Identification of a Malicious Optical Edge Device in the SDN-Based Optical Fog/Cloud Computing Network
-
Sandeep K. Sood
Abstract
Software-defined networking (SDN) and optical transmission are the most cost-effective technologies for implementing high-bandwidth-based communication in the fog/cloud computing environment. The passive optical network uses optical line terminals and optical network units as optical edge devices (OEDs) to deliver fog/cloud-based services effectively. The security of such OEDs is one of the key issues for successful implementation of fog/cloud computing over the SDN-based optical network. The main security challenge is to detect and prevent the malicious OED that transmitting abusing data-frames in the SDN-based optical fog/cloud computing network. An OED can be easily hacked by the attacker to launch intrusive attacks those affect the quality of service of the optical channel. In this paper, a secure framework is proposed for identifying malicious OED in the fog/cloud computing over the SDN-based optical network. It identifies the malicious OED and shifts it to the honeypot to mitigate and analyze the attack. It uses two-stage hidden Markov model (HMM), intrusion detection system (IDS)-based fog manager and an optical virtual honeypot device (OVHD). A two-stage HMM is effectively used to reduce the false alarms of IDS in the identification of malicious OED and shifting it onto the OVHD. The OVHD is created in the SDN-based optical network by using the concept of free-available-resource and optical network virtualization. The proposed OVHD logs all malicious activities as well as attacker’s path for preventing future attacks. In order to validate the proposed framework, the simulation of two-stage HMM is implemented in MATLAB and mitigation impacts of the internal attacks are studied by using iFogSim toolkit. The results show the effectiveness of the proposed framework.
References
1. Satyanarayanan M, Simoens P, Xiao Y, Pillai P, Chen Z, Ha K, Hu W, Amos B. Edge analytics in the internet of things. IEEE Pervasive Comput. 2015;14:24–31.10.1109/MPRV.2015.32Suche in Google Scholar
2. Dastjerdi AV, Buyya R. Fog computing: helping the internet of things realize its potential. Computer. 2016;49:112–116.10.1109/MC.2016.245Suche in Google Scholar
3. Nunes BA, Mendonca M, Nguyen X-N, Obraczka K, Turletti T. A survey of software-defined networking: past, present, and future of programmable networks. IEEE Commun Surv Tutorials. 2014;16:1617–1634.10.1109/SURV.2014.012214.00180Suche in Google Scholar
4. Yan Q, Yu FR, Gong Q, Li J. Software-defined networking (sdn) and distributed denial of service (ddos) attacks in cloud computing environments: a survey, some research issues, and challenges. IEEE Commun Surv Tutorials. 2016;18:602–622.10.1109/COMST.2015.2487361Suche in Google Scholar
5. Farhady H, Lee H, Nakao A. Software-defined networking: a survey. Computer Networks. 81:79–95, 2015.10.1016/j.comnet.2015.02.014Suche in Google Scholar
6. Sood SK, Singh KD. An optical-fog assisted eeg-based virtual reality framework for enhancing e-learning through educational games. Comput Appl Eng Educ. 2018;1–12. DOI:10.1002/cae.21965Suche in Google Scholar
7. Dye SM, Scarfone K. A standard for developing secure mobile applications. Comput Stand Interfaces. 2014;36:524–530.10.1016/j.csi.2013.09.005Suche in Google Scholar
8. Banerjee A, Park Y, Clarke F, Song H, Yang S, Kramer G, Kim K, Mukherjee B. Wavelength-division-multiplexed passive optical network (wdm-pon) technologies for broadband access: a review. J Opt Networking. 2005;41:737–758.10.1364/JON.4.000737Suche in Google Scholar
9. Keromytis AD, Stolfo SJ. Systems, methods, and media for generating bait information for trap-based defenses. 2014, uS Patent 8,819,825.Suche in Google Scholar
10. Bonomi F, Milito R, Zhu J, Addepalli S. Fog computing and its role in the internet of things. In: Proceedings of the first edition of the MCC workshop on Mobile cloud computing, 13-16. ACM, 2012.10.1145/2342509.2342513Suche in Google Scholar
11. Develder C, De Leenheer M, Dhoedt B, Pickavet M, Colle D, De Turck F, Demeester P. Optical networks for grid and cloud computing applications. Proc IEEE, 2012;100:1149–1167.10.1109/JPROC.2011.2179629Suche in Google Scholar
12. Channegowda M, Nejabati R, Simeonidou D. Software-defined optical networks technology and infrastructure: Enabling software-defined optical network operations. J Opt Commun Networking. 2013;50:A274–A282.10.1364/JOCN.5.00A274Suche in Google Scholar
13. Jalali F, Hinton K, Ayre R, Alpcan T, Tucker RS. Fog computing may help to save energy in cloud computing. IEEE J Sel Areas Commun. 2016;34:1728–1739.10.1109/JSAC.2016.2545559Suche in Google Scholar
14. Yang H, Zhang J, Ji Y, Tan Y, Lin Y, Han J, Lee Y. Performance evaluation of data center service localization based on virtual resource migration in software defined elastic optical network. Opt Express. 2015;238:23 059–23 071.10.1364/OE.23.023059Suche in Google Scholar PubMed
15. Satyanarayanan M. The emergence of edge computing. Computer. 2017;50:30–39.10.1109/MC.2017.9Suche in Google Scholar
16. Sood SK, Singh KD. SNA based resource optimization in optical network using fog and cloud computing. Opt Switching Networking. 2017. DOI:10.1016/j.osn.2017.12.007.Suche in Google Scholar
17. Stojmenovic I, Wen S. The fog computing paradigm: Scenarios and security issues. in Computer Science and Information Systems (FedCSIS), 2014 Federated Conference on:1–8, IEEE, 2014.Suche in Google Scholar
18. A. Harris, M. K. Al Akkoumi, and J. J. Sluss. A comparison of passive optical network security. In Data Mining, Intrusion Detection, Information Security and Assurance, and Data Networks Security 2009, vol. 7344, International Society for Optics and Photonics, 2009.Suche in Google Scholar
19. Sohal AS, Sandhu R, Sood SK, Chang V. A cybersecurity framework to identify malicious edge device in fog computing and cloud-of-things environments. Comput Secur. 2017. DOI:https://doi.org/10.1016/j.cose.2017.08.016.Suche in Google Scholar
20. Contreras LM, López V, De Dios OG, Tovar A, Muñoz F, Azañón A, Fernandez-Palacios JP, Folgueira J. Toward cloud-ready transport networks. IEEE Commun Mag. 2012;50:48–55.10.1109/MCOM.2012.6295711Suche in Google Scholar
21. Stolfo SJ, Salem MB, Keromytis AD. Fog computing: mitigating insider data theft attacks in the cloud. In: 2012 IEEE Symposium on Security and Privacy Workshops (SPW), 125-128. IEEE, 2012.Suche in Google Scholar
22. Ni J, Zhang K, Lin X, Shen X. Securing fog computing for internet of things applications: Challenges and solutions. IEEE Commun Surv Tutorials. 2017;20:601–628.10.1109/COMST.2017.2762345Suche in Google Scholar
23. Yan Q, Huang W, Luo X, Gong Q, Yu FR. A multi-level ddos mitigation framework for the industrial internet of things. IEEE Commun Mag. 2018;56:30–36.10.1109/MCOM.2018.1700621Suche in Google Scholar
24. An X, Zhou X, Lü X, Lin F, Yang L. Sample selected extreme learning machine based intrusion detection in fog computing and mec. Wirel Commun Mobile Comput. 2018. DOI:https://doi.org/10.1155/2018/7472095.Suche in Google Scholar
25. Li G, Wu J, Li J, Guan Z, Guo L. Fog computing-enabled secure demand response for internet of energy against collusion attacks using consensus and ace. IEEE Access. 2018;6:11278–11 288.10.1109/ACCESS.2018.2799543Suche in Google Scholar
26. Fok MP, Wang Z, Deng Y, Prucnal PR. Optical layer security in fiber-optic networks. IEEE Trans Inf Forensics Secur. 2011;6:725–736.10.1109/TIFS.2011.2141990Suche in Google Scholar
27. Peng S, Nejabati R, Simeonidou D. Role of optical network virtualization in cloud computing. J Opt Commun Networking. 2013;50:162–170.10.1364/JOCN.5.00A162Suche in Google Scholar
28. Horvath T, Malina L, Munster P. On security in gigabit passive optical networks. In: 2015 International Workshop on Fiber Optics in Access Network (FOAN), 51-55. IEEE, 2015.10.1109/FOAN.2015.7320479Suche in Google Scholar
29. Hu X, Yang X, Shen Z, He H, Hu W, Bai C. Chaos-based partial transmit sequence technique for physical layer security in ofdm-pon. IEEE Photonics Technol Lett. 2015;273:2429–2432.10.1109/LPT.2015.2466092Suche in Google Scholar
30. Zhang H, Wang Y, Chen H, Zhao Y, Zhang J. Exploring machine-learning-based control plane intrusion detection techniques in software defined optical networks. Opt Fiber Technol. 2017;39:37–42.10.1016/j.yofte.2017.09.023Suche in Google Scholar
31. Gill HS, Gill SS, Bhatia KS. A novel approach for physical layer security in future-generation passive optical networks. Photonic Network Commun 2017;1–10.10.1007/s11107-017-0738-4Suche in Google Scholar
32. Lim K, Ko H, Suh C, Rhee J-K. Security analysis of quantum key distribution on passive optical networks. Optics Express. 2017;250:11894–11 909.10.1364/OE.25.011894Suche in Google Scholar PubMed
33. Hu F, Hao Q, Bao K. A survey on software-defined network and openflow: From concept to implementation. IEEE Commun Surv Tutorials. 2014;16:2181–2206.10.1109/COMST.2014.2326417Suche in Google Scholar
34. Ifogsim Available at: https://air.imag.fr/index.php/IFogSim. Accessed: 25 May 2018.Suche in Google Scholar
© 2018 Walter de Gruyter GmbH, Berlin/Boston
Artikel in diesem Heft
- Frontmatter
- Amplifiers
- Experimental, Characterization and Optimization of the Pumping Power of an EDFA by a QPDSF Configuration
- Study of Chaos Control of a Dual-Ring Erbium-Doped Fiber Laser Using Parameter Method
- Devices
- Low Input Power an All Optical 4 × 2 Encoder based on Triangular Lattice Shape Photonic Crystal
- Effect of Multiwalled Carbon Nanotube Reinforcement on the Opto-Electronic Properties of Polyaniline/c-Si Heterojunction
- Design and simulation of an all optical 8 to 3 binary encoder based on optimized photonic crystal OR gates
- Investigation of 2D-PC Ring Resonator-Based Demultiplexer for ITU-T G.694.1 WDM Systems
- Concave Rectangle Photonic Crystal Ring Resonator for Ultra-Fast All-Optical Modulation
- Soliton Pulse Generation for WDM-Based Free Space Optics Communication Using Microring Resonators
- Fibers
- Theory of Dispersion Reduction in Plastic Optical Gratings Fiber
- Efficient Routing Strategies of N × N RM-OXC Using C Band Based on T-FBG and OC
- Backbone Optical Fiber Analysis at 1310 nm and 1550 nm
- Networks
- Investigation of Blocking Performance in GMPLS Networks
- Identification of a Malicious Optical Edge Device in the SDN-Based Optical Fog/Cloud Computing Network
- Receiver
- New Structure of CCR with an AOANN Threshold
- Performance Enhancement of HAP-Based Relaying M-PPM FSO System Using Spatial Diversity and Heterodyne Detection Receiver
- Systems
- Review of LiFi Technology and Its Future Applications
- The Improved Optical Heterodyne Scheme for RoF Systems Based on Optical Carrier Suppression and Optical Injection Locking Techniques
- Effect of External Perturbation and System Parameters on Optical Secure Communication Models
- Development and Performance Improvement of a New Two-Dimensional Spectral/Spatial Code Using the Pascal Triangle Rule for OCDMA System
- Theory
- A Heavy Load Optimized Dynamic Bandwidth Allocation Algorithm for Hybrid WDM/TDM VPONs
- Effects of Sandstorms on Vehicular-to-Road Visible-Light Communication
- Estimation of Signal-to-Cross Talk Ratio of Stimulated-Raman-Scattering-Induced Cross Talk in Wavelength-Division-Multiplexing-Based Radio-over-Fiber Links
- Intelligent Requests Algorithm Based Scheduling and Efficient Dynamic Bandwidth Allocation to Improve QoS for EPONs
Artikel in diesem Heft
- Frontmatter
- Amplifiers
- Experimental, Characterization and Optimization of the Pumping Power of an EDFA by a QPDSF Configuration
- Study of Chaos Control of a Dual-Ring Erbium-Doped Fiber Laser Using Parameter Method
- Devices
- Low Input Power an All Optical 4 × 2 Encoder based on Triangular Lattice Shape Photonic Crystal
- Effect of Multiwalled Carbon Nanotube Reinforcement on the Opto-Electronic Properties of Polyaniline/c-Si Heterojunction
- Design and simulation of an all optical 8 to 3 binary encoder based on optimized photonic crystal OR gates
- Investigation of 2D-PC Ring Resonator-Based Demultiplexer for ITU-T G.694.1 WDM Systems
- Concave Rectangle Photonic Crystal Ring Resonator for Ultra-Fast All-Optical Modulation
- Soliton Pulse Generation for WDM-Based Free Space Optics Communication Using Microring Resonators
- Fibers
- Theory of Dispersion Reduction in Plastic Optical Gratings Fiber
- Efficient Routing Strategies of N × N RM-OXC Using C Band Based on T-FBG and OC
- Backbone Optical Fiber Analysis at 1310 nm and 1550 nm
- Networks
- Investigation of Blocking Performance in GMPLS Networks
- Identification of a Malicious Optical Edge Device in the SDN-Based Optical Fog/Cloud Computing Network
- Receiver
- New Structure of CCR with an AOANN Threshold
- Performance Enhancement of HAP-Based Relaying M-PPM FSO System Using Spatial Diversity and Heterodyne Detection Receiver
- Systems
- Review of LiFi Technology and Its Future Applications
- The Improved Optical Heterodyne Scheme for RoF Systems Based on Optical Carrier Suppression and Optical Injection Locking Techniques
- Effect of External Perturbation and System Parameters on Optical Secure Communication Models
- Development and Performance Improvement of a New Two-Dimensional Spectral/Spatial Code Using the Pascal Triangle Rule for OCDMA System
- Theory
- A Heavy Load Optimized Dynamic Bandwidth Allocation Algorithm for Hybrid WDM/TDM VPONs
- Effects of Sandstorms on Vehicular-to-Road Visible-Light Communication
- Estimation of Signal-to-Cross Talk Ratio of Stimulated-Raman-Scattering-Induced Cross Talk in Wavelength-Division-Multiplexing-Based Radio-over-Fiber Links
- Intelligent Requests Algorithm Based Scheduling and Efficient Dynamic Bandwidth Allocation to Improve QoS for EPONs
