A Broad Learning-Driven Network Traffic Analysis System Based on Fog Computing Paradigm

The development of communication technologies which support traffic-intensive applications presents new challenges in designing a real-time traffic analysis architecture and an accurate method that suitable for a wide variety of traffic types.Current traffic analysis methods are executed on the cloud,which needs to upload the traffic data.Fog computing is a more promising way to save bandwidth resources by offloading these tasks to the fog nodes.However,traffic analysis models based on traditional machine learning need to retrain all traffic data when updating the trained model,which are not suitable for fog computing due to the poor computing power.In this study,we design a novel fog computing based traffic analysis system using broad learning.For one thing,fog computing can provide a distributed architecture for saving the bandwidth resources.For another,we use the broad learning to incrementally train the traffic data,which is more suitable for fog computing because it can support incremental updates of models without retraining all data.We implement our system on the Raspberry Pi,and experimental results show that we have a 98%probability to accurately identify these traffic data.Moreover,our method has a faster training speed compared with Convolutional Neural Network(CNN).     

Proactive Load Balancing Mechanism for Fog Computing Supported by Parked Vehicles in IoV-SDN

Internet of Vehicles(IoV)is a new style of vehicular ad hoc network that is used to connect the sensors of each vehicle with each other and with other vehicles’sensors through the internet.These sensors generate different tasks that should be analyzed and processed in some given period of time.They send the tasks to the cloud servers but these sending operations increase bandwidth consumption and latency.Fog computing is a simple cloud at the network edge that is used to process the jobs in a short period of time instead of sending them to cloud computing facilities.In some situations,fog computing cannot execute some tasks due to lack of resources.Thus,in these situations it transfers them to cloud computing that leads to an increase in latency and bandwidth occupation again.Moreover,several fog servers may be fuelled while other servers are empty.This implies an unfair distribution of jobs.In this research study,we shall merge the software defined network(SDN)with IoV and fog computing and use the parked vehicle as assistant fog computing node.This can improve the capabilities of the fog computing layer and help in decreasing the number of migrated tasks to the cloud servers.This increases the ratio of time sensitive tasks that meet the deadline.In addition,a new load balancing strategy is proposed.It works proactively to balance the load locally and globally by the local fog managers and SDN controller,respectively.The simulation experiments show that the proposed system is more efficient than VANET-Fog-Cloud and IoV-Fog-Cloud frameworks in terms of average response time and percentage of bandwidth consumption,meeting the deadline,and resource utilization.     

Virtual machine placement optimizing to improve network performance in cloud data centers

With the wide application of virtualization technology in cloud data centers, how to effectively place virtual machine （VM） is becoming a major issue for cloud providers. The existing virtual machine placement （VMP） solutions are mainly to optimize server resources. However, they pay little consideration on network resources optimization, and they do not concern the impact of the network topology and the current network traffic. A multi-resource constraints VMP scheme is proposed. Firstly, the authors attempt to reduce the total communication traffic in the data center network, which is abstracted as a quadratic assignment problem; and then aim at optimizing network maximum link utilization （MLU）. On the condition of slight variation of the total traffic, minimizing MLU can balance network traffic distribution and reduce network congestion hotspots, a classic combinatorial optimization problem as well as NP-hard problem. Ant colony optimization and 2-opt local search are combined to solve the problem. Simulation shows that MLU is decreased by 20%, and the number of hot links is decreased by 37%.     

An Effective QoS-Constrained Scheduling Scheme for Cloud Computing Services

Cloud computing is becoming a hot topic of the information industry in recent years. Many companies provide the cloud services, such as Google Apps and Apple multimedia services. In general, by applying the virtualization technologies, the data center is built for cloud computing to provide users with the computing and storage resources, as well as the software environment. Thus, the quality of service (QoS) must be considered to satisfy users’ requirements. This paper proposes a high efficiency scheduling scheme for supporting cloud computing. The virtual machine migration technique has been applied to the proposed scheduling scheme for improving the resources utilization and satisfying the QoS requirement of users. The experimental results show that in addition to satisfying the QoS requirement of users, the proposed scheme can improve the resources utilization effectively.     

MTBAC： A Mutual Trust Based Access Control Model in Cloud Computing

As a new computing mode, cloud computing can provide users with virtualized and scalable web services, which faced with serious security challenges, however. Access control is one of the most important measures to ensure the security of cloud computing. But applying traditional access control model into the Cloud directly could not solve the uncertainty and vulnerability caused by the open conditions of cloud computing. In cloud computing environment, only when the security and reliability of both interaction parties are ensured, data security can be effectively guaranteed during interactions between users and the Cloud. Therefore, building a mutual trust relationship between users and cloud platform is the key to implement new kinds of access control method in cloud computing environment. Combining with Trust Management（TM）, a mutual trust based access control （MTBAC） model is proposed in this paper. MTBAC model take both user＇s behavior trust and cloud services node＇s credibility into consideration. Trust relationships between users and cloud service nodes are established by mutual trust mechanism. Security problems of access control are solved by implementing MTBAC model into cloud computing environment. Simulation experiments show that MTBAC model can guarantee the interaction between users and cloud service nodes.     

A Retrievable Data Perturbation Method Used in Privacy-Preserving in Cloud Computing

With the increasing popularity of cloud computing,privacy has become one of the key problem in cloud security.When data is outsourced to the cloud,for data owners,they need to ensure the security of their privacy;for cloud service providers,they need some information of the data to provide high QoS services;and for authorized users,they need to access to the true value of data.The existing privacy-preserving methods can＇t meet all the needs of the three parties at the same time.To address this issue,we propose a retrievable data perturbation method and use it in the privacy-preserving in data outsourcing in cloud computing.Our scheme comes in four steps.Firstly,an improved random generator is proposed to generate an accurate ＂noise＂.Next,a perturbation algorithm is introduced to add noise to the original data.By doing this,the privacy information is hidden,but the mean and covariance of data which the service providers may need remain unchanged.Then,a retrieval algorithm is proposed to get the original data back from the perturbed data.Finally,we combine the retrievable perturbation with the access control process to ensure only the authorized users can retrieve the original data.The experiments show that our scheme perturbs date correctly,efficiently,and securely.     

CRESS： A Platform of Infrastructure Resource Sharing for Educational Cloud Computing

Cloud computing is very attractive for schools, research institutions and enterpri- ses which need reducing IT costs, improving computing platform sharing and meeting lice- nse constraints. Sharing, management and on- demand allocation of network resources are particularly important in Cloud computing. Ho- wever, nearly all-current available cloud com- puting platforms are either proprietary or their software infrastructure is invisible to the rese- arch community except for a few open-source platforms. For universities and research insti- tutes, more open and testable experimental plat- forms are needed in a lab-level with PCs. In this paper, a platform of infrastructure resou- rce sharing system （Platform as a Service （PaaS）） is developed in virtual Cloud comput- hug environment. Its architecture, core modules, main functions, design and operational envir- onment and applications are introduced in de- tail. It has good expandability and can impr- ove resource sharing and utilization and is app- lied to regular computer science teaching and research process.     

An Efficient Method for Checking the Integrity of Data in the Cloud

Cloud computing and storage services allow clients to move their data center and applications to centralized large data centers and thus avoid the burden of local data storage and maintenance. However, this poses new challenges related to creating secure and reliable data storage over unreliable service providers. In this study, we address the problem of ensuring the integrity of data storage in cloud computing. In particular, we consider methods for reducing the burden of generating a constant amount of metadata at the client side. By exploiting some good attributes of the bilinear group, we can devise a simple and efficient audit service for public verification of untrusted and outsourced storage, which can be important for achieving widespread deployment of cloud computing. Whereas many prior studies on ensuring remote data integrity did not consider the burden of generating verification metadata at the client side, the objective of this study is to resolve this issue. Moreover, our scheme also supports data dynamics and public verifiability. Extensive security and performance analysis shows that the proposed scheme is highly efficient and provably secure.     

Improving Performance of Cloud Computing and Big Data Technologies and Applications

Cloud computing technology is changing the development and usage patterns of IT infrastructure and applications. Virtualized and distributed systems as well as unified management and scheduling has greatly im proved computing and storage. Management has become easier, andOAM costs have been significantly reduced. Cloud desktop technology is develop ing rapidly. With this technology, users can flexibly and dynamically use virtual ma chine resources, companies＇ efficiency of using and allocating resources is greatly improved, and information security is ensured. In most existing virtual cloud desk top solutions, computing and storage are bound together, and data is stored as im age files. This limits the flexibility and expandability of systems and is insufficient for meetinz customers＇ requirements in different scenarios.     

Preventing Data Leakage in a Cloud Environment

Despite the multifaceted advantages of cloud computing,concerns about data leakage or abuse impedes its adoption for security-sensi tive tasks.Recent investigations have revealed that the risk of unauthorized data access is one of the biggest concerns of users of cloud-based services.Transparency and accountability for data managed in the cloud is necessary.Specifically,when using a cloudhost service,a user typically has to trust both the cloud service provider and cloud infrastructure provider to properly handling private data.This is a multi-party system.Three particular trust models can be used according to the credibility of these providers.This pa per describes techniques for preventing data leakage that can be used with these different models.     

MapReduce in the Cloud： Data-Location-Aware VM Scheduling

We have witnessed the fast-growing deployment of Hadoop,an open-source implementation of the MapReduce programming model,for purpose of data-intensive computing in the cloud.However,Hadoop was not originally designed to run transient jobs in which us ers need to move data back and forth between storage and computing facilities.As a result,Hadoop is inefficient and wastes resources when operating in the cloud.This paper discusses the inefficiency of MapReduce in the cloud.We study the causes of this inefficiency and propose a solution.Inefficiency mainly occurs during data movement.Transferring large data to computing nodes is very time-con suming and also violates the rationale of Hadoop,which is to move computation to the data.To address this issue,we developed a dis tributed cache system and virtual machine scheduler.We show that our prototype can improve performance significantly when run ning different applications.     

基于代数签名且支持数据动态更新的云数据完整性验证方案(英文)

Cloud storage is one of the main application of the cloud computing. With the data services in the cloud, users is able to outsource their data to the cloud, access and share their outsourced data from the cloud server anywhere and anytime. However, this new paradigm of data outsourcing services also introduces new security challenges, among which is how to ensure the integrity of the outsourced data. Although the cloud storage providers commit a reliable and secure environment to users, the integrity of data can still be damaged owing to the carelessness of humans and failures of hardwares/softwares or the attacks from external adversaries. Therefore, it is of great importance for users to audit the integrity of their data outsourced to the cloud. In this paper, we first design an auditing framework for cloud storage and proposed an algebraic signature based remote data possession checking protocol, which allows a third-party to auditing the integrity of the outsourced data on behalf of the users and supports unlimited number of verifications. Then we extends our auditing protocol to support data dynamic operations, including data update, data insertion and data deletion. The analysis and experiment results demonstrate that our proposed schemes are secure and efficient.     

An Efficient and Secure Aggregation Encryption Scheme in Edge Computing

Edge computing is a highly virtualized paradigm that can services the Internet of Things(Io T)devices more efficiently. It is a non-trivial extension of cloud computing, which can not only meet the big data processing requirements of cloud computing, but also collect and analyze distributed data. However, it inherits many security and privacy challenges of cloud computing, such as: authentication and access control.To address these problem, we proposed a new efficient privacy-preserving aggregat...     

基于区分服务的边缘路由器的服务质量

Internet real-time multimedia communication brings a further challenge to Quality of Service （QoS）. A higher QoS in communication is required increasingly. As a new framework for providing QoS services, Differentiated Services （DiffServ） is undergoing a speedily standardization process at the IETF. DiffServ not only can offer classified level of services, but also can provide guaranteed QoS in a certain extent. In order to provide QoS, DiffServ must be properly configured. The traditional DiffServ mechanism provides classifier for edge router to mark the different traffic streams, and then the core router uses different Drop Packet Mechanisms to drop packets or transmit data packets according to these classified markers. When multiple edge routers or other core routers transmit data packets high speedily to a single core router, the core router will emerge bottleneck bandwidth. The most valid solution to this problem is that the edge router adopts drop packet mechanism. This paper proposes an Modified Edge Router Mechanism that let the edge router achieve marking, dropping and transmitting packets of hybrid traffic streams based on DiffServ in a given bandwidth, the core router will only transmits packets but won＇t drop packets. By the simulation of ns2, the modified mechanism ensure the QoS of high priority traffics and simplify the core router, it is a valid method to solve the congestion of the core router.     

Research on Silicon-Based Terahertz Communication Integrated Circuits

With the increasing number of users and emerging new applications, the demand for mobile data traffic is growing rapidly. The limited spectrum resources of the traditional microwave and millimeter-wave frequency bands can no longer support the future wireless communication systems with higher system capacity and data throughput. The terahertz(THz) frequency bands have abundant spectrum resources, which can provide sufficient bandwidth to expand channel capacity and increase transmission data rat...     

Measurement-based admission control using multiple time-scales test

A new measurement-based admission control algorithm to support Quality of Service(QoS) demand is proposed for soft real-time applications. In the algorithm, admission test is performed across Multiple Time-Scales (MTS) to accurately capture traffic fluctuation on various time-scales. By applying the QoS requirements directly to admission test, the MTS algorithm can properly meet the QoS target and maximize the bandwidth utilization.     

Novel multimedia traffic modeling based CAC scheme for CDMA communication systems

As the radio spectrum is a very scarce resource, the Call Admission Control （CAC） is one of the most important parts in radio resource management. The Code Division Multiple Access （CDMA） based next generation wireless communications systems will support the transmission of multimedia traffic, such as voice, video and data, thus the CAC, which can support the multimedia traffic and guarantee the Quality of Service （QoS） of different traffic, has gained broad attention. In this paper, a novel multimedia traffic modeling method and a corresponding dynamic QoS based CAC are proposed. The analysis and simulation results show that the proposed CAC scheme can guarantee the QoS to different traffic demand, and improve the system performance significantly.     

Storage capacity model for cloud download

With the rise and world wide deployment of cloud utilities,the principle of the cloud download is proposed to provide high-quality file content distribution by using dedicated servers as cloud cache to guarantee the data availability and enhance the data transfer rate.As the system scales up to a large population,how to design appropriate storage capacity of cloud cache is a key challenge for cloud download.In this paper,primary elements impacting on storage capacity are explored through deliberating in large-scale commercial cloud download system,i.e.general user usage pattern and available period.And based on statistical analysis of real-world traces,we formulate storage capacity related to these two elements,which is the original contribution different from all previous works.This model gives guidance of potential system policy design.Finally,the effectivity of this model is demonstrated by simulation results compared with empirical data of practical system.     

On-line/Off-line Threshold Proxy Re-Signatures

To improve the performance of threshold proxy re-signatures, the notion of on-line/off-line threshold proxy re-signatures is introduced. The bulk of re-signature computation can be done in the off-line phase before the message arrives. The results of this pre-computation are saved and then utilized in the on-line phase once a message to be re-signed is known. Based on any threshold proxy re-signature scheme and a threshold version of chameleon hash function, we present a generic on-line/off-line thresh- old proxy re-signature scheme that can convert any ex- isting secure threshold proxy re-signature scheme into an on-line/off-line one. The on-line phase of our scheme is ef- ficient： computing a re-signature share requires one round of communication, two modular additions and one mod- ular multiplication. Our scheme is provably secure under the discrete logarithm assumption without random oracles. Moreover, our scheme can achieve robustness in the pres- ence of [n/3] malicious proxies.     

Blockchain-based collaborative edge caching scheme fortrustworthy content sharing

Moving data from cloud to the edge network can effectively reduce traffic burden on the core network, and edge collaboration can further improve the edge caching capacity and the quality of service ( QoS). However, it is difficult for various edge caching devices to cooperate due to the lack of trust and the existence of malicious nodes. In this paper,blockchain which has the distributed and immutable characteristics is utilized to build a trustworthy collaborative edge caching scheme to make full use of the storage resources of various edge devices. The collaboration process is described in this paper, and a proof of credit (PoC) protocol is proposed, in which credit and tokens are used to encourage nodes to cache and transmit more content in honest behavior. Untrusted nodes will pay for their malicious actions such as tampering or deleting cached data. Since each node chooses strategy independently to maximize its benefits in an environment of mutual influence, a non-cooperative game model is designed to study the caching behavior among edge nodes. The existence of Nash equilibrium (NE) is proved in this game, so the edge server (ES) can choose the optimal caching strategy for all collaborative devices, including itself, to obtain the maximum rewards. Simulation results show that the system can save mining overhead as well as organize a trusted collaborative edge caching effectively.