Abstract Internet of Things (IoT) makes the daily life easier by increasing the connectivity between the devices. The increase in number of connected devices makes the network vulnerable to various threats. The resource constraint sensor nodes added more challenge for the researchers to implement security schemes in IoT network. In this paper a three layer framework for IoT environment is designed where the users of first layer are intended to collect data from the sensor nodes of third layer through the fog devices that are belongs to second layer. The resource constraint sensor nodes are released from checking the authenticity of users to save their energy. Thus some high capacity nodes, called fog devices, are involved to check the authentication of users. The users are categorized as high, medium or low trusted by using fuzzy logic. Further it delves for the authentication of low and medium trusted user by implementing a lightweight two phase authentication scheme. Physical Unclonable Function (PUF) is used to generate unique identity for individual users and to create Challenge Response Pairs (CRPs). The performance is evaluated by using Raspberry Pi as a user and a laptop as a fog device. The simulation results show that the proposed scheme outperforms the existing schemes in terms of average response time, handshake duration, memory utilization and communication cost. Moreover this scheme is resilience against replay attack, DoS attack, false data injection and man in the middle attack.

中文翻译：

---

UCFL：使用模糊逻辑对雾辅助物联网设备进行基于 PUF 的两阶段认证的用户分类

摘要 物联网 (IoT) 通过增加设备之间的连接性使日常生活变得更轻松。连接设备数量的增加使网络容易受到各种威胁。资源限制传感器节点为研究人员在物联网网络中实施安全方案增加了更多挑战。本文设计了一个物联网环境的三层框架，其中第一层的用户旨在通过属于第二层的雾设备从第三层的传感器节点收集数据。释放资源约束传感器节点检查用户的真实性以节省他们的能量。因此，涉及一些称为雾设备的高容量节点来检查用户的身份验证。使用模糊逻辑将用户分类为高、中或低可信度。此外，它通过实现轻量级的两阶段认证方案来深入研究中低可信用户的认证。物理不可克隆功能 (PUF) 用于为个人用户生成唯一身份并创建挑战响应对 (CRP)。性能通过使用Raspberry Pi作为用户和笔记本电脑作为雾设备进行评估。仿真结果表明，所提出的方案在平均响应时间、握手持续时间、内存利用率和通信成本方面优于现有方案。此外，该方案对重放攻击、DoS 攻击、虚假数据注入和中间人攻击具有弹性。物理不可克隆功能 (PUF) 用于为个人用户生成唯一身份并创建挑战响应对 (CRP)。性能通过使用Raspberry Pi作为用户和笔记本电脑作为雾设备进行评估。仿真结果表明，所提出的方案在平均响应时间、握手持续时间、内存利用率和通信成本方面优于现有方案。此外，该方案对重放攻击、DoS 攻击、虚假数据注入和中间人攻击具有弹性。物理不可克隆功能 (PUF) 用于为个人用户生成唯一身份并创建挑战响应对 (CRP)。性能通过使用Raspberry Pi作为用户和笔记本电脑作为雾设备进行评估。仿真结果表明，所提出的方案在平均响应时间、握手持续时间、内存利用率和通信成本方面优于现有方案。此外，该方案对重放攻击、DoS 攻击、虚假数据注入和中间人攻击具有弹性。内存利用率和通信成本。此外，该方案对重放攻击、DoS 攻击、虚假数据注入和中间人攻击具有弹性。内存利用率和通信成本。此外，该方案对重放攻击、DoS 攻击、虚假数据注入和中间人攻击具有弹性。