RESUMEN
This paper introduces a novel hybrid optimization algorithm, PDO-DE, which integrates the Prairie Dog Optimization (PDO) algorithm with the Differential Evolution (DE) strategy. This research aims to develop an algorithm that efficiently addresses complex optimization problems in engineering design and network intrusion detection systems. Our method enhances the PDO's search capabilities by incorporating the DE's principal mechanisms of mutation and crossover, facilitating improved solution exploration and exploitation. We evaluate the effectiveness of the PDO-DE algorithm through rigorous testing on 23 classical benchmark functions, five engineering design problems, and a network intrusion detection system (NIDS). The results indicate that PDO-DE outperforms several state-of-the-art optimization algorithms regarding convergence speed and accuracy, demonstrating its robustness and adaptability across different problem domains. The PDO-DE algorithm's potential applications extend to engineering challenges and cybersecurity issues, where efficient and reliable solutions are critical; for example, the NIDS results show significant results in detection rate, false alarm, and accuracy with 98.1%, 2.4%, and 96%, respectively. The innovative integration of PDO and DE contributes significantly to stochastic optimization and swarm intelligence, offering a promising new tool for tackling diverse optimization problems. In conclusion, the PDO-DE algorithm represents a significant scientific advancement in hybrid optimization techniques, providing a more effective approach for solving real-world problems that require high precision and optimal resource utilization.
RESUMEN
The design and management of smart cities and the IoT is a multidimensional problem. One of those dimensions is cloud and edge computing management. Due to the complexity of the problem, resource sharing is one of the vital and major components that when enhanced, the performance of the whole system is enhanced. Research in data access and storage in multi-clouds and edge servers can broadly be classified to data centers and computational centers. The main aim of data centers is to provide services for accessing, sharing and modifying large databases. On the other hand, the aim of computational centers is to provide services for sharing resources. Present and future distributed applications need to deal with very large multi-petabyte datasets and increasing numbers of associated users and resources. The emergence of IoT-based, multi-cloud systems as a potential solution for large computational and data management problems has initiated significant research activity in the area. Due to the considerable increase in data production and data sharing within scientific communities, the need for improvements in data access and data availability cannot be overlooked. It can be argued that the current approaches of large dataset management do not solve all problems associated with big data and large datasets. The heterogeneity and veracity of big data require careful management. One of the issues for managing big data in a multi-cloud system is the scalability and expendability of the system under consideration. Data replication ensures server load balancing, data availability and improved data access time. The proposed model minimises the cost of data services through minimising a cost function that takes storage cost, host access cost and communication cost into consideration. The relative weights between different components is learned through history and it is different from a cloud to another. The model ensures that data are replicated in a way that increases availability while at the same time decreasing the overall cost of data storage and access time. Using the proposed model avoids the overheads of the traditional full replication techniques. The proposed model is mathematically proven to be sound and valid.
RESUMEN
In the recent past, Distributed Denial of Service (DDoS) attacks have become more abundant and present one of the most serious security threats. In a DDoS attack, the attacker controls a botnet of daemons residing in vulnerable hosts that send a significant amount of traffic to flood the victim or the network infrastructure. In this paper, a common type of DDoS attacks known as "TCP SYN-Flood" is studied. This type of attack uses spoofed Internet Protocol (IP) addresses for SYN packets by exploiting the weakness in Transmission Control Protocol (TCP) 3-Way handshake used by the TCP/IP suite of protocols, which make the web servers unreachable for legitimate users or even worse, it might lead to server crash. In this paper, a resilient, efficient, lightweight, and robust IP traceback algorithm is proposed using an IP tracing packet for each attack path. The proposed algorithm suggests that edge routers-where the attack starts from-observe the traffic pattern passing through, and if the observed traffic carries the signature of TCP SYN-Flood DDoS attack and a high percentage of it is destined to a particular web server(s), it starts the tracing process by generating an IP trace packet, which accompanies the attack path recording the routers' IP addresses on the path between the attacker/daemon and the victim, which can extract the path and react properly upon receiving it by discarding any SYN packets originating from that attacker/daemon. To our knowledge, this is the first research that efficiently traces these kinds of attacks while they are running. The proposed solution has low computation and message overhead, efficient detection and tracing time, and converges in near optimal time. The results are validated using extensive simulation runs.