Resource Management in a Peer to Peer Cloud Network for IoT

Software-Defined Internet of Things (SDIoT) is defined as merging heterogeneous objects in a form of interaction among physical and virtual entities. Large scale of data centers, heterogeneity issues and their interconnections have made the resource management a hard problem specially when there are different actors in cloud system with different needs. Resource management is a vital requirement to achieve robust networks specially with facing continuously increasing amount of heterogeneous resources and devices to the network. The goal of this paper is reviews to address IoT resource management issues in cloud computing services. We discuss the bottlenecks of cloud networks for IoT services such as mobility. We review Fog computing in IoT services to solve some of these issues. It provides a comprehensive literature review of around one hundred studies on resource management in Peer to Peer Cloud Networks and IoT. It is very important to find a robust design to efficiently manage and provision requests and available resources. We also reviewed different search methodologies to help clients find proper resources to answer their needs

A Mathematical Model for Analyzing Honeynets and Their Cyber Deception Techniques

Abstract As a way of obtaining useful information about the adversaries behavior with a low rate of false detection, honeypots have made significant advancements in the field of cybersecurity. They are also powerful in wasting the adversaries resources and attracting their attention from other critical assets in the network. A deceptive network with multiple honeypots is called a honeynet. The honeypots in a honeynet aim to cooperate in order to increase their deception power. Professional adversaries utilize strong detection mechanisms to discover the existence of the honeypots in a network. When an adversary finds that a deception mechanism is deployed, it may change their behavior and cause malicious effects on the network. Therefore, a honeynet has to be deceptive enough in order not to be identified. This paper aims to review the techniques that are designed for the honeynets to make them improve their deception performance. The recent related surveys do not focus on the honeynet-specific techniques, and also have no comparison analysis. The main presented techniques in this paper are fully investigated through comparative analysis and simulation scenarios. Some suggestions on the research gap are also provided. The results of this paper can be used by the honeynet developers and researchers to improve their work.Abstract As a way of obtaining useful information about the adversaries behavior with a low rate of false detection, honeypots have made significant advancements in the field of cybersecurity. They are also powerful in wasting the adversaries resources and attracting their attention from other critical assets in the network. A deceptive network with multiple honeypots is called a honeynet. The honeypots in a honeynet aim to cooperate in order to increase their deception power. Professional adversaries utilize strong detection mechanisms to discover the existence of the honeypots in a network. When an adversary finds that a deception mechanism is deployed, it may change their behavior and cause malicious effects on the network. Therefore, a honeynet has to be deceptive enough in order not to be identified. This paper aims to review the techniques that are designed for the honeynets to make them improve their deception performance. The recent related surveys do not focus on the honeynet-specific techniques, and also have no comparison analysis. The main presented techniques in this paper are fully investigated through comparative analysis and simulation scenarios. Some suggestions on the research gap are also provided. The results of this paper can be used by the honeynet developers and researchers to improve their work

Reinforcement Learning-Based Slice Isolation Against DDoS Attacks in beyond 5G Networks

Abstract Network slicing in 5G networks can be modeled as a Virtual Network Embedding (VNE) problem, wherein the slice requests must be efficiently mapped on the core network. This process faces two major challenges: covering the maximum number of requests and providing slice isolation. Slice isolation is a mechanism for protecting the slices against Distributed Denial of Service (DDoS) attacks. To overcome these two challenges, we have proposed a novel actor-critic Reinforcement Learning (RL) model, called Slice Isolation-based Reinforcement Learning (SIRL), using five optimal graph features to create the problem environment, the form of which is changed based on a ranking scheme. The ranking procedure reduces the dimension of the features and improves learning performance. We evaluated SIRL by comparing it against four non-RL and nine state-of-the-art RL models. The average results show that the ratio of the covered requests and the damage caused by a DDoS attack of SIRL is 54% higher and 23% lower than that of the other models, respectively. It also has an acceptable learning performance and generality, regarding the reported results that show SIRL agents trained and tested with different networks outperform the other agents by 97%.Abstract Network slicing in 5G networks can be modeled as a Virtual Network Embedding (VNE) problem, wherein the slice requests must be efficiently mapped on the core network. This process faces two major challenges: covering the maximum number of requests and providing slice isolation. Slice isolation is a mechanism for protecting the slices against Distributed Denial of Service (DDoS) attacks. To overcome these two challenges, we have proposed a novel actor-critic Reinforcement Learning (RL) model, called Slice Isolation-based Reinforcement Learning (SIRL), using five optimal graph features to create the problem environment, the form of which is changed based on a ranking scheme. The ranking procedure reduces the dimension of the features and improves learning performance. We evaluated SIRL by comparing it against four non-RL and nine state-of-the-art RL models. The average results show that the ratio of the covered requests and the damage caused by a DDoS attack of SIRL is 54% higher and 23% lower than that of the other models, respectively. It also has an acceptable learning performance and generality, regarding the reported results that show SIRL agents trained and tested with different networks outperform the other agents by 97%