Department of Information Engineering, University of Florence, 50139 Firenze, Italy.
Dipartimento di Elettronica e Informazione, Politecnico di Milano, 20133 Milano, Italy.
Sensors (Basel). 2019 Sep 29;19(19):4235. doi: 10.3390/s19194235.
The Internet of Things (IoT) context brings new security issues due to billions of smart end-devices both interconnected in wireless networks and connected to the Internet by using different technologies. In this paper, we propose an attack-detection method, named Data Intrusion Detection System (DataIDS), based on real-time data analysis. As end devices are mainly resource constrained, Fog Computing (FC) is introduced to implement the DataIDS. FC increases storage, computation capabilities, and processing capabilities, allowing it to detect promptly an attack with respect to security solutions on the Cloud. This paper also considers an attack tree to model threats and vulnerabilities of Fog/IoT scenarios with heterogeneous devices and suggests countermeasure costs. We verify the performance of the proposed DataIDS, implementing a testbed with several devices that measure different physical quantities and by using standard data-gathering protocols.
物联网(IoT)环境由于数十亿个智能终端设备通过无线网络相互连接,并使用不同技术连接到互联网,因此带来了新的安全问题。在本文中,我们提出了一种基于实时数据分析的攻击检测方法,名为 DataIDS。由于终端设备主要受到资源限制,因此引入雾计算(FC)来实现 DataIDS。FC 增加了存储、计算能力和处理能力,使其能够及时检测到针对云安全解决方案的攻击。本文还考虑了攻击树,以对具有异构设备的雾/物联网场景的威胁和漏洞进行建模,并提出了对策成本。我们通过使用标准的数据收集协议,在具有测量不同物理量的多个设备的测试台上验证了所提出的 DataIDS 的性能。
