A lightweight fog-based internal intrusion detection system for smart environments

Abstract

We introduce a lightweight specification-based internal intrusion detection system for smart environments monitoring IoT devices directly in fog computing layer, solving latency issues and being able to protect fog and above layers from denial of service (DoS) attacks. We further investigate different approaches to mitigate an attack considering not only fog computing layer, but also exploiting the distributed nature of IoT using mist computing layer to mitigate an attack. Considering a smart condominium fire alarm system with 300 IoT devices traffic, our approach could spot a DoS attack that comes from an infected IoT layer node and reduce the fog device processing consumption from 31%, when under attack, to 24% with fog-only acting and 9% with fog and mist layer acting afterwards.