Fog computing is a paradigm to overcome the cloud computing limitations which provides low latency to the users’ applications for the Internet of Things (IoT). Software-defined networking (SDN) is a practical networking infrastructure that provides a great capability in managing network flows. SDN switches are powerful devices, which can be used as fog devices/fog gateways simultaneously. Hence, fog devices are more vulnerable to several attacks. TCP SYN flood attack is one of the most common denial of service attacks, in which a malicious node produces many half-open TCP connections on the targeted computational nodes so as to break them down. Motivated by this, in this paper, we apply SDN concepts to address TCP SYN flood attacks in IoT–fog networks . We propose FUPE, a security-aware task scheduler in IoT–fog networks. FUPE puts forward a fuzzy-based multi-objective particle swarm Optimization approach to aggregate optimal computing resources and providing a proper level of security protection into one synthetic objective to find a single proper answer. We perform extensive simulations on IoT-based scenario to show that the FUPE algorithm significantly outperforms state-of-the-art algorithms. The simulation results indicate that, by varying the attack rates, the number of fog devices, and the number of jobs, the average response time of FUPE improved by 11% and 17%, and the network utilization of FUPE improved by 10% and 22% in comparison with Genetic and Particle Swarm Optimization algorithms, respectively.

雾计算是克服云计算局限性的范例，云计算局限性为用户的物联网（IoT）应用程序提供了低延迟。软件定义网络（SDN）是一种实用的网络基础结构，在管理网络流方面提供了强大的功能。SDN交换机是功能强大的设备，可以同时用作雾设备/雾网关。因此，雾气设备更容易受到多种攻击。TCP SYN泛洪攻击是最常见的拒绝服务攻击之一，在这种攻击中，恶意节点在目标计算节点上产生许多半开放的TCP连接，以将其分解。因此，在本文中，我们将SDN概念应用于IoT-雾网络中的TCP SYN泛洪攻击。我们建议使用FUPE，这是IoT-雾网络中的安全意识任务计划程序。FUPE提出了一种基于模糊的多目标粒子群优化方法，以聚合最优计算资源，并为一个综合目标提供适当级别的安全保护，以找到单个适当的答案。我们对基于IoT的场景进行了广泛的仿真，以表明FUPE算法明显优于最新算法。仿真结果表明，通过改变攻击率，雾设备数量和作业数量，FUPE的平均响应时间分别提高了11％和17％，FUPE的网络利用率提高了10％和22分别与遗传和粒子群优化算法相比。