers in this field. Failure to identify the correct type of file will lead to deviations of the results and evidence from the main issue or failure to conclude. In this paper, first, the file is divided into different fragments. Then, the file fragment features, which are obtained from Binary Frequency Distribution, are reduced by 2 feature reduction algorithms; Sequential Forward Selection algorithm as well as Sequential Floating Forward Selection algorithm to delete sparse features that result in increased accuracy and speed. Finally, the reduced features are given to 3 Multiclass classifier algorithms, Multilayer Perceptron, Support Vector Machines, and K-Nearest Neighbor for classification and comparison of the results. The proposed recognition algorithm can recognize 6 types of useful files and may distinguish a type of file fragments with higher accuracy than the similar works done.

Seyed Meysam Zarei, Reza Fotohi

The Internet of Things (IoT) ecosystem allows communication between billions of devices worldwide that are collecting data autonomously. The vast amount of data generated by these devices must be controlled totally securely. The centralized solutions are not capable of responding to these concerns due to security challenges problems. Thus, the Average Packet Transmission RREQ (APT-RREQ) as an effective solution, has been employed to overcome these concerns to allow for entirely secure communication between devices. In this paper, an approach called LSFA-IoT is proposed that protects the AODV routing protocol as well as the IoT network against flooding. The proposed method is divided into two main phases; The first phase includes a physical layer intrusion and attack detection system used to detect attacks, and the second phase involves detecting incorrect events through APT-RREQ messages. The simulation results indicated the superiority of the proposed method in terms of False Positive Rate (FPR), False Negative Rate (FPR), Detection Rate (DR), and Packet Delivery Rate (PDR) compared to REATO and IRAD. Also, the simulation results show how the proposed approach can significantly increase the security of each thing and network security.

Hossein Pakdel, Reza Fotohi

In wireless sensor networks (WSNs), designing a stable, low-power routing protocol is a major challenge because successive changes in links or breakdowns destabilize the network topology. Therefore, choosing the right route in this type of network due to resource constraints and their operating environment is one of the most important challenges in these networks. Therefore, the main purpose of these networks is to collect appropriate routing information about the environment around the network sensors while observing the energy consumption of the sensors. One of the important approaches to reduce energy consumption in sensor networks is the use of the clustering technique, but in most clustering methods, only the criterion of the amount of energy of the cluster or the distance of members to the cluster has been considered. Therefore, in this paper, a method is presented using the firefly algorithm and using the four criteria of residual energy, noise rate, number of hops, and distance. The proposed method called EM-FIREFLY is introduced which selects the best cluster head with high attractiveness and based on the fitness function and transfers the data packets through these cluster head to the sink. The proposed method is evaluated with NS-2 simulator and compared with the algorithm-PSO and optimal clustering methods. The evaluation results show the efficiency of the EM-FIREFLY method in maximum relative load and network lifetime criteria compared to other methods discussed in this article.

Monir Shaker, Fereidoon Shams Aliee, Reza Fotohi

In most websites, the online rating system provides the ratings of products and services to users. Lack of trust in data integrity and its manipulation has hindered fulfilling user satisfaction. Since existing online rating systems deal with a central server, all rating data is stored on the central server. Therefore, all rating data can be removed, modified, and manipulated by the system manager to change the ratings in favor of the service or product provider. In this paper, an online rating system using distributed ledger technologies has been presented as the proposed system to solve all the weaknesses of current systems. Distributed ledger technologies are completely decentralized and there is no centralization on them by any institution. Distributed ledger technologies have different variants. Among distributed ledger technologies, blockchain technology has been used in the proposed rating system because of its support for smart contracts. In the proposed online rating system, the Ethereum platform has been chosen from different blockchain platforms that have a public permission network. In this system, the raters cannot rate unless they submit a request to the system and be authorized to take part in the online product rating process. The important feature of the Ethereum platform is its support for smart contracts, which can be used to write the rating contract in the Solidity language. Also, using Proof of Authority consensus mechanisms, all rating transactions are approved by the surveyors. Since in the real Ethereum system, each rating transaction is sent to the network by the raters, some gas must be paid for each rating transaction. However, since this method is expensive, TestNet blockchain can be used in the rating system. Finally, the proposed rating system was used for rating the restaurants of a website and its features were tested.

Mina Zaminkar, Fateme Sarkohaki, Reza Fotohi

Internet of Things (IoT) provides the possibility for milliards of devices throughout the world to communicate with each other, and data is collected autonomously. The big data generated by the devices should be managed securely. Due to security challenges, like malicious nodes, many approaches cannot respond to these concerns. In this paper, a robust hybrid method, including encryption, is used as an efficient approach for resolving the RPL protocol concerns so that the devices are connected securely. Therefore, the proposed DSH-RPL method for securing the RPL protocol comprises the four following phases: The first phase creates a reliable RPL. The second phase detects the sinkhole attack. The third phase quarantines the detected malicious node, and the fourth phase transmits data through encryption. The simulation results show that the DSH-RPL reduces the false-positive rate more than 18.2% and 23.1%, and reduces the false-negative rate more than 16.1% and 22.78%, it also increases the packet delivery rate more than 19.68% and 25.32% and increases the detection rate more than 26% and 31% compared to SecTrust-RPL and IBOOS-RPL.

Maryam Faraji-Biregani, Reza Fotohi

Unmanned aerial vehicles (UAVs) can be deployed to monitor very large areas without the need for network infrastructure. UAVs communicate with each other during flight and exchange information with each other. However, such communication poses security challenges due to its dynamic topology. To solve these challenges, the proposed method uses two phases to counter malicious UAV attacks. In the first phase, we applied a number of rules and principles to detect malicious UAVs. In this phase, we try to identify and remove malicious UAVs according to the behavior of UAVs in the network in order to prevent sending fake information to the investigating UAVs. In the second phase, a mobile agent based on a three-step negotiation process is used to eliminate malicious UAVs. In this way, we use mobile agents to inform our normal neighbor UAVs so that they do not listen to the data generated by the malicious UAVs. Therefore, the mobile agent of each UAV uses reliable neighbors through a three-step negotiation process so that they do not listen to the traffic generated by the malicious UAVs. The NS-3 simulator was used to demonstrate the efficiency of the SAUAV method. The proposed method is more efficient than CST-UAS, CS-AVN, HVCR, and BSUM-based methods in detection rate, false positive rate, false negative rate, packet delivery rate, and residual energy.

Reza Fotohi, Eslam Nazemi, Fereidoon Shams Aliee

UAVNs (unmanned aerial vehicle networks) may become vulnerable to threats and attacks due to their characteristic features such as highly dynamic network topology, open-air wireless environments, and high mobility. Since previous work has focused on classical and metaheuristic-based approaches, none of these approaches have a self-adaptive approach. In this paper, the challenges and weaknesses of previous methods are examined in the form of a table. Furthermore, we propose an agent-based self-protective method (ASP-UAVN) for UAVNs that is based on the Human Immune System (HIS). In ASP-UAS, the safest route from the source UAV to the destination UAV is chosen according to a self-protective system. In this method, a multi-agent system using an Artificial Immune System (AIS) is employed to detect the attacking UAV and choose the safest route. In the proposed ASP-UAVN, the route request packet (RREQ) is initially transmitted from the source UAV to the destination UAV to detect the existing routes. Then, once the route reply packet (RREP) is received, a self-protective method using agents and the knowledge base is employed to choose the safest route and detect the attacking UAVs. The proposed ASP-UAVN has been validated and evaluated in two ways: simulation and theoretical analysis. The results of simulation evaluation and theory analysis showed that the ASP-UAS increases the Packet Delivery Rate (PDR) by more than 17.4, 20.8, and 25.91%, and detection rate by more than 17.2, 23.1, and 29.3%, and decreases the Packet Loss Rate (PLR) by more than 14.4, 16.8, and 20.21%, the false-positive and false-negative rate by more than 16.5, 25.3, and 31.21% those of SUAS-HIS, SFA and BRUIDS methods, respectively.

Mina Zaminkar, Reza Fotohi

Through the Internet of Things (IoT) the internet scope is established by the integration of physical things to classify themselves into mutual things. A physical thing can be created by this inventive perception to signify itself in the digital world. Regarding the physical things that are related to the internet, it is worth noting that considering numerous theories and upcoming predictions, they mostly require protected structures, moreover, they are at risk of several attacks. IoTs are endowed with particular routing disobedience called sinkhole attack owing to their distributed features. In these attacks, a malicious node broadcasts illusive information regarding the routings to impose itself as a route towards specific nodes for the neighboring nodes and thus, attract data traffic. RPL (IP-V6 routing protocol for efficient and low-energy networks) is a standard routing protocol which is mainly employed in sensor networks and IoT. This protocol is called SoS-RPL consisting of two key sections of the sinkhole detection. In the first section rating and ranking the nodes in the RPL is carried out based on distance measurements. The second section is in charge of discovering the misbehavior sources within the IoT network through, the Average Packet Transmission RREQ (APT-RREQ). Here, the technique is assessed through wide simulations performed within the NS-3 environment. Based on the results of the simulation, it is indicated that the IoT network behavior metrics are enhanced based on the detection rate, false-negative rate, false-positive rate, packet delivery rate, maximum throughput, and packet loss rate.

Reza Fotohi

UASs form a large part of the fighting ability of the advanced military forces. In particular, these systems that carry confidential information are subject to security attacks. Accordingly, an Intrusion Detection System (IDS) has been proposed in the proposed design to protect against the security problems using the human immune system (HIS). The IDSs are used to detect and respond to attempts to compromise the target system. Since the UASs operate in the real world, the testing and validation of these systems with a variety of sensors is confronted with problems. This design is inspired by HIS. In the mapping, insecure signals are equivalent to an antigen that are detected by antibody-based training patterns and removed from the operation cycle. Among the main uses of the proposed design are the quick detection of intrusive signals and quarantining their activity. Moreover, SUAS-HIS method is evaluated here via extensive simulations carried out in NS-3 environment. The simulation results indicate that the UAS network performance metrics are improved in terms of false positive rate, false negative rate, detection rate, and packet delivery rate.

Shahram Behzad, Reza Fotohi, Jaber Hosseini Balov et al.

MANETs (Mobile Ad-hoc Networks) is a temporal network, which is managed by autonomous nodes, which have the ability to communicate with each other without having fixed network infrastructure or any central base station. Due to some reasons such as dynamic changes of the network topology, trusting the nodes to each other, lack of fixed substructure for the analysis of nodes behaviors and loss of specific offensive lines, this type of networks is not supportive against malicious nodes attacks. One of these attacks is black hole attack. In this attack, the malicious nodes absorb data packets and destroy them. Thus, it is essential to present an algorithm against the black hole attacks. This paper proposed a new approach, which improvement the security of DSR routing protocol to encounter the black hole attacks. This schema tries to identify malicious nodes according to nodes behaviors in a MANETs and isolate them from routing. The proposed protocol, called AIS-DSR (Artificial Immune System DSR) employ AIS (Artificial Immune System) to defend against black hole attacks. AIS-DSR is evaluated through extensive simulations in the ns-2 environment. The results show that AIS-DSR outperforms other existing solutions in terms of throughput, end-to-end delay, packets loss ratio and packets drop ratio.

Reza Fotohi, Yaser Ebazadeh, Mohammad Seyyar Geshlag

Vehicular Ad-Hoc Networks (VANET) are a proper subset of mobile wireless networks, where nodes are revulsive, the vehicles are armed with special electronic devices on the motherboard OBU (On Board Unit) which enables them to trasmit and receive messages from other vehicles in the VANET. Furthermore the communication between the vehicles, the VANET interface is donated by the contact points with road infrastructure. VANET is a subgroup of MANETs. Unlike the MANETs nodes, VANET nodes are moving very fast. Impound a permanent route for the dissemination of emergency messages and alerts from a danger zone is a very challenging task. Therefore, routing plays a significant duty in VANETs. decreasing network overhead, avoiding network congestion, increasing traffic congestion and packet delivery ratio are the most important issues associated with routing in VANETs. In addition, VANET network is subject to various security attacks. In base VANET systems, an algorithm is used to dicover attacks at the time of confirmation in which overhead delay occurs. This paper proposes (P-Secure) approach which is used for the detection of DoS attacks before the confirmation time. This reduces the overhead delays for processing and increasing the security in VANETs. Simulation results show that the P-Secure approach, is more efficient than OBUmodelVaNET approach in terms of PDR, e2e_delay, throughput and drop packet rate.

Reza Fotohi, Somayyeh Firoozi Bari, Mehdi Yusefi

Wireless sensor networks (WSNs) have been vastly employed in the collection and transmission of data via wireless networks. This type of network is nowadays used in many applications for surveillance activities in various environments due to its low cost and easy communications. In these networks, the sensors use a limited power source which after its depletion, since it is non-renewable, network lifetime ends. Due to the weaknesses in sensor nodes, they are vulnerable to many threats. One notable attack threating WSN is Denial of Sleep (DoS). DoS attacks denotes the loss of energy in these sensors by keeping the nodes from going into sleep and energy-saving mode. In this paper, the Abnormal Sensor Detection Accuracy (ASDA-RSA) method is utilised to counteract DoS attacks to reducing the amount of energy consumed. The ASDA-RSA schema in this paper consists of two phases to enhancement security in the WSNs. In the first phase, a clustering approach based on energy and distance is used to select the proper cluster head and in the second phase, the RSA cryptography algorithm and interlock protocol are used here along with an authentication method, to prevent DoS attacks. Moreover, ASDA-RSA method is evaluated here via extensive simulations carried out in NS-2. The simulation results indicate that the WSN network performance metrics are improved in terms of average throughput, Packet Delivery Ratio (PDR), network lifetime, detection ratio, and average residual energy.

Kobra Mabodi, Mehdi Yusefi, Shahram Zandiyan et al.

The internet of things (IoT) is able to provide a prediction of linked, universal, and smart nodes that have autonomous interaction when they present services. Because of wide openness, relatively high processing power, and wide distribution of IoT things, they are ideal for attacks of the gray hole. In the gray hole attack, the attacker fakes itself as the shortest path to the destination that is a thing here. This causes the routing packets not to reach the destination. The proposed method is based on the AODV routing protocol and is presented under the MTISS-IoT name which means for the reduction of gray hole attacks using check node information. In this paper, a hybrid approach is proposed based on cryptographic authentication. The proposed approach consists of four phases, such as the verifying node trust in the IoT, testing the routes, gray hole attack discovery, and the malicious attack elimination process in MTISS-IoT. The method is evaluated here via extensive simulations carried out in the NS-3 environment. The experimental results of four scenarios demonstrated that the MTISS-IoT method can achieve a false positive rate of 14.104%, a false negative rate of 17.49%, and a detection rate of 94.5% when gray hole attack was launched.