ABSTRACT
The design and management of smart cities and the IoT is a multidimensional problem. One of those dimensions is cloud and edge computing management. Due to the complexity of the problem, resource sharing is one of the vital and major components that when enhanced, the performance of the whole system is enhanced. Research in data access and storage in multi-clouds and edge servers can broadly be classified to data centers and computational centers. The main aim of data centers is to provide services for accessing, sharing and modifying large databases. On the other hand, the aim of computational centers is to provide services for sharing resources. Present and future distributed applications need to deal with very large multi-petabyte datasets and increasing numbers of associated users and resources. The emergence of IoT-based, multi-cloud systems as a potential solution for large computational and data management problems has initiated significant research activity in the area. Due to the considerable increase in data production and data sharing within scientific communities, the need for improvements in data access and data availability cannot be overlooked. It can be argued that the current approaches of large dataset management do not solve all problems associated with big data and large datasets. The heterogeneity and veracity of big data require careful management. One of the issues for managing big data in a multi-cloud system is the scalability and expendability of the system under consideration. Data replication ensures server load balancing, data availability and improved data access time. The proposed model minimises the cost of data services through minimising a cost function that takes storage cost, host access cost and communication cost into consideration. The relative weights between different components is learned through history and it is different from a cloud to another. The model ensures that data are replicated in a way that increases availability while at the same time decreasing the overall cost of data storage and access time. Using the proposed model avoids the overheads of the traditional full replication techniques. The proposed model is mathematically proven to be sound and valid.
ABSTRACT
In the recent past, Distributed Denial of Service (DDoS) attacks have become more abundant and present one of the most serious security threats. In a DDoS attack, the attacker controls a botnet of daemons residing in vulnerable hosts that send a significant amount of traffic to flood the victim or the network infrastructure. In this paper, a common type of DDoS attacks known as "TCP SYN-Flood" is studied. This type of attack uses spoofed Internet Protocol (IP) addresses for SYN packets by exploiting the weakness in Transmission Control Protocol (TCP) 3-Way handshake used by the TCP/IP suite of protocols, which make the web servers unreachable for legitimate users or even worse, it might lead to server crash. In this paper, a resilient, efficient, lightweight, and robust IP traceback algorithm is proposed using an IP tracing packet for each attack path. The proposed algorithm suggests that edge routers-where the attack starts from-observe the traffic pattern passing through, and if the observed traffic carries the signature of TCP SYN-Flood DDoS attack and a high percentage of it is destined to a particular web server(s), it starts the tracing process by generating an IP trace packet, which accompanies the attack path recording the routers' IP addresses on the path between the attacker/daemon and the victim, which can extract the path and react properly upon receiving it by discarding any SYN packets originating from that attacker/daemon. To our knowledge, this is the first research that efficiently traces these kinds of attacks while they are running. The proposed solution has low computation and message overhead, efficient detection and tracing time, and converges in near optimal time. The results are validated using extensive simulation runs.
