Journal of Security in Computer Networks and Distributed Systems

Design and Performance Evaluation of a Scalable Low-Latency Three-Layer Hierarchical Data Aggregation Framework for IoT Networks

2026-06-22T09:28:09+00:00

This work investigates the design and performance evaluation of a scalable low-latency three-layer hierarchical data aggregation framework for Internet of Things (IoT) networks. The rapid growth of IoT devices and wireless sensor networks has resulted in massive data generation, creating major challenges related to scalability, network congestion, latency, bandwidth utilization, and energy efficiency. Conventional flat and two-layer network architectures often suffer from excessive routing overhead, redundant data transmission, packet collisions, and rapid energy depletion, which limit their effectiveness in large-scale IoT environments. To overcome these limitations, this paper proposes a scalable hierarchical framework designed to optimize data transmission, processing efficiency, and network reliability. The proposed architecture consists of three layers—a sensor layer for real-time data collection, an edge/aggregation layer for intermediate processing and filtering, and a cloud layer for large-scale storage and analytics. A hybrid data aggregation algorithm integrating temporal aggregation, spatial aggregation, and threshold-based filtering is introduced to reduce redundant transmissions while preserving data integrity and communication reliability. By distributing processing and routing operations across multiple layers, the framework significantly reduces communication overhead and improves scalability in dense wireless sensor network environments. Performance evaluation is conducted using MATLAB-based simulation under IEEE 802.15.4 communication standards with both periodic and event-driven traffic models. Several key performance metrics, including latency, energy consumption, throughput, packet delivery ratio (PDR), network lifetime, and control overhead, are analyzed and compared with conventional flat and two-layer architectures. Simulation results demonstrate that the proposed three-layer model reduces latency by up to 35% and energy consumption by approximately 28% while achieving higher throughput and improved packet delivery performance. The framework also maintains stable communication and efficient operation in networks containing up to 1000 sensor nodes. Overall, the proposed hierarchical framework provides an efficient, scalable, and energy-aware solution for next-generation IoT applications, including smart cities, industrial automation, environmental monitoring, and healthcare systems requiring reliable low-latency communication.

Cloud Misconfiguration Threat Detection and Analysis Using Docker, Prowler, ScoutSuite, and YARA

2026-05-06T09:28:21+00:00

Given the presence of cloud computing platforms such as Amazon Web Services (AWS), the interaction of developing and progressive threats, as well as misconfigurations, has become a new standard. That is why realistic and auto-piloted detection and mitigation frameworks are required. In this paper, the author will address and recommend a hybrid multi-model cloud security and threat detection framework using the three most downloaded open-source cloud security tools: Prowler, ScoutSuite and YARA. These will be synchronized and combined with Docker containers, therefore, creating a powerful and scalable cloud security and threat-detecting platform. Windows and Windows Subsystem for Linux (WSL) will be used to implement the offered solution. The proposed solution will address the issues that are present in the field of cloud security and threat detection by offering a possible and scalable framework. The proposed framework will utilize the fact that Prowler will automate compliance auditing using more than 300 controls of the CIS Benchmark and AWS well-architected frameworks. The proposed framework will be created with reference to the functionality of the framework, which probes 15+ services of the AWS attack surface using ScoutSuite. The detection of malware and IoCs will be carried out at the file level and at the log level using YARA.

Detecting Denial of Service Attacks on Simulated IoT Devices Using Python-based Packet Rate Monitoring

2026-05-12T08:37:23+00:00

Internet of Things (IoT) security is one that typically remains unnoticed until something occurs. This project examines the inadequate security in small interconnected devices, specifically in connection to one type of attack, constant request flooding to a device target until the device ceases to respond. The objective was to choose to find out whether the attack under consideration can be found with the help of the simplest set of tools, including a Python script and a network analysis tool. To do it, three elements were created, i.e. (1) a simulated server which simulates an IoT device, (2) a program simulating the attack itself, and (3) a monitor tool that analyses traffic and informs about suspicious activity. The mechanism of notification employed a very simple criterion: the number of packages received within a period of five seconds, and then an alert and a record of the log are issued in case the number received is more than a hundred. An experiment was carried out on Kali Linux OS, and Wireshark was also used in parallel to observe network traffic. Before the commencement of the experiment, traffic was negligible and relatively small, with few packages being dispatched at a time. As the flood started, the number of packages was already over two hundred, thus initiating the process of notification. Every activity was recorded, and timestamps were used, which was also evidence even in cases where there were no individuals to observe the process in action at the time. It appears that the experiment was a success, and all effects can be seen in the terminal output and also in the Wireshark data. The main lesson of this study is the thought that one can apply an easy, zero-dependency detection approach that operates in real-time. It appears that the idea that machine learning and other sophisticated solutions to secure the IoT networks no longer applies.

A Multi-stage Feature Selection and Stacked Ensemble Learning for Efficient Real-time SNMP-based Network Intrusion Detection

2026-05-02T09:34:33+00:00

The significant increase in the number and types of malicious activities in operational network environments in the recent past is due to the growth in the use of high-speed networks and the rise in the usage of the Internet. Intrusion detection system has, therefore, been one of the critical measures used in safeguarding networking resources and infrastructure. Many of the existing IDSs are challenged with low accuracy and high computational costs. This is mainly due to the type of network traffic data used, most of which are cumbersome, resource-intensive and contain redundant and irrelevant features. Also, single-stage feature selection often fails to handle feature irrelevance and redundancy. To address these issues, this study proposes a multi-stage hybrid feature selection process on the SNMP-MIB data for real-time network intrusion detection. The multi-stage feature selection process involves the application of Mutual Information and the Recursive Filtering Elimination. The combined output of both serves as input for the Spearman Correlation Filtering to obtain an optimal feature set. This was tested on a stack ensemble learning using Random Forest, Support Vector Machine and Gradient Boosting algorithms as base learners with Logistic Regression as the meta-learner. The results showed that the Spearman-filtered feature set outperformed all other methods across all metrics and classes and the ensemble tested with the optimised feature set had the highest accuracy at 98.90% and a Macro-average F1-score of 97.31%, outperforming the best base learner by over 3.4%. It also showed that each classifier benefitted from the multi-stage hybrid feature selection techniques.