Key Technologies For Data Security In Fog Computing Environments

With the development of mobile smart devices and wireless network technology,more and more date is generated and distributed in the network.However,the explosive growth of data traffics also brings new challenges to the network environment.The traditional cloud computing paradigm can hardly satisfy the requirements of heterogeneous,low latency and intensive network access.By extending the cloud to the edge of the network,fog computing solves the problems of cloud computing,such as location awareness,low latency,geographical distribution,supporting for mobility and so on.On the one hand,since fog computing is deployed the edge of the network which is close to the users,the complex application environment and variety services make a challenge to data reliability.The better protection technologies to enhace the stability and reliability of fog computing are needed.On the other hand,data in fog computing is faced with a variety of security threats.The general data security mechanism is difficult to resist malicious intrusion and destruction,which need the new data security technoloty to deal with.In this thesis,using complex network theory,differential game theory and hypergraph theory as mathematical tools,we will research the fog computing model,system security robustness,intrusion detection technology,malware propagation model,key management scheme,and other aspects.The main works and innovative results are summarized as follows:(1)A hybrid BA and ER model based on complex network of fog comouting is presented.According to the evolution process of fog computing,a hyrid model based on BA scale-free network and ER random network is used to analyze the characteristics of the network.An accurate formula which is proposed to describle the structure and function changes of fog computing under the random attack and intentional attack are studied.The formula provides a general framework for analyzing the robustness of fog computing,which is instructive to ensure the security of fog computing data and to construct the fog computing network.(2)A game theoretic framework for IDS in fog computing is proposed.The IDS problem in fog computing is formulated as a differential game mode,in which the detection rate and false alarm rate of the IDS are considered.An optimal decision of fog computing intrusion detection based on differential game is proposed,which ensures the security of fog computing,and reduces energy consumption at the same time.By solving the feedback Nash equilibrium,the optimal strategies and the interacion between the defender and the malicious user in IDS are analyzed.The energy consumed by the optimal strategy compared to the static strategy is also studied.The simulation results the energy consumption in the proposed optimal strategy is significantly lower than the static strategy.(3)A differential game theoretic framework for malware propagation in fog computing is proposed.Based on epidemic dynmaics model,a security strategy for fog computing is modeled.According to their own characteristics,the states of fog nodes can be classified into four classes,which are Class S(Susceptible),Class I(Infectious),Class R(Recovered)and Class D(Dead).Based on differential game theroty,a dynamic malware propagation model is build to analyze the interacions between fog computing and malware.By solving the saddle-point solutions,the optimal strategy of energy consumption is analyzed.Experimental results show that the dynamic optimal strategies greatly reduce the overall cost of the fog system comparing the static optimal strategies,and inhibit the spread of malware.(4)A key management framework based on key hypergraph is presented.In order to solve the problem of the limitation of computation resource and storage capacity,the key hypergraph is used to match the network topokogy and reduce the cost of key update.Based on the three-tier fog architecture,the fog computing network is divided into Cloud-Fog subnetwork and Fog-User subnetwork.The key management processes are designed to satisfy the operational and security requirements of fog computing,which can ensure the forward and backward security,and also make the computation and storage of keys easy to be implemented.