Abstract
The exponential increase in Internet of Things devices on the Internet causes a deluge of traffic at the cloud. Most of the traffic data is redundant. However, fog computing solves the problems by processing data at the network’s edge. Lately, the fog layer is a target of cyberattacks, due to its resource constraints. In this paper, we proposed a lightweight, human immune, and anomaly-based intrusion detection system (IDS) for the fog layer. The proposed system achieves low resource overhead by distributing the IDS functions among the fog nodes and the cloud. We obtained an accuracy of up to 98.8%. Also, we recorded a 10% reduction in the energy consumption of the fog node when compared with deploying a neural network on the fog node.
Similar content being viewed by others
References
Prabhu, C.: Fog Computing. Springer, Deep learning and big data analytics-research directions (2019)
Turner, V., MacGillivray, C., Gaw, J., Clarke, R., Morales, M., Kraus, B.: IDC futurescape: worldwide internet of things 2015 predictions. In: IDC (2014)
Computing, F.: The internet of things: extend the cloud to where the things are (2016)
Li, C., Qin, Z., Novak, E., Li, Q.: Securing SDN infrastructure of IoT-fog networks from MITM attacks. IEEE Internet Things J. 4(5), 1156–1164 (2017)
Stojmenovic, I., Wen, S.: The fog computing paradigm: scenarios and security issues. In: 2014 federated conference on computer science and information systems, pp. 1–8 (2014). https://doi.org/10.15439/2014F503
Hu, P., Dhelim, S., Ning, H., Qiu, T.: Survey on fog computing: architecture, key technologies, applications and open issues. J. Netw. Comput. Appl. 98, 27–42 (2017)
Sequeira, D.: Intrusion prevention systems: securitys silver bullet? Bus. Commun. Rev. 33(3), 36–41 (2003)
Mauritian Computer Emergency Response Team: guideline on intrusion detection and prevention systems (2011). https://ncb.govmu.org/portal/sites/ncb/downloads.html
Scarfone, K., Mell, P.: Special Publication 800–94: Guide to Intrusion Detection and Prevention Systems. National Institute Standard and Technology, Gaithersburg (2012)
Khraisat, A., Gondal, I., Vamplew, P., Kamruzzaman, J.: Survey of intrusion detection systems: techniques, datasets and challenges. Cybersecurity 2(1), 20 (2019)
Aloqaily, M., Balasubramanian, V., Zaman, F., Al Ridhawi, I., Jararweh, Y.: Congestion mitigation in densely crowded environments for augmenting qos in vehicular clouds. In: Proceedings of the 8th ACM Symposium on Design and Analysis of Intelligent Vehicular Networks and Applications, DIVANet’18, pp. 49–56. Association for Computing Machinery, New York (2018). https://doi.org/10.1145/3272036.3272038
Balasubramanian, V., Aloqaily, M., Reisslein, M.: An SDN architecture for time sensitive industrial IoT. Comput. Netw. 186, 107739 (2021). https://doi.org/10.1016/j.comnet.2020.107739
Otoum, Y., Nayak, A.: As-ids: anomaly and signature based ids for the internet of things. J. Netw. Syst. Manag. 29(3), 1–26 (2021)
Almiani, M., AbuGhazleh, A., Al-Rahayfeh, A., Atiewi, S., Razaque, A.: Deep recurrent neural network for IoT intrusion detection system. Simul. Model. Pract. Theory 101, 102031 (2020). https://doi.org/10.1016/j.simpat.2019.102031
Pacheco, J., Benitez, V.H., Félix-Herrán, L.C., Satam, P.: Artificial neural networks-based intrusion detection system for internet of things fog nodes. IEEE Access 8, 73907–73918 (2020)
Al-Omari, M., Rawashdeh, M., Qutaishat, F., Mohammad, A., Ababneh, N.: An intelligent tree-based intrusion detection model for cyber security. J. Netw. Syst. Manag. 29(2), 1–18 (2021)
Ou, C.M.: Host-based intrusion detection systems inspired by machine learning of agent-based artificial immune systems. In: 2019 IEEE International Symposium on INnovations in Intelligent SysTems and Applications (INISTA), pp. 1–5. IEEE (2019)
Wang, W., Ren, L., Chen, L., Ding, Y.: Intrusion detection and security calculation in industrial cloud storage based on an improved dynamic immune algorithm. Inf. Sci. 501, 543–557 (2019)
Igbe, O., Saadawi, T., Darwish, I.: Digital immune system for intrusion detection on data processing systems and networks (2017). US Patent App. 15/633,056
Greensmith, J., Aickelin, U.: The deterministic dendritic cell algorithm. In: International Conference on Artificial Immune Systems, pp. 291–302. Springer (2008)
Rhys, H.: Classifying with decision trees. Manning Publications (2020). https://books.google.com.sa/books?id=jRzYDwAAQBAJ
Jansen, S.: Chapter 10: decision trees and random forests. Packt Publishing (2018). https://books.google.com.sa/books?id=tx2CDwAAQBAJ
Pump, R., Ahlers, V., Koschel, A.: State of the art in artificial immune-based intrusion detection systems for smart grids. In: 2018 Second World Conference on Smart Trends in Systems, Security and Sustainability (WorldS4), pp. 119–126. IEEE (2018)
Matzinger, P.: Tolerance, danger, and the extended family. Ann. Rev. Immunol. 12(1), 991–1045 (1994)
Brownlee, J.: Clever algorithms: nature-inspired programming recipes. Lulu.com (2011). https://books.google.com.sa/books?id=SESWXQphCUkC
Hosseinpour, F., Amoli, P.V., Farahnakian, F., Plosila, J., Hämäläinen, T.: Artificial immune system based intrusion detection: innate immunity using an unsupervised learning approach. Int. J. Digital Content Technol. Appl. 8(5), 1 (2014)
Hosseinpour, F., Vahdani Amoli, P., Plosila, J., Hämäläinen, T., Tenhunen, H.: An intrusion detection system for fog computing and IoT based logistic systems using a smart data approach. Int. J. Digital Content Technol. Appl. 10 (2016)
Ye, N., Chen, Q.: An anomaly detection technique based on a chi-square statistic for detecting intrusions into information systems. Qual. Reliab. Eng. Int. 17(2), 105–112 (2001). https://doi.org/10.1002/qre.392
Hegde, C., Jiang, Z., Suresha, P.B., Zelko, J., Seyedi, S., Smith, M.A., Wright, D.W., Kamaleswaran, R., Reyna, M.A., Clifford, G.D.: Autotriage—an open source edge computing raspberry pi-based clinical screening system. medRxiv (2020). https://doi.org/10.1101/2020.04.09.20059840
Xhafa, F., Kilic, B., Krause, P.: Evaluation of IoT stream processing at edge computing layer for semantic data enrichment. Fut. Gener. Comput. Syst. 105, 730–736 (2020). https://doi.org/10.1016/j.future.2019.12.031
Xunlong Software CO., Limited: orange pi lite—orange pi (2016). http://www.orangepi.org/orangepilite/. Accessed May, 2020
Nath, O.: Review on raspberry pi 3b+ and its scope. Int. J. Eng. Appl. Sci. Technol. 4(9), 157–159 (2020)
LCD wiki: 3.5inch rpi display - lcd wiki (2020). http://www.lcdwiki.com/3.5inch_RPi_Display. Accessed 17th Aug 2020
Crovella, M.E., Carter, R.L.: Dynamic server selection in the internet. In: Third IEEE workshop on the architecture and implementation of high performance communication subsystems (HPCS) (1995)
OpenNN.net: Opennn: open neural networks library (2020). https://www.opennn.net/
Pedregosa, F., Varoquaux, G., Gramfort, A., Michel, V., Thirion, B., Grisel, O., Blondel, M., Prettenhofer, P., Weiss, R., Dubourg, V., et al.: Scikit-learn: machine learning in python. J. Mach. Learn. Res. 12, 2825–2830 (2011)
Long, J.: Interesting native code examples (2012). https://bit.ly/3fYmfkN. Accessed 25 May 2020
What is omnet++? (2019). https://omnetpp.org/intro/. Accessed 6 June 2020
Sudqi Khater, B., Abdul Wahab, A., Idris, M., Abdulla Hussain, M., Ahmed Ibrahim, A.: A lightweight perceptron-based intrusion detection system for fog computing. Appl. Sci. 9(1), 178 (2019)
Krügel, C., Toth, T., Kirda, E.: Service specific anomaly detection for network intrusion detection. In: Proceedings of the 2002 ACM symposium on applied computing, pp. 201–208 (2002)
Farouq, A., Tarek, S., Mohamed, D.: faroouq/idps\_omnet: Intrusion detection and prevention system for fog computing using omnet++ (2020). https://github.com/faroouq/IDPS_OMNET
Acknowledgements
The authors would like to thank the Computer Engineering Department, King Fahd University of Petroleum and Minerals for their support. We would like to thank Dr. Mustapha Aliyu Muhammad (M.D) and Dr. Aliyu Aliyu Muhammad (M.D) for their suggestions and recommendations in the course of this research.
Author information
Authors and Affiliations
Corresponding author
Ethics declarations
Conflict of interest
The authors declare that they have no conflict of interest.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Aliyu, F., Sheltami, T., Deriche, M. et al. Human Immune-Based Intrusion Detection and Prevention System for Fog Computing. J Netw Syst Manage 30, 11 (2022). https://doi.org/10.1007/s10922-021-09616-6
Received:
Revised:
Accepted:
Published:
DOI: https://doi.org/10.1007/s10922-021-09616-6