Identification of malicious edge devices in fog computing environments

ABSTRACT

Device security is one of the major challenges for successful implementation of Internet of Things (IoT) and fog computing. Researchers and IT organizations have explored many solutions to protect systems from unauthenticated device attacks (known as outside device attacks). Fog computing uses many edge devices (e.g., router, switch, and hub) for latency-aware processing of collected data. So, identification of malicious edge devices is one of the critical activities in data security of fog computing. Preventing attacks from malicious edge devices is more difficult because they have certain granted privileges to store and process the data. In this article, a proposed framework uses three technologies, a Markov model, an intrusion detection system (IDS), and a virtual honeypot device (VHD) to identify malicious edge devices in a fog computing environment. A two-stage Markov model is used to categorize edge devices effectively into four different levels. The VHD is designed to store and maintain a log repository of all identified malicious devices, which assists the system to defend itself from any unknown attacks in the future. The proposed model is tested in a simulated environment, and results indicate the effectiveness of the system. The proposed model is successful in identifying the malicious device as well as reducing the false IDS alarm rate.

KEYWORDS:

• Edge device
• fog computing
• Internet of Things
• intrusion detection system
• two-stage Markov model
• virtual honeypot device

Additional information

Notes on contributors

Rajinder Sandhu

Rajinder Sandhu submitted his Ph.D. to Guru Nanak Dev University, Amritsar. He has published his research work in esteemed Scientific Citation Index journals of Elsevier, John Wiley and Springer. He is reviewer of many reputed journals like Decision Support System and Big Data Research (Elsevier) and Software Practice and Experience (Wiley). His current working research areas are cloud computing, Big Data and Internet of Things (IoT).

Amandeep Singh Sohal

Amandeep Singh Sohal did his masters in Computer Science from Guru Nanak Dev University, Amritsar. His current working research areas are Cloud Computing and Information Security.

Sandeep K. Sood

Dr. Sandeep K. Sood did his Ph.D. in Computer Science & Engineering from IIT Roorkee, India. He completed his M.Tech, Computer Science & Engineering, from G.J.U, Hisar, India. He is currently working as Associate Dean (A.A. & S.W), Head & Associate Professor, Computer Science & Engineering, G.N.D.U. Regional Campus, Gurdaspur. He has 15 years of teaching and 7 years of research experience. He has more than 50 research publication. His work is published and citied in highly reputed journals such as JNCA (Elsevier) and Security and Communication Networks (Wiley). He complete a major research project in cloud computing. Currently he has projects on Big Data from Diety and DST. His citation number according to Google Scholar is 788 with h-index equal to 13 and i10-index equal to 19. His research areas are Network & Information Security (Password based Authentication Protocol), Big data and cloud computing.