NADA: new architecture for detecting DoS and DDoS attacks in fog computing

Abstract

Nowadays, fog computing as a new part of the Internet of Things plays a vital and significant role in the development of technology in cities and smart homes, various industries, medical care, security and etc. This technology, like other emerging technologies, has security challenges. One of the most important attacks on fog nodes is the DoS and DDoS attacks. This article proposes new method for DoS and DDoS attack detection by combining machine learning techniques, DT and KNN with CNN algorithm. We have improved the performance of the intrusion detection systems in the Fog computing infrastructure by voting mechanism for DoS and DDoS detection. NADA is capable of detecting DoS and DDoS attacks with highest correct rate (about 99%). NADA can be applied in both edge and fog nodes. The proposed approach uses deep learning techniques and biological genetic algorithm for detecting suspicious traffic. Then the suspicious traffic applies to CNN, DT, and KNN as an input and based on the available samples, maximum vote-based attack detection validation is performed. Finally, we evaluated our method (NADA) and calculate criteria such as Precision, Accuracy, Recall, and Error. By simulating NADA, we observed that metrics cited improved on average by about 7% in comparison with other methods.