P2ADF: a privacy-preserving attack detection framework in fog-IoT environment | International Journal of Information Security Skip to main content

Advertisement

Springer Nature Link
Log in

P2ADF: a privacy-preserving attack detection framework in fog-IoT environment

  • Regular Contribution
  • Published:
International Journal of Information Security Aims and scope Submit manuscript

Abstract

In recent years, the Internet of Things (IoT) has gained much popularity, increasing the flow of sensitive user data across the web. In addition, the adoption of fog and edge technologies for latency-sensitive applications aggravates the privacy issues in the scenario as the sensitive data are processed in the user vicinity. Furthermore, the presence of the processing layer near the user end increases the attack surface and thus attracts malicious or curious intruders. In this light, the authors present a stacked-ensemble privacy-preserving attack detection framework, P2ADF. The framework detects the popular man-in-the-middle (MiTM) and denial-of-service (DoS)/distributed DoS (DDoS) attacks in the fog-IoT setup with a maximum accuracy of about 99.98 percent. The proposed model is trained over benchmark datasets, say, IoTID20, TON_IoT, N-BaIoT, UNSW-NB15, and CICDDoS19. The performance of the proposed model is also compared to existing state-of-the-art approaches, and P2ADF outperforms them all.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
¥17,985 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price includes VAT (Japan)

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8

Similar content being viewed by others

Data availability statement

Not applicable.

References

  1. Atzori, L., Iera, A., Morabito, G.: The Internet of things: a survey. Comput. Netw. 54(15), 2787–2805 (2010)

    Article  MATH  Google Scholar 

  2. Atlam, H.F., & Wills, G.B.: IoT security, privacy, safety and ethics. In: Digital twin technologies and smart cities (pp. 123–149). Springer, Cham (2020)

  3. Mukherjee, M., Matam, R., Shu, L., Maglaras, L., Ferrag, M.A., Choudhury, N., Kumar, V.: Security and privacy in fog computing: challenges. IEEE Access 5, 19293–19304 (2017)

    Article  Google Scholar 

  4. Kaur, J., Verma, R., Alharbe, N.R., Agrawal, A., & Khan, R.A.: Importance of fog computing in healthcare 4.0. In Fog Computing for Healthcare 4.0 Environments (pp. 79–101). Springer, Cham. (2021)

  5. Verma, R., Chandra, S.: Security and privacy issues in fog driven IoT environment. Int. J. Comput. Sci. Eng. 7(5), 367–370 (2019)

    Google Scholar 

  6. Lee, K., Kim, D., Ha, D., Rajput, U., & Oh, H.: On security and privacy issues of fog computing supported Internet of Things environment. In 2015 6th International Conference on the Network of the Future (NOF) (pp. 1–3). IEEE. (2015)

  7. Ni, J., Zhang, K., Lin, X., Shen, X.: Securing fog computing for Internet of things applications: challenges and solutions. IEEE Commun. Surv. Tutor. 20(1), 601–628 (2017)

    Article  Google Scholar 

  8. Rathod, V., Mehta, M.: Security in wireless sensor network: a survey. Ganpat Univ. J. Eng. Technol. 1(1), 35–44 (2011)

    Google Scholar 

  9. Gu, K., Wu, N., Yin, B., Jia, W.: Secure data query framework for cloud and fog computing. IEEE Trans. Netw. Serv. Manage. 17(1), 332–345 (2019)

    Article  Google Scholar 

  10. Raymond, J.F.: Traffic analysis: Protocols, attacks, design issues, and open problems. In: Designing privacy enhancing technologies (pp. 10–29). Springer, Berlin, Heidelberg. (2001)

  11. Abdulkareem, K.H., Mohammed, M.A., Gunasekaran, S.S., Al-Mhiqani, M.N., Mutlag, A.A., Mostafa, S.A., Ibrahim, D.A.: A review of fog computing and machine learning: concepts, applications, challenges, and open issues. IEEE Access 7, 153123–153140 (2019)

    Article  Google Scholar 

  12. Yakubu, J., Abdulhamid, S.I.M., Christopher, H.A., Chiroma, H., Abdullahi, M.: Security challenges in fog-computing environment: a systematic appraisal of current developments. J. Reliab. Intell. Environ. 5(4), 209–233 (2019)

    Article  Google Scholar 

  13. Kaur, J., Agrawal, A., Khan, R.A.: Security issues in fog environment: a systematic literature review. Int. J. Wireless Inf. Netw. 27(3), 467–483 (2020)

    Article  Google Scholar 

  14. Verma, R., Chandra, S.: A systematic survey on fog steered IoT: Architecture, prevalent threats and trust models. Int. J. Wireless Inf. Netw. 28(1), 116–133 (2021)

    Article  Google Scholar 

  15. Kaur, J., Kumar, R., Agrawal, A., & Khan, R.A.: A neutrosophic AHP-based computational technique for security management in a fog computing network. J. Supercomput., Springer. (2022)

  16. Yi, S., Qin, Z., & Li, Q.: Security and privacy issues of fog computing: A survey. In: International conference on wireless algorithms, systems, and applications (pp. 685–695). Springer, Cham. (2015)

  17. Puri, V., Kaur, P., & Sachdeva, S.: Data anonymization for privacy protection in fog-enhanced smart homes. In: 2020 6th International Conference on Signal Processing and Communication (ICSC) (pp. 201–205). IEEE. (2020)

  18. Ullah, I., Shah, M.A., Wahid, A., Mehmood, A., Song, H.: ESOT: a new privacy model for preserving location privacy in the Internet of Things. Telecommun. Syst. 67(4), 553–575 (2018)

    Article  Google Scholar 

  19. Kaur, J., Agrawal, A., & Khan, R.A.: Encryfuscation: A model for preserving data and location privacy in fog based IoT scenario. Journal of King Saud University-Computer and Information Sciences. (2022)

  20. Sharma, P., Jain, S., Gupta, S., Chamola, V.: Role of machine learning and deep learning in securing 5G-driven industrial IoT applications. Ad Hoc Netw. 123, 102685 (2021)

    Article  Google Scholar 

  21. Lahmadi, A., Duque, A., Heraief, N., & Francq, J.: MitM attack detection in BLE networks using reconstruction and classification machine learning techniques. In: Joint European Conference on Machine Learning and Knowledge Discovery in Databases (pp. 149–164). Springer, Cham. (2020)

  22. Kponyo, J.J., Agyemang, J.O., Klogo, G.S.: Detecting End-Point (EP) Man-In-The-Middle (MITM) attack based on ARP analysis: a machine learning approach. Int. J. Commun. Netw. Inform. Secur. 12(3), 384–388 (2020)

    Google Scholar 

  23. Ashenafi, A.: A model to detect MiTM attack in IoT networks: a machine learning approach (doctoral dissertation, St. Mary's University). (2022)

  24. Zhang, N., Jaafar, F., & Malik, Y.: Low-rate DoS attack detection using PSD based entropy and machine learning. In: 2019 6th IEEE International Conference on Cyber Security and Cloud Computing (CSCloud)/2019 5th IEEE International Conference on Edge Computing and Scalable Cloud (EdgeCom) (pp. 59–62). IEEE. (2019)

  25. Alsulaiman, L., & Al-Ahmadi, S.: Performance evaluation of machine learning techniques for DOS detection in wireless sensor network. (2021) arXiv preprint arXiv:2104.01963.

  26. Ullah, I., & Mahmoud, Q. H.: A scheme for generating a dataset for anomalous activity detection in iot networks. In: Canadian Conference on Artificial Intelligence (pp. 508–520). Springer, Cham. (2020)

  27. Moustafa, N.: A new distributed architecture for evaluating AI-based security systems at the edge: Network TON_IoT datasets. Sustain. Cities Soc. 72, 102994 (2021)

    Article  Google Scholar 

  28. Meidan, Y., Bohadana, M., Mathov, Y., Mirsky, Y., Shabtai, A., Breitenbacher, D., Elovici, Y.: N-baiot—network-based detection of iot botnet attacks using deep autoencoders. IEEE Pervasive Comput. 17(3), 12–22 (2018)

    Article  Google Scholar 

  29. Moustafa, N., & Slay, J.: UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set). In: 2015 military communications and information systems conference (MilCIS) (pp. 1–6). IEEE. (2015)

  30. Sharafaldin, I., Lashkari, A. H., Hakak, S., & Ghorbani, A. A.: Developing realistic distributed denial of service (DDoS) attack dataset and taxonomy. In: 2019 International Carnahan Conference on Security Technology (ICCST) (pp. 1–8). IEEE. (2019)

  31. Ahsan, M.M., Mahmud, M.P., Saha, P.K., Gupta, K.D., Siddique, Z.: Effect of data scaling methods on machine learning algorithms and model performance. Technologies 9(3), 52 (2021)

    Article  Google Scholar 

  32. Prasad, A., & Chandra, S.:VMFCVD: An optimized framework to combat volumetric DDoS attacks using machine learning. Arab. J. Sci. Eng., 1–19. (2022)

  33. Chornous, G., Pysanets, K., & Yakovenko, N.: A hybrid approach for feature selection in data mining modeling of credit scoring. In: ICTERI Workshops (pp. 256–269). (2020)

  34. Ranstam, J., Cook, J.A.: LASSO regression. J. Br. Surg. 105(10), 1348–1348 (2018)

    Article  Google Scholar 

  35. Witten, I.H., Frank, E.: Data mining: practical machine learning tools and techniques with Java implementations. ACM SIGMOD Rec. 31(1), 76–77 (2002)

    Article  Google Scholar 

  36. Zhou, H., Zhang, J., Zhou, Y., Guo, X., Ma, Y.: A feature selection algorithm of decision tree based on feature weight. Exp. Syst. Appl. 164, 113842 (2021)

    Article  Google Scholar 

  37. Chen, T., Xu, J., Ying, H., Chen, X., Feng, R., Fang, X., Wu, J.: Prediction of extubation failure for intensive care unit patients using light gradient boosting machine. IEEE Access 7, 150960–150968 (2019)

    Article  Google Scholar 

  38. Schapire, R.E.: Explaining adaboost. In: Empirical inference (pp. 37–52). Springer, Berlin, Heidelberg. (2013)

  39. Wang, Q.Q., Yu, S.C., Qi, X., Hu, Y.H., Zheng, W.J., Shi, J.X., Yao, H.Y.: Overview of logistic regression model analysis and application. Zhonghua yu fang yi xue za zhi [Chinese journal of preventive medicine] 53(9), 955–960 (2019)

    Google Scholar 

  40. Ding, H., Chen, L., Dong, L., Fu, Z., Cui, X.: Imbalanced data classification: a KNN and generative adversarial networks-based hybrid approach for intrusion detection. Futur. Gener. Comput. Syst. 131, 240–254 (2022)

    Article  Google Scholar 

  41. Chen, T., He, T., Benesty, M., Khotilovich, V., Tang, Y., Cho, H., Chen, K.: Xgboost: extreme gradient boosting. R package version 0.4-2 1, 1–4 (2015)

    Google Scholar 

  42. Kohavi, R., & John, G.H.: Automatic parameter selection by minimizing estimated error. In: Machine Learning Proceedings 1995 (pp. 304–312). Morgan Kaufmann. (1995)

  43. Feurer, M., & Hutter, F.: Hyperparameter optimization. In: Automated machine learning (pp. 3–33). Springer, Cham. (2019)

  44. ur RehmanKhaliqImtiazRasoolShafiqJavedJalilBashir, S.M.S.I.A.M.A.R.Z.A.K.: Diddos: An approach for detection and identification of distributed denial of service (ddos) cyberattacks using gated recurrent units (gru). Future Gen. Comput. Syst. 118, 453–466 (2021)

    Article  Google Scholar 

  45. de Souza, C.A., Westphall, C.B., Machado, R.B.: Two-step ensemble approach for intrusion detection and identification in IoT and fog computing environments. Comput. Electr. Eng. 98, 107694 (2022)

    Article  Google Scholar 

  46. Sarhan, M., Layeghy, S., Moustafa, N., & Portmann, M.: Netflow datasets for machine learning-based network intrusion detection systems. In Big Data Technologies and Applications (pp. 117–135). Springer, Cham. (2020)

  47. Palla, T.G., Tayeb, S.: Intelligent Mirai malware detection for IoT nodes. Electronics 10(11), 1241 (2021)

    Article  Google Scholar 

  48. Alamri, H.A., Thayananthan, V.: Bandwidth control mechanism and extreme gradient boosting algorithm for protecting software-defined networks against DDoS attacks. IEEE Access 8, 194269–194288 (2020)

    Article  Google Scholar 

  49. Reddy, D.K.K., Behera, H.S., Nayak, J., Naik, B., Ghosh, U., Sharma, P.K.: Exact greedy algorithm based split finding approach for intrusion detection in fog-enabled IoT environment. J. Inform. Security and Appl. 60, 102866 (2021)

    Google Scholar 

  50. Sarwar, A., Alnajim, A.M., Marwat, S.N.K., Ahmed, S., Alyahya, S., Khan, W.U.: Enhanced anomaly detection system for iot based on improved dynamic SBPSO. Sensors 22(13), 4926 (2022)

    Article  Google Scholar 

  51. Daoud, W.B., Mahfoudhi, S.: SIMAD: secure intelligent method for IoT-fog environments attacks detection. Comput. Mater. Continua (CMC) 70(2), 2727–2742 (2022)

    Article  Google Scholar 

  52. Labiod, Y., Amara Korba, A., & Ghoualmi, N.: Fog computing-based intrusion detection architecture to protect IoT networks. Wireless Personal Commun., 1–29. (2022)

Download references

Funding

Not applicable.

Author information

Authors and Affiliations

  1. Department of Information Technology, BBA University, Lucknow, India

    Jasleen Kaur, Alka Agrawal & Raees Ahmad Khan

Authors
  1. Jasleen Kaur
    View author publications

    You can also search for this author inPubMed Google Scholar

  2. Alka Agrawal
    View author publications

    You can also search for this author inPubMed Google Scholar

  3. Raees Ahmad Khan
    View author publications

    You can also search for this author inPubMed Google Scholar

Contributions

(1) JK made substantial contributions to the design of the work and drafted it. (2) AA revised it critically for important intellectual content; (3) RAK approved the version to be published; (4) all the authors agree to be accountable for all aspects of the work in ensuring that questions related to the accuracy or integrity of any part of the work are appropriately investigated and resolved.

Corresponding author

Correspondence to Jasleen Kaur.

Ethics declarations

Conflict of interest

The authors declare no conflict of interest.

Ethical approval

Not applicable.

Informed consent

Not applicable.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Kaur, J., Agrawal, A. & Khan, R.A. P2ADF: a privacy-preserving attack detection framework in fog-IoT environment. Int. J. Inf. Secur. 22, 749–762 (2023). https://doi.org/10.1007/s10207-023-00661-7

Download citation

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10207-023-00661-7

Keywords