Abstract
Motivated by the recent explosion of interest around the Internet of Things (IoT), this paper is focused on the dynamics of its security. It is a fact that at present, there is a dearth of consolidated and methodical visions for assuring the security of IoT. This owes to its unique characteristics like interdependence of IoT devices and services, device heterogeneity, mobility, affinity to owners, pervasiveness, and unattended nature. The constraints of energy, memory, bandwidth and computability further complicate this picture. The strategies available in the literature today do not entirely consider this intricate nature of IoT environments. Moreover, uncertainty is not adequately acknowledged by the researchers while designing the security procedures for IoT, even though most of the IoT related security problems stem from an uncertain environment. This paper focuses on addressing this uncertainty, along with the other major security issues of IoT. It gives detailed categorization of the attacks in IoT. To this end, a Fuzzy Logic and Fog based Secure Architecture for IoT (FLFSIoT) has been proposed in this paper that works in real-time. In FLFSIoT, fuzzy logic has been used to alleviate the uncertainty of belonging to one crisp cluster of an edge node and for detecting various classical attacks. The Fog supported IoT architecture has been used to make FLFSIoT intrinsically more secure in comparison to the cloud-supported IoT by omitting the latency and other issues. As such, this work feeds the benefits of fuzzy log and fog computing into the carving of a generic solution to the IoT’s security problem. The efficiency of FLFSIoT has been evaluated against the Distributed Denial of Service (DDoS) and Collusion attacks, and it has been observed that it gives more accurate results than the existing benchmarks.
Similar content being viewed by others
Abbreviations
- IDS:
-
Intrusion detection system
- FP:
-
False positive
- FN:
-
False negative
- WSN:
-
Wireless sensor network
- UDP:
-
User datagram protocol
- 6LOWPAN:
-
IPv6 over low power wireless personal area networks
- BR:
-
Border router
- 6BR:
-
6LOWPAN BR
- MANET:
-
Mobile adhoc networks
- MQTT:
-
Message queuing telemetry transport (an application layer protocol for IoT)
- CMR:
-
Fraction of connection requests from the publisher
- CAMR:
-
Fraction of subscriber requests received in the broker
- DBN:
-
Deep belief networks
- *p:
-
Pro of the scheme
- *c:
-
Con of the scheme
References
Ahmad MS (2018) Alleviating malicious insider attacks in MANET using a multipath on-demand security mechanism. Int J Comput Netw Inf Secur. https://doi.org/10.5815/ijcnis.2018.06.04
Akamai (2014) Spike DDoS Toolkit. https://www.prolexic.com/kcresources/prolexic-threat-advisories/prolexic-threatadvisory-spike-ddos-toolkit-botnet/spike-ddos-toolkit-cybersecurity-US-092414.pdf. Accessed 17 Aug 2019
Alsirhani A, Sampalli S, Bodorik P (2019) DDoS detection system: using a set of classification algorithms controlled by fuzzy logic system in apache spark. IEEE Trans Netw Serv Manage 16(3):936–949. https://doi.org/10.1109/TNSM.2019.2929425
Angrishi K (2017) Turning Internet of Things (IoT) into Internet of Vulnerabilities (IoV): IoT Botnets. https://arxiv.org/abs/1702.03681. Accessed 17 Sep 2019
Anthi E, Williams L, Burnap P (2018) Pulse: an adaptive intrusion detection for the Internet of Things. In: Living in the Internet of Things: cybersecurity of the IoT - 2018, IET
Arsenault A, Diversinet, Farrell S (2001) Securely available credentials-requirements. RFC 3157. Tech Rep https://tools.ietf.org/html/rfc3157. Accessed 23 Aug 2019
Babar S, Mahalle P, Stango A, Prasad N, Prasad R (2010) Proposed security model and threat taxonomy for the Internet of Things. In: Proceedings of the recent trends in network security and applications, Berlin, pp 420–429. https://doi.org/10.1007/978-3-642-14478-3_42
Bao F, Chen I, Chang M, Cho J (2012) Hierarchical trust management for wireless sensor networks and its applications to trust-based routing and intrusion detection. IEEE Trans Netw Serv Manage 9(2):169–183. https://doi.org/10.1109/TCOMM.2012.031912.110179
Bezdek JC (1981) Pattern recognition with fuzzy objective function algorithms. Kluwer Academic Publishers, Berline
Bhuiyan M, Wu J (2016) Collusion attack detection in networked systems. In: Proceedings of the 14th IEEE International Conference on Dependable, Autonomic and Secure Computing (IEEE DASC 2016), Auckland, pp 286–293. https://doi.org/10.1109/DASC-PICom-DataCom-CyberSciTec.2016.67
Bonomi F, Milito R, Zhu J, Addepalli S (2012) Fog computing and its role in the Internet of Things. In: MCC workshop on mobile cloud computing, ACM, pp 13–16. https://doi.org/10.1145/2342509.2342513
Botta A, Donato WD, Persico V, Pescape A (2016) Integration of cloud computing and Internet of Things: a survey. Future Gener Comput Syst 56:684–700. https://doi.org/10.1016/j.future.2015.09.021
Chui M, Loffler M, Roberts R (2015) Unlocking the potential of the Internet of Things. Mckinsay Global Institute. https://www.mckinsey.com/industries/high-tech/our-insights/the-internet-of-things. Accessed 03 Aug 2019
Conti M, Dragoni N, Lesyk V (2016) A survey of man in the middle attacks. IEEE Commun Surv Tutor 18(3):2027–2051. https://doi.org/10.1109/COMST.2016.2548426
Diro AA, Chilamkurti N (2017) Distributed attack detection scheme using deep learning approach for Internet of Things. Future Gener Comput Syst 82:761–768. https://doi.org/10.1016/j.future.2017.08.043
Durfina L, Kroustek J, Zemek P (2013) PsybOt malware: a step-by-step decompilation case study. In: 20th Working Conference on Reverse Engineering, Koblenz, pp 449–456. https://doi.org/10.1109/WCRE.2013.6671321
Federico F (2012) LightAidra source code on GitHub. GitHub. https://github.com/eurialo/lightaidra. Accessed 02 Oct 2019
Forouzan BA (2007) Data communications and networking. In: Forouzan Networking Series. McGraw-Hill, New York, NY, USA
Fortiguard team (2018) Reaper: the next evolution of IoT botnets. Fortinet. Available at: https://www.fortinet.com/blog/threat-research/reaper-the-next-evolution-of-iot-botnets.html. Accessed 22 Aug 2019
Gannon M, Warner G, Arora A (2017) An accidental discovery of IoT botnets and a method for investigating them with a Custom Lua Dissector. In: Annual ADFSL Conference on Digital Forensics, Security and Law, pp 27–38. Available at: https://commons.erau.edu/adfsl/2017/papers/3
Graham J (2014) Understanding and mitigating NTP-based DDoS attacks. https://blog.cloudflare.com/understanding-and-mitigating-ntp-based-ddos-attacks/. Accessed 04 Aug 2019
Greenberg A (2018) The reaper IoT botnet has already infected a million networks. Wired. https://www.wired.com/story/reaper-iot-botnet-infected-million-networks/. Accessed 20 Aug 2019
Gupta H, Dastjerdi AV, Ghosh SK, Buyya R (2017) iFogSim: a toolkit for modeling and simulation of resource management techniques in Internet of Things, edge and fog computing environments. Soft Pract Exper 47:1275–1296. https://doi.org/10.1002/spe.2509
Haripriya KK (2019) Secure-MQTT: an efficient fuzzy logic-based approach to detect DoS attack in MQTT protocol for Internet of Things. EURASIP J Wirel Commun Netw 90:1–15. https://doi.org/10.1186/s13638-019-1402-8
Hayashi K (2013) Linux Darlloz. https://www.symantec.com/security_response/. Accessed 07 Sep 2019
Hayashi K (2014) IoT worm used to mine cryptocurrency. https://www.symantec.com/connect/blogs/iot-worm-used-mine-cryptocurrency. Accessed 29 Aug 2019
Hossain MM, Fotouhi M, Hasan R (2015) Towards an analysis of security issues, challenges, and open problems in the Internet of Things. In: 2015 IEEE World Congress on Services, New York, pp 21–28. https://doi.org/10.1109/SERVICES.2015.12
Hou L, Zhao S, Xiong X et al (2016) Internet of Things cloud: architecture and implementation. IEEE Commun Mag 54(12):32–39. https://doi.org/10.1109/MCOM.2016.1600398CM
Iadmin (2018) Hydra IRC bot, the 25 minute overview of the kit. https://insecurety.net/hydra-irc-bot-the-25-minute-overview-of-the-kit/. Accessed 10 Sep 2019
loulianou PP, Vassilakis V, Moscholios ID, Logothetis MD (2018) A signature-based intrusion detection system for the Internet of Things. In: Information and communication technology forum (in press)
Ivan S, Sheng W (2014) The fog computing paradigm: scenarios and security Issues. In: Federated Conference on Computer Science and Information Systems, Warsaw, pp 1–8. https://doi.org/10.15439/2014F503
Izquierdo SS, Izquierdo LR (2018) Mamdani fuzzy systems for modelling and simulation: a critical assessment. JASSS. https://doi.org/10.18564/jasss.3660
Jalali F, Khodadustan S, Gray C, Hinton K, Suits F (2017) Greening IoT with fog: a survey. In: International Conference on Edge Computing, Honolulu, HI, pp 25–31. https://doi.org/10.1109/IEEE.EDGE.2017.13
Janus M (2011) Heads of the hydra. Malware for network devices. Available at: https://securelist.com/heads-of-the-hydra-malware-for-network-devices/36396/. Accessed 01 Oct 2019
Kasinathan P, Costamagna G, Khaleel H, Pastrone C, Spirito M (2013) DEMO: an IDS framework for Internet of Things empowered by 6LoWPAN. In: Proceedingsof the 2013 ACM SIGSAC conference on computer and communications security, CCS '13. ACM, New York, pp 1337–1340
Khalil I, Bagchi S (2010) Stealthy attacks in wireless ad hoc networks: detection and countermeasure. IEEE Trans Mob Comput 10(8):1096–1112. https://doi.org/10.1109/TMC.2010.249
Kouicem DE, Bouabdallah A, Lakhlef H (2018) Internet of Things security: a top-down survey. Comput Netw 141:199–221. https://doi.org/10.1016/j.comnet.2018.03.012
Kozhakhmet K, Bortsova G, Inoue A, Atymtayeva L (2012) Expert system for security audit using fuzzy logic. In: Proceedings of the 23rd Midwest Artificial Intelligence and Cognitive Science Conference, pp 146–151
Lee T, Wen C, Chang L, Chiang H, Hsieh M (2014) A lightweight intrusion detection scheme based on energy consumption analysis in 6LowPAN. In: Huang Y-M, Chao H-C, Deng D-J, Park JJJH (eds) Advanced technologies, embedded and multimedia for human-centric computing, lecture notes in electrical engineering, vol 260. Springer, Netherlands, pp 1205–1213
Li J, Zhao Z, Li R, Zhang H (2019) AI-based two-stage intrusion detection for software defined IoT networks. IEEE Internet Things J 6(2):2093–2102. https://doi.org/10.1109/JIOT.2018.2883344
Liu C, Zhang Y, Li Z, Zhang J, Qin H, Zeng J (2015) Dynamic defense architecture for the security of the Internet of Things. In: 11th International Conference on Computational Intelligence and Security, Shenzhen, pp 390–393. https://doi.org/10.1109/CIS.2015.100
Luong NC, Hoang DT, Wang P, Niyato D, Kim DI, Han Z (2016) Data collection and wireless communication in Internet of Things (IoT) using economic analysis and pricing models: a survey. IEEE Commun Surveys Tuts 18(4):2546–2590. https://doi.org/10.1109/COMST.2016.2582841
Malecot EL, Inoue D (2013) The carna botnet through the lens of a net-work telescope. In: Proceedings of 6th international symposium on foundations and practice of security, Lecture Notes in Computer Science, vol 8352, pp 426–441, Springer, Cham. https://doi.org/10.1007/978-3-319-05302-8_26
McKendrick J (2019) Researchers sound alarms about IoT security. https://www.rtinsights.com/researchers-sound-alarms-about-iot-security/. Accessed 01 Aug 2019
McMillan R (2010) Chuck Norris botnet karate-chops routers hard. https://www.computerworld.com/article/2521061/chuck-norris-botnet-karate-chops-routers-hard.html. Accessed 25 Sep 2019
Mukherjee M, Matam R, Shu L et al (2017) Security and privacy in fog computing: challenges. IEEE Access 5:19293–19304. https://doi.org/10.1109/ACCESS.2017.2749422
Newswire PR (2016) Level 3 Threat Research Labs, Attack of Things. https://blog.level3.com/security/attack-of-things/. Accessed 27 Oct 2019.
Ni J, Zhang K, Lin X, Shen X (2017) Securing fog computing for Internet of Things applications challenges and solutions. IEEE Commun Surv Tut 20(1):601–628. https://doi.org/10.1109/COMST.2017.2762345
Nordrum A (2016) Popular Internet of Things forecast of 50 billion devices by 2020 is outdated. IEEE Spectrum. https://spectrum.ieee.org/tech-talk/telecom/internet/popular-internet-of-thingsforecast-of-50-billion-devices-by-2020-isoutdated. Accessed 01 Aug 2019
Noubir G, Lin G (2003) Low-power DoS attacks in data wireless LANs and countermeasures. SIGMOBILE Mob Comput Commun Rev. https://doi.org/10.1145/961268.961277
Ostad-Sharif A, Arshad H, Nikooghadam M, Abbasinezhad-Mood D (2019) Three party secure data transmission in IoT networks through design of a lightweight authenticated key agreement scheme. Future Generation Comput Syst 100:882–892
Ouechtati H, Azzouna NB, Said LB (2020) A fuzzy logic based trust-ABAC model for the Internet of Things. In: International Conference on Advanced Information Networking and Applications, vol 926, pp 1157–1168. https://doi.org/10.1007/978-3-030-15032-7_97
Panda M (2013) Security threats at each layer of wireless sensor networks. Int J Adv Res Comput Sci Softw Eng 3:50–56
Poongodi M, Bose S (2015) A novel intrusion detection system based ontrust evaluation to defend against DDoS attack in MANET. Arab J Sci Eng 40(12):3583–3594. https://doi.org/10.1007/s13369-015-1822-7
Rathore S, Park JH (2018) Semi-supervised learning based distributed attack detection framework for IoT. Appl Soft Comput 72:79–89. https://doi.org/10.1016/j.asoc.2018.05.049
Rayome AD (2017) DDoS attacks increased 91% in 2017 thanks to IoT. TechRepublic. https://www.techrepublic.com/article/ddos-attacks-increased-91-in-2017-thanks-to-iot/. Accessed 03 Aug 2019
Raza S, Wallgren L, Voigt T (2013) SVELTE: real-time intrusion detection in the Internet of Things. Adhoc Netw 11:2661–2674. https://doi.org/10.1016/j.adhoc.2013.04.014
Reddy VB, Negi A, Venkataraman S, Venkataraman VR (2019) A similarity based trust model to mitigate badmouthing attacks in Internet of Things (IoT). In: 2019 IEEE 5th World Forum on Inter-net of Things (WF-IoT), Limerick, Ireland, pp 278–282. https://doi.org/10.1109/WF-IoT.2019.8767170
Saleem TJ, Chishti MA (2019a) Data analytics in the Internet of Things: a survey. Scalable Comput 20(4):607–629. https://doi.org/10.12694/scpe.v20i4.1562
Saleem TJ, Chishti MA (2019b) Deep learning for Internet of Things data analytics. In: Procedia computer science, pp 381–390. https://doi.org/10.1016/j.procs.2019.12.120
Sarukkai S (2017) Ransomware and Internet of Things: a growing threat. https://www.esecurityplanet.com/network-security/ransomware-and-the-internet-of-things-a-growing-threat.html. Accessed 20 Sep 2019
Savage K, Coogan P, Lau H (2015) The evolution of ransomware. Symantec. https://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/the-evolution-of-ransomware.pdf. Accessed 05 Sep 2019
Schirrmacher NB, Ondrus J, Tan FTC (2018) Towards a response to ransomware: examining digital capabilities of the wannacry attack. In: PACIS 2018 proceedings, Digital Capabilities in Cybercrime, Available at: https://aisel.aisnet.org/cgi/viewcontent.cgi?article=1209&context=pacis2018
Shamshirband S, Patel A, Anuar NB, Kiah LM, Abraham A (2014) Cooperative game theoretic approach using fuzzy Q-learning for detecting and preventing intrusions in wireless sensor networks. Eng Appl Artif Intell 32:228–241. https://doi.org/10.1016/j.engappai.2014.02.001
Spring T (2016) BASHLITE family of Malware infects 1 million IoT devices. https://threatpost.com/bashlite-family-of-malware-infects-1-million-iot-devices. Accessed 04 Nov 2019
Tajitsu N (2017) Honda halts japan car plant after wannacry virus hits computer network. https://www.reuters.com/article/us-honda-cyberattack-idUSKBN19C0EI. Accessed 19 Oct 2019
Tamil K, Sridharan D (2010) Security vulnerabilities in wireless sensor networks: a survey. J Inf Assur Secur 5(1):31–44
Ullrich J (2014) Linksys worm (the moon) captured. https://isc.sans.edu/forums/diary/Linksys+Worm+TheMoon+Captured/17630. Accessed 23 Sep 2019
Vaquero LM, Merino LR (2014) Finding your way in the fog: towards a comprehensive definition of fog computing. ACM SIG COMM Comp Commun Rev 44(5):27–32. https://doi.org/10.1145/2677046.2677052
Velliangiri S, Pandey HM (2020) Fuzzy-Taylor-elephant herd optimization inspired Deep Belief Network for DDoS attack detection and comparison with state-of-the-arts algorithms. Future Gener Comput Syst. https://doi.org/10.1016/j.future.2020.03.049
Weagle S (2018) Financial impact of mirai DDoS attack on dyn revealed in new data. https://www.corero.com/blog/797-financial-impact-of-mirai-ddos-attack-on-dyn-revealed-in-newdata.html. Accessed 05 Sep 2019
Xu W, Trappe W, Zhang Y, Wood T (2005) The feasibility of launching and detecting jamming attacks in wireless networks. In: Proceedings of the 6th ACM International Symposium on Mobile Ad Hoc Networking and Computing, MobiHoc’05, pp 46–57. https://doi.org/10.1145/1062689.1062697
Yadav J, Kharat V, Deshpande A (2014) Zadeh-Deshpande (ZD) fuzzy logic based formalism for linguistic description of air quality: a case study. In: International Conference on Informatics, Electron-ics and Vision, Dhaka, pp 1–5. https://doi.org/10.1109/ICIEV.2014.6850706.
Yang Z, Yue Y, Yang Y, Peng Y, Wang X, Liu W (2011) Study and application on the architecture and key technologies for IoT. In: International Conference on Multimedia Technology, Hangzhou, pp 747–751. https://doi.org/10.1109/ICMT.2011.6002149
Yaseen Q, Aldwairi M, Jararweh Y, Al-Ayoub M, Gupta B (2017) Collusion attacks mitigation in Internet of Things: a fog based model. Multimed Tool Appl. https://doi.org/10.1007/s11042-017-5288-3(Springer)
Zadeh LA (1965) Fuzzy sets. Inf Control 8(3):338–353. https://doi.org/10.1016/S0019-9958(65)90241-X
Zadeh LA (1975) Fuzzy logic and approximate reasoning. Synthese 30:407–428. https://doi.org/10.1007/BF00485052
Zadeh LA (1988) Fuzzy logic. Computer 21(4):83–93. https://doi.org/10.1109/2.53
Zahra SR (2018) MNP: Malicious node prevention in vehicular Ad hoc networks. IJCNA 5(2): 9–21. https://www.ijcna.org/Manuscripts/IJCNA-2018-O-02.pdf
Zahra SR, Chishti MA (2019a) Assessing the services, security threats, challenges and solutions in the Internet of Things. Scal Comput Pract Exp 20(3):457–484. https://doi.org/10.12694/scpe.v20i3.1544
Zahra SR, Chishti MA (2019b) Ransomware and Internet of Things: a new security nightmare. In: 9th International Conference on Cloud Computing, Data Science, and Engineering (Confluence 2019), Noida, India, pp 551–555. https://doi.org/10.1109/CONFLUENCE.2019.8776926
Zhou W, Jia Y, Peng A et al (2018) The effect of IoT new features on security and privacy: new threats, existing solutions, and challenges yet to be solved. IEEE Internet Things J 6(2):1606–1616. https://doi.org/10.1109/JIOT.2018.2847733
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Zahra, S.R., Chishti, M.A. Fuzzy logic and Fog based Secure Architecture for Internet of Things (FLFSIoT). J Ambient Intell Human Comput 14, 5903–5927 (2023). https://doi.org/10.1007/s12652-020-02128-2
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s12652-020-02128-2