Abstract
With the development of internet of things (IoT), capabilities of computing, networking infrastructure, storage of data and management have come very close to the edge of networks. This has accelerated the necessity of Fog computing paradigm. Due to availability of Internet, most of our business operations are integrated with IoT platform. Fog computing has enhanced the strategy of collecting and processing, huge amount of data. On the other hand, attacks and malicious activities has adverse consequences on the development of IoT, Fog, and cloud computing. This has led to development of many security models using fog computing to protect IoT network. Therefore, for dynamic and highly scalable IoT environment, a distributed architecture based intrusion detection system (IDS) is required that can distribute the existing centralized computing to local fog nodes and can efficiently detect modern IoT attacks. This paper proposes a novel distributed ensemble design based IDS using Fog computing, which combines k-nearest neighbors, XGBoost, and Gaussian naive Bayes as first-level individual learners. At second-level, the prediction results obtained from first level is used by Random Forest for final classification. Most of the existing proposals are tested using KDD99 or NSL-KDD dataset. However, these datasets are obsolete and lack modern IoT-based attacks. In this paper, UNSW-NB15 and actual IoT-based dataset namely, DS2OS are used for verifying the effectiveness of the proposed system. The experimental result revealed that the proposed distributed IDS with UNSW-NB15 can achieve higher detection rate upto 71.18% for Backdoor, 68.98% for Analysis, 92.25% for Reconnaissance and 85.42% for DoS attacks. Similarly, with DS2OS dataset, detection rate is upto 99.99% for most of the attack vectors.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Alazab M, Huda S, Abawajy J, Islam R, Yearwood J, Venkatraman S, Broadhurst R (2014) A hybrid wrapper-filter approach for malware detection. J Netw 9(11):2878–2891
Almiani M, AbuGhazleh A, Al-Rahayfeh A, Atiewi S, Razaque A (2019) Deep recurrent neural network for IoT intrusion detection system. Simul Model Pract Theory 101:102031
Alrawais A, Alhothaily A, Hu C, Cheng X (2017) Fog computing for the internet of things: security and privacy issues. IEEE Int Comput 21(2):34–42
Bagui S, Kalaimannan E, Bagui S, Nandi D, Pinto A (2019) Using machine learning techniques to identify rare cyber-attacks on the UNSW-NB15 dataset. Secur Privacy 2(6):e91
Bao R-J, Rong H-J, Angelov PP, Chen B, Wong PK (2017) Correntropy-based evolving fuzzy neural system. IEEE Trans Fuzzy Syst 26(3):1324–1338
Belavagi MC, Muniyal B (2016) Performance evaluation of supervised machine learning algorithms for intrusion detection. Procedia Comput Sci 89(2016):117–123
Bhattacharya S, Kaluri R, Singh S, Alazab M, Tariq U et al (2020) A novel PCA-firefly based XGBoost classification model for intrusion detection in networks using GPU. Electronics 9(2):219
Chaabouni N, Mosbah M, Zemmari A, Sauvignac C, Faruki P (2019) Network intrusion detection for IoT security based on learning techniques. IEEE Commun Surv Tutor 21(3):2671–2701
Chen T, Guestrin C(2016). Xgboost: a scalable tree boosting system. In: Proceedings of the 22nd ACM SIGKDD international conference on knowledge discovery and data mining, pp 785–794
Computing F et al (2016) Fog computing and the internet of things: extend the cloud to where the things are. In: Technical Report, Cisco Systems
da Costa KA, Papa JP, Lisboa CO, Munoz R, de Albuquerque VHC (2019) Internet of things: a survey on machine learning-based intrusion detection approaches. Comput Netw 151:147–157
Dastjerdi AV, Buyya R (2016) Fog computing: hel** the internet of things realize its potential. Computer 49(8):112–116
Diro AA, Chilamkurti N (2018) Distributed attack detection scheme using deep learning approach for internet of things. Future Gener Comput Syst 82:761–768
Elrawy MF, Awad AI, Hamed HF (2018) Intrusion detection systems for IoT-based smart environments: a survey. J Cloud Comput 7(1):21
Etherington D, Conger K (2016) Large DDoS attacks cause outages at Twitter, Spotify, and other sites. TechCrunch, Np, p 21
Frahim J, Pignataro C, Apcar J, Morrow M (2015) Securing the internet of things: a proposed framework. Cisco White Paper
Gomez C, Chessa S, Fleury A, Roussos G, Preuveneers D (2019) Internet of things for enabling smart environments: a technology-centric perspective. J Ambient Intell Smart Environ 11(1):23–43
Hajiheidari S, Wakil K, Badri M, Navimipour NJ (2019) Intrusion detection systems in the internet of things: a comprehensive investigation. Comput Netw 160:165–91
Hasan M, Islam MM, Zarif MII, Hashem M (2019) Attack and anomaly detection in IoT sensors in IoT sites using machine learning approaches. Int Things 7:100059
Kafle VP, Fukushima Y, Harai H (2016) Internet of things standardization in ITU and prospective networking technologies. IEEE Commun Mag 54(9):43–49
Khan FA, Gumaei A, Derhab A, Hussain A (2019) A novel two-stage deep learning model for efficient network intrusion detection. IEEE Access 7:30373–30385
Khraisat A, Gondal I, Vamplew P, Kamruzzaman J (2019) Survey of intrusion detection systems: techniques, datasets and challenges. Cybersecurity 2(1):20
Kramer O (2013) Dimensionality reduction with unsupervised nearest neighbors. Springer, Berlin
Kumar V, Das AK, Sinha D (2019a) UIDS: a unified intrusion detection system for IoT environment. Evol Intell. https://doi.org/10.1007/s12065-019-00291-w
Kumar V, Sinha D, Das AK, Pandey SC, Goswami RT (2019b) An integrated rule based intrusion detection system: analysis on UNSW-NB15 data set and the real time online dataset. Cluster Comput 23:1–22
Li Y, Gao J, Li Q, Fan W (2014) Ensemble learning. Data classification. Chapman and Hall/CRC, London, pp 511–538
Minerva R, Biru A, Rotondi D (2015) Towards a definition of the internet of things (IoT). IEEE Int Initiat 1(1):1–86
Moustafa N, Slay J (2015) UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set). In: 2015 military communications and information systems conference (MilCIS), pp 1–6. IEEE
Moustafa N, Slay J (2016) The evaluation of network anomaly detection systems: statistical analysis of the UNSW-NB15 data set and the comparison with the kdd99 data set. Inf Secur J Glob Perspect 25(1–3):18–31
Nisioti A, Mylonas A, Yoo PD, Katos V (2018) From intrusion detection to attacker attribution: a comprehensive survey of unsupervised methods. IEEE Commun Surv Tutor 20(4):3369–3388
Pahl M-O, Aubet F-X (2018a) All eyes on you: distributed multi-dimensional IoT microservice anomaly detection, pp 72–80. IEEE
Pahl MO, Aubet FX (2018b) DS2OS traffic traces. https://www.kaggle.com/francoisxa/ds2ostraffictraces
Pajouh HH, Dastghaibyfard G, Hashemi S (2017) Two-tier network anomaly detection model: a machine learning approach. J Intell Inf Syst 48(1):61–74
Pajouh HH, Javidan R, Khayami R, Ali D, Choo KKR (2019) A two-layer dimension reduction and two-tier classification model for anomaly-based intrusion detection in IoT backbone networks. IEEE Transactions on Emerging Topics in Computing
Papamartzivanos D, Mármol FG, Kambourakis G (2018) Dendron: genetic trees driven rule induction for network intrusion detection systems. Future Gener Comput Syst 79:558–574
Peng H, Long F, Ding C (2005) Feature selection based on mutual information criteria of max-dependency, max-relevance, and min-redundancy. IEEE Trans Pattern Anal Mach Intell 27(8):1226–1238
Prabavathy S, Sundarakantham K, Shalinie SM (2018) Design of cognitive fog computing for intrusion detection in internet of things. J Commun Netw 20(3):291–298
Reddy GT, Sudheer K, Rajesh K, Lakshmanna K (2014) Employing data mining on highly secured private clouds for implementing a security-ASA-service framework. J Theor Appl Inf Technol 59(2):317–326
Ren J, Guo J, Qian W, Yuan H, Hao X, **g**g H (2019) Building an effective intrusion detection system by using hybrid data optimization based on machine learning algorithms. Security and Communication Networks, 2019
Rice DM (2013) Calculus of thought: neuromorphic logistic regression in cognitive machines. Academic Press, New York
Swarna Priya RM, Maddikunta PK, Parimala M, Koppu S, Reddy T, Chowdhary CL, Alazab M (2020) An effective feature engineering for DNN using hybrid PCA-GWO for intrusion detection in IoMT architecture. Comput Commun 160:139–149
Salman O, Elhajj I, Chehab A, Kayssi A (2018) IoT survey: an SDN and fog computing perspective. Comput Netw 143:221–246
Sengupta J, Ruj S, Bit SD (2019) A comprehensive survey on attacks, security issues and blockchain solutions for IoT and IIoT. J Netw Comput Appl 149:102481
Venticinque S, Amato A (2019) A methodology for deployment of IoT application in fog. J Ambient Intell Humaniz Comput 10(5):1955–1976
Zanella A, Bui N, Castellani A, Vangelista L, Zorzi M (2014) Internet of things for smart cities. IEEE Int Things J 1(1):22–32
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Kumar, P., Gupta, G.P. & Tripathi, R. A distributed ensemble design based intrusion detection system using fog computing to protect the internet of things networks. J Ambient Intell Human Comput 12, 9555–9572 (2021). https://doi.org/10.1007/s12652-020-02696-3
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s12652-020-02696-3