在雾授权网络中使用异常检测的DDoS防护架构

IF 1.8 4区计算机科学 Q3 COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE

Journal of Ambient Intelligence and Smart Environments Pub Date : 2021-01-01 DOI:10.3233/AIS-210600

Deepak Kumar Sharma, M. Devgan, Gaurav Malik, Prashant Dutt, Aarti Goel, Deepak Gupta, F. Al-turjman

{"title":"在雾授权网络中使用异常检测的DDoS防护架构","authors":"Deepak Kumar Sharma, M. Devgan, Gaurav Malik, Prashant Dutt, Aarti Goel, Deepak Gupta, F. Al-turjman","doi":"10.3233/AIS-210600","DOIUrl":null,"url":null,"abstract":"The world of computation has shown wide variety of wonders in the past decade with Internet of Things (IoT) being one of the most promising technology. Emergence of IoT brings a lot of good to the technology pool with its capability to provide intelligent services to the users. With ease to use, IoT is backed by a strong Cloud based infrastructure which allows the sensory IoT devices to perform specific functions. Important features of cloud are its reliability and security where the latter must be dealt with proper care. Cloud centric systems are susceptible to Denial of Service (DoS) attacks wherein the cloud server is subjected to an overwhelming number of incoming requests by a malicious device. If the same attack is carried out by a network of devices such as IoT devices then it becomes a Distributed DoS (DDoS) attack. A DDoS attack may render the server useless for a long period of time causing the services to crash due to extensive load. This paper proposes a lightweight, efficient and robust method for DDoS attack by detecting the compromised node connected to the Fog node or edge devices before it reaches the cloud by taking advantage of the Fog layer and prevent it from harming any information recorded or from increasing the unnecessary traffic in a network. The chosen technology stack consists of languages and frameworks which allow proposed approach to works in real time complexity for faster execution and is flexible enough to work on low level systems such as the Fog nodes. The proposed approach uses mathematical models for forecasting data points and therefore does not rely on a computationally heavy approach such as neural networks for predicting the expected values. This approach can be easily modelled into the firmware of the system and can help make cloud services more reliable by cutting off rogue nodes that try to attack the cloud at any given point of time.","PeriodicalId":49316,"journal":{"name":"Journal of Ambient Intelligence and Smart Environments","volume":"52 1","pages":"201-217"},"PeriodicalIF":1.8000,"publicationDate":"2021-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"DDoS prevention architecture using anomaly detection in fog-empowered networks\",\"authors\":\"Deepak Kumar Sharma, M. Devgan, Gaurav Malik, Prashant Dutt, Aarti Goel, Deepak Gupta, F. Al-turjman\",\"doi\":\"10.3233/AIS-210600\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The world of computation has shown wide variety of wonders in the past decade with Internet of Things (IoT) being one of the most promising technology. Emergence of IoT brings a lot of good to the technology pool with its capability to provide intelligent services to the users. With ease to use, IoT is backed by a strong Cloud based infrastructure which allows the sensory IoT devices to perform specific functions. Important features of cloud are its reliability and security where the latter must be dealt with proper care. Cloud centric systems are susceptible to Denial of Service (DoS) attacks wherein the cloud server is subjected to an overwhelming number of incoming requests by a malicious device. If the same attack is carried out by a network of devices such as IoT devices then it becomes a Distributed DoS (DDoS) attack. A DDoS attack may render the server useless for a long period of time causing the services to crash due to extensive load. This paper proposes a lightweight, efficient and robust method for DDoS attack by detecting the compromised node connected to the Fog node or edge devices before it reaches the cloud by taking advantage of the Fog layer and prevent it from harming any information recorded or from increasing the unnecessary traffic in a network. The chosen technology stack consists of languages and frameworks which allow proposed approach to works in real time complexity for faster execution and is flexible enough to work on low level systems such as the Fog nodes. The proposed approach uses mathematical models for forecasting data points and therefore does not rely on a computationally heavy approach such as neural networks for predicting the expected values. This approach can be easily modelled into the firmware of the system and can help make cloud services more reliable by cutting off rogue nodes that try to attack the cloud at any given point of time.\",\"PeriodicalId\":49316,\"journal\":{\"name\":\"Journal of Ambient Intelligence and Smart Environments\",\"volume\":\"52 1\",\"pages\":\"201-217\"},\"PeriodicalIF\":1.8000,\"publicationDate\":\"2021-01-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Journal of Ambient Intelligence and Smart Environments\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://doi.org/10.3233/AIS-210600\",\"RegionNum\":4,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q3\",\"JCRName\":\"COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Ambient Intelligence and Smart Environments","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.3233/AIS-210600","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE","Score":null,"Total":0}

引用次数: 0

摘要

在过去的十年里，计算世界展示了各种各样的奇迹，物联网(IoT)是最有前途的技术之一。物联网的出现，以其为用户提供智能化服务的能力，给技术池带来了很多好处。物联网易于使用，由强大的基于云的基础设施支持，该基础设施允许感测物联网设备执行特定功能。云的重要特性是它的可靠性和安全性，后者必须得到适当的重视。以云为中心的系统容易受到拒绝服务(DoS)攻击，其中云服务器受到恶意设备的大量传入请求的影响。如果同样的攻击是由物联网设备等网络设备进行的，那么它就变成了分布式拒绝服务(DDoS)攻击。DDoS攻击可能导致服务器长时间无法使用，负载过大导致业务崩溃。本文提出了一种轻量级、高效、鲁棒的DDoS攻击方法，利用雾层在连接到雾节点或边缘设备的受攻击节点到达云之前就进行检测，防止其损害任何记录的信息或增加网络中不必要的流量。所选择的技术堆栈由语言和框架组成，这些语言和框架允许所建议的方法在实时复杂性下工作，以更快地执行，并且足够灵活，可以在底层系统(如Fog节点)上工作。所提出的方法使用数学模型来预测数据点，因此不依赖于计算量大的方法，如神经网络来预测期望值。这种方法可以很容易地建模到系统的固件中，并且可以通过切断试图在任何给定时间点攻击云的恶意节点来帮助提高云服务的可靠性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

DDoS prevention architecture using anomaly detection in fog-empowered networks

The world of computation has shown wide variety of wonders in the past decade with Internet of Things (IoT) being one of the most promising technology. Emergence of IoT brings a lot of good to the technology pool with its capability to provide intelligent services to the users. With ease to use, IoT is backed by a strong Cloud based infrastructure which allows the sensory IoT devices to perform specific functions. Important features of cloud are its reliability and security where the latter must be dealt with proper care. Cloud centric systems are susceptible to Denial of Service (DoS) attacks wherein the cloud server is subjected to an overwhelming number of incoming requests by a malicious device. If the same attack is carried out by a network of devices such as IoT devices then it becomes a Distributed DoS (DDoS) attack. A DDoS attack may render the server useless for a long period of time causing the services to crash due to extensive load. This paper proposes a lightweight, efficient and robust method for DDoS attack by detecting the compromised node connected to the Fog node or edge devices before it reaches the cloud by taking advantage of the Fog layer and prevent it from harming any information recorded or from increasing the unnecessary traffic in a network. The chosen technology stack consists of languages and frameworks which allow proposed approach to works in real time complexity for faster execution and is flexible enough to work on low level systems such as the Fog nodes. The proposed approach uses mathematical models for forecasting data points and therefore does not rely on a computationally heavy approach such as neural networks for predicting the expected values. This approach can be easily modelled into the firmware of the system and can help make cloud services more reliable by cutting off rogue nodes that try to attack the cloud at any given point of time.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Journal of Ambient Intelligence and Smart Environments COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE-COMPUTER SCIENCE, INFORMATION SYSTEMS

CiteScore

4.30

自引率

17.60%

发文量

审稿时长

>12 weeks

期刊介绍： The Journal of Ambient Intelligence and Smart Environments (JAISE) serves as a forum to discuss the latest developments on Ambient Intelligence (AmI) and Smart Environments (SmE). Given the multi-disciplinary nature of the areas involved, the journal aims to promote participation from several different communities covering topics ranging from enabling technologies such as multi-modal sensing and vision processing, to algorithmic aspects in interpretive and reasoning domains, to application-oriented efforts in human-centered services, as well as contributions from the fields of robotics, networking, HCI, mobile, collaborative and pervasive computing. This diversity stems from the fact that smart environments can be defined with a variety of different characteristics based on the applications they serve, their interaction models with humans, the practical system design aspects, as well as the multi-faceted conceptual and algorithmic considerations that would enable them to operate seamlessly and unobtrusively. The Journal of Ambient Intelligence and Smart Environments will focus on both the technical and application aspects of these.