Node State Monitoring Scheme in Fog Radio Access Networks for Intrusion Detection

This paper studies intrusion detection for fog computing in fog radio access networks (F-RANs). As fog nodes are resource constrained, a traditional intrusion detection system (IDS) cannot be directly deployed in F-RANs due to the communication overhead and computational complexity. To address this challenge, we propose a skyline query-based scheme that can analyze the IDS log statistics of fog nodes and provide a complete data processing flow. Specifically, a three-step solution is proposed. First, a lightweight fog node filtering strategy is proposed to filter the raw data, which can reduce the fog-cloud communication overhead. Second, a sliding-window-based mechanism is developed in the cloud server to efficiently process the asynchronous data flow. Then, using the pre-processed data, a set of seriously attacked nodes will be identified by the skyline query. Third, the security threat level of each individual fog node is calculated using the unascertained measure, which can determine the degree of security threat. The numerical simulations show that the proposed scheme can significantly reduce communication overhead and computational complexity.

[1]  Hannu Tenhunen,et al.  An Intrusion Detection System for Fog Computing and IoT based Logistic Systems using a Smart Data Approach , 2016 .

[2]  Yanjiang Yang,et al.  Secure server-aided top-k monitoring , 2017, Inf. Sci..

[3]  Sergio Barbarossa,et al.  Overbooking radio and computation resources in mmW-mobile edge computing to reduce vulnerability to channel intermittency , 2017, 2017 European Conference on Networks and Communications (EuCNC).

[4]  Yu Wang,et al.  A Privacy-Preserving Framework for Collaborative Intrusion Detection Networks Through Fog Computing , 2017, CSS.

[5]  Yanfei Lu,et al.  Re-ADP: Real-Time Data Aggregation with Adaptive ω-Event Differential Privacy for Fog Computing , 2018, Wirel. Commun. Mob. Comput..

[6]  Shuigeng Zhou,et al.  Towards Energy-Efficient Skyline Monitoring in Wireless Sensor Networks , 2007, EWSN.

[7]  Mugen Peng,et al.  Fog-computing-based radio access networks: issues and challenges , 2015, IEEE Network.

[8]  Kim-Kwang Raymond Choo,et al.  Fair Resource Allocation in an Intrusion-Detection System for Edge Computing: Ensuring the Security of Internet of Things Devices , 2018, IEEE Consumer Electronics Magazine.

[9]  Kim-Kwang Raymond Choo,et al.  Towards Lightweight Anonymous Entity Authentication for IoT Applications , 2016, ACISP.

[10]  Li Miao,et al.  A Novel Differential Game Model-Based Intrusion Response Strategy in Fog Computing , 2018, Secur. Commun. Networks.

[11]  Laurence T. Yang,et al.  Big Data Real-Time Processing Based on Storm , 2013, 2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications.

[12]  Lei Yang,et al.  Sample Selected Extreme Learning Machine Based Intrusion Detection in Fog Computing and MEC , 2018, Wirel. Commun. Mob. Comput..

[13]  Shusen Yang,et al.  IoT Stream Processing and Analytics in the Fog , 2017, IEEE Communications Magazine.

[14]  Rongxing Lu,et al.  From Cloud to Fog Computing: A Review and a Conceptual Live VM Migration Framework , 2017, IEEE Access.

[15]  Xuemin Shen,et al.  Lightweight and Privacy-Preserving Fog-Assisted Information Sharing Scheme for Health Big Data , 2017, GLOBECOM 2017 - 2017 IEEE Global Communications Conference.

[16]  Xiuzhen Cheng,et al.  Jamming Strategies for Physical Layer Security , 2018, IEEE Wireless Communications.

[17]  Ilsun You,et al.  A Novel Utility Based Resource Management Scheme in Vehicular Social Edge Computing , 2018, IEEE Access.

[18]  Donald Kossmann,et al.  The Skyline operator , 2001, Proceedings 17th International Conference on Data Engineering.

[19]  H. Vincent Poor,et al.  Cluster Content Caching: An Energy-Efficient Approach to Improve Quality of Service in Cloud Radio Access Networks , 2016, IEEE Journal on Selected Areas in Communications.

[20]  Xingmin Ma,et al.  User Access Management Based on Network Pricing for Social Network Applications , 2018, Sensors.

[21]  Tao Zhang,et al.  Fog and IoT: An Overview of Research Opportunities , 2016, IEEE Internet of Things Journal.

[22]  Mugen Peng,et al.  Recent Advances in Fog Radio Access Networks: Performance Analysis and Radio Resource Allocation , 2016, IEEE Access.

[23]  Xuemin Shen,et al.  Securing Fog Computing for Internet of Things Applications: Challenges and Solutions , 2018, IEEE Communications Surveys & Tutorials.

[24]  Giovanni Pau,et al.  Optimization-Oriented Resource Allocation Management for Vehicular Fog Computing , 2018, IEEE Access.

[25]  Georgios Xilouris,et al.  A monitoring framework for 5G service deployments , 2017, 2017 IEEE 22nd International Workshop on Computer Aided Modeling and Design of Communication Links and Networks (CAMAD).

[26]  Yong Li,et al.  System architecture and key technologies for 5G heterogeneous cloud radio access networks , 2015, IEEE Netw..

[27]  Yaser Jararweh,et al.  A Fog Computing Based System for Selective Forwarding Detection in Mobile Wireless Sensor Networks , 2016, 2016 IEEE 1st International Workshops on Foundations and Applications of Self* Systems (FAS*W).

[28]  C.-S. Lu,et al.  Practical and Secure Multidimensional Query Framework in Tiered Sensor Networks , 2011, IEEE Transactions on Information Forensics and Security.

[29]  Rodrigo Roman,et al.  Mobile Edge Computing, Fog et al.: A Survey and Analysis of Security Threats and Challenges , 2016, Future Gener. Comput. Syst..

[30]  Kai Hwang,et al.  Cloudlet Mesh for Securing Mobile Clouds from Intrusions and Network Attacks , 2015, 2015 3rd IEEE International Conference on Mobile Cloud Computing, Services, and Engineering.

[31]  Guangwei Zhang,et al.  Fog computing architecture-based data acquisition for WSN applications , 2017, China Communications.

[32]  Fuhong Lin,et al.  Hypergraph clustering model-based association analysis of DDOS attacks in fog computing intrusion detection system , 2018, EURASIP J. Wirel. Commun. Netw..

[33]  Dorothy E. Denning,et al.  An Intrusion-Detection Model , 1986, 1986 IEEE Symposium on Security and Privacy.

[34]  Xianwei Zhou,et al.  Steiner tree based optimal resource caching scheme in fog computing , 2015 .

[35]  Odysseas Papapetrou,et al.  Continuous fragmented skylines over distributed streams , 2014, 2014 IEEE 30th International Conference on Data Engineering.