Abstract
As the Internet of Things (IoT) continues to grow, there arises concerns and challenges with regard to the security and privacy of the IoT. Malicious attacks such as man-in-the-middle and distributed denial of service (DDoS) are typical threats to the IoT systems. In this paper, we propose a FOg CompUting-based Security (FOCUS) system to provide security for IoT systems against those malicious attacks. The proposed FOCUS system applies a threefold protection mechanism: Firstly, it makes use of the virtual private network (VPN) to secure the communication channels for the IoT devices; Secondly, it applies machine learning-based traffic analysis unit to classify the traffic to be trusted, untrusted and suspicious; Thirdly, it adopts a challenge-response authentication to validate the suspicious traffic source so as to protect the VPN server against potential DDoS attacks. Such a threefold protection mechanism is effective in mitigating various malicious attacks and can provide a high standard security for the IoT system. Furthermore, to improve the system performance, FOCUS is implemented in a hybrid fog-cloud model that achieves a low latency and system response time. In the hybrid fog-cloud model, a selected amount of the protection and validation requests are addressed in the fog that is close to the end users, while the excessive requests are addressed in the cloud. Through this, FOCUS can effectively avoid the long queuing delay caused by the limited computational capacity in the fog implementation. The experimental results show that FOCUS can effectively filter out malicious attacks with low response time and small network cost (e.g., network bandwidth consumption).
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Al-Fuqaha, A., Guizani, M., Mohammadi, M., Aledhari, M., Ayyash, M.: Internet of Things: a survey on enabling technologies, protocols, and applications. IEEE Commun. Surv. Tutor. 17(4), 2347–2376 (2015)
Lin, J., Yu, W., Zhang, N., Yang, X., Zhang, H., Zhao, W.: A survey on Internet of Things: architecture, enabling technologies, security and privacy, and applications. IEEE Internet Things J. 99, 1–17 (2017)
Yang, Y., Wu, L., Yin, G., Li, L., Zhao, H.: A survey on security and privacy issues in Internet-of-Things. IEEE Internet Things J. 99, 1–10 (2017)
Ridhawi, I., Moayad, A., Kotb, Y., Ridhawi, Y., Jararweh, Y.: A collaborative mobile edge computing and user solution for service composition in 5G systems. Trans. Emerg. Telecommun. Technol. 29(11), e3446 (2018)
Chiang, M., Zhang, T.: Fog and IoT: an overview of research opportunities. IEEE Internet Things J. 3(6), 854–864 (2016)
Yi, S., Li, C., Li, Q.: A survey of fog computing: concepts, applications and issues. In: Proceedings of the Mobidata’15, pp. 37–42 (2015)
Ahmed, A., Ahmed, E.: A survey on mobile edge computing. In: Proceedings of IEEE ISCO’16, pp. 1–8 (2016)
Liu, A., Chen, F.: Privacy preserving collaborative enforcement of firewall policies in virtual private networks. IEEE Trans. Parallel Distrib. Syst. 22(5), 887–895 (2011)
Bonetto, R., Bu, N., Lakkundi, V., Olivereau, A., Serbanati, A., Rossi, M.: Secure communication for smart IoT objects: protocol stacks, use cases and practical examples. In: Proceedings of WoWMoM’12, pp. 1–7 (2012)
Niruntasukrat, A., Issariyapat, C., Pongpaibool, P., Meesublak, K., Aiumsupucgul, P.: Anun Panya Authorization mechanism for MQTT-based Internet of Things. In: Proceedings of ICC’16 workshops, pp. 1–7 (2016)
Kakanakov, N., Shopov, M.: Adaptive models for security and data protection in IoT with Cloud technologies. In: Proceedings of IEEE MIPRO’17, pp. 1001–1004 (2017)
Alrawais, A., Alhothaily, A., Hu, C., Cheng, X.: Fog computing for the Internet of Things: security and privacy issues. IEEE Internet Comput. 21(2), 34–42 (2017)
Rios, R., Roman, R., Onieva, J. A., Lopez, J.: From SMOG to Fog: a security perspective. In: Proceedings of IEEE FMEC’17, pp. 56–61 (2017)
Batool, S., Saqib, N. A., Khan, M. A.: Internet of Things data analytics for user authentication and activity recognition. In: Proceedings of IEEE FMEC’17, pp. 183–187 (2017)
Mukherjee, B., Neupane, R., Calyam, P.: End-to-end IoT security middleware for cloud-fog communication. In: Proceedings of IEEE FMEC’17, pp. 151–156 (2017)
Huang, Q., Yang, Y., Wang, L.: Secure data access control with ciphertext update and computation outsourcing in fog computing for Internet of Things. IEEE Access 5, 12941–12950 (2017)
Sohal, A., Sandhu, R., Sood, S., Chang, V.: A cybersecurity framework to identify malicious edge device in fog computing and cloud-of-things environments. Comput. Secur. 74, 340–354 (2018)
Aloqaily, M., Otoum, S., Ridhawi, I., Jararweh, Y.: An Intrusion Detection System for Connected Vehicles in Smart Cities. Elsevier Ad Hoc Networks, Amstredam (2019)
Fu, J., Liu, Y., Chao, H., Bhargava, B., Zhang, Z.: Secure data storage and searching for industrial IoT by integrating fog computing and cloud computing. IEEE Trans. Ind. Inform. 14(10), 4519–4528 (2018)
Wu, Y., Tseng, H., Yang, W., Jan, R.: DDoS Detection and Traceback with Decision Tree and Grey Relational Analysis. In: Proceedings of IEEE MUE’09, pp. 1–9 (2009)
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Maharaja, R., Iyer, P. & Ye, Z. A hybrid fog-cloud approach for securing the Internet of Things. Cluster Comput 23, 451–459 (2020). https://doi.org/10.1007/s10586-019-02935-z
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10586-019-02935-z