False Data Detection for Fog and Internet of Things Networks

The Internet of Things (IoT) context brings new security issues due to billions of smart end-devices both interconnected in wireless networks and connected to the Internet by using different technologies. In this paper, we propose an attack-detection method, named Data Intrusion Detection System (DataIDS), based on real-time data analysis. As end devices are mainly resource constrained, Fog Computing (FC) is introduced to implement the DataIDS. FC increases storage, computation capabilities, and processing capabilities, allowing it to detect promptly an attack with respect to security solutions on the Cloud. This paper also considers an attack tree to model threats and vulnerabilities of Fog/IoT scenarios with heterogeneous devices and suggests countermeasure costs. We verify the performance of the proposed DataIDS, implementing a testbed with several devices that measure different physical quantities and by using standard data-gathering protocols.

[1]  Thiemo Voigt,et al.  SVELTE: Real-time intrusion detection in the Internet of Things , 2013, Ad Hoc Networks.

[2]  Romano Fantacci,et al.  IoT Security via Address Shuffling: The Easy Way , 2019, IEEE Internet of Things Journal.

[3]  Sean Carlisto de Alvarenga,et al.  A survey of intrusion detection in Internet of Things , 2017, J. Netw. Comput. Appl..

[4]  Luis Muñoz-González,et al.  Don't fool Me!: Detection, Characterisation and Diagnosis of Spoofed and Masked Events in Wireless Sensor Networks , 2017, IEEE Transactions on Dependable and Secure Computing.

[5]  Emil C. Lupu,et al.  Detecting Malicious Data Injections in Event Detection Wireless Sensor Networks , 2015, IEEE Transactions on Network and Service Management.

[6]  Cesare Alippi,et al.  Detecting changes at the sensor level in cyber-physical systems: Methodology and technological implementation , 2017, 2017 International Joint Conference on Neural Networks (IJCNN).

[7]  Romano Fantacci,et al.  A Novel 6LoWPAN-ND Extension to Enhance Privacy in IEEE 802.15.4 Networks , 2016, 2016 IEEE Global Communications Conference (GLOBECOM).

[8]  Qun Li,et al.  Security and Privacy Issues of Fog Computing: A Survey , 2015, WASA.

[9]  Robert J. Ellison,et al.  Attack Trees , 2009, Encyclopedia of Biometrics.

[10]  Cesare Alippi,et al.  A Cognitive Fault Diagnosis System for Distributed Sensor Networks , 2013, IEEE Transactions on Neural Networks and Learning Systems.

[11]  William Yurcik,et al.  Threat Modeling as a Basis for Security Requirements , 2005 .

[12]  Emil C. Lupu,et al.  Detecting Malicious Data Injections in Wireless Sensor Networks , 2015, ACM Comput. Surv..

[13]  Mansour Sheikhan,et al.  Hybrid of anomaly-based and specification-based IDS for Internet of Things using unsupervised OPF based on MapReduce approach , 2017, Comput. Commun..

[14]  Jung-Min Park,et al.  An overview of anomaly detection techniques: Existing solutions and latest technological trends , 2007, Comput. Networks.

[15]  Alessandro Margara,et al.  Processing flows of information: From data stream to complex event processing , 2012, CSUR.

[16]  Georgios Kambourakis,et al.  DDoS in the IoT: Mirai and Other Botnets , 2017, Computer.

[17]  Sjouke Mauw,et al.  Foundations of Attack Trees , 2005, ICISC.

[18]  Xiaohui Liang,et al.  Sybil Attacks and Their Defenses in the Internet of Things , 2014, IEEE Internet of Things Journal.

[19]  Laura Pierucci,et al.  "Network Sentiment" Framework to Improve Security and Privacy for Smart Home , 2018, Future Internet.

[20]  Gabriel Maciá-Fernández,et al.  Anomaly-based network intrusion detection: Techniques, systems and challenges , 2009, Comput. Secur..

[21]  Salim Hariri,et al.  Anomaly behavior analysis for IoT sensors , 2018, Trans. Emerg. Telecommun. Technol..