A distributed ensemble design based intrusion detection system using fog computing to protect the internet of things net
- PDF / 1,433,830 Bytes
- 18 Pages / 595.276 x 790.866 pts Page_size
- 2 Downloads / 208 Views
ORIGINAL RESEARCH
A distributed ensemble design based intrusion detection system using fog computing to protect the internet of things networks Prabhat Kumar1 · Govind P. Gupta1 · Rakesh Tripathi1 Received: 27 February 2020 / Accepted: 16 November 2020 © Springer-Verlag GmbH Germany, part of Springer Nature 2020
Abstract With the development of internet of things (IoT), capabilities of computing, networking infrastructure, storage of data and management have come very close to the edge of networks. This has accelerated the necessity of Fog computing paradigm. Due to availability of Internet, most of our business operations are integrated with IoT platform. Fog computing has enhanced the strategy of collecting and processing, huge amount of data. On the other hand, attacks and malicious activities has adverse consequences on the development of IoT, Fog, and cloud computing. This has led to development of many security models using fog computing to protect IoT network. Therefore, for dynamic and highly scalable IoT environment, a distributed architecture based intrusion detection system (IDS) is required that can distribute the existing centralized computing to local fog nodes and can efficiently detect modern IoT attacks. This paper proposes a novel distributed ensemble design based IDS using Fog computing, which combines k-nearest neighbors, XGBoost, and Gaussian naive Bayes as first-level individual learners. At second-level, the prediction results obtained from first level is used by Random Forest for final classification. Most of the existing proposals are tested using KDD99 or NSL-KDD dataset. However, these datasets are obsolete and lack modern IoT-based attacks. In this paper, UNSW-NB15 and actual IoT-based dataset namely, DS2OS are used for verifying the effectiveness of the proposed system. The experimental result revealed that the proposed distributed IDS with UNSWNB15 can achieve higher detection rate upto 71.18% for Backdoor, 68.98% for Analysis, 92.25% for Reconnaissance and 85.42% for DoS attacks. Similarly, with DS2OS dataset, detection rate is upto 99.99% for most of the attack vectors. Keywords Intrusion detection system · Anomaly detection · Ensemble learning · Fog computing · Internet of things (IoT) · Feature selection
1 Introduction Internet of things is anticipated as impactful innovation of Internet. IEEE, in its special report defines IoT as “a network that connects devices having sensing capabilities” (Minerva et al. 2015). With the inception of low-priced devices like sensors, actuators, RFIDs etc. combined with different communication mediums, IoT has attained huge demand in the last decade (Sengupta et al. 2019). Concept of IoT * Prabhat Kumar [email protected] Govind P. Gupta [email protected] Rakesh Tripathi [email protected] 1
Department of Information Technology, National Institute of Technology, Raipur, CG 492010, India
is employed in almost all fields: healthcare, smart-cities, smart-grids, energy distribution, education, entertainment and even tra
Data Loading...
