Research On Intrusion Prevention Model And Algorithm In Fog Computing Environment

Fog computing extends cloud services to the edge of the network,enabling services that require low-latency services and real-time delivery of content.The fog nodes located at the edge of the network are characterized by wide geographical distribution,complex network environment and limited resources,and are vulnerable to intrusion from external intruders.Once the fog node is invaded,it will be difficult to continue to provide users with reliable low-latency services.Therefore,how to effectively prevent the invasion under the fog computing environment has become an important research content in the field of fog computing.In terms of fog computing intrusion prevention,there are problems to be solved as follows.Firstly,the limited resource of the fog node makes the fog-intrusion prevention system difficult to deploy.Secondly,the intrusion process occurring on the fog node is difficult to be accurately detected;again,the security state of the geographically distributed deployment fog node is difficult to be clouded.The server effectively monitors;finally,the fog computing system lacks an intrusion response strategy that effectively addresses external intrusions.In view of the above problems,this paper focuses on the intrusion prevention related models and algorithms in the fog computing environment.First,a general Fog Computing Intrusion Prevention System(FC-IPS)is proposed.Based on the architecture,using sample screening-extreme learning machine,FNFS filtering strategy,unascertained measure,differential game theory,in-depth research on intrusion detection,node security monitoring,intrusion response,etc.in fog computing environment,the main work and innovative results are summarized as follows:1)This thesis proposes a general fog computing intrusion prevention system architecture.The intrusion prevention system architecture has a 6-layer structure,including the functional modules involved in the fog intrusion prevention process.Based on the theory of stochastic differential equations,this paper establishes the FC-IPS resource constrained deterministic model and the FC-IPS resource constrained model with random perturbation.Through the solution and analysis of the two models,it is clarified how FC-IPS can rationally utilize resources on resource-limited fog nodes to ensure the safety of fog computing.2)A fog compuing intrusion detection metric model is proposed.Combined with the special requirements of intrusion detection in fog computing environment,the fog intrusion detection is reasonably measured from the dimensions of accuracy,training real-time and living space.Based on this model,a fog-based intrusion detection algorithm based on sample screening-extreme learning machine is proposed for fog computing deployment.The process of sample screening is introduced to optimize the external rights in the learning process.The algorithm is applied as an intrusion detection algorithm on the fog node to achieve efficient intrusion detection on data from the fog node.3)A FNFS data filtering strategy and sliding window mechanism for Skyline query are proposed to realize real-time monitoring of the security status of the fog node.The FNFS data filtering policy is deployed on the fog node,and the sliding window mechanism is executed on the cloud server.Based on FNFS data filtering strategy,sliding window mechanism and unascertained measure method,a perfect fog state security state monitoring method is formed.Through the fog node security state monitoring method proposed in this paper,the cloud server can discover the fog nodes with serious security threats in the fog cluster in real time,so as to further take security protection measures.4)An intrusion response strategy model based on differential game theory is proposed.This thesis defines the system benefits and intrusion benefits of fog clusters and intruders by modeling fog clusters and intruders.The model focuses on the system security status of the fog cluster.By solving the Nash equilibrium solution of the model,the optimal intrusion response strategy of the fog cluster is obtained.