Songtao Fu,Qi Li,Xiaoliang Wang,Su Yao,Xuewei Feng,Ziqiang Wang,Xinle Du,Kao Wan,Ke Xu

DOI: https://doi.org/10.1109/TDSC.2024.3392486

2024-01-01

IEEE Transactions on Dependable and Secure Computing

Abstract:Secure data forwarding is critical for users to meet their requirements. In this paper, we propose D3 (Demon Detector in Data Plane), a source-driven, secure fault localization mechanism, which empowers the source to localize faulty link in Path Aware Networking, thus circumventing faulty link to guarantee secure data forwarding. D3 utilizes the source to instruct the on-path routers, thus empowering it to detect whether the on-path routers forward the packet as expected. Compared with existing schemes that are difficult to be deployed in practice due to the heavy storage, computation, and communication overhead, D3 offloads most of the on-path router's storage and computation overhead, thus dramatically improving the deployment efficiency. Particularly, the length of the additional packet header in D3 is 2-5 times less than the state-of-the-art mechanisms, thus having a low communication overhead. Besides that, the destination in D3 could keep stateless processing, thus having backward compatibility and eliminating the opportunity for DoS attacks toward a stateful destination. The BMv2 and Barefoot Tofino hardware evaluations show that D3 could achieve high fault localization accuracy and process the packet at line rate.

Junchi Xing,Haifeng Zhou,Jinfan Shen,Kai Zhu,Yansong Wang,Chunming Wu,Wei Ruan

DOI: https://doi.org/10.1109/ICT.2018.8464855

2018-01-01

Abstract:Distributed Denial-of-Service (DDoS) attack has been a "nightmare" for cloud. A countermeasure is to establish an Intrusion Detection and Prevention System (IDPS) for cloud. Nevertheless, current IDPSes fail to achieve the detection and prevention in a flexible and lightweight way. In this paper, we propose a novel scheme of IDPS for overcoming the above problem, termed as Auto-scaling IDPS (AsIDPS). AsIDPS is based on Software-Defined Networking (SDN) and Docker container technologies. It first detects abnormal traffic based on the flow statistics collected in SDN switches in real-time. By the SDN controller, the abnormal traffic will be directed to the created Docker containers with Snort running on them for further detection and clean-up. Particularly, the Docker containers can be automatically scaled out or scaled down on demand. The Snort will also deliver an alert to the SDN controller if it detects attack traffic so as to perform a countermeasure if necessary. Benefitting from the flexible network management offered by SDN and the lightweight Docker container, AsIDPS is able to build a flexible and lightweight defense against DDoS attack in cloud. Based on our prototype implementation, we validate the effectiveness of AsIDPS in defending DDoS attack, and also verify its flexibility and lightweight.

Qiumei Cheng,Chunming Wu,Haifeng Zhou,Yuhang Zhang,Rui Wang,Wei Ruan

DOI: https://doi.org/10.1109/hpcc/smartcity/dss.2018.00149

2018-01-01

Abstract:Guarding the perimeter of cloud-based enterprise networks is a challenge due to massive traffic with dynamic nature. Current firewalls of enterprise networks in cloud are largely based on static security rule configuration or simple rule matching, which makes them inflexible, error-prone and poorly effective, bringing about severe security risks. In this paper, we propose an artificial intelligence-based software-defined networks firewall (AI-SDNF) for solving the above problems. Compared with existing SDN firewalls, AI-SDNF is able to extract and analyze the payload of data packets based on machine learning technologies rather than simply match with flow tables according to several header fields (e.g., source and destination IP/MAC addresses). Considering deciding whether a packet is benign or malicious is able to be formulated as a typical binary classification problem, we employ logistic regression for training an intelligent SDN firewall under supervised machine learning. We implement a prototype of AI-SDNF on the OpenDaylight controller and the OpenStack platform. Based on the prototype, we evaluate its performance and overheads with real dataset. The experimental results indicate that AI-SDNF achieves a relatively high detection accuracy of 96.79% with an average of 0.2ms latency.

Yuxia Cheng,Xinjie Yu,Wenzhi Chen,Rui Chang,Yang Xiang

DOI: https://doi.org/10.1007/s10586-017-0840-5

2017-01-01

Cluster Computing

Abstract:The fault-tolerance property in most cloud storage systems are designed within the scale of a single datacenter. The single datacenter as a whole may be unreachable or crashed due to severe problems, such as broken network links, power supply interruptions, and natural disasters, etc. Therefore, the design of an effective cross-datacenter fault-tolerant storage system is important to protect data security in the cloud. However, building a cross-datacenter fault-tolerant system faces great challenges, such as high latency, low throughput, high costs of bandwidth resources between datacenters. In this paper, we propose a practical cross-datacenter fault-tolerant (CDFT) algorithm in the cloud storage system. Our fault-tolerant algorithm design considers the difficult tradeoffs among fault tolerance, latency, throughput, network and storage costs. We propose the Domain Fault Codes (DFC) and the topology-aware scheduling techniques, which can tolerate the whole datacenter breakdown. We implemented the DFC-CDFT algorithm in a prototype cloud storage system. The experimental results showed that the proposed DFC-CDFT algorithm can effectively recover data blocks from the single datacenter failure while achieves low storage and bandwidth costs.

Johannes Zerwas,Chen Griner,Stefan Schmid,Chen Avin

2024-06-19

Abstract:The explosively growing communication traffic in datacenters imposes increasingly stringent performance requirements on the underlying networks. Over the last years, researchers have developed innovative optical switching technologies that enable reconfigurable datacenter networks (RCDNs) which support very fast topology reconfigurations. This paper presents D3, a novel and feasible RDCN architecture that improves throughput and flow completion time. D3 quickly and jointly adapts its links and packet scheduling toward the evolving demand, combining both demand-oblivious and demand-aware behaviors when needed. D3 relies on a decentralized network control plane supporting greedy, integrated-multihop, IP-based routing, allowing to react, quickly and locally, to topological changes without overheads. A rack-local synchronization and transport layer further support fast network adjustments. Moreover, we argue that D3 can be implemented using the recently proposed Sirius architecture (SIGCOMM 2020). We report on an extensive empirical evaluation using packet-level simulations. We find that D3 improves throughput by up to 15% and preserves competitive flow completion times compared to the state of the art. We further provide an analytical explanation of the superiority of D3, introducing an extension of the well-known Birkhoff-von Neumann decomposition, which may be of independent interest.

Networking and Internet Architecture

Bo Wu,Ke Xu,Qi Li,Fan Yang

DOI: https://doi.org/10.1109/pccc.2017.8280428

2017-01-01

Abstract:The current network is vulnerable to various attacks, e.g., source spoofing and flow hijacking attacks, which can be constructed by misconfigurations or compromising routers. Unfortunately, both users and network operators are unable to localize these faults. Existing fault localization mechanisms detect such attacks under an assumption that localization is performed upon reliable communication channels. In this paper, we will relax the assumption and propose a robust and lightweight dataplane fault localization (RFL) protocol that aims to achieve source authenticity and path compliance in unreliable communication channels. RFL uses symmetric keys to build secure detection channels and samples packets for localization on the channels such that it can detect and localize faults. In particular, the localization performed is not impacted by the reliability of the communication channels, e.g., the packets that used to localize faults are dropped. We prototype of RFL on Click routers and the experiment results with the prototype demonstrate that RFL achieves more than 99.5% localization accuracy, while only incurring around 10% throughput degradation.

Chongrong Fang,Haoyu Liu,Mao Miao,Jie Ye,Lei Wang,Wansheng Zhang,Daxiang Kang,Biao Lyu,Shunmin Zhu,Peng Cheng,Jiming Chen

DOI: https://doi.org/10.1109/tnet.2021.3137557

2022-01-01

IEEE/ACM Transactions on Networking

Abstract:Persistent packet loss in the cloud-scale overlay network severely compromises tenant experiences. Cloud providers are keen to diagnose such problems efficiently. However, existing work is either designed for the physical network or insufficient to present the concrete reason of packet loss. We propose to record and analyze the on-site forwarding condition of packets during packet-level tracing. The cloud-scale overlay network presents great challenges to achieve this goal with its high network complexity, multi-tenant nature, and diversity of root causes. To address these challenges, we present VTrace, an automatic diagnostic system for persistent packet loss over the cloud-scale overlay network. Utilizing the ''fast path-slow path'' structure of virtual forwarding devices (VFDs), e.g., vSwitches, VTrace installs several ''coloring-matching-logging'' rules in VFDs to selectively track the target packets and inspect them in depth. The detailed forwarding situation at each hop is logged and then assembled to perform analysis with an efficient path reconstruction scheme. Experiments are conducted to demonstrate VTrace's low overhead and quick response. Besides, based on the idea ''coloring-matching-counting'', VTrace can be easily extended to VTrace-stats to identify the culprit device for transient packet loss. We share experiences of how VTrace and VTrace-stats efficiently work after deploying them in Alibaba Cloud for years.

Xuan Zhao,Song Zhang,Bowen Liu,Xutong Jiang,Wanchun Dou

DOI: https://doi.org/10.1007/978-3-030-92638-0_3

2021-01-01

Abstract:With the rapid development of edge computing, a large number of compute-intensive tasks are offloaded to the edge server, and computation offloading strategy has become a hot research topic. Because the deployment of edge servers is still in its infancy, there would be some service blind area. Through D2D technology, mobile devices in the blind area can obtain edge services with the help of relays. However, the existing methods usually select single relay to transmit tasks, and seldom consider the sensitivity of processing delay for compute-intensive tasks. When the available bandwidth of single relay is not enough to complete the data transmission in a limited time, it will produce a large delay, which seriously affects the quality of user experience. In view of this challenge, a D2D-based multi-relay-assisted computation offloading method is proposed. Technically, multiple mobile devices in the available area of edge service are used as the relays. Based on D2D technology, mobile devices in the blind area use the relays to transmit the computing task to the edge server to improve the application computing efficiency. A large number of experiments with real-world datasets have proved the feasibility and effectiveness of our method.

Yu Wu,Bo Yang,Cheng Li,Qi Liu,Yuxiang Liu,Dafeng Zhu

DOI: https://doi.org/10.1109/isie51582.2022.9831607

2022-01-01

Abstract:The tremendous data transmission between the cloud server and edge gateways accelerates the realization of the intelligent factory. However, it consumes enormous band-width resources and leads to the problem that limited factory bandwidth can not meet the large-scale high-density online data transmission. Therefore, data transmission between the cloud server and edge gateways must be reduced to enable large-scale cloud-edge interaction. To achieve this purpose, we propose a deep learning (DL) based data transmission reduction (DPTR) scheme for cloud-edge collaboration, which combines the cloud-edge characteristics to reduce the data transmission volume online while ensuring data accuracy. Meanwhile, we built a physical verification platform including sensor, edge gateway, and cloud server to collect real data and validate the DPTR scheme. Based on the physical validation platform and real data, we experimentally demonstrate that the proposed scheme can reduce the data transmission by 76.83 % while guaranteeing the relative deviation of less than 10%, even for drastically changing vibration data.

Ryo Yaegashi,Daisuke Hisano,Yu Nakayama

DOI: https://doi.org/10.48550/arXiv.2010.15786

2020-10-30

Abstract:The Internet of Things (IoT) has been growing rapidly in recent years. With the appearance of 5G, it is expected to become even more indispensable to people's lives. In accordance with the increase of Distributed Denial-of-Service (DDoS) attacks from IoT devices, DDoS defense has become a hot research topic. DDoS detection mechanisms executed on routers and SDN environments have been intensely studied. However, these methods have the disadvantage of requiring the cost and performance of the devices. In addition, there is no existing DDoS mitigation algorithm on the network edge that can be performed with the low-cost and low performance equipments. Therefore, this paper proposes a light-weight DDoS mitigation scheme at the network edge using limited resources of inexpensive devices such as home gateways. The goal of the proposed scheme is to simply detect and mitigate flooding attacks. It utilizes unused queue resources to detect malicious flows by random shuffling of queue allocation and discard the packets of the detected flows. The performance of the proposed scheme was confirmed via theoretical analysis and computer simulation. The simulation results match the theoretical results and the proposed algorithm can efficiently detect malicious flows using limited resources.

Networking and Internet Architecture

Huaming Wu,Ziru Zhang,Chang Guan,Katinka Wolter,Minxian Xu

DOI: https://doi.org/10.1109/jiot.2020.2996784

IF: 10.6

2020-09-01

IEEE Internet of Things Journal

Abstract:City Internet-of-Things (IoT) applications are becoming increasingly complicated and thus require large amounts of computational resources and strict latency requirements. Mobile cloud computing (MCC) is an effective way to alleviate the limitation of computation capacity by offloading complex tasks from mobile devices (MDs) to central clouds. Besides, mobile-edge computing (MEC) is a promising technology to reduce latency during data transmission and save energy by providing services in a timely manner. However, it is still difficult to solve the task offloading challenges in heterogeneous cloud computing environments, where edge clouds and central clouds work collaboratively to satisfy the requirements of city IoT applications. In this article, we consider the heterogeneity of edge and central cloud servers in the offloading destination selection. To jointly optimize the system utility and the bandwidth allocation for each MD, we establish a hybrid offloading model, including the collaboration of MCC and MEC. A distributed deep learning-driven task offloading (DDTO) algorithm is proposed to generate near-optimal offloading decisions over the MDs, edge cloud server, and central cloud server. Experimental results demonstrate the accuracy of the DDTO algorithm, which can effectively and efficiently generate near-optimal offloading decisions in the edge and cloud computing environments. Furthermore, it achieves high performance and greatly reduces the computational complexity when compared with other offloading schemes that neglect the collaboration of heterogeneous clouds. More precisely, the DDTO scheme can improve computational performance by 63%, compared with the local-only scheme.

computer science, information systems,telecommunications,engineering, electrical & electronic

Kaicheng Yang,Yuanpeng Li,Sheng Long,Tong Yang,Ruijie Miao,Yikai Zhao,Chaoyang Ji,Penghui Mi,Guodong Yang,Qiong Xie,Hao Wang,Yinhua Wang,Bo Deng,Zhiqiang Liao,Chengqiang Huang,Yongqiang Yang,Xiang Huang,Wei Sun,Xiaoping Zhu

2023-01-01

Abstract:Network faults occur frequently in the Internet. From the perspective of cloud service providers, network faults can be classified into three categories: cloud faults, client faults, and middle faults. This paper mainly focuses on middle faults. To minimize the harm of middle faults, we build a fully automatic system in Huawei Cloud, namely AAsclepius, which consists of a monitoring subsystem, a diagnosing subsystem, and a detouring subsystem. Through the collaboration of the three subsystems, AAsclepius monitors network faults, diagnoses network faults, and detours the traffic to circumvent middle faults at the Internet peering edge. The key innovation of AAsclepius is to identify the fault direction with a novel technique, namely PathDebugging. AAsclepius has been running for two years stable, protecting Huawei Cloud from major accidents in 2021 and 2022. Our evaluation on three major points of presence in December 2021 shows that AAsclepius can efficiently and safely detour the traffic to circumvent outbound faults within a few minutes.

Xue-Kai Du,Zhi-Hui Lu,Qiang Duan,Jie Wu,Cheng-Rong Wu

DOI: https://doi.org/10.1007/s11390-017-1799-7

2017-01-01

Abstract:Currently, different kinds of security devices are deployed in the cloud datacenter environment and tenants may choose their desired security services such as firewall and IDS (intrusion detection system). At the same time, tenants in cloud computing datacenters are dynamic and have different requirements. Therefore, security device deployment in cloud datacenters is very complex and may lead to inefficient resource utilization. In this paper, we study this problem in a software-defined network (SDN) based multi-tenant cloud datacenter environment. We propose a load-adaptive traffic steering and packet forwarding scheme called LTSS to solve the problem. Our scheme combines SDN controller with TagOper plug-in to determine the traffic paths with the minimum load for tenants and allows tenants to get their desired security services in SDN-based datacenter networks. We also build a prototype system for LTSS to verify its functionality and evaluate performance of our design.

Xudong Zuo,Qing Li,Jingyu Xiao,Dan Zhao,Jiang Yong

DOI: https://doi.org/10.1145/3555050.3569137

2022-01-01

Abstract:Network failure severely impairs network performance, affecting latency and throughput of data transmission. Existing failure localization solutions for general networks face problems such as difficulty in acquiring data from end hosts, need for extra infrastructure, and excessive resource consumption. Meanwhile, solutions designed for data center networks are hard to apply in general networks, as they usually rely on the topology regularity of DCNs. In this paper, we propose Drift-Bottle, a lightweight and distributed approach to failure localization in general networks. In Drift-Bottle, each switch judges the status of flows and makes a local inference for suspicious links. We design a distributed localization scheme where each normal packet is used as a "drift-bottle" that carries a "letter", i.e., a lightweight inference header, while traversing the network. Each switch along the path updates the inference header by aggregating it with its local inference. Whenever the inference is evident enough to identify the culprit links of failures, a warning is sent to the operator immediately. Drift-Bottle implements its function mainly on the data plane of programmable switches and thus reduce the overhead brought to switches significantly. Evaluation based on simulation on different topologies demonstrates that Drift-Bottle provides fast, precise and lightweight failure localization to operators of general networks.

Huixiang Zhang,Kaihua Liao,Yu Tai,Wenqiang Ma,Guoyan Cao,Wen Sun,Lexi Xu

DOI: https://doi.org/10.1109/jsyst.2024.3403696

IF: 4.802

2024-06-21

IEEE Systems Journal

Abstract:Edge intelligence has recently attracted great interest from industry and academia, and it greatly improves the processing speed at the edge by moving data and artificial intelligence to the edge of the network. However, edge devices have bottlenecks in battery capacity and computing power, making it challenging to perform computing tasks in dynamic and harsh network environments. Especially in disaster scenarios, edge (rescue) devices are more likely to fail due to unreliable wireless communications and scattered rescue requests, which makes it urgent to explore how to provide low-latency, reliable services through edge collaboration. In this article, we investigate the task offloading mechanism in mobile edge computing networks, aiming to ensure fault tolerance and rapid response of computing services in dynamic and harsh scenarios. Specifically, we design a fault-tolerant distributed task offloading scheme, which minimizes task execution time and system energy consumption through the multi-agent proximal policy optimization algorithm. Furthermore, we introduce logarithmic ratio reward functions and action masking to reduce the impact of different task queue lengths while accelerating model convergence. Numerical results show that the proposed algorithm is suitable for service failure scenarios, effectively meeting the reliability requirements of tasks while simultaneously reducing system energy consumption and processing latency.

computer science, information systems,telecommunications,engineering, electrical & electronic,operations research & management science

Haiou Huang,Bangyi Sun,Liang Hu

DOI: https://doi.org/10.1016/j.cose.2024.103789

IF: 5.105

2024-02-01

Computers & Security

Abstract:Edge computing mitigates the high latency and other issues associated with cloud computing, but it also introduces new risks. One such issue is DDoS attacks on edge servers, which arise when edge tasks are offloaded. There is a dearth of research on countermeasures for these kinds of DDoS attacks. Consequently, we present EDM_TOS, a task offloading strategy. This technique makes sure that tasks are transferred to dependable edge nodes based on the edge nodes' risk assessment mechanism, thereby reducing edge DDoS attacks. On the other hand, EDM_TOS works better than current approaches in five domains of evaluating awareness and capacity limitations for resolving edge DDoS attacks and issues with edge computing offloading. The edge computing task offloading algorithm, weighted cluster analysis algorithm, and risk assessment algorithm, respectively, are used to implement the risk assessment module, cluster analysis module, and task offloading module of the EDM_TOS mechanism. The three modules were evaluated experimentally. The findings demonstrate that the task offloading module's transactions per second (TPS) and the risk assessment module's malicious detection rate (MDR) respectively outperform to those of other policies. The cluster analysis module's clustering effect is superior to that of the conventional K-means algorithm. EDM_TOS performs better than current methods for thwarting edge DDoS attacks, according to performance assessments on five datasets. EDM_TOS can successfully fend off edge DDoS attacks, as demonstrated by practice.

computer science, information systems

Xing Li,Yinbo Yu,Kai Bu,Yan Chen,Jianfeng Yang,Ruijie Quan

2019-01-01

Abstract:The control plane of Software-Defined Networking (SDN) is the key component that oversees and manages networks. However, involving design or logic flaws in its policy enforcement and network control is inevitable, which can cause it to behave incorrectly and induce network anomalies. Unfortunately, existing approaches mainly focus on policy verification or fault troubleshooting with little fault localization capability for repairing these flaws in production environments. In this paper, we present FALCON, the first FAult Localization tool for SDN CONtrol plane. We design a novel causal inference mechanism based on differential checking, which symmetrically compares two system behaviors with similar processes and identifies the causality in related code execution paths with concrete contexts to explain why a fault happened in the SDN network. Our main contributions include 1) a lightweight rule-based dynamic tracing mechanism for recording system behaviors of the SDN control plane, 2) a context-aware modeling mechanism for modeling these behaviors, and 3) a differential checking mechanism for localizing controller faults according to formulated symptoms. Our evaluation shows that FALCON is capable of localizing faults in SDN control plane with low overhead on performance.

Xiaoli Zhang,Wei Geng,Yiqiao Song,Hongbing Cheng,Ke Xu,Qi Li

DOI: https://doi.org/10.1109/tnet.2023.3282100

2024-01-01

Abstract:In the trend of network middleboxes as a service, enterprise customers adopt in-the-cloud deep packet inspection (DPI) services to protect networks. As network misconfigurations and hardware failures notoriously exist, recent efforts envision to ensure the execution integrity of DPI services in untrusted clouds. However, they either require enterprise customers to know proprietary DPI rulesets of cloud providers or introduce forbidden overhead in the network context. In the paper, we propose a privacy-preserving and lightweight verification scheme that efficiently checks whether in-the-cloud DPI services run correctly without leaking private DPI rulesets. Particularly, our design introduces one trusted third party to perform privacy-preserving and trustworthy ruleset evaluation and DPI execution verification. Meanwhile, it devises a novel DPI ruleset authentication method that enables tamper-proof DPI operations and facilitates fast proof generation. The proofs can be verified without requiring the verifier to always maintain all rulesets. To further reduce the verification costs while resisting cloud cheating behaviors like bias treatments of packets, it employs a commitment-based delayed sampling mechanism which requires the DPI services to first demonstrate that all packets have been processed before receiving sampling decisions. Moreover, extensive experiments are conducted based on Click modules. The results show that the proposed scheme is practical and only incurs the real-time overhead of 10-20 microseconds.

Xudong Zuo,Qing Li,Jingyu Xiao,Dan Zhao,Yong Jiang

DOI: https://doi.org/10.1145/3555050.3569137

2022-01-01

Abstract:Network failure severely impairs network performance, affecting latency and throughput of data transmission. Existing failure localization solutions for general networks face problems such as difficulty in acquiring data from end hosts, need for extra infrastructure, and excessive resource consumption. Meanwhile, solutions designed for data center networks are hard to apply in general networks, as they usually rely on the topology regularity of DCNs. In this paper, we propose Drift-Bottle, a lightweight and distributed approach to failure localization in general networks. In Drift-Bottle, each switch judges the status of flows and makes a local inference for suspicious links. We design a distributed localization scheme where each normal packet is used as a "drift-bottle" that carries a "letter", i.e., a lightweight inference header, while traversing the network. Each switch along the path updates the inference header by aggregating it with its local inference. Whenever the inference is evident enough to identify the culprit links of failures, a warning is sent to the operator immediately. Drift-Bottle implements its function mainly on the data plane of programmable switches and thus reduce the overhead brought to switches significantly. Evaluation based on simulation on different topologies demonstrates that Drift-Bottle provides fast, precise and lightweight failure localization to operators of general networks.

Fan Wu,Muhammad Bilal,Haolong Xiang,Heng Wang,Jinjun Yu,Xiaolong Xu

2024-11-04

Abstract:Railway Turnout Machines (RTMs) are mission-critical components of the railway transportation infrastructure, responsible for directing trains onto desired tracks. For safety assurance applications, especially in early-warning scenarios, RTM faults are expected to be detected as early as possible on a continuous 7x24 basis. However, limited emphasis has been placed on distributed model inference frameworks that can meet the inference latency and reliability requirements of such mission critical fault diagnosis systems. In this paper, an edge-cloud collaborative early-warning system is proposed to enable real-time and downtime-tolerant fault diagnosis of RTMs, providing a new paradigm for the deployment of models in safety-critical scenarios. Firstly, a modular fault diagnosis model is designed specifically for distributed deployment, which utilizes a hierarchical architecture consisting of the prior knowledge module, subordinate classifiers, and a fusion layer for enhanced accuracy and parallelism. Then, a cloud-edge collaborative framework leveraging pipeline parallelism, namely CEC-PA, is developed to minimize the overhead resulting from distributed task execution and context exchange by strategically partitioning and offloading model components across cloud and edge. Additionally, an election consensus mechanism is implemented within CEC-PA to ensure system robustness during coordinator node downtime. Comparative experiments and ablation studies are conducted to validate the effectiveness of the proposed distributed fault diagnosis approach. Our ensemble-based fault diagnosis model achieves a remarkable 97.4% accuracy on a real-world dataset collected by Nanjing Metro in Jiangsu Province, China. Meanwhile, CEC-PA demonstrates superior recovery proficiency during node disruptions and speed-up ranging from 1.98x to 7.93x in total inference time compared to its counterparts.

Networking and Internet Architecture,Artificial Intelligence,Distributed, Parallel, and Cluster Computing,Systems and Control