Towards security and resource efficiency in fog computing networks
Hoseinpur, Farhood (2022-12-02)
Väitöskirja
Hoseinpur, Farhood
02.12.2022
Lappeenranta-Lahti University of Technology LUT
Acta Universitatis Lappeenrantaensis
School of Engineering Science
School of Engineering Science, Tietotekniikka
Kaikki oikeudet pidätetään.
In reference to IEEE copyrighted material which is used with permission in this thesis, the IEEE does not endorse any of Lappeenranta-Lahti University of Technology LUT's products or services. Internal or personal use of this material is permitted. If interested in reprinting/republishing IEEE copyrighted material for advertising or promotional purposes or for creating new collective works for resale or redistribution, please go to http://www.ieee.org/publications_ standards/publications/rights/rights_link.html to learn how to obtain a License from RightsLink.
In reference to IEEE copyrighted material which is used with permission in this thesis, the IEEE does not endorse any of Lappeenranta-Lahti University of Technology LUT's products or services. Internal or personal use of this material is permitted. If interested in reprinting/republishing IEEE copyrighted material for advertising or promotional purposes or for creating new collective works for resale or redistribution, please go to http://www.ieee.org/publications_ standards/publications/rights/rights_link.html to learn how to obtain a License from RightsLink.
Julkaisun pysyvä osoite on
https://urn.fi/URN:ISBN:978-952-335-886-7
https://urn.fi/URN:ISBN:978-952-335-886-7
Tiivistelmä
The Internet of Things plays a crucial role in digitalising services in many domains directly affecting humans’ day-to-day lives. However, with immense digitalisation, the Big Data phenomenon has become a critical issue. Big Data is, in general, characterized by five major features, including Volume, Velocity, Value, Veracity, and Variety, which are known as the 5 Vs of Big Data. In addition to its general characteristics, a new feature, i.e., geo-distribution, is also introduced by emerging IoT applications. These characteristics demand robust computing services for managing Big Data. Geo-distribution of Big Data and IoT services necessitates deploying computing services already at the network’s edge. Hence, fog computing, a geographically distributed computing platform, was introduced to provide local computing services for IoT applications. However, because of its limited resources, i.e., computing, storage, energy, and bandwidth, fog computing faces challenges concerning implementing strong security measures.
This dissertation explores how to enhance security and privacy in fog computing by designing lightweight and efficient intrusion detection systems (IDS) to detect and prevent malicious attacks on IoT services. Furthermore, how to efficiently utilize computing resources in fog computing to enhance the quality of services and effectively facilitate the deployment of security mechanisms. The dissertation comprises five studies that employed a portfolio of research methods, including conceptualisation, proof of concept, and simulation modelling.
The contribution of this thesis is threefold. First, the dissertation proposes solutions to enhance and tailor anomaly-based IDS inspired by the biological immune system to detect network intrusions in the IoT efficiently. As a result, a new lightweight architecture, including an extra layer of protection called the innate immune system, was proposed, and a proof of concept was presented. Second, it proposes a security framework to manage the trust levels of the device nodes that join the computing pool in the fog network and control their access to processing data with different levels of criticality. Third, it proposes solutions for efficiently managing and utilizing the limited resources in fog computing. This includes the introduction of a concept called Smart Data that aims to reshape the existing perspective of Big Data computing from a passive to an active form. Further, the dissertation presents a resource management model and algorithms to efficiently map multi-task applications into fog computing networks to reduce communication delays and enhance the quality of service.
This dissertation explores how to enhance security and privacy in fog computing by designing lightweight and efficient intrusion detection systems (IDS) to detect and prevent malicious attacks on IoT services. Furthermore, how to efficiently utilize computing resources in fog computing to enhance the quality of services and effectively facilitate the deployment of security mechanisms. The dissertation comprises five studies that employed a portfolio of research methods, including conceptualisation, proof of concept, and simulation modelling.
The contribution of this thesis is threefold. First, the dissertation proposes solutions to enhance and tailor anomaly-based IDS inspired by the biological immune system to detect network intrusions in the IoT efficiently. As a result, a new lightweight architecture, including an extra layer of protection called the innate immune system, was proposed, and a proof of concept was presented. Second, it proposes a security framework to manage the trust levels of the device nodes that join the computing pool in the fog network and control their access to processing data with different levels of criticality. Third, it proposes solutions for efficiently managing and utilizing the limited resources in fog computing. This includes the introduction of a concept called Smart Data that aims to reshape the existing perspective of Big Data computing from a passive to an active form. Further, the dissertation presents a resource management model and algorithms to efficiently map multi-task applications into fog computing networks to reduce communication delays and enhance the quality of service.
Kokoelmat
- Väitöskirjat [1037]