Energy-Efficient Two-Layer Cooperative Defense Scheme to Secure Sensor-Clouds

Sensor-cloud computing is envisioned as a promising technology that can integrate various services by extending the computational capabilities of physical sensor nodes. It is prone to attack because of special characteristics of physical sensor nodes and virtual sensor-service nodes. Considering the intrusion detection threshold, false alarm probability of the intrusion detection system (IDS), and three different attacked scenarios, we devise a physical IDS (PIDS)-to-gateway and virtual IDS (VIDS)-to-gateway detection model for Sensor-Cloud. We formulate a two-layer gateway-assisted detection and defense decision problem involving multiple IDSs using an evolutionary game in order to optimize the intrusion detection strategy for lowering energy consumption and reducing alarm messages. We derive an evolutionary stable strategy and prove that the proposed mechanism achieves Nash equilibrium, such that each IDS completes cooperatively defense tasks. We propose a game-theoretic approach to achieve an energy-efficient cooperative defense scheme for sensor-cloud computing environments. The simulation results demonstrate that the proposed mechanism achieves energy-efficient defense and increases security of data in the Sensor-Cloud.

[1]  Jaidhar C.D,et al.  Hypervisor and virtual machine dependent Intrusion Detection and Prevention System for virtualized cloud environment , 2015 .

[2]  Nirvana Meratnia,et al.  Distributed online outlier detection in wireless sensor networks using ellipsoidal support vector machine , 2013, Ad Hoc Networks.

[3]  R. Cressman Evolutionary Dynamics and Extensive Form Games , 2003 .

[4]  José Ranilla,et al.  High-performance computing: the essential tool and the essential challenge , 2016, The Journal of Supercomputing.

[5]  Hongjie Li,et al.  A stochastic evolutionary coalition game model of secure and dependable virtual service in Sensor-Cloud , 2015, Appl. Soft Comput..

[6]  Kashif Saleem,et al.  Intrusion Detection System against Sink Hole Attack in Wireless Sensor Networks with Mobile Sink , 2015, 2015 12th International Conference on Information Technology - New Generations.

[7]  Tassos Dimitriou,et al.  Intrusion Detection of Sinkhole Attacks in Wireless Sensor Networks , 2007, ALGOSENSORS.

[8]  Mukesh Singhal,et al.  An efficient routing algorithm to preserve k\documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$k$$\end{document}-coverage , 2013, The Journal of Supercomputing.

[9]  K. J. Ray Liu,et al.  Joint Spectrum Sensing and Access Evolutionary Game in Cognitive Radio Networks , 2013, IEEE Transactions on Wireless Communications.

[10]  Xiangyang Li,et al.  An SDN-supported collaborative approach for DDoS flooding detection and containment , 2015, MILCOM 2015 - 2015 IEEE Military Communications Conference.

[11]  Sanjay Kumar Madria,et al.  Challenges in Secure Sensor-Cloud Computing , 2011, Secure Data Management.

[12]  Haiyun Luo,et al.  Energy-Optimal Mobile Cloud Computing under Stochastic Wireless Channel , 2013, IEEE Transactions on Wireless Communications.

[13]  Konstantinos G. Kyriakopoulos,et al.  Manual and Automatic assigned thresholds in multi-layer data fusion intrusion detection system for 802.11 attacks , 2014, IET Inf. Secur..

[14]  Shahaboddin Shamshirband,et al.  Cooperative game theoretic approach using fuzzy Q-learning for detecting and preventing intrusions in wireless sensor networks , 2014, Eng. Appl. Artif. Intell..

[15]  Gang Qu,et al.  Detection and Prevention of Selective Forwarding-Based Denial-of-Service Attacks in WSNs , 2013, Int. J. Distributed Sens. Networks.

[16]  Jianhua Liu,et al.  Trust Dynamics in WSNs: An Evolutionary Game-Theoretic Approach , 2016, J. Sensors.

[17]  F. Freiling,et al.  Towards Intrusion Detection in Wireless Sensor Networks , 2007 .

[18]  Yuanjie Li,et al.  Signaling game based strategy of intrusion detection in wireless sensor networks , 2011, Comput. Math. Appl..

[19]  Otto Carlos Muniz Bandeira Duarte,et al.  Providing elasticity to intrusion detection systems in virtualized Software Defined Networks , 2015, 2015 IEEE International Conference on Communications (ICC).

[20]  Victor C. M. Leung,et al.  Trust assistance in Sensor-Cloud , 2015, 2015 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS).

[21]  Reza Rafeh,et al.  A novel agent-based approach to detect sinkhole attacks in wireless sensor networks , 2013, Comput. Secur..

[22]  Carlos Maziero,et al.  Intrusion detection in virtual machine environments , 2004 .

[23]  Lin Chen,et al.  A Game Theoretical Framework on Intrusion Detection in Heterogeneous Networks , 2009, IEEE Transactions on Information Forensics and Security.

[24]  Hatem M. Abdual-Kader,et al.  Wireless network security has no clothes , 2010, 2010 The 7th International Conference on Informatics and Systems (INFOS).

[25]  Zubair A. Baig Pattern recognition for detecting distributed node exhaustion attacks in wireless sensor networks , 2011, Comput. Commun..

[26]  Francis Minhthang Bui,et al.  A Game-Theoretic Framework for Robust Optimal Intrusion Detection in Wireless Sensor Networks , 2014, IEEE Transactions on Information Forensics and Security.

[27]  Sungyoung Lee,et al.  A novel intrusion detection framework for wireless sensor networks , 2013, Personal and Ubiquitous Computing.

[28]  Steven Furnell,et al.  D-FICCA: A density-based fuzzy imperialist competitive clustering algorithm for intrusion detection in wireless sensor networks , 2014 .

[29]  Enzo Baccarelli,et al.  P-SEP: a prolong stable election routing algorithm for energy-limited heterogeneous fog-supported wireless sensor networks , 2017, The Journal of Supercomputing.

[30]  William H. Sanders,et al.  RRE: A Game-Theoretic Intrusion Response and Recovery Engine , 2014, IEEE Transactions on Parallel and Distributed Systems.

[31]  Hongjie Li,et al.  Optimal Report Strategies for WBANs Using a Cloud-Assisted IDS , 2015, Int. J. Distributed Sens. Networks.

[32]  Andrey Garnaev,et al.  A Bandwidth Monitoring Strategy Under Uncertainty of the Adversary’s Activity , 2016, IEEE Transactions on Information Forensics and Security.

[33]  Nur Izura Udzir,et al.  A Cloud-based Intrusion Detection Service framework , 2012, Proceedings Title: 2012 International Conference on Cyber Security, Cyber Warfare and Digital Forensic (CyberSec).