Identification of malicious edge devices in fog computing environments

Abstract

ABSTRACTDevice security is one of the major challenges for successful implementation of Internet of Things (IoT) and fog computing. Researchers and IT organizations have explored many solutions to protect systems from unauthenticated device attacks (known as outside device attacks). Fog computing uses many edge devices (e.g., router, switch, and hub) for latency-aware processing of collected data. So, identification of malicious edge devices is one of the critical activities in data security of fog computing. Preventing attacks from malicious edge devices is more difficult because they have certain granted privileges to store and process the data. In this article, a proposed framework uses three technologies, a Markov model, an intrusion detection system (IDS), and a virtual honeypot device (VHD) to identify malicious edge devices in a fog computing environment. A two-stage Markov model is used to categorize edge devices effectively into four different levels. The VHD is designed to store and maintain a log repository of all identified malicious devices, which assists the system to defend itself from any unknown attacks in the future. The proposed model is tested in a simulated environment, and results indicate the effectiveness of the system. The proposed model is successful in identifying the malicious device as well as reducing the false IDS alarm rate.