Distributed Denial of Service （DDoS） attacks， as a highly destructive type of cyber attacks， have become one of the most severe threats and challenges in the field of cybersecurity in recent years due to their low attack costs， high attack efficiency， and strong concealment. DDoS attacks employ a distributed control approach to mix malicious traffic with legitimate network requests， making it difficult for traditional security defense mechanisms such as Intrusion Detection System （IDS） and firewalls to identify and mitigate such attacks effectively. Consequently， the efficient detection and effective defense against DDoS attacks have become research hotspots and difficulties in the field of cybersecurity. Based on systematic survey of the existing research on DDoS attacks， the following was performed. Firstly， the classification methods of DDoS attacks were sorted out， and DDoS attacks were summed up from multiple perspectives， so as to provide a deeper understanding of DDoS attack mechanisms. Secondly， an analysis of the current development of DDoS attacks was conducted， with particular focuses on discussing the development trends in attack intensity， attack methods， and attack distribution， thereby providing support for the research on more efficient DDoS defense technologies. Thirdly， an in-depth analysis and evaluation of the status of DDoS attack defense technologies was conducted from both industrial and academic perspectives， which focused on DDoS detection and defense methods based on programmable switches and machine learning in the academic aspect， and compared and analyzed the defense architectures adopted by different participants in DDoS defense in the industrial aspect as well as summarized the technical characteristics， application scenarios， and the existing challenges of the architecture. Finally， based on a comprehensive analysis of the current DDoS attack situations， the future development directions， opportunities， and challenges of DDoS defense technology were prospected， providing new ideas and directions for researchers in the field of cybersecurity and promoting further innovation and development of DDoS defense technology.

For Expensive Multi-objective Optimization Problem （EMOP）， although numerous related algorithms have been proposed， most existing algorithms have not achieved satisfactory results. The primary reason is that the infill sampling criteria in these algorithms fail to balance the convergence， diversity and uncertainty of selected individuals. Therefore， a Two-stage Infill Sampling-based Expensive Multi-Objective Evolutionary Algorithm （TISEMOEA） was proposed. In the first stage， a convergence-based infill sampling criterion was proposed， so as to select individuals with both good convergence and diversity， and then balance convergence and diversity. In the second stage， a diversity-based infill sampling criterion was proposed， so as to select individuals with great uncertainty without damaging convergence， and then improve the accuracy of the model and the diversity of the population. Furthermore， an adaptive diversity enhancement strategy was proposed to adjust the frequency of selecting individuals using the diversity-based infill sampling criterion， thereby enhancing population diversity and balancing exploration and exploitation capabilities of the algorithm. TISEMOEA was compared with five state-of-the-art algorithms， MOEA/D-EGO （MOEA/D with the Gaussian process model）， HeE-MOEA （Heterogeneous Ensemble-based infill criterion for MOEA）， TISS-EMOA （Two-stage Infill Sampling-based Semi-supervised EMOA）， PCSAEA （Pairwise Comparison based Surrogate-Assisted Evolutionary Algorithm）， and SFA/DE （Evolutionary multiobjective optimization assisted by scalarization function approximation for high-dimensional expensive problems）， on the DTLZ and WFG test sets with 28 and 27 test problems， and the Inverted Generational Distance （IGD） metric was analyzed. The results show that TISEMOEA achieves the best results in 19 and 16 test problems， respectively.

As the extended application of European Installation Bus (EIB) protocol, KNXnet/IP protocol increases the transmission speed of EIB system and fulfills the requirement of intelligent management. But the security of KNXnet/IP protocol is heavily threatened in the securitycritical environment. A security protocol was proposed after analyzing the security mechanism of IP network and embedded system. The security protocol used selfdefined key sets distribution protocol based on asymmetric cryptography algorithm and used symmetric cryptography algorithm for communication. It provides transparent data transmission and only needs very few changes of the primary architecture. The implementation proves the feasibility and security of the security approach.