Deadline-aware multi-objective IoT services placement optimization in fog environment using parallel FFD-genetic algorithm

Nowadays, Internet of things has become as an inevitable aspect of humans’ IT-based life. A huge number of geo-distributed IoT enabled devices such as smart phones, smart cameras, health care systems, vehicles, etc. are connected to the Internet and manage users’ applications. The IoT applications are generally time sensitive, so that giving them up to Cloud and receiving the response may violate their required deadline, due to distance between user device and centralized Cloud data center and consequently increasing network latency. Fog environment, as an intermediate layer between Cloud and IoT devices, brings a smaller scales of Cloud capabilities closer to user location. Processing real time applications in Fog layer helps more deadlines to be met. Although Fog computing enhances quality of service parameters, limited resources and power of Fog nodes is a challenge in processing applications. Furthermore, the network latency is still an issue for communications between applications’ services and between user device and Fog node, which seriously threatens deadline condition. Regarding to mentioned points, this paper proposes a 3-partite deadline-aware applications’ services placement optimization model in Fog environment which optimizes total power consumption, total resources wastage, and total network latency, simultaneously. The proposed model prioritizes applications in 3 levels based on their associated deadline, and then the model is solved using a parallel model of first fit decreasing and genetic algorithm combination. Simulations results indicates the superiority of proposed approach against counterpart algorithms in terms of reducing power consumption, resource wastage, network latency, and service rejection rate.     

Journey from cloud of things to fog of things: Survey,new trends,and research directions

With the advent of the Internet of Things (IoT) paradigm, the cloud model is unable to offer satisfactory services for latency-sensitive and real-time applications due to high latency and scalability issues. Hence, an emerging computing paradigm named as fog/edge computing was evolved, to offer services close to the data source and optimize the quality of services (QoS) parameters such as latency, scalability, reliability, energy, privacy, and security of data. This article presents the evolution in the computing paradigm from the client-server model to edge computing along with their objectives and limitations. A state-of-the-art review of Cloud Computing and Cloud of Things (CoT) is presented that addressed the techniques, constraints, limitations, and research challenges. Further, we have discussed the role and mechanism of fog/edge computing and Fog of Things (FoT), along with necessitating amalgamation with CoT. We reviewed the several architecture, features, applications, and existing research challenges of fog/edge computing. The comprehensive survey of these computing paradigms offers the depth knowledge about the various aspects, trends, motivation, vision, and integrated architectures. In the end, experimental tools and future research directions are discussed with the hope that this study will work as a stepping-stone in the field of emerging computing paradigms.     

Identification of malicious edge devices in fog computing environments

Device security is one of the major challenges for successful implementation of Internet of Things (IoT) and fog computing. Researchers and IT organizations have explored many solutions to protect systems from unauthenticated device attacks (known as outside device attacks). Fog computing uses many edge devices (e.g., router, switch, and hub) for latency-aware processing of collected data. So, identification of malicious edge devices is one of the critical activities in data security of fog computing. Preventing attacks from malicious edge devices is more difficult because they have certain granted privileges to store and process the data. In this article, a proposed framework uses three technologies, a Markov model, an intrusion detection system (IDS), and a virtual honeypot device (VHD) to identify malicious edge devices in a fog computing environment. A two-stage Markov model is used to categorize edge devices effectively into four different levels. The VHD is designed to store and maintain a log repository of all identified malicious devices, which assists the system to defend itself from any unknown attacks in the future. The proposed model is tested in a simulated environment, and results indicate the effectiveness of the system. The proposed model is successful in identifying the malicious device as well as reducing the false IDS alarm rate.     

A latency-aware and energy-efficient computation offloading in mobile fog computing: a hidden Markov model-based approach

In recent years, Fog Computing (FC) is known as a good infrastructure for the Internet of Things (IoT). Using this architecture for the mobile applications in the IoT is named the Mobile Fog Computing (MFC). If we assume that an application includes some modules, thus, these modules can be sent to the Fog or Cloud layer because of the resource limitation or increased runtime at the mobile. This increases the efficiency of the whole system. As data is entered sequentially, and the input is given to the modules, the number of executable modules increases. So, this research is conducted to find the best place in order to run the modules that can be on the mobile, Fog, or Cloud. According to the proposed method, when the modules arrive at gateway, then, a Hidden Markov model Auto-scaling Offloading (HMAO) finds the best destination to execute the module to create a compromise between the energy consumption and execution time of the modules. The evaluation results obtained regarding the parameters of the energy consumption, execution cost, delay, and network resource usage shows that the proposed method on average is better than the local execution, First-Fit (FF), and Q-learning based method.

     

Paillier Cryptography Based Message Authentication Code for IoMT Security

Health care visualization through Internet of Things (IoT) over wireless sensor network (WSN) becomes a current research attention due to medical sensor evolution of devices. The digital technology-based communication system is widely used in all application. Internet of medical thing (IoMT) assisted healthcare application ensures the continuous health monitoring of a patient and provides the early awareness of the one who is suffered without human participation. These smart medical devices may consume with limited resources and also the data generated by these devices are large in size. These IoMT based applications suffer from the issues such as security, anonymity, privacy, and interoperability. To overcome these issues, data aggregation methods are the solution that can concatenate the data generated by the sensors and forward it into the base station through fog node with efficient encryption and decryption. This article proposed a well-organized data aggregation and secured transmission approach. The data generated by the sensor are collected and compressed. Aggregator nodes (AN) received the compressed data and concatenate it. The concatenated and encrypted data is forward to fog node using the enhanced Paillier cryptography-based encryption with Message Authentication code (MAC). Fog node extracts the forwarded data from AN using Fog message extractor method (FME) with decryption. The proposed system ensures data integrity, security and also protects from security threats. This proposed model is simulated in Network Simulator 2.35 and the evaluated simulation results proves that the aggregation with MAC code will ensures the security, privacy and also reduces the communication cost. Fog node usages in between Aggregator and base station, will reduce the cloud server/base station computational overhead and storage cost. The proposed ideology is compared with existing data aggregation schemes in terms of computational cost, storage cost, communication cost and energy cost. Cost of communication takes 18.7 ms which is much lesser than existing schemes.     

A secure fog-based platform for SCADA-based IoT critical infrastructure

The rapid proliferation of Internet of things (IoT) devices, such as smart meters and water valves, into industrial critical infrastructures and control systems has put stringent performance and scalability requirements on modern Supervisory Control and Data Acquisition (SCADA) systems. While cloud computing has enabled modern SCADA systems to cope with the increasing amount of data generated by sensors, actuators, and control devices, there has been a growing interest recently to deploy edge data centers in fog architectures to secure low-latency and enhanced security for mission-critical data. However, fog security and privacy for SCADA-based IoT critical infrastructures remains an under-researched area. To address this challenge, this contribution proposes a novel security “toolbox” to reinforce the integrity, security, and privacy of SCADA-based IoT critical infrastructure at the fog layer. The toolbox incorporates a key feature: a cryptographic-based access approach to the cloud services using identity-based cryptography and signature schemes at the fog layer. We present the implementation details of a prototype for our proposed secure fog-based platform and provide performance evaluation results to demonstrate the appropriateness of the proposed platform in a real-world scenario. These results can pave the way toward the development of a more secure and trusted SCADA-based IoT critical infrastructure, which is essential to counter cyber threats against next-generation critical infrastructure and industrial control systems. The results from the experiments demonstrate a superior performance of the secure fog-based platform, which is around 2.8 seconds when adding five virtual machines (VMs), 3.2 seconds when adding 10 VMs, and 112 seconds when adding 1000 VMs, compared to the multilevel user access control platform.     

雾计算中支持外包与撤销的属性基加密方案

雾计算将云计算的计算能力、数据分析应用等扩展到网络边缘,可满足物联网设备的低时延、移动性等要求,但同时也存在数据安全和隐私保护问题。传统云计算中的属性基加密技术不适用于雾环境中计算资源有限的物联网设备,并且难以管理属性变更。为此,提出一种支持加解密外包和撤销的属性基加密方案,构建“云-雾-终端”的三层系统模型,通过引入属性组密钥的技术,实现动态密钥更新,满足雾计算中属性即时撤销的要求。在此基础上,将终端设备中部分复杂的加解密运算外包给雾节点,以提高计算效率。实验结果表明,与KeyGen、Enc等方案相比,该方案具有更优的计算高效性和可靠性。     

雾计算中基于DQL算法的伪装攻击检测方案

雾计算是一种在云数据中心和物联网（Internet of Things,IoT）设备之间提供分布式计算、存储等服务的技术,它能利用网络边缘进行认证并提供与云交互的方法。雾计算中以传统的安全技术实现用户与雾节点间安全性的方法不够完善,它仍然面对着窃听攻击、伪装攻击等安全威胁,这对检测技术提出了新的挑战。针对这一问题,提出了一种基于DQL（Double Q-learning）算法的雾计算伪装攻击检测方案。该方案借助物理层安全技术中的信道参数,首先在Q-learning算法的基础上处理Q值过度估计问题,获取最佳的伪装攻击测试阈值,然后通过阈值实现了用户与雾节点间的伪装攻击检测。实验结果表明,该算法检测伪装攻击的性能优于传统的Q-learning算法,具有在雾计算安全防护方面的优越性。     

Cyber Security Intrusion Detection for Agriculture 4.0: Machine Learning-Based Solutions,Datasets, and Future Directions

In this paper, we review and analyze intrusion detection systems for Agriculture 4.0 cyber security. Specifically, we present cyber security threats and evaluation metrics used in the performance evaluation of an intrusion detection system for Agriculture 4.0. Then, we evaluate intrusion detection systems according to emerging technologies, including, Cloud computing, Fog/Edge computing, Network virtualization, Autonomous tractors, Drones, Internet of Things, Industrial agriculture, and Smart Grids. Based on the machine learning technique used, we provide a comprehensive classification of intrusion detection systems in each emerging technology. Furthermore, we present public datasets, and the implementation frameworks applied in the performance evaluation of intrusion detection systems for Agriculture 4.0. Finally, we outline challenges and future research directions in cyber security intrusion detection for Agriculture 4.0.      

CREW: Cost and Reliability aware Eagle-Whale optimiser for service placement in Fog

Integration of Internet of Things (IoT) with industries revamps the traditional ways in which industries work. Fog computing extends Cloud services to the vicinity of end users. Fog reduces delays induced by communication with the distant clouds in IoT environments. The resource constrained nature of Fog computing nodes demands an efficient placement policy for deploying applications, or their services. The distributed and heterogeneous features of Fog environments deem it imperative to consider the reliability performance parameter in placement decisions to provide services without interruptions. Increasing reliability leads to an increase in the cost. In this article, we propose a service placement policy which addresses the conflicting criteria of service reliability and monetary cost. A multiobjective optimisation problem is formulated and a novel placement policy, Cost and Reliability-aware Eagle-Whale (CREW), is proposed to provide placement decisions ensuring timely service responses. Considering the exponentially large solution space, CREW adopts Eagle strategy based multi-Whale optimisation for taking placement decisions. We have considered real time microservice applications for validating our approaches, and CREW has been experimentally shown to outperform the existing popular multiobjective meta-heuristics such as NSGA-II and MOWOA based placement strategies.     

Mobile Fog Computing by Using SDN/NFV on 5G Edge Nodes

Fog computing provides quality of service for cloud infrastructure. As the data computation intensifies, edge computing becomes difficult. Therefore, mobile fog computing is used for reducing traffic and the time for data computation in the network. In previous studies, software-defined networking (SDN) and network functions virtualization (NFV) were used separately in edge computing. Current industrial and academic research is tackling to integrate SDN and NFV in different environments to address the challenges in performance, reliability, and scalability. SDN/NFV is still in development. The traditional Internet of things (IoT) data analysis system is only based on a linear and time-variant system that needs an IoT data system with a high-precision model. This paper proposes a combined architecture of SDN and NFV on an edge node server for IoT devices to reduce the computational complexity in cloud-based fog computing. SDN provides a generalization structure of the forwarding plane, which is separated from the control plane. Meanwhile, NFV concentrates on virtualization by combining the forwarding model with virtual network functions (VNFs) as a single or chain of VNFs, which leads to interoperability and consistency. The orchestrator layer in the proposed software-defined NFV is responsible for handling real-time tasks by using an edge node server through the SDN controller via four actions: task creation, modification, operation, and completion. Our proposed architecture is simulated on the EstiNet simulator, and total time delay, reliability, and satisfaction are used as evaluation parameters. The simulation results are compared with the results of existing architectures, such as software-defined unified virtual monitoring function and ASTP, to analyze the performance of the proposed architecture. The analysis results indicate that our proposed architecture achieves better performance in terms of total time delay (1800 s for 200 IoT devices), reliability (90%), and satisfaction (90%).     

Notes on ensembles of IoT,network functions and clouds for service-oriented computing and applications

Many advances have been introduced recently for service-oriented computing and applications (SOCA). The Internet of Things (IoT) has been pervasive in various application domains. Fog/Edge computing models have shown techniques that move computational and analytics capabilities from centralized data centers where most enterprise business services have been located to the edge where most customer’s Things and their data and actions reside. Network functions between the edge and the cloud can be dynamically provisioned and managed through service APIs. Microservice architectures are increasingly used to simplify engineering, deployment and management of distributed services in not only cloud-based powerful machines but also in light-weighted devices. Therefore, a key question for the research in SOCA is how do we leverage existing techniques and develop new ones for coping with and supporting the changes of data and computation resources as well as customer interactions arising in the era of IoT and Fog/Edge computing. In this editorial paper, we attempt to address this question by focusing on the concept of ensembles for IoT, network functions and clouds.     

Hierarchical Data Aggregation with Data Offloading Scheme for Fog Enabled IoT Environment

Fog computing is a promising technology that has been emerged to handle the growth of smart devices as well as the popularity of latency-sensitive and location-awareness Internet of Things (IoT) services. After the emergence of IoT-based services, the industry of internet-based devices has grown. The number of these devices has raised from millions to billions, and it is expected to increase further in the near future. Thus, additional challenges will be added to the traditional centralized cloud-based architecture as it will not be able to handle that growth and to support all connected devices in real-time without affecting the user experience. Conventional data aggregation models for Fog enabled IoT environments possess high computational complexity and communication cost. Therefore, in order to resolve the issues and improve the lifetime of the network, this study develops an effective hierarchical data aggregation with chaotic barnacles mating optimizer (HDAG-CBMO) technique. The HDAG-CBMO technique derives a fitness function from many relational matrices, like residual energy, average distance to neighbors, and centroid degree of target area. Besides, a chaotic theory based population initialization technique is derived for the optimal initial position of barnacles. Moreover, a learning based data offloading method has been developed for reducing the response time to IoT user requests. A wide range of simulation analyses demonstrated that the HDAG-CBMO technique has resulted in balanced energy utilization and prolonged lifetime of the Fog assisted IoT networks.     

Design and implementation of the secure compiler and virtual machine for developing secure IoT services

Recent years have seen the development of computing environments for IoT (Internet of Things) services, which exchange large amounts of information using various heterogeneous devices that are always connected to networks. Since the data communication and services occur on a variety of devices, which not only include traditional computing environments and mobile devices such as smartphones, but also household appliances, embedded devices, and sensor nodes, the security requirements are becoming increasingly important at this point in time. Already, in the case of mobile applications, security has emerged as a new issue, as the dissemination and use of mobile applications have been rapidly expanding. This software, including IoT services and mobile applications, is continuously exposed to malicious attacks by hackers, because it exchanges data in the open Internet environment. The security weaknesses of this software are the direct cause of software breaches causing serious economic loss. In recent years, the awareness that developing secure software is intrinsically the most effective way to eliminate the software vulnerability, rather than strengthening the security system of the external environment, has increased. Therefore, methodology based on the use of secure coding rules and checking tools is attracting attention to prevent software breaches in the coding stage to eliminate the above vulnerabilities. This paper proposes a compiler and a virtual machine with secure software concepts for developing secure and trustworthy services for IoT environments. By using a compiler and virtual machine, we approach the problem in two stages: a prevention stage, in which the secure compiler removes the security weaknesses from the source code during the application development phase, and a monitoring stage, in which the secure virtual machine monitors abnormal behavior such as buffer overflow attacks or untrusted input data handling while applications are running.     

A bi-objective task scheduling approach in fog computing using hybrid fireworks algorithm

The Journal of Supercomputing - With the rapid increase in the functionality of IoT applications, the services provided by edge/IoT devices have surged in the recent past. Fog computing is gaining...     

Efficient and dynamic scaling of fog nodes for IoT devices

It is predicted by the year 2020, more than 50 billion devices will be connected to the Internet. Traditionally, cloud computing has been used as the preferred platform for aggregating, processing, and analyzing IoT traffic. However, the cloud may not be the preferred platform for IoT devices in terms of responsiveness and immediate processing and analysis of IoT data and requests. For this reason, fog or edge computing has emerged to overcome such problems, whereby fog nodes are placed in close proximity to IoT devices. Fog nodes are primarily responsible of the local aggregation, processing, and analysis of IoT workload, thereby resulting in significant notable performance and responsiveness. One of the open issues and challenges in the area of fog computing is efficient scalability in which a minimal number of fog nodes are allocated based on the IoT workload and such that the SLA and QoS parameters are satisfied. To address this problem, we present a queuing mathematical and analytical model to study and analyze the performance of fog computing system. Our mathematical model determines under any offered IoT workload the number of fog nodes needed so that the QoS parameters are satisfied. From the model, we derived formulas for key performance metrics which include system response time, system loss rate, system throughput, CPU utilization, and the mean number of messages request. Our analytical model is cross-validated using discrete event simulator simulations.     

Towards effective offloading mechanisms in fog computing

Fog computing is considered a formidable next-generation complement to cloud computing. Nowadays, in light of the dramatic rise in the number of IoT devices, several problems have been raised in cloud architectures. By introducing fog computing as a mediate layer between the user devices and the cloud, one can extend cloud computing's processing and storage capability. Offloading can be utilized as a mechanism that transfers computations, data, and energy consumption from the resource-limited user devices to resource-rich fog/cloud layers to achieve an optimal experience in the quality of applications and improve the system performance. This paper provides a systematic and comprehensive study to evaluate fog offloading mechanisms' current and recent works. Each selected paper's pros and cons are explored and analyzed to state and address the present potentialities and issues of offloading mechanisms in a fog environment efficiently. We classify offloading mechanisms in a fog system into four groups, including computation-based, energy-based, storage-based, and hybrid approaches. Furthermore, this paper explores offloading metrics, applied algorithms, and evaluation methods related to the chosen offloading mechanisms in fog systems. Additionally, the open challenges and future trends derived from the reviewed studies are discussed.

     

QKD in Cloud-Fog Computing for Personal Health Record

Cloud computing is a rapid growing technology which delivers computing services such as servers, storage, database, networking, software and analytics. It has brought a new way to securely store and share information and data with multiple users. When authorized person access these clouds, the released data should not compromise any individual’s privacy and identity should not be revealed. Fog Computing is the extension of cloud with decentralized structure which stores the data in locations somewhere between the data source and cloud. The goal of fog computing is to provide high security, improve performance and network efficiency. We use quantum key distribution to produce and distribute key which change its quantum state and key, when key is known by mediator and it has ability to detect presence of mediator trying to gain lore of the key. In this paper, we introduced sugar-salt encryption which overcomes brute-force attack in effect delivers phony data in return to every incorrect guess of the password or key.     

基于区块链与边缘计算的物联网访问控制模型

边缘计算的出现扩展了物联网（IoT）云-终端架构的范畴,在减少终端设备海量数据的传输和处理时延的同时也带来了新的安全问题。针对IoT边缘节点与海量异构设备间的数据安全和管理问题,并考虑到目前区块链技术广泛应用于分布式系统中数据的安全管理,提出基于区块链与边缘计算的IoT访问控制模型SC-ABAC。首先,提出集成边缘计算的IoT访问控制架构,并结合智能合约和基于属性的访问控制（ABAC）提出并设计了SC-ABAC;然后,给出工作量证明（PoW）共识算法的优化和SC-ABAC的访问控制管理流程。实验结果表明,所提模型对区块连续访问下的耗时随次数呈线性增长,连续访问过程中央处理器（CPU）的利用率稳定,安全性良好。本模型下仅查询过程存在调用合约的耗时随次数呈线性增长,策略添加和判断过程的耗时均为常数级,且优化的共识机制较PoW每100块区块共识耗时降低约18.37个百分点。可见,该模型可在IoT环境中提供去中心化、细颗粒度和动态的访问控制管理,并可在分布式系统中更快达成共识以确保数据一致性。