Skip to main content

Intrusion Detection at the Network Edge: Solutions, Limitations, and Future Directions

  • Conference paper
  • First Online:
Edge Computing – EDGE 2019 (EDGE 2019)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 11520))

Included in the following conference series:

Abstract

The low-latency, high bandwidth capabilities promised by 5G, together with the diffusion of applications that require high computing power and, again, low latency (such as videogames), are probably the main reasons—though not the only one—that have led to the introduction of a new network architecture: Fog Computing, that consists in moving the computation services geographically close to where computing is needed. This architectural shift moves security and privacy issues from the Cloud to the different layers of the Fog architecture. In this scenario, IDSs are still necessary, but they need to be contextualized in the new architecture. Indeed, while on the one hand Fog computing provides intrinsic benefits (e.g., low latency), on the other hand, it introduces new design challenges.

In this paper, we provide the following contributions: we analyze the possible IDS solutions that can be adopted within the different Fog computing tiers, together with their related deployment and design challenges; and, we propose some promising future directions, by taking into account the challenges left uncovered by the considered solutions.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Bonomi, F., Milito, R., Zhu, J., Addepalli, S.: Fog computing and its role in the internet of things. In: Proceedings of the First Edition of the MCC Workshop on Mobile Cloud Computing, pp. 13–16. ACM (2012)

    Google Scholar 

  2. Rios, R., Roman, R., Onieva, J.A., Lopez, J.: From SMOG to Fog: a security perspective. In: 2017 Second International Conference on Fog and Mobile Edge Computing (FMEC), pp. 56–61, May 2017

    Google Scholar 

  3. Roman, R., Lopez, J., Mambo, M., Mobile edge computing, Fog et al.: A survey and analysis of security threats and challenges. Future Gener. Comput. Syst. 78, 680–698 (2018)

    Google Scholar 

  4. Mukherjee, M., et al.: Security and privacy in fog computing: challenges. IEEE Access 5, 19293–19304 (2017)

    Article  Google Scholar 

  5. Munir, K.: Advancing Consumer-Centric Fog Computing Architectures. IGI Global (2018)

    Google Scholar 

  6. Sciancalepore, S., Piro, G., Vogli, E., Boggia, G., Grieco, L.A., Cavone, G.: LICITUS: a lightweight and standard compatible framework for securing layer-2 communications in the IoT. Comput. Netw. 108, 66–77 (2016)

    Article  Google Scholar 

  7. Yu, W., et al.: A survey on the edge computing for the internet of things. IEEE Access 6, 6900–6919 (2018)

    Article  Google Scholar 

  8. Hosseinpour, F., Vahdani Amoli, P., Plosila, J., Hämäläinen, T., Tenhunen, H.: An intrusion detection system for fog computing and IoT based logistic systems using a smart data approach. Int. J. Digit. Content Technol. Appl. 10, 34–46 (2016)

    Google Scholar 

  9. Yi, S., Qin, Z., Li, Q.: Security and privacy issues of fog computing: a survey. In: Xu, K., Zhu, H. (eds.) WASA 2015. LNCS, vol. 9204, pp. 685–695. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-21837-3_67

    Chapter  Google Scholar 

  10. Martin, A., Raponi, S., Combe, T., Di Pietro, R.: Docker ecosystem-vulnerability analysis. Comput. Commun. 122, 30–43 (2018)

    Article  Google Scholar 

  11. Krontiris, I., Giannetsos, T., Dimitriou, T.: LIDeA: a distributed lightweight intrusion detection architecture for sensor networks. In: Proceedings of the 4th International Conference on Security and Privacy in Communication Networks, p. 20. ACM (2008)

    Google Scholar 

  12. Hai, T.H., Huh, E.N., Jo, M.: A lightweight intrusion detection framework for wireless sensor networks. Wirel. Commun. Mob. Comput. 10(4), 559–572 (2010)

    Google Scholar 

  13. Onat, I., Miri, A.: An intrusion detection system for wireless sensor networks. In: IEEE International Conference on Wireless and Mobile Computing, Networking And Communications, WiMob 2005, vol. 3, pp. 253–259. IEEE (2005)

    Google Scholar 

  14. Anwar, S., et al.: From intrusion detection to an intrusion response system: fundamentals, requirements, and future directions. Algorithms 10(2), 39 (2017)

    Article  Google Scholar 

  15. Sandhu, R., Sohal, A.S., Sood, S.K.: Identification of malicious edge devices in fog computing environments. Inf. Secur. J.: Glob. Perspect. 26(5), 213–228 (2017)

    Google Scholar 

  16. Sudqi Khater, B., Abdul Wahab, A., Idris, M., Abdulla Hussain, M., Ahmed Ibrahim, A.: A lightweight perceptron-based intrusion detection system for fog computing. Appl. Sci. 9(1), 178 (2019)

    Article  Google Scholar 

  17. Sedjelmaci, H., Senouci, S.M., Al-Bahri, M.: A lightweight anomaly detection technique for low-resource IoT devices: a game-theoretic methodology. In: 2016 IEEE International Conference on Communications (ICC), pp. 1–6. IEEE (2016)

    Google Scholar 

  18. Pandeeswari, N., Kumar, G.: Anomaly detection system in cloud environment using fuzzy clustering based ANN. Mob. Netw. Appl. 21(3), 494–505 (2016)

    Article  Google Scholar 

  19. Lo, C.C., Huang, C.C., Ku, J.: A cooperative intrusion detection system framework for cloud computing networks. In: 2010 39th International Conference on Parallel Processing Workshops, pp. 280–284. IEEE (2010)

    Google Scholar 

  20. Di Pietro, R., Mancini, L.V.: Intrusion detection systems, vol. 38. Springer, Heidelberg (2008). https://doi.org/10.1007/978-0-387-77265-3

    Book  Google Scholar 

  21. Abeshu, A., Chilamkurti, N.: Deep learning: the frontier for distributed attack detection in fog-to-things computing. IEEE Commun. Mag. 56(2), 169–175 (2018)

    Article  Google Scholar 

  22. Kovanen, T., David, G., Hämäläinen, T.: Survey: intrusion detection systems in encrypted traffic. In: Galinina, O., Balandin, S., Koucheryavy, Y. (eds.) NEW2AN/ruSMART -2016. LNCS, vol. 9870, pp. 281–293. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-46301-8_23

    Chapter  Google Scholar 

  23. Sciancalepore, S., Oligeri, G., Di Pietro, R.: Strength of crowd (SOC)–defeating a reactive jammer in IoT with decoy messages. Sensors 18(10), 3492 (2018). Special Issue on Emerging Methodologies and Practical Solutions for M2M and D2D Communications in the Internet of Things Era

    Article  Google Scholar 

  24. Baktir, A.C., Ozgovde, A., Ersoy, C.: How can edge computing benefit from software-defined networking: a survey, use cases, and future directions. IEEE Commun. Surv. Tutor. 19(4), 2359–2391 (2017, Fourthquarter)

    Article  Google Scholar 

  25. Caprolu, M., Raponi, S., Di Pietro, R.: Fortress: an efficient and distributed firewall for stateful data plane SDN. Secur. Commun. Netw., 16 (2019)

    Google Scholar 

Download references

Acknowledgement

This publication was partially supported by awards NPRP-S-11-0109-180242, UREP23-065-1-014, and NPRP X-063-1-014 from the QNRF-Qatar National Research Fund, a member of The Qatar Foundation. The information and views set out in this publication are those of the authors and do not necessarily reflect the official opinion of the QNRF.

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Simone Raponi .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Raponi, S., Caprolu, M., Di Pietro, R. (2019). Intrusion Detection at the Network Edge: Solutions, Limitations, and Future Directions. In: Zhang, T., Wei, J., Zhang, LJ. (eds) Edge Computing – EDGE 2019. EDGE 2019. Lecture Notes in Computer Science(), vol 11520. Springer, Cham. https://doi.org/10.1007/978-3-030-23374-7_5

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-23374-7_5

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-23373-0

  • Online ISBN: 978-3-030-23374-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics