Skip to main content

Security in edge-assisted Internet of Things: challenges and solutions

Abstract

The flourish of 5th generation wireless systems (5G) network has brought numerous benefits to the Internet of Things (IoT) with universal connectivity, improved data rate, and decreased latency. The development of IoT extends the computation-intensive applications from centralized servers to the edge of the network, promoting the paradigm of edge computing. Edge computing brings great assistance to IoT architecture by efficiently accomplishing tasks with lower latency, less energy consumption and reduced network bandwidth. Edge-assisted IoT emerges to provide location-aware services and offload computational tasks to edge nodes near the IoT devices. However, a series of security challenges still exist in edge-assisted IoT owing to the inherent vulnerabilities of edge nodes and sensitive nature of the collected data. Among the emerging and existing security schemes in IoT applications, security and energy consumption are two overriding yet conflicting requirements. The tradeoff between security and energy is critical to the sustainability of the IoT ecosystem but still lacks sufficient discussion. In this article, we investigate the security challenges in edge-assisted IoT and how the constraints in energy consumption can affect the design of security schemes. Specifically, we firstly present the architecture of edge-assisted IoT and its unique characteristics. Secondly, we identify the security threats in the edge-assisted IoT applications and the security-energy tradeoff during implementation. Thirdly, in a case study of distributed denial of service (DDoS) and malware injection attack, we propose a preliminary solution to address the conflict between security and energy requirements. Finally, we discuss some open issues and identify future research directions for security and energy efficiency in edge-assisted IoT.

This is a preview of subscription content, access via your institution.

References

  1. Ejaz W, Anpalagan A, Imran M A, et al. Internet of Things (IoT) in 5G wireless communications. IEEE Access, 2016, 4: 10310–10314

    Article  Google Scholar 

  2. Zhang K, Ni J, Yang K, et al. Security and privacy in smart city applications: challenges and solutions. IEEE Commun Mag, 2017, 55: 122–129

    Article  Google Scholar 

  3. Ni J, Zhang K, Lin X, et al. Securing fog computing for internet of things applications: challenges and solutions. IEEE Commun Surv Tut, 2018, 20: 601–628

    Article  Google Scholar 

  4. Xiao Y, Jia Y, Liu C, et al. Edge computing security: state of the art and challenges. Proc IEEE, 2019, 107: 1608–1631

    Article  Google Scholar 

  5. Shirazi S N, Gouglidis A, Farshad A, et al. The extended cloud: review and analysis of mobile edge computing and fog from a security and resilience perspective. IEEE J Sel Areas Commun, 2017, 35: 2586–2595

    Article  Google Scholar 

  6. Antonakakis M, April T, Bailey M, et al. Understanding the Mirai botnet. In: Proceedings of the 26th USENIX Security Symposium (USENIX Security 17), 2017. 1093–1110

  7. Roman R, Lopez J, Mambo M. Mobile edge computing, fog et al.: a survey and analysis of security threats and challenges. Future Gener Comput Syst, 2018, 78: 680–698

    Article  Google Scholar 

  8. Ni J, Lin X, Shen X S. Toward edge-assisted Internet of Things: from security and efficiency perspectives. IEEE Netw, 2019. 33: 50–57

    Article  Google Scholar 

  9. Liu D, Yan Z, Ding W, et al. A survey on secure data analytics in edge computing. IEEE Internet Things J, 2019, 6: 4946–4967

    Article  Google Scholar 

  10. Liu Z, Yin X, Hu Y. CPSS LR-DDoS detection and defense in edge computing utilizing DCNN Q-learning. IEEE Access, 2020, 8: 42120–42130

    Article  Google Scholar 

  11. Xiao L, Xie C, Chen T, et al. A mobile offloading game against smart attacks. IEEE Access, 2016, 4: 2281–2291

    Article  Google Scholar 

  12. Shi C, Liu J, Liu H, et al. Smart user authentication through actuation of daily activities leveraging wifi-enabled iot. In: Proceedings of the 18th ACM International Symposium on Mobile Ad Hoc Networking and Computing, 2017. 1–10

  13. Hlavacs H, Treutner T, Gelas J P, et al. Energy consumption side-channel attack at virtual machines in a cloud. In: Proceedings of 2011 IEEE 9th International Conference on Dependable, Autonomic and Secure Computing, 2011. 605–612

  14. Zhang K, Yang K, Liang X, et al. Security and privacy for mobile healthcare networks: from a quality of protection perspective. IEEE Wirel Commun, 2015, 22: 104–112

    Article  Google Scholar 

  15. Kolias C, Kambourakis G, Stavrou A, et al. DDoS in the IoT: Mirai and other botnets. Computer, 2017, 50: 80–84

    Article  Google Scholar 

  16. Martin M C, Lam M S. Automatic generation of XSS and SQL injection attacks with goal-directed model checking. In: Proceedings of USENIX Security Symposium, 2008. 31–44

  17. Livadas C, Walsh R, Lapsley D, et al. Usilng machine learning technliques to identify botnet traffic. In: Proceedings of the 31st IEEE Conference on Local Computer Networks, 2006. 967–974

  18. Zolotukhin M, Hamalainen T, Kokkonen T, et al. Increasing web service availability by detecting application-layer DDoS attacks in encrypted traffic. In: Proceedings of the 23rd International Conference on Telecommunications (ICT), 2016. 1–6

  19. Niyaz Q, Sun W, Javaid A Y. A deep learning based DDoS detection system in software-defined networking (sdn). 2016. ArXiv: 161107400

  20. Chua Z L, Shen S, Saxena P, et al. Neural nets can learn function type signatures from binaries. In: Proceedings of the 26th USENIX Security Symposium (USENIX Security 17), 2017. 99–116

  21. Song W, Yin H, Liu C, et al. Deepmem: learning graph neural network models for fast and robust memory forensic analysis. In: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, 2018. 606–618

  22. Zuo F, Li X, Young P, et al. Neural machine translation inspired binary code similarity comparison beyond function pairs. 2018. ArXiv: 180804706

  23. Jackson K A, Bennett B T. Locating SQL injection vulnerabilities in java byte code using natural language techniques. In: Proceedings of SoutheastCon 2018, 2018. 1–5

  24. Ross K, Moh M, Moh T S, et al. Multi-source data analysis and evaluation of machine learning techniques for SQL injection detection. In: Proceedings of the ACMSE 2018 Conference, 2018. 1–8

  25. Rathore S, Sharma P K, Park J H. XSSClassifier: an efficient XSS attack detection approach based on machine learning classifier on SNSs. J Inf Process Syst, 2017, 13: 1014–1028

    Google Scholar 

  26. Murofushi T, Sugeno M. An interpretation of fuzzy measures and the Choquet integral as an integral with respect to a fuzzy measure. Fuzzy Sets Syst, 1989, 29: 201–227

    MathSciNet  Article  Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Yi Zhou.

Rights and permissions

Reprints and Permissions

About this article

Verify currency and authenticity via CrossMark

Cite this article

Shen, S., Zhang, K., Zhou, Y. et al. Security in edge-assisted Internet of Things: challenges and solutions. Sci. China Inf. Sci. 63, 220302 (2020). https://doi.org/10.1007/s11432-019-2906-y

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • DOI: https://doi.org/10.1007/s11432-019-2906-y

Keywords

  • Internet of Things
  • edge computing
  • network security
  • machine learning
  • data analytics