Concurrency and Computation-Practice & Experience最新文献

Ensuring the seamless operation of cloud computing services is paramount for meeting user demands and ensuring business continuity. Fault-tolerant self-healing techniques play a crucial role in enhancing the reliability and availability of cloud platforms, minimizing downtime and ensuring uninterrupted service delivery. This article systematically categorizes and analyzes existing research on fault-tolerant self-healing techniques published between 2005 and 2024. We provide a comprehensive technical taxonomy organizing self-healing techniques based on fault tolerance processes, encompassing considerations for both reliability and availability. Additionally, we evaluate applications of proactive self-healing techniques, highlighting their achievements, and limitations in enhancing service continuity. Strategies to address identified weaknesses are discussed, alongside future research challenges and open issues in the domain of cloud resilience. Through this analysis, the article contributes to understanding self-healing techniques in cloud computing, offering insights into their effectiveness in ensuring service continuity. The findings aim to guide future research efforts in developing more robust and resilient cloud infrastructures, ultimately enhancing overall service reliability and availability. By emphasizing the importance of fault tolerance and self-healing techniques, this article lays the foundation for advancing the state-of-the-art in cloud computing.

With the development of the Internet of Things (IoT), the number of terminal devices is rapidly growing and at the same time, their security is facing serious challenges. For the industrial control system, there are challenges in detecting and preventing botnet. Traditional detection methods focus on capturing and reverse analyzing the botnet programs first and then parsing the extracted features from the malicious code or attacks. However, their accuracy is very low and their latency is relatively high. Moreover, they sometimes even cannot recognize the unknown botnets. The machine learning based detection methods rely on manual feature engineering and have a weak generalization. The deep learning-based methods mostly rely on the system log, which does not take into account the multisource information such as traffic. To address the above issues, from the perspective of the botnet features, this paper proposes an intelligent detection method over parallel CNN-LSTM, integrating the spatial and temporal features to identify botnets. Experimental demonstrate that the accuracy, recall, and F1-score of our proposed method achieve up to over 98%, and the precision, 97.8%, is not the highest but reasonable. It reveals compared with the existing start-of-the-art methods, our proposed method outperforms in the botnet detection. Our methodology's strength lies in its ability to harness the multifaceted information present in IoT traffic, offering a more nuanced and comprehensive analysis. The parallel CNN-LSTM architecture ensures that spatial and temporal data are processed concurrently, preserving the integrity of the information and enabling a more robust detection mechanism. The result is a detection system that not only performs exceptionally well in a controlled environment but also holds promise for real-world application, where the rapid and accurate identification of botnets is paramount.

Intrusion Detection (ID) is a critical component in cybersecurity, tasked with identifying and thwarting unauthorized access or malicious activities within networked systems. The advent of Edge Computing (EC) has introduced a paradigm shift, empowering Wireless Sensor Networks (WSNs) with decentralized processing capabilities. However, this transition presents new challenges for ID due to the dynamic and resource-constrained nature of Edge environments. In response to these challenges, this study presents a pioneering approach: an Improved Federated Transfer Learning Model. This model integrates a pre-trained ResNet-18 for transfer learning with a meticulously designed Convolutional Neural Network (CNN), tailored to the intricacies of the NSL-KDD dataset. The collaborative synergy of these models culminates in an Intrusion Detection System (IDS) with an impressive accuracy of 96.54%. Implemented in Python, the proposed model not only demonstrates its technical prowess but also underscores its practical applicability in fortifying EC-empowered WSNs against evolving security threats. This research contributes to the ongoing discourse on enhancing cybersecurity measures within emerging computing paradigms.

Software-defined networking (SDN) has revolutionized network architectures by decoupling the control plane from the data plane. An intriguing challenge within this paradigm is the strategic placement of controllers and the allocation of switches to optimize network performance and resilience. In the event of a controller failure, the switches are disconnected from the controller until they are reassigned to other active controllers possessing sufficient spare capacity. The reassignment could lead to a significant rise in propagation latency. This correspondence presents a mathematical model for capacitated controller placement, strategically designed to anticipate failures and prevent a substantial increase in worst-case latency and disconnections. The aim is to minimize the worst-case latency between switches and their backup controllers and among the controllers. Four metaheuristic algorithms are proposed including, an enhanced genetic algorithm (CCPCFR-EGA), particle swarm optimization (CCPCFR-PSO), a hybrid particle swarm optimization and simulated annealing algorithm (CCPCFR-HPSOSA), and a grey wolf optimization algorithm (CCPCFR-GWO). These algorithms are compared with a simulated annealing method and an optimal method. Evaluation conducted on four network datasets demonstrates that the proposed metaheuristic methods are faster than the optimal method. The experimental outcome indicates that CCPCFR-HPSOSA and CCPCFR-GWO outperform the other methods, consistently providing near-optimal solutions. However, CCPCFR-GWO is preferred over CCPCFR-HPSOSA due to its faster execution time. Specifically, CCPCFR-GWO achieves an average speed-up of 3.9 over the optimal for smaller networks and an average speed-up of 31.78 for larger networks, while still producing near-optimal solutions.

The Internet of Things (IoT) has transformed every aspect of our lives and has become universal in multiple fields from personnel to government and military applications. However, IoT suffers from the inherent limitation of latency and high computational costs, which can be effectively overcome by using a fog computing framework. However, the key challenge in fog computing is to address the problem of service placement among the nodes, thereby providing optimal utilization of resources and minimizing service time. This research work presents a novel service placement technique, by considering the service placement issue as a multi-objective optimization problem. Here, a two-level fog computing network comprising a fog master node and fog cells is considered. The master node is responsible for the service placement of the fog nodes, and the service placement is carried out using the Adam-Ladybug Beetle Optimization (ALBO) algorithm. Further, multiple objectives, like resource utilization, makespan, response time, service time, cost, and energy consumption are considered to enhance service placement. Moreover, the efficiency of the ALBO for service placement (ALBO_SP) is examined considering service cost, energy consumption, and service time and is found to attain values of 19.009, 73.581 J, and 4.854 s, respectively.

Edge computing has the capability to process data closer to its point of origin, leading to the development of critical autonomous infrastructures with frequently communicating peers. The proposed work aims to evaluate the effectiveness of security and privacy mechanisms tailored for distributed systems, particularly focusing on scenarios where the nodes are closed-circuit television (CCTV) systems. Ensuring public safety, object tracking in surveillance systems is a vital responsibility. The workflow has been specifically crafted and simulated for the purpose of weapon detection within public CCTV systems, utilizing sample edge devices. The system's primary objective is to detect any unauthorized use of weapons in public spaces while concurrently ensuring the integrity of video footage for use in criminal investigations. The outcomes of prior research on distributed machine learning (DML) techniques are compared with modified federated machine learning (FML) techniques, specifically designed for being Gossip verifiable and Quantum Safe. The conventional federated averaging algorithm is modified by incorporating the secret sharing principle, coupled with code-based McEliece cryptosystem. This adaptation is designed to fortify the system against quantum threats. The Gossip data dissemination protocol, executed via custom blockchain atop the distributed network, serves to authenticate and validate the learning model propagated among the peers in the network. It provides additional layer of integrity to the system. Potential threats to the proposed model are analyzed and the efficiency of the work is assessed using formal proofs. The outcomes of the proposed work demonstrate that the trustworthiness and consistency are meticulously preserved for both the model and data within the DML framework on the Edge computing platform.

This article designs and implements a runtime library for general dataflow programming, DFCPP (Luo Q, Huang J, Li J, Du Z. Proceedings of the 52nd International Conference on Parallel Processing Workshops. ACM; 2023:145-152.), and builds upon it to design and implement a multi-machine C++ dataflow library, M-DFCPP. In comparison to existing dataflow programming environments, DFCPP features a user-friendly interface and richer expressive capabilities (Luo Q, Huang J, Li J, Du Z. Proceedings of the 52nd International Conference on Parallel Processing Workshops. ACM; 2023:145-152.), enabling the representation of various types of dataflow actor tasks (static, dynamic and conditional task). Besides that, DFCPP addresses the memory management and task scheduling for non-uniform memory access architectures, while other dataflow libraries lack attention to these issues. M-DFCPP extends the capability of current dataflow runtime libraries (DFCPP, taskflow, openstream, etc.) and capable of multi-machine computing, while maintains the API compatible with DFCPP. M-DFCPP adopts the concepts of master and follower (Dean J, Ghemawat S. Commun ACM. 2008;51(1):107-113; Ghemawat S, Gobioff H, Leung ST. ACM SIGOPS Operating Systems Review. ACM; 2003:29-43.), which form a worksharing framework as many multi-machine system. To shift to the M-DFCPP framework, a filtering layer is inserted to the original DFCPP, transforming it into followers that can cooperate with each other. The master is made of modules for scheduling, data processing, graph partition, state management and so forth. In benchmark tests with workload with directed acyclic graph topology of binary trees and random graphs, DFCPP demonstrated performance improvements of 20% and 8%, respectively, compared to the second fastest library. M-DFCPP consistently exhibits outstanding performance across varying levels of concurrency and task workloads, achieving a maximum speedup of more than 20 over DFCPP, when the task parallelism exceeds 5000 on 32 nodes. Moreover, M-DFCPP, as a runtime library supporting multi-node dataflow computation, is compared with MPI, a runtime library supporting multi-node control flow computation.

Cloud's operating-system-level virtualization has introduced a new phase of lightweight virtualization through containers. The architecture of cloud-native and microservices-based application development strongly advocates for the use of containers due to their swift and convenient deployment capabilities. However, the security of applications within containers is important, as malicious or vulnerable content could jeopardize the container and the host system. This vulnerability also extends to neighboring containers and may compromise data integrity and confidentiality. The article focuses on developing an intrusion detection system tailored to containerized cloud environments by identifying system call analysis techniques and also proposes an anomaly-based host intrusion detection system (Ab-HIDS). This system employs the frequency of N-grams system calls as distinctive features. To enhance performance, two ensemble learning models, namely voting-based ensemble learning and XGBoost ensemble learning, are employed for training and testing the data. The proposed system is evaluated using the Leipzig Intrusion Detection Data Set (LID-DS), demonstrating substantial performance compared to existing state-of-the-art methods. Ab-HIDS is validated for class imbalance using the imbalance ratio and synthetic minority over-sampling technique methods. Our system achieved significant improvements in detection accuracy with 4% increase for the voting-based ensemble model and 6% increase for the XGBoost ensemble model. Additionally, we observed reductions in the false positive rate by 0.9% and 0.8% for these models, respectively, compared to existing state-of-the-art methods. These results illustrate the potential of our proposed approach in improving security measures within containerized environments.

Neural networks are becoming increasingly widely used in various fields, especially for academic risk forecasts. Academic risk prediction is a hot topic in the field of big data in education that aims to identify and help students who experience great academic difficulties. In recent years, the use of machine learning algorithms and deep learning algorithms to achieve academic risk prediction has garnered increased attention and development. However, most of these studies use nontime series data as features for prediction, which are slightly insufficient in terms of timeliness. Therefore, this article focuses on time series data features that are more expressive of changes in students' learning status and uses multivariate time series data as predictive features. This article proposes a method based on multivariate time series features and a neural network to predict academic risk. The method includes three steps: first, the multivariate time series feature is extracted from the interaction records of the students' online learning platforms; second, the multivariate time series feature transformation model ROCKET is applied to convert the multivariate time series feature into a new feature; third, the new feature is converted into a final prediction result using a linear classification model. Comparative tests show that the proposed method has high effectiveness.