通过强化学习确保边缘计算中物联网设备的安全

IF 4.8 2区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Computers & Security Pub Date : 2025-04-08 DOI:10.1016/j.cose.2025.104474

Anit Kumar , Dhanpratap Singh

{"title":"通过强化学习确保边缘计算中物联网设备的安全","authors":"Anit Kumar , Dhanpratap Singh","doi":"10.1016/j.cose.2025.104474","DOIUrl":null,"url":null,"abstract":"<div><div>The exponentially increasing demand for IoT devices with the expectation of maximum fulfillment of the user needs to bring the integration of the Edger server on the premise of the IoT devices. The small size but the need for complex computation and high-end software requires the amount of additional hardware setup that can never be possible with the absence of an Edge server. Since the Edger server continuously gathers the data from the IoT device for further computation and permanent storage in either local storage or a cloud server, it attracts intruders to try to steal sensitive data of the IoT devices from the Edge server. With the presence of many artificial intelligence tools, an intruder can make serious attacks on the Edger server by breaking its security boundaries. Any individual autonomous entity like a robot, satellite, or self-driving vehicle has a set of interconnected IoT devices (sensors) to form a network, which needs to be so flexible that any new IoT device can easily be integrated into this network without any major difficulties. None of the organizations has ever adopted non-scalable IoT networks. To counter such security challenges, we propose a scalable, robust, and reliable Novel Reinforcement Learning approach having a proper task scheduling mechanism that is powered by using the epsilon-greedy search Q-learning method. The novelty of our proposed method is its high performance which allows the agent to take actions at the time only when it finds a noticeable drop in the network performance in terms of packet delivery ratio, average throughput, and end-to-end delay hyperparameters. Experiments carried out by us along with simulation and real datasets, prove that our proposed security method provides outstanding results as compared to other security approaches discussed in this paper and can counter malicious attacks efficiently. Once our security model gets trained with a threshold amount of times, then after this threshold time, we observe that no benign data packets are lost even with the presence of any external threats and always provide stable communication to the end users. The proposed novel reinforcement learning method is more consistent, resilient, scalable, and accurate than other similar machine learning-based security methods and always has a false positive rate of <2 %.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"155 ","pages":"Article 104474"},"PeriodicalIF":4.8000,"publicationDate":"2025-04-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Securing IoT devices in edge computing through reinforcement learning\",\"authors\":\"Anit Kumar , Dhanpratap Singh\",\"doi\":\"10.1016/j.cose.2025.104474\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><div>The exponentially increasing demand for IoT devices with the expectation of maximum fulfillment of the user needs to bring the integration of the Edger server on the premise of the IoT devices. The small size but the need for complex computation and high-end software requires the amount of additional hardware setup that can never be possible with the absence of an Edge server. Since the Edger server continuously gathers the data from the IoT device for further computation and permanent storage in either local storage or a cloud server, it attracts intruders to try to steal sensitive data of the IoT devices from the Edge server. With the presence of many artificial intelligence tools, an intruder can make serious attacks on the Edger server by breaking its security boundaries. Any individual autonomous entity like a robot, satellite, or self-driving vehicle has a set of interconnected IoT devices (sensors) to form a network, which needs to be so flexible that any new IoT device can easily be integrated into this network without any major difficulties. None of the organizations has ever adopted non-scalable IoT networks. To counter such security challenges, we propose a scalable, robust, and reliable Novel Reinforcement Learning approach having a proper task scheduling mechanism that is powered by using the epsilon-greedy search Q-learning method. The novelty of our proposed method is its high performance which allows the agent to take actions at the time only when it finds a noticeable drop in the network performance in terms of packet delivery ratio, average throughput, and end-to-end delay hyperparameters. Experiments carried out by us along with simulation and real datasets, prove that our proposed security method provides outstanding results as compared to other security approaches discussed in this paper and can counter malicious attacks efficiently. Once our security model gets trained with a threshold amount of times, then after this threshold time, we observe that no benign data packets are lost even with the presence of any external threats and always provide stable communication to the end users. The proposed novel reinforcement learning method is more consistent, resilient, scalable, and accurate than other similar machine learning-based security methods and always has a false positive rate of <2 %.</div></div>\",\"PeriodicalId\":51004,\"journal\":{\"name\":\"Computers & Security\",\"volume\":\"155 \",\"pages\":\"Article 104474\"},\"PeriodicalIF\":4.8000,\"publicationDate\":\"2025-04-08\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Computers & Security\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S0167404825001634\",\"RegionNum\":2,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computers & Security","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0167404825001634","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

摘要

对物联网设备的需求呈指数级增长，期望最大限度地满足用户需求，从而在物联网设备的前提下集成了Edger服务器。体积小，但需要复杂的计算和高端软件，这需要大量的额外硬件设置，如果没有Edge服务器，这是不可能的。由于Edge服务器不断收集来自物联网设备的数据，以便在本地存储或云服务器中进行进一步计算和永久存储，因此它吸引了入侵者试图从边缘服务器窃取物联网设备的敏感数据。由于存在许多人工智能工具，入侵者可以通过打破其安全边界对Edger服务器进行严重攻击。任何独立的自主实体，如机器人、卫星或自动驾驶汽车，都有一组相互连接的物联网设备（传感器）来形成一个网络，这个网络需要非常灵活，以至于任何新的物联网设备都可以轻松地集成到这个网络中，而不会遇到任何重大困难。没有任何组织采用过不可扩展的物联网网络。为了应对此类安全挑战，我们提出了一种可扩展、鲁棒且可靠的新型强化学习方法，该方法具有适当的任务调度机制，该机制由使用贪心搜索q -学习方法提供支持。我们提出的方法的新颖之处在于它的高性能，它允许代理只有在发现网络性能在数据包传送率、平均吞吐量和端到端延迟超参数方面出现明显下降时才采取行动。我们在仿真和真实数据集上进行的实验证明，与本文讨论的其他安全方法相比，我们提出的安全方法具有出色的效果，可以有效地对抗恶意攻击。一旦我们的安全模型接受了阈值次数的训练，那么在这个阈值时间之后，我们观察到即使存在任何外部威胁，也没有良性数据包丢失，并且始终为最终用户提供稳定的通信。与其他类似的基于机器学习的安全方法相比，所提出的新型强化学习方法更具一致性、弹性、可扩展性和准确性，并且始终具有2%的假阳性率。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Securing IoT devices in edge computing through reinforcement learning

The exponentially increasing demand for IoT devices with the expectation of maximum fulfillment of the user needs to bring the integration of the Edger server on the premise of the IoT devices. The small size but the need for complex computation and high-end software requires the amount of additional hardware setup that can never be possible with the absence of an Edge server. Since the Edger server continuously gathers the data from the IoT device for further computation and permanent storage in either local storage or a cloud server, it attracts intruders to try to steal sensitive data of the IoT devices from the Edge server. With the presence of many artificial intelligence tools, an intruder can make serious attacks on the Edger server by breaking its security boundaries. Any individual autonomous entity like a robot, satellite, or self-driving vehicle has a set of interconnected IoT devices (sensors) to form a network, which needs to be so flexible that any new IoT device can easily be integrated into this network without any major difficulties. None of the organizations has ever adopted non-scalable IoT networks. To counter such security challenges, we propose a scalable, robust, and reliable Novel Reinforcement Learning approach having a proper task scheduling mechanism that is powered by using the epsilon-greedy search Q-learning method. The novelty of our proposed method is its high performance which allows the agent to take actions at the time only when it finds a noticeable drop in the network performance in terms of packet delivery ratio, average throughput, and end-to-end delay hyperparameters. Experiments carried out by us along with simulation and real datasets, prove that our proposed security method provides outstanding results as compared to other security approaches discussed in this paper and can counter malicious attacks efficiently. Once our security model gets trained with a threshold amount of times, then after this threshold time, we observe that no benign data packets are lost even with the presence of any external threats and always provide stable communication to the end users. The proposed novel reinforcement learning method is more consistent, resilient, scalable, and accurate than other similar machine learning-based security methods and always has a false positive rate of <2 %.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Computers & Security 工程技术-计算机：信息系统

CiteScore

12.40

自引率

7.10%

发文量

365

审稿时长

10.7 months

期刊介绍： Computers & Security is the most respected technical journal in the IT security field. With its high-profile editorial board and informative regular features and columns, the journal is essential reading for IT security professionals around the world. Computers & Security provides you with a unique blend of leading edge research and sound practical management advice. It is aimed at the professional involved with computer security, audit, control and data integrity in all sectors - industry, commerce and academia. Recognized worldwide as THE primary source of reference for applied research and technical expertise it is your first step to fully secure systems.