Tian Wang,Guangxue Zhang,Zakirul Alam Bhuiyan,Anfeng Liu,Weijia Jia,Mande Xie

DOI: https://doi.org/10.1016/j.future.2018.05.049

IF: 7.307

2020-01-01

Future Generation Computer Systems

Abstract:In recent years, Sensor–Cloud System (SCS) has become a hot research issue. In this system, there are some cyber security problems that can be well solved by the trust mechanism. However, there are still some deficiencies in existing trust mechanisms, especially for the SCS underlying structure. We proposed a fog-based hierarchical trust mechanism for these cyber security deficiencies. This hierarchical mechanism consists of two parts, trust in the underlying structure and trust between cloud service providers (CSPs) and sensor service providers (SSPs). For trust in the underlying structure, the behavior monitoring part is established and implemented in Wireless Sensor Networks (WSNs), and the fine-grained and complicated data analysis part is moved to the fog layer. For trust between CSPs and SSPs, it focuses more on the real-time comparison of service parameters, the gathering of exception information in WSNs, the targeted quantitative evaluation of entities and so on. The experimental results indicate that this fog-based hierarchical structure performs well in saving network energy, detecting malicious nodes rapidly and recovering misjudgment nodes in an acceptable delay. Furthermore, the reliability of edge nodes is well guaranteed by data analyses in the fog layer and an evaluation strategy based on similar service records is put forward.

Tian Wang,Yang Li,Weiwei Fang,Wenzheng Xu,Junbin Liang,Yewang Chen,Xuxun Liu

DOI: https://doi.org/10.1109/tbdata.2018.2811501

2022-01-01

IEEE Transactions on Big Data

Abstract:Nowadays, sensor-cloud systems have received wide attention from both academia and industry. Sensor-cloud system not only improves performances of wireless sensor networks (WSNs), but also combines different functional WSNs together to provide comprehensive services. However, a variety of malicious attacks threaten the sensor-cloud security, such as integrity, authenticity, availability and so on. Traditional available security mechanisms (e.g., cryptography and authentication) are still vulnerable. Although there are schemes to provide security by trust evaluation, the evaluation considers whether or not a sensor is credible only by checking the communication behaviors. Furthermore, when mobile sensor sinks are employed to collect sensing data, there appears a type of attacks called replicated sink attacks that are often ignored in the previous work. These attacks may bring serious vulnerability to trustworthy data collection in sensor-cloud systems. In this paper, we propose a comprehensive trustworthy data collection (CTDC) approach for sensorcloud systems. Three kinds of trust, i.e., direct trust, indirect trust, and functional trust are defined to evaluate the trustworthiness of both sensors and mobile sinks. Except for resisting malicious attacks, the performances of sensor-cloud, such as energy, transmission distance and network throughput are also considered. We also conduct extensive simulations to evaluate the efficiency of CTDC. The simulation results show that CTDC correctly identifies malicious nodes and offers an improved performance in the data collection.

Xiao Liu,Zhencai Tan,Li Liang,Gaoxiang Li

DOI: https://doi.org/10.1109/tii.2024.3449997

IF: 12.3

2024-01-01

IEEE Transactions on Industrial Informatics

Abstract:Nodes in fog computing are easily captured since they are generally resource-constraint and usually work in open and unprotected environments. In this article, a multidimensional trust fusion preference (MTFP) strategy is proposed to detect the malicious node, which mines and utilizes multiple factors that affect trust evaluation. First, the service rating gaps between the self-evaluation and other evaluation in a historical sliding window are calculated and differentially used to alleviate the behavior sparse problem of direct trust evaluation. In addition, a multiperspective weight algorithm is designed to improve the rationality of recommendation trust. Moreover, a reward and punishment factor are designed and incorporated into global trust calculation to enhance the reliability of trust evaluation. Compared with the existing mechanism model method of trust evaluation, the proposed MTFP strategy uses more node information, which can improve the detection precision and recall of malicious nodes at the same time. Finally, the experimental results validate the effectiveness of the proposed trust evaluation method.

Xiao Zhang,Youhuai Wang,Yong Cai,Yuxiong He,Xiaoming Chen,Shi Jin

DOI: https://doi.org/10.1109/icnisc57059.2022.00093

2022-01-01

Abstract:The Internet of Things has been integrated into every aspect of our modern life, intelligent IoT services and applications are booming, and massive amounts of data are generated every day, many of which contain private information. However, due to limited resources and limited computing power, IoT networks are vulnerable to various types of attacks. Therefore, it is crucial to protect the IoT network from adversarial attacks. In today's technology, applying deep learning to classify traffic is a very effective method. It also brings a problem. In a general cloud server architecture, training data needs to be transmitted to the cloud for processing and model training. The massive data transmission overhead will bring delays in transmission and response, as well as privacy leakage issues. Federated learning (FL) based on cloud-edge collaborative networks has received considerable attention, an emerging framework for training deep learning models from decentralized data. The system sends deep learning algorithms to all edges (data sources) at the same time, trains partial models at each edge, and aggregates these partial models into a learned overall model. User information is not uploaded to the cloud during the entire process. This paper adopts the federated learning framework to detect and classify network traffic attacks, and effectively protect user privacy data.

Tian Wang,Jiyuan Zhou,Minzhe Huang,Zakirul Alam Bhuiyan,Anfeng Liu,Wenzheng Xu,Mande Xie

DOI: https://doi.org/10.1016/j.future.2017.12.036

IF: 7.307

2018-01-01

Future Generation Computer Systems

Abstract:The recent emergence of cloud computing has drastically influenced everyone’s perception of infrastructure architectures, data transmission and other aspects. With the advent of both mobile networks and cloud computing, the computationally-intensive services are moving to the cloud, and the end user’s mobile device is used as an interface to access these services. However, cyber threats are also becoming various and sophisticated, which will endanger the security of users’ private data. In traditional service mode, users’ data is totally stored in the cloud, they lose the right of control on their data and face cyber threats such as data loss and malicious modification. To this end, we propose a novel cloud storage scheme based on fog computing. In our scheme, user’s private data is separately stored in the cloud and fog servers. By this way, the integrity, availability and confidentiality of user’s data can be ensured because the data is retrieved from cloud as well as fog, which is safer. We implement a system prototype and design a series of mechanisms. Extensive experiments results also validate the proposed scheme and methods.

Peyman Khordadpour,Saeed Ahmadi

DOI: https://doi.org/10.48550/arXiv.2305.16389

2023-05-26

Abstract:In recent times, I've encountered a principle known as cloud computing, a model that simplifies user access to data and computing power on a demand basis. The main objective of cloud computing is to accommodate users' growing needs by decreasing dependence on human resources, minimizing expenses, and enhancing the speed of data access. Nevertheless, preserving security and privacy in cloud computing systems pose notable challenges. This issue arises because these systems have a distributed structure, which is susceptible to unsanctioned access - a fundamental problem. In the context of cloud computing, the provision of services on demand makes them targets for common assaults like Denial of Service (DoS) attacks, which include Economic Denial of Sustainability (EDoS) and Distributed Denial of Service (DDoS). These onslaughts can be classified into three categories: bandwidth consumption attacks, specific application attacks, and connection layer attacks. Most of the studies conducted in this arena have concentrated on a singular type of attack, with the concurrent detection of multiple DoS attacks often overlooked. This article proposes a suitable method to identify four types of assaults: HTTP, Database, TCP SYN, and DNS Flood. The aim is to present a universal algorithm that performs effectively in detecting all four attacks instead of using separate algorithms for each one. In this technique, seventeen server parameters like memory usage, CPU usage, and input/output counts are extracted and monitored for changes, identifying the failure point using the CUSUM algorithm to calculate the likelihood of each attack. Subsequently, a fuzzy neural network is employed to determine the occurrence of an attack. When compared to the Snort software, the proposed method's results show a significant improvement in the average detection rate, jumping from 57% to 95%.

Cryptography and Security

Zhuoqun Xia,Gaohang Long,Bo Yin

DOI: https://doi.org/10.1007/s00500-020-05557-5

IF: 3.732

2021-01-16

Soft Computing

Abstract:Nowadays, the false data injection attack (FDIA), which can bring inestimable losses to smart grids, has become one of the most threatening cyber attacks in cyber physical systems. Previous studies for false data detection focused on state estimation, which require a huge computational overhead at the control center. In this paper, we propose a confidence-aware collaborative detection mechanism for false data attacks, which is a fast and lightweight scheme. Firstly, we propose a trust-based compromised PMU identification method, in order to identify malicious PMUs by monitoring behaviors of PMUs in a cycle. Secondly, we propose a voting-based detection method based on physical rules, in order to detect FDIA collaboratively. This method improves the detection rate while reducing the computational cost at control center. We also make extensive experiments on real-time data that are collected from the PowerWorld simulator. The experimental results show the efficiency and effectiveness of our proposed mechanism and methods.

computer science, artificial intelligence, interdisciplinary applications

Shuo Chen,Rongxing Lu,Jie Zhang

DOI: https://doi.org/10.48550/arxiv.1711.10190

2017-01-01

Abstract:The Internet of Thing (IoT) has been a hot topic in both research community and industry. It is anticipated that in future IoT, an enormous number of sensors will collect the physical information every moment to enable the control center making better decisions to improve the quality of service (QoS). However, the sensors maybe faulty and thus generate inaccurate data which would compromise the decision making. To guarantee the QoS, the system should be able to detect faulty sensors so as to eliminate the damages of inaccurate data. Various faulty sensor detection mechanisms have been developed in the context of wireless sensor network (WSN). Some of them are only fit for WSN while the others would bring a communication burden to control center. To detect the faulty sensors for general IoT applications and save the communication resource at the same time, an efficient faulty sensor detection scheme is proposed in this paper. The proposed scheme takes advantage of fog computing to save the computation and communication resource of control center. To preserve the privacy of sensor data, the Paillier Cryptosystem is adopted in the fog computing. The batch verification technique is applied to achieve efficient authentication. The performance analyses are presented to demonstrate that the proposed detection scheme is able to conserve the communication resource of control center and achieve a high true positive ratio while maintaining an acceptable false positive ratio. The scheme could also withstand various security attacks and preserve data privacy.

Bing Zhao,Kexin Zhang,Maciej Ogorzalek,Qing Gao,Jinhu Lu

DOI: https://doi.org/10.1109/ISCAS46773.2023.10182125

2023-01-01

Abstract:This paper analyzes the security problem of cloud control systems (CCSs), where a malicious false data injection (FDI) attacker may deteriorate the system performance by tampering with the measurements being transmitted. The CCS defender allocates defense budgets among nodes to ensure the safe operation of CCSs. The strategic interactions between the FDI attacker and the CCS defender are modeled as a Stackelberg game, and the optimal strategies for both sides are analyzed in the sense of Nash equilibrium. Numerical examples illustrate the main results of this paper.

Kai Peng,Victor C. M. Leung,Lixin Zheng,Shangguang Wang,Chao Huang,Tao Lin

DOI: https://doi.org/10.1155/2018/4680867

2018-01-01

Wireless Communications and Mobile Computing

Abstract:Fog computing, as the supplement of cloud computing, can provide low-latency services between mobile users and the cloud. However, fog devices may encounter security challenges as a result of the fog nodes being close to the end users and having limited computing ability. Traditional network attacks may destroy the system of fog nodes. Intrusion detection system (IDS) is a proactive security protection technology and can be used in the fog environment. Although IDS in tradition network has been well investigated, unfortunately directly using them in the fog environment may be inappropriate. Fog nodes produce massive amounts of data at all times, and, thus, enabling an IDS system over big data in the fog environment is of paramount importance. In this study, we propose an IDS system based on decision tree. Firstly, we propose a preprocessing algorithmto digitize the strings in the given dataset and then normalize the whole data, to ensure the quality of the input data so as to improve the efficiency of detection. Secondly, we use decision tree method for our IDS system, and then we compare this method with Naive Bayesian method as well as KNN method. Both the 10% dataset and the full dataset are tested. Our proposed method not only completely detects four kinds of attacks but also enables the detection of twenty-two kinds of attacks. The experimental results show that our IDS system is effective and precise. Above all, our IDS system can be used in fog computing environment over big data.

Haibin Guo,Zhong-Hua Pang,Chao Li

DOI: https://doi.org/10.1109/jas.2023.124086

2024-03-19

IEEE/CAA Journal of Automatica Sinica

Abstract:Dear Editor, This letter investigates a novel stealthy false data injection (FDI) attack scheme based on side information to deteriorate the multi-sensor estimation performance of cyber-physical systems (CPSs). Compared with most existing works depending on the full system knowledge, this attack scheme is only related to attackers' sensor and physical process model. The design principle of the attack signal is derived to diverge the system estimation performance. Next, it is proven that the proposed attack scheme can successfully bypass the residual-based detector. Finally, all theoretical results are verified by numerical simulation.

automation & control systems

Shin-Jer Yang,Hsiao-Ling Huang

DOI: https://doi.org/10.1109/icis46139.2019.8940313

2019-06-01

Abstract:Cloud computing is integrated lots of computing resources which are provided to users over the Internet on a Pay-As-You-Go mode. While multi-tenants and resources sharing are its advantages under the cloud computing environment, it also brings new risks in information security. One of the more difficult consequences of an attack is a flooding attack. This attack is to exhaust the network bandwidth and the computing resources of the server, causing the server to fail to provide services due to heavy workload and may affect the normal service. Other servers in the same infrastructure cause unpredictable losses. Based on the existing DDoS detection technology, this paper proposes a prevention mechanism based on feature selection and random forest classification models to detect hybrid flooding attacks, called HFADS. The HFADS scheme is mainly divided into three modules: (1) Resource Monitor Module (2) Data Features Selection Module (3) Machine Learning Evaluation Module. Based on the above three modules, we perform some simulations for HFADS to be compared with Mouhammd Alkasassbeh et al.'s method to detect flooding attacks of DDoS in terms of three KPIs including recall rate, accuracy rate and average processing time. The final experimental results indicate that HFADS can achieve 99.99% for UDP, 99.95% for ICMP and 99.99% for HTTP in recall rate, 99.98% in accuracy rate and 65.34 seconds in average processing time. Consequently, the proposed HFADS is more effective and efficient than Mouhammd Alkasassbeh et al.'s method for the identification of hybrid flooding attacks.

Jiawei Zhang,Teng Li,Zuobin Ying,Jianfeng Ma

DOI: https://doi.org/10.1109/tcc.2022.3147226

IF: 5.697

2022-01-01

IEEE Transactions on Cloud Computing

Abstract:Cloud-Fog-Assisted Internet-of-Things (IoT) is a convincing paradigm to provide users with on-demand and low-latency services through Fog nodes in the edge of multiple clouds (Multi-Cloud). Multi-Cloud is a scalable multi-domain service-oriented net-centric system and can respond to complicated user requirements leveraging Multi-Cloud Service Composition (MCSC). However, in MCSC, user security can be easily compromised by untrusted and curious cloud service providers that may collect and violate the privacy and other essential assets of cloud users. Although many trust-based MCSC solutions have been proposed to seek a trustworthy composite service with highest trust level, most of them are vulnerable to malicious users intending to break through the clouds and inflict serious data leakage or asset damage. Considering these security concerns on both malicious users and untrusted service providers, in this article, we present a trust-based secure multi-cloud collaboration framework for Cloud-Fog-Assisted IoT systems. Specifically, to guarantee the security of users, we develop a role-based trust evaluation method to enhance the trustworthiness of MCSC. To preserve the security of services, we design an efficient user authentication scheme and a secure collaboration scheme to provide collaborative user authentication and access control mechanism for MCSC. We develop a proof of concept implementation for our framework and demonstrate its practicability by performance evaluation with extensive experiments.

computer science, information systems, theory & methods

Shuqing He,Bo Cheng,Haifeng Wang,Xuelian Xiao,Yunpeng Cao,Junliang Chen

DOI: https://doi.org/10.1109/infcomw.2018.8406927

2018-04-01

Abstract:With the scale of big data increasing in large-scale IoT application, fog computing is a recent computing paradigm that is extending cloud computing towards the edge of network in the field. There are a large number of storage resources placed on the edge of the network to form a geographical distributed storage system in fog computing system (FCS). It is used to store the big data collected by the fog computing nodes and to reduce the management costs for moving big data to the cloud. However, the storage of fog nodes at the edge of the network faces a direct attack of external threats. In order to improve the security of the storage of fog nodes in FCS, in this paper, we proposed a data security storage model for fog computing (FCDSSM) to realize the integration of storage and security management in large-scale IoT application. We designed a detail of the FCDSSM system architecture, gave a design of the multi-level trusted domain, cooperative working mechanism, data synchronization and key management strategy for the FCDSSM. Experimental results show that the loss of computing and communication performance caused by data security storage in the FCDSSM is within the acceptable range, and the FCDSSM has good scalability. It can be adapted to big data security storage in large-scale IoT application.

Mingfeng Huang,Zhetao Li,Fu Xiao,Saiqin Long,Anfeng Liu

DOI: https://doi.org/10.1109/tdsc.2023.3285927

2024-01-01

IEEE Transactions on Dependable and Secure Computing

Abstract:Edge-cloud networks face security threats during data collection, data routing, and service construction, resulting in data tampering, stealing, and communication interruption. Trust mechanism can predict data quality and cooperation probability of nodes before purchasing data or establishing cooperation, so as to select trusted participants for data perception and interaction. However, there are some problems with existing trust methods, such as limited evaluation scope, incomplete trust evidence, and inaccurate evaluation results. To address these issues, a Trust mechanism-based Multi-Tier Computing system (TMTC) is proposed in this paper. Specifically, we propose a two-tier trust evaluation model. At the data collection layer, it conducts trust evaluation on data reporters based on data submission and communication interactions. At the network layer, it evaluates trust of routers through path backtracking verification, multi-service analysis and coincident path analysis. Then, based on evaluation results, a differentiated trust detection is initiated for normal and abnormal nodes. And high-frequency detection tasks are initiated for malicious nodes to improve accuracy, sparse detection tasks are initiated for normal nodes to reduce costs. Finally, extensive experiments conducted on the synthetic and real-world datasets demonstrate that, TMTC can resist data tampering and good-bad mouth attacks effectively. And whether in a dense or uniform scene, it outperforms two benchmark methods by increasing malicious node detection rate by 13.37%-21.87% and reducing cost by 18.8%-50.32%.

Fu Shiming,Zhang Ping,Shi Xuehong

DOI: https://doi.org/10.23919/jcc.fa.2022-0616.202405

2024-05-24

China Communications

Abstract:Traditional wireless sensor networks (WSNs) are typically deployed in remote and hostile environments for information collection. The wireless communication methods adopted by sensor nodes may make the network highly vulnerable to various attacks. Traditional encryption and authentication mechanisms cannot prevent attacks launched by internal malicious nodes. The trust-based security mechanism is usually adopted to solve this problem in WSNs. However, the behavioral evidence used for trust estimation presents some uncertainties due to the open wireless medium and the inexpensive sensor nodes. Moreover, how to efficiently collect behavioral evidences are rarely discussed. To address these issues, in this paper, we present a trust management mechanism based on fuzzy logic and a cloud model. First, a type-II fuzzy logic system is used to preprocess the behavioral evidences and alleviate uncertainty. Then, the cloud model is introduced to estimate the trust values for sensor nodes. Finally, a dynamic behavior monitoring protocol is proposed to provide a balance between energy conservation and safety assurance. Simulation results demonstrate that our trust management mechanism can effectively protect the network from internal malicious attacks while enhancing the energy efficiency of behavior monitoring.

telecommunications

WEIJIE LIU,YONGJUN ZHU,WOOJU KIM,HAKJIN KIM,P. SURESH KUMAR,Dimitrios Damopoulos,Georgios Kambourakis,Marios Anagnostopoulos,Yuan Tian,Biao Song,Eui-nam Huh,Wei Tang,Doan Man Nguyen,Jun Young Park,Sang Ho Na,Tian yiμan,Eui-Nam Huh,Bofeng Zhang,Jianxing Zheng,Jianhua Ma,Yinsheng Li,Guobing Zou,Jongik Kim,Eunseok Lee,Yun Won Chung,Byoungwook Kim,HeonChang Yu,EunYoung Lee,Rize Jin,Tae-Sun Chung,Tien Dung,Eui Nam,NGUYEN DOAN MAN,JUN-YOUNG PARK,NA SANG-HO,TIAN YUAN

2012-01-01

Abstract:Intrusion Detection Systems (lDSs), nowadays, critically becomes an important security component in the novel commercial computing models to detect malicious behaviors timely and protect either network infrastructure or individual hosts from the serious damage of attacks. For Cloud Computing, various application scenarios and complexity at a higher level make the traditional IDS approaches difficult to find out the actual threats from the novel multi-step attacks, which stem from the new vulnerabilities of Cloud environments. Therefore, information about novel attack scenarios is an urgent requirement to operate IDSs built in Cloud Computing more efficiently and accurately. This paper focuses on developing a data mining-based approach to construct new attack scenarios from the sequences of low-level alerts gathered from multiple traditional IDSs. In addition, an Attack Signature Exchange (ASE) model between Interconnect Clouds in a Collaborative Cloud Computing environment which is considered as a prior knowledge exchange is also presented. Key-words: Intrusion Detection System, Cloud Computing, Attack scenario, Attack Signature, Collaborative Cloud

Tailin Zhou,Kaishun Xiahou,L. L. Zhang,Q. H. Wu

DOI: https://doi.org/10.1109/tii.2020.3048386

IF: 12.3

2021-01-01

IEEE Transactions on Industrial Informatics

Abstract:This article studies the online detection of false data injection attacks (FDIAs) and coordinated cyber-physical attacks (CCPAs) on power systems. By analyzing the hidden physical meaning of CCPAs, a cyber-physical FDIA with CCPA as a special case is proposed to establish the connection between FDIA and CCPA. Based on a discrete-time system dynamic model, an adaptive nonparametric cumulative sum (AN-CUSUM) detector is devised to deal with FDIAs and CCPAs simultaneously. The AN-CUSUM algorithm estimates the abnormal change of the state vector caused by attacks one step in advance and standardizes the decision statistics of conventional cumulative sum (CUSUM) to simplify the setting of thresholds. The proposed detector is robust to a wide range of time-varying system states and attack magnitudes. Moreover, a verification method is designed in the proposed detector to differentiate CCPAs and FDIAs according to unique characteristics of CCPAs, namely, the construction of CCPAs depends on the physical system parameter. Numerical results reveal that the proposed detector is more reliable to detect both FDIAs and CCPAs than existing CUSUM-based methods.

Jinxing Hua,Fei Hao

DOI: https://doi.org/10.1016/j.isatra.2022.06.015

Abstract:This article investigates a security problem in cyber-physical systems under multisensory framework. Data packets from each sensor are transmitted to a remote estimator through wireless channels which could be attacked by a attacker and injected false data. Based on the data of reliable sensors and the relativity between reliable and unreliable sensors, a revised multi-sensor Kalman filter fusion algorithm is proposed. Under the proposed algorithm, an optimal linear false data injection attack strategy which is more general with an arbitrary mean of Gaussian distribution is designed. To further improve the detection performance, an Expected SARSA-based attack detection algorithm is proposed. Finally, simulation results based on an unmanned aerial vehicle are provided to illustrate the feasibility and efficiency of the obtained results.

Haozhen Wang,Yuhang Wang,Yuanming Wu

DOI: https://doi.org/10.1016/j.engappai.2024.109248

2024-01-01

Abstract:—The Internet of Things (IoT) technology is now ubiquitous in both daily life and industrial production. Wireless Sensor Networks (WSNs) are a crucial part of the IoT infrastructure, providing the underlying network. However, WSNs are vulnerable to attacks due to challenging environmental conditions and their open communication nature. One particularly elusive threat is the selective forwarding attack, where malicious nodes intentionally drop parts or all of the received data packets, causing information loss and delays. This paper addresses the transition from the limited resources of central processing units (CPUs) to the expansive capabilities of cloud platforms within the IoT framework. By harnessing the robust computing power of cloud platforms, we investigate the effectiveness of the Time Convolution Network (TCN) time series prediction algorithm in detecting malicious nodes. Comparative results demonstrate that our proposed scheme achieves a Miss Detection Rate (MDR) of below 1% and a False Detection Rate (FDR) of less than 5%.