S-FoS: A secure workflow scheduling approach for performance optimization in SDN-based IoT-Fog networks

Fog computing aims to provide resources to cloud data centers at the network's edge to support time-critical Internet of Things (IoT) applications with low-latency requirements. Protecting the IoT-Fog resources and the scheduling services from the treats is critical for executing the users' requests in the IoT-Fog network. Proper scheduling algorithms are essential to fulfill the requirements of users' applications properly and fully harness the potential of IoT-Fog resources. Software-Defined Networking (SDN) is a structure that decouples the control plane from the data plane, resulting in more flexible management. That eases the implementation of security mechanisms in the IoT-Fog networks. In SDN-based IoT-Fog networks, SDN switches and controllers can serve as fog gateways/cloud gateways. SDN switches and controllers, on the other hand, are more susceptible to a variety of assaults, making the SDN controller a bottleneck and thus easy to control plane saturation. IoT devices are inherently insecure, making the IoT-Fog network vulnerable to a variety of attacks. This paper presents S-FoS, an SDN-based security-aware workflow scheduler for IoT-Fog networks. The proposed approach defends scheduling services against distributed denial of service (DDoS) and port scanning assaults. S-FoS is a joint security and performance optimization approach that uses fuzzy-based anomaly detection algorithms to identify the source of attacks and block malicious requestors. It also uses a NSGA-III multi -objective scheduler optimization approach to consider load balancing and delay simultaneously. We show that the S-FoS outperforms state-of-the-art algorithms in IoT-based scenarios through comprehensive simulations. The experiments indicate that by varying the attack rates, the number of IoT devices, and the number of fog devices, the response time of S-FoS could be improved by 31% and 18%, and the network utilization of S-FoS could be improved by 9% and 4%, respectively, compared to the NSGA-II and MOPSO algorithms.