通过物联网、云计算和边缘计算的融合，增强数据管理中基于ml的异常检测，提高安全性

IF 7.5 1区计算机科学 Q1 COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE

Expert Systems with Applications Pub Date : 2025-06-21 DOI:10.1016/j.eswa.2025.128700

Sultan Baimukhanov, Hashim Ali, Adnan Yazici

{"title":"通过物联网、云计算和边缘计算的融合，增强数据管理中基于ml的异常检测，提高安全性","authors":"Sultan Baimukhanov, Hashim Ali, Adnan Yazici","doi":"10.1016/j.eswa.2025.128700","DOIUrl":null,"url":null,"abstract":"<div><div>The widespread adoption of cloud computing, edge computing, and the Internet of Things across various domains has enhanced data management and automation capabilities. However, large-scale IoT implementations face considerable challenges, including concerns about data quality, security risks, and the need to identify anomalies. This study introduces a multi-tiered machine learning-based approach to detect anomalies, specifically targeting security threats, performance irregularities, and sensor malfunctions within IoT-Edge-Cloud ecosystems. The proposed system improves detection precision, response times, and overall security resilience by incorporating XAI for transparent decision-making and a layered security approach to mitigate threats. The framework operates on several levels: (i) the IoT Layer, where secure microcontrollers collect and transmit sensor data; (ii) the Edge/Fog Layer, which conducts pre-processing and real-time filtering to minimize cloud reliance; (iii) the Cloud Layer, where ML-based anomaly detection algorithms, such as the Isolation Forest and Local Outlier Factor, examine data; and (iv) the Smart Single-Page Application architecture that integrates IoT-Edge-Cloud ecosystem, which offers low-latency visualization, secure data transmission, and interactive anomaly monitoring. Furthermore, XAI techniques improve interpretability by identifying key factors that influence anomaly classification and increase transparency for security analysts. A case study in IoT-Healthcare settings validated the efficacy of the proposed system in identifying network intrusions, sensor failures, and operational anomalies, achieving an AUROC score of 1.00 using an isolated forest. Comparative assessments demonstrate that this approach surpasses existing anomaly detection solutions by enhancing detection accuracy, decreasing latency through edge processing, and improving explainability with AI integration. The study concludes by exploring the challenges and advantages of combining IoT, cloud and edge computing for secure and scalable anomaly detection, thus providing insight into optimal database management and security strategies for IoT–cloud interactions.</div></div>","PeriodicalId":50461,"journal":{"name":"Expert Systems with Applications","volume":"293 ","pages":"Article 128700"},"PeriodicalIF":7.5000,"publicationDate":"2025-06-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Enhancing ML-based anomaly detection in data management for security through integration of IoT, cloud, and edge computing\",\"authors\":\"Sultan Baimukhanov, Hashim Ali, Adnan Yazici\",\"doi\":\"10.1016/j.eswa.2025.128700\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><div>The widespread adoption of cloud computing, edge computing, and the Internet of Things across various domains has enhanced data management and automation capabilities. However, large-scale IoT implementations face considerable challenges, including concerns about data quality, security risks, and the need to identify anomalies. This study introduces a multi-tiered machine learning-based approach to detect anomalies, specifically targeting security threats, performance irregularities, and sensor malfunctions within IoT-Edge-Cloud ecosystems. The proposed system improves detection precision, response times, and overall security resilience by incorporating XAI for transparent decision-making and a layered security approach to mitigate threats. The framework operates on several levels: (i) the IoT Layer, where secure microcontrollers collect and transmit sensor data; (ii) the Edge/Fog Layer, which conducts pre-processing and real-time filtering to minimize cloud reliance; (iii) the Cloud Layer, where ML-based anomaly detection algorithms, such as the Isolation Forest and Local Outlier Factor, examine data; and (iv) the Smart Single-Page Application architecture that integrates IoT-Edge-Cloud ecosystem, which offers low-latency visualization, secure data transmission, and interactive anomaly monitoring. Furthermore, XAI techniques improve interpretability by identifying key factors that influence anomaly classification and increase transparency for security analysts. A case study in IoT-Healthcare settings validated the efficacy of the proposed system in identifying network intrusions, sensor failures, and operational anomalies, achieving an AUROC score of 1.00 using an isolated forest. Comparative assessments demonstrate that this approach surpasses existing anomaly detection solutions by enhancing detection accuracy, decreasing latency through edge processing, and improving explainability with AI integration. The study concludes by exploring the challenges and advantages of combining IoT, cloud and edge computing for secure and scalable anomaly detection, thus providing insight into optimal database management and security strategies for IoT–cloud interactions.</div></div>\",\"PeriodicalId\":50461,\"journal\":{\"name\":\"Expert Systems with Applications\",\"volume\":\"293 \",\"pages\":\"Article 128700\"},\"PeriodicalIF\":7.5000,\"publicationDate\":\"2025-06-21\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Expert Systems with Applications\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S0957417425023188\",\"RegionNum\":1,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Expert Systems with Applications","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0957417425023188","RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE","Score":null,"Total":0}

引用次数: 0

摘要

云计算、边缘计算和物联网在各个领域的广泛应用增强了数据管理和自动化能力。然而，大规模物联网实施面临着相当大的挑战，包括对数据质量、安全风险以及识别异常的需求的担忧。本研究介绍了一种基于多层机器学习的方法来检测异常，特别是针对物联网边缘云生态系统中的安全威胁、性能异常和传感器故障。该系统通过集成透明决策的XAI和分层安全方法来减轻威胁，提高了检测精度、响应时间和整体安全弹性。该框架在几个层面上运行：(i)物联网层，其中安全微控制器收集和传输传感器数据；（ii）边缘/雾层，它进行预处理和实时过滤，以尽量减少对云的依赖；（iii）云层，其中基于机器学习的异常检测算法（如隔离森林和局部离群因子）检查数据；（iv）集成物联网边缘云生态系统的智能单页应用程序架构，提供低延迟可视化、安全数据传输和交互式异常监控。此外，XAI技术通过识别影响异常分类的关键因素和增加安全分析人员的透明度来提高可解释性。物联网医疗环境中的案例研究验证了所建议系统在识别网络入侵、传感器故障和操作异常方面的有效性，并使用隔离森林实现了1.00的AUROC评分。对比评估表明，该方法超越了现有的异常检测解决方案，提高了检测精度，通过边缘处理减少了延迟，并通过人工智能集成提高了可解释性。该研究最后探讨了将物联网、云和边缘计算结合起来进行安全、可扩展的异常检测的挑战和优势，从而为物联网与云交互的最佳数据库管理和安全策略提供了见解。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Enhancing ML-based anomaly detection in data management for security through integration of IoT, cloud, and edge computing

The widespread adoption of cloud computing, edge computing, and the Internet of Things across various domains has enhanced data management and automation capabilities. However, large-scale IoT implementations face considerable challenges, including concerns about data quality, security risks, and the need to identify anomalies. This study introduces a multi-tiered machine learning-based approach to detect anomalies, specifically targeting security threats, performance irregularities, and sensor malfunctions within IoT-Edge-Cloud ecosystems. The proposed system improves detection precision, response times, and overall security resilience by incorporating XAI for transparent decision-making and a layered security approach to mitigate threats. The framework operates on several levels: (i) the IoT Layer, where secure microcontrollers collect and transmit sensor data; (ii) the Edge/Fog Layer, which conducts pre-processing and real-time filtering to minimize cloud reliance; (iii) the Cloud Layer, where ML-based anomaly detection algorithms, such as the Isolation Forest and Local Outlier Factor, examine data; and (iv) the Smart Single-Page Application architecture that integrates IoT-Edge-Cloud ecosystem, which offers low-latency visualization, secure data transmission, and interactive anomaly monitoring. Furthermore, XAI techniques improve interpretability by identifying key factors that influence anomaly classification and increase transparency for security analysts. A case study in IoT-Healthcare settings validated the efficacy of the proposed system in identifying network intrusions, sensor failures, and operational anomalies, achieving an AUROC score of 1.00 using an isolated forest. Comparative assessments demonstrate that this approach surpasses existing anomaly detection solutions by enhancing detection accuracy, decreasing latency through edge processing, and improving explainability with AI integration. The study concludes by exploring the challenges and advantages of combining IoT, cloud and edge computing for secure and scalable anomaly detection, thus providing insight into optimal database management and security strategies for IoT–cloud interactions.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Expert Systems with Applications 工程技术-工程：电子与电气

CiteScore

13.80

自引率

10.60%

发文量

2045

审稿时长

8.7 months

期刊介绍： Expert Systems With Applications is an international journal dedicated to the exchange of information on expert and intelligent systems used globally in industry, government, and universities. The journal emphasizes original papers covering the design, development, testing, implementation, and management of these systems, offering practical guidelines. It spans various sectors such as finance, engineering, marketing, law, project management, information management, medicine, and more. The journal also welcomes papers on multi-agent systems, knowledge management, neural networks, knowledge discovery, data mining, and other related areas, excluding applications to military/defense systems.