Fog node intrusion detection and response based on SVMIF and INSGA-II algorithm

Abstract

Read online

In fog computing environments, fog nodes serve as key components of edge networks, and their security is crucial for ensuring the stability and reliability of IoT applications. To safeguard the security of fog nodes, the research developed a network intrusion detection model that relies on support vector machine isolation forest. Additionally, modified particle swarm optimization was employed to optimize the model's parameters. To have a response behavior for protection when intrusion is detected, the study designed a fog node intrusion response method based on security policy decision and used improved non-dominated sorting genetic algorithms-II to select a more appropriate security decision. The results indicated that the detection rate of the research-designed intrusion detection model on the denial-of-service type was 94.4 % and 94.7 % on the training and test sets, respectively, and the average running time of the model was 58 ms. The average elapsed time of the improved non-dominated sorting genetic algorithm was 877 ms, and the average value of the inverted generational distance had an average value of 1.06 × 10−2, the maximum value of central processor utilization was 48.37 % and the maximum value of memory occupancy was 49.56 %. The intrusion detection model and response method designed by the research has good performance and can provide technical support for the security of fog nodes.

Keywords

• Support vector machine isolation forest
• Improved non-dominated sorting genetic algorithms-II
• Fog node
• Intrusion
• Detection
• Response