Skip to main content
SpringerLink
Log in

A generic and lightweight security mechanism for detecting malicious behavior in the uncertain Internet of Things using fuzzy logic- and fog-based approach

  • Original Article
  • Published:
Neural Computing and Applications Aims and scope Submit manuscript

Abstract

Inspired by the massive surge of interest in the Internet of Things (IoT), this work focuses on the kinetics of its security. By automating everything, starting from baby monitors to life-saving medical devices, IoT brought convenience to people’s lives and rapidly became a trillion-dollar industry. However, the future of IoT will be decided on how its security and privacy concerns are dealt with. It is a fact that at present, the security of IoT is lacking in coherent and logical perspectives. For example, the researchers do not adequately accommodate the uncertainty and insider attacks while developing the IoT security procedures, even though most security concerns related to IoT arise from an insider and uncertain habitat. This paper provides a critical analysis of the most recent and relevant state-of-art methods of IoT security and identifies the parameters that are crucial for any security posture in IoT. Considering all the intricate details of IoT environments, this work proposes a Generic and Lightweight Security mechanism for detecting malicious behavior in the uncertain IoT using a Fuzzy Logic- and Fog-based approach (GLSF2IoT). It is developed on the principle of “zero trust,” i.e., trust nothing and treat everything as hostile. While Fuzzy Logic has been used to remove uncertainties, the Fog-IoT architecture makes GLSF2IoT inherently better than the cloud-IoT. Once the malicious activity is detected, GLSF2IoT automatically limits the network access against the IoT device that initiated this activity, preventing it from targeting other devices. We evaluated GLSF2IoT for blackhole, selective forward, collusion and DDoS attacks, i.e., attacks which can invalidate any IoT architecture. Besides yielding better accuracy results than the existing benchmarks, we found that GLSF2IoT puts extremely low pressure on the constrained nodes, is scalable, supports heterogeneity, and uncertainty of the IoT environments.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13
Fig. 14
Fig. 15
Fig. 16
Fig. 17
Fig. 18
Fig. 19
Fig. 20
Fig. 21
Fig. 22
Fig. 23
Fig. 24
Fig. 25
Fig. 26
Fig. 27
Fig. 28

Similar content being viewed by others

References

  1. Serror M, Hack S, Henze M, Schuba M, Wehrle K (2020) Challenges and opportunities in securing the industrial Internet of Things. IEEE Trans Ind Inf 17(5):2985–2996

    Article  Google Scholar 

  2. Al-Garadi MA, Mohamed A, Al-Ali A, Du X, Ali I, Guizani M (2020) A survey of machine and deep learning methods for Internet of Things (IoT) security. IEEE Commun Surv Tutor 22(3):1646–1685

    Article  Google Scholar 

  3. Zahra SR, Chishti MA (2019) Assesing the services, security threaths, challenges and solutions in the Internet of Things. Scal Comput: Pract Exp 20(3):457–484

    Google Scholar 

  4. Arbuckle A (2020) Addressing IoT device security head-on. https://www.securityweek.com/addressing-iot-device-security-head. Accessed 20 Nov 2020

  5. National Law Review (2020) Buyer beware: the Internet of Things comes under new cyber attack from multiple fronts. https://www.natlawreview.com/article/buyer-beware-internet-things-comes-under-new-cyber-attack-multiple-fronts. Accessed 18 Dec 2020

  6. Burke M (2020) Man hacks RING camera in 8-year-old girl's bedroom, taunts her: 'I'm Santa Claus'. https://www.nbcnews.com/news/us-news/man-hacks-ring-camera-8-year-old-girl-s-bedroom-n1100586. Accessed 20 Dec 2020

  7. Hanrahan M (2020) Ring security camera hacks see homeowners subjected to racial abuse, ransom demands. https://abcnews.go.com/US/ring-security-camera-hacks-homeowners-subjected-racial-abuse/story?id=67679790#:~:text=Ring%20camera%20systems%20being%20hacked,-Multiple%20U.S.%20families&text=Owners%20of%20Ring%20security%20cameras,demanded%20a%20ransom%20in%20Bitcoin. Accessed 20 Dec 2020

  8. Fier J (2020) Smart, or not so smart? What the ring hacks tell Us about the future of IoT. https://www.securityweek.com/smart-or-not-so-smart-what-ring-hacks-tell-us-about-future-iot. Accessed 21 December 2020

  9. Haji S (2020) Essential IIoT security trends for 2020. https://www.securityweek.com/essential-iiot-security-trends-2020. Accessed 23 Dec 2020

  10. Ballard B (2020) Millions of smart devices could still have major security flaws. https://www.techradar.com/in/news/millions-of-smart-devices-could-still-have-major-security-flaws. Accessed 26 Dec 2020

  11. Holst A (2021) Global IoT end-user spending worldwide 2017–2025. https://www.statista.com/statistics/976313/global-iot-market-size/#:~:text=The%20global%20market%20for%20Internet,around%201.6%20trillion%20by%202025. Accessed 05 Jan 2021

  12. Verified Market Research (2021) Internet of Things (IoT) Market worth $1319.08 Billion, Globally, by 2026 at 25.68% CAGR: verified market research. https://www.prnewswire.com/news-releases/internet-of-things-iot-market-worth-1319-08-billion-globally-by-2026-at-25-68-cagr-verified-market-research-301092982.html. Accessed 06 January 2021

  13. Matthews K (2021) What do IoT hacks cost the economy? https://www.iotforall.com/iot-hacks-cost#:~:text=Attacks%20Damage%20Revenue&text=The%20survey%20polled%20approximately%20400,13.4%20percent%20of%20annual%20revenue. Accessed 08 Jan 2021

  14. Kleinman L (2021) Attack from DOS: in zero we trust. https://securitybrief.co.nz/story/attack-from-dos-in-zero-we-trust. Accessed 10 Jan 2021

  15. Ponemon Institute (2021) 2018 Cost of insider threats: global. https://www.insiderthreatdefense.us/pdf/Ponemon%20Institute%202018%20Report%20-%20The%20True%20Cost%20Of%20Insider%20Threats%20Revealed.pdf. Accessed 12 Jan 2021

  16. Zahra SR, Chishti MA (2020) Fuzzy logic and fog based secure architecture for Internet of Things (FLFSIoT). J Ambient Intell Humaniz Comput. https://doi.org/10.1007/s12652-020-02128-2

    Article  Google Scholar 

  17. Zadeh LA (1975) Fuzzy logic and approximate reasoning. Synthese 30(3–4):407–428

    Article  Google Scholar 

  18. SOS children’s villages Canada (2020) Poverty in India: two-third of people are considered extremely poor. https://www.soschildrensvillages.ca/news/poverty-in-india602#:~:text=Two%2Dthirds%20of%20people%20in,they%20are%20considered%20extremely%20poor. Accessed 22 Dec 2020

  19. Zadeh LA (1988) Fuzzy logic. Computer 21(4):83–93

    Article  Google Scholar 

  20. TM Forum (2020) 70 percent of IoT devices ‘vulnerable to attack’. https://inform.tmforum.org/news/2014/07/70-percent-iot-devices-vulnerable-attack/. Accessed 27 Dec 2020

  21. Zadeh LA (1965) Fuzzy sets. Inf Control 8(3):338–353

    Article  Google Scholar 

  22. Dzitac I, Filip FG, Manolescu MJ (2017) Fuzzy logic is not fuzzy: world-renowned computer scientist Lotfi A. Zadeh. Int J Comput Commun Control 12(6):748–89

    Article  Google Scholar 

  23. Zadeh LA (1999) From computing with numbers to computing with words. From manipulation of measurements to manipulation of perceptions. IEEE Trans Circuits Syst I: Fundam Theor Appl 46(1):105–19

    Article  MathSciNet  Google Scholar 

  24. Zadeh LA (2001) A new direction in AI: toward a computational theory of perceptions. AI Mag 22(1):73–73

    MATH  Google Scholar 

  25. Mathur A, Newe T, Rao M (2016) Defence against black hole and selective forwarding attacks for medical WSNs in the IoT. Sensors 16(1):118

    Article  Google Scholar 

  26. Seyedi B, Fotohi R (2020) NIASHPT: a novel intelligent agent-based strategy using hello packet table (HPT) function for trust Internet of Things. The J Supercomput 76(9):1–24

    Article  Google Scholar 

  27. Mabodi K, Yusefi M, Zandiyan S, Irankhah L, Fotohi R (2020) Multi-level trust-based intelligence schema for securing of internet of things (IoT) against security threats using cryptographic authentication. J Supercomput: 1–26.

  28. Vijayakumar P, Chang V, Deborah LJ, Balusamy B, Shynu PG (2018) Computationally efficient privacy preserving anonymous mutual and batch authentication schemes for vehicular ad hoc networks. Futur Gener Comput Syst 78:943–955

    Article  Google Scholar 

  29. Yaseen Q, Jararweh Y, Al-Ayyoub M, AlDwairi M (2017) Collusion attacks in internet of things: detection and mitigation using a fog based model. In: 2017 IEEE sensors applications symposium (SAS). IEEE. pp. 1–5

  30. Ouechtati H, Azzouna NB, Said LB (2019) A fuzzy logic based trust-ABAC model for the Internet of Things. In: International conference on advanced information networking and applications. Springer, Cham. pp. 1157–1168

  31. Srinivas TA, Manivannan SM (2020) Preventing collaborative black hole attack in IoT construction using a CBHA–AODV routing protocol. Int J Grid High Perform Comput (IJGHPC) 12(2):25–46

    Article  Google Scholar 

  32. Qureshi KN, Rana SS, Ahmed A, Jeon G (2020) A novel and secure attacks detection framework for smart cities industrial internet of things. Sustain Cities Soc 61:102343

    Article  Google Scholar 

  33. Ribera EG, Alvarez BM, Samuel C, Ioulianou PP, Vassilakis VG (2020) Heartbeat-based detection of blackhole and greyhole attacks in RPL networks. In: 2020 12th international symposium on communication systems, networks and digital signal processing (CSNDSP). IEEE. pp. 1–6

  34. Raza S, Wallgren L, Voigt T (2013) SVELTE: real-time intrusion detection in the Internet of Things. Ad Hoc Netw 11(8):2661–2674

    Article  Google Scholar 

  35. Arshad J, Azad MA, Abdeltaif MM, Salah K (2020) An intrusion detection framework for energy constrained IoT devices. Mech Syst Sign Process 136:106436

    Article  Google Scholar 

  36. Rathore S, Park JH (2018) Semi-supervised learning based distributed attack detection framework for IoT. Appl Soft Comput 72:79–89

    Article  Google Scholar 

  37. Haripriya AP, Kulothungan K (2019) Secure-MQTT: an efficient fuzzy logic-based approach to detect DoS attack in MQTT protocol for internet of things. EURASIP J Wirel Commun Netw 2019(1):90

    Article  Google Scholar 

  38. Velliangiri S, Pandey HM (2020) Fuzzy-Taylor-elephant herd optimization inspired deep belief network for DDoS attack detection and comparison with state-of-the-arts algorithms. Fut Gener Comput Syst 110:80–90

    Article  Google Scholar 

  39. Yang Y, Zheng X, Liu X, Zhong S, Chang V (2018) Cross-domain dynamic anonymous authenticated group key management with symptom-matching for e-health social system. Futur Gener Comput Syst 84:160–176

    Article  Google Scholar 

  40. Atzori L, Iera A, Morabito G (2010) The internet of things: a survey. Comput Netw 54(15):2787–2805

    Article  Google Scholar 

  41. Smith B (2020) A moment of reckoning: the need for a strong and global cybersecurity response. https://blogs.microsoft.com/on-the-issues/2020/12/17/cyberattacks-cybersecurity-solarwinds-fireeye/. Accessed 28 Dec 2020

  42. Yi J, Kim S, Kim J, Choi S (2020) Supremo: cloud-assisted low-latency super-resolution in mobile devices. IEEE Trans Mobile Comput. https://doi.org/10.1109/TMC.2020.3025300

    Article  Google Scholar 

  43. Kamgueu PO, Nataf E, Djotio TN (2015) On design and deployment of fuzzy-based metric for routing in low-power and lossy networks. In: 2015 IEEE 40th local computer networks conference workshops (LCN Workshops). IEEE. pp. 789–795

  44. Moudni H, Er-rouidi M, Mouncif H, El Hadadi B (2019) Black hole attack detection using fuzzy based intrusion detection systems in MANET. Procedia Comput Sci 151:1176–1181

    Article  Google Scholar 

  45. Khalil I, Bagchi S (2010) Stealthy attacks in wireless ad hoc networks: detection and countermeasure. IEEE Trans Mob Comput 10(8):1096–1112

    Article  Google Scholar 

  46. Diro AA, Chilamkurti N (2018) Distributed attack detection scheme using deep learning approach for Internet of Things. Futur Gener Comput Syst 82:761–768

    Article  Google Scholar 

  47. Moteiv (2020) Tmote Sky. https://insense.cs.st-andrews.ac.uk/files/2013/04/tmote-sky-datasheet.pdf. Accessed 15 Nov 2020

  48. Advancare SL (2020) Zolertia. http://zolertia.sourceforge.net/wiki/images/e/e8/Z1_RevC_Datasheet.pdf. Accessed 17 November 2020

  49. Sabireen H, Neelanarayanan V (2021) A review on fog computing: architecture, fog with IoT. Algoritm Res Chall ICT Expr 7(2):162–176

    Google Scholar 

  50. Habibi P, Farhoudi M, Kazemian S, Khorsandi S, Leon-Garcia A (2020) Fog computing: a comprehensive architectural survey. IEEE Access 8:69105–69133

    Article  Google Scholar 

  51. Ijaz M, Li G, Lin L, Cheikhrouhou O, Hamam H, Noor A (2021) Integration and applications of fog computing and cloud computing based on the Internet of Things for provision of healthcare services at home. Electronics 10(9):1077

    Article  Google Scholar 

  52. Cao K, Liu Y, Meng G, Sun Q (2020) An overview on edge computing research. IEEE Access 8:85714–85728

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science and Engineering, National Institute of Technology Srinagar, Srinagar, J&K, India

    Syed Rameem Zahra

  2. Department of Information Technology, Central University of Kashmir, Ganderbal, J&K, India

    Mohammad Ahsan Chishti

Authors
  1. Syed Rameem Zahra
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Mohammad Ahsan Chishti
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Syed Rameem Zahra.

Ethics declarations

Conflict of interest

The author’s declared that they have no conflict of interest.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Zahra, S.R., Chishti, M.A. A generic and lightweight security mechanism for detecting malicious behavior in the uncertain Internet of Things using fuzzy logic- and fog-based approach. Neural Comput & Applic 34, 6927–6952 (2022). https://doi.org/10.1007/s00521-021-06823-9

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s00521-021-06823-9

Keywords

Search

Navigation