计算机科学

计算机科学 ›› 2024, Vol. 51 ›› Issue (3): 3-13.doi: 10.11896/jsjkx.230700130

• 新计算模式下的信息安全防护 • 上一篇    下一篇

基于模糊逻辑的物联网流量攻击检测技术综述

商钰玲1, 李鹏1,2, 朱枫1, 王汝传1,2   

  1. 1 南京邮电大学计算机学院 南京210023
    2 南京邮电大学网络安全与可信计算研究所 南京210023
  • 收稿日期:2023-07-18 修回日期:2023-11-28 出版日期:2024-03-15 发布日期:2024-03-13
  • 通讯作者: 李鹏(lipeng@njupt.edu.cn)
  • 作者简介:(1022041221@njupt.edu.cn)
  • 基金资助:
    国家自然科学基金(62102196);江苏省六大人才高峰高层次人才项目(RJFW-111)

Overview of IoT Traffic Attack Detection Technology Based on Fuzzy Logic

SHANG Yuling1, LI Peng1,2, ZHU Feng1, WANG Ruchuan1,2   

  1. 1 College of Computer Science,Nanjing University of Posts and Telecommunications,Nanjing 210023,China
    2 Institute of Network Security and Trusted Computing,Nanjing University of Posts and Telecommunications,Nanjing 210023,China
  • Received:2023-07-18 Revised:2023-11-28 Online:2024-03-15 Published:2024-03-13
  • About author:SHANG Yuling,born in 1999,postgraguate.Her main research interests include cyberspace security and Internet of things technology.LI Peng,born in 1979,Ph.D,professor,Ph.D supervisor,is a member of CCF(No.48573M).His main research interests include computer communication networks,cloud computing and information security.
  • Supported by:
    National Natural Science Foundation of China(62102196) and Six Talent Peaks Project of Jiangsu Province(RJFW-111).

PDF (PC)

1175

摘要: 物联网越来越多地出现在日常活动中,将我们周围多样化的物理设备连接到互联网,奠定了智慧城市、电子健康、精准农业等应用的基础。随着物联网应用的迅速普及,针对这类设备和服务的网络攻击数量也有所增加,且这些攻击具有不精确性和不确定性,使得对其进行正确检测和识别更加困难。为了应对上述挑战,学者们引入了基于模糊逻辑的攻击检测框架,在各种操作步骤中结合不同的模糊技术,以便在数据不准确和不确定时更精确地检测网络攻击。文中首先对物联网的安全性进行了详细的探讨,如其应对的安全挑战、所需的安全要求、面临的攻击类型等;其次对入侵检测系统(Intrusion Detection Systems,IDS)进行了描述,进而简述了物联网中IDS的基础框架;然后阐述了模糊逻辑的技术原理,分析了将其应用在流量攻击检测中的合理性;接着比较了各种基于不同技术的流量攻击检测方案,以说明它们在该领域的性能和重要性;最后总结了本文的主要工作,指出了未来的研究方向,为该领域的研究者提供了新的视角,以更好地应对不断升级的网络攻击。

关键词: 模糊逻辑, 物联网, 攻击检测, 流量, 网络安全

Abstract: The Internet of things(IoT) is progressively permeating our daily activities,interconnecting an array of diverse physical devices to the Internet.This foundational connectivity underpins applications spanning smart cities,e-health,precision agriculture,and beyond.The swift proliferation of IoT applications,however,has been paralleled by an upsurge in the frequency of network attacks targeting these devices and services.The complex and dynamic nature of these attacks,coupled with their imprecision and uncertainty,has significantly compounded the intricacies of accurate detection and identification.In response to these exigencies,a novel approach has emerged in the form of fuzzy logic-based attack detection frameworks.These frameworks strategically integrate varied fuzzy techniques throughout diverse operational phases to facilitate heightened precision in the detection of network attacks,particularly in instances characterized by data inaccuracy and uncertainty.Within the expanse of this comprehensive survey paper,a meticulous exposition unfolds.It commences by delving deeply into the realm of IoT security,dissecting its multifaceted dimensions,such as the security challenges it responds to,the required security requirements,and the types of attacks it faces.Subsequently,it offers a detailed portrayal of intrusion detection systems(IDS) and further encapsulates the foundational framework of IDS within the IoT domain.The foundational tenets of fuzzy logic are subsequently expounded upon,followed by a discerning analysis of the rational underpinning the integration of fuzzy logic in traffic attack detection.In subsequent sections,a discerning comparative analysis of diverse traffic attack detection schemes,grounded in disparate technological methodologies,is meticulously presented.This analytical elucidation underscores their respective performance metrics and,by extension,their pivotal significance within this burgeoning sphere.Finally,the synthesis of the principal contributions encapsulated within this paper is meticulously articulated,concurrently outlining pathways for future research.These nascent trajectories are expected to provide researchers with new perspectives and enrich the academic discourse to mitigate escalating cyberattacks.

Key words: Fuzzy logic, Internet of things, Attack detection, Traffic, Network security

中图分类号: 

  • TP311
[1]BANSAL S,TOMAR V K.Challenges & Security Threats inIoT with Solution Architectures[C]//2022 2nd International Conference on Power Electronics & IoT Applications in Renewa-ble Energy and its Control(PARC).Mathura:IEEE,2022:1-5.
[2]HUAN W M,LIN H T.Design of Intrusion detection System based on sampling integration Algorithm [J].Computer Science,2021,48(S2):705-712.
[3]BUCZAK A L,GUVEN E.A Survey of Data Mining and Machine Learning Methods for Cyber Security Intrusion Detection[J].IEEE Communications Surveys & Tutorials,2016,18(2):1153-1176.
[4]GU J,LU S.An effective intrusion detection approach usingSVM with naïve Bayes feature embedding[J].Computers & Security,2021,103:102158.
[5]GUEZZAZ A,ASIMI A,ASIMI Y,et al.A Lightweight Neural Classifier for Intrusion Detection[J].General Letters in Mathematics,2017,2(2):57-66.
[6]JIANG Z T,ZHOU TAN S Z,HAN L Y.Nearest neighbor Intrusion detection algorithm based on perceptual hash matrix [J].Acta Electronica Sinica,2019,47(7):1538-1546.
[7]ZHOU J H,PENG F,QIU R F,et al.Intrusion detection based on Fusion random forest and gradient Lift Tree [J].Journal of Software,2021,32(10):3254-3265.
[8]ZHANG L,CUI Y,LIU J,et al.Application of Machine Lear-ning in Cyberspace security research [J].Journal of Computers,2018,41(9):1943-1975.
[9]MODI C,PATEL D,BORISANIYA B,et al.A survey of intrusion detection techniques in Cloud[J].Journal of Network and Computer Applications,2013,36(1):42-57.
[10]WU S X,BANZHAF W.The use of computational intelligence in intrusion detection systems:A review[J].Applied Soft Computing,2010,10(1):1-35.
[11]YANG P F,CAI R J,GUO S C,et al.A container-based Intrusion detection method for Cisco IOS-XE system [J].Journal of Computer Science,2012,50(4):298-307.
[12]SHANMUGAVADIVU R,NAGARAJAN N.Network intru-sion detection system using fuzzy logic[J].Indian Journal of Computer Science and Engineering(IJCSE),2011,2(1):101-111.
[13]ZADEH L A.Fuzzy sets[J].Information and Control,1965,8(3):338-353.
[14]SHERAZI H H R,IQBAL R,AHMAD F,et al.DDoS attack detection:A key enabler for sustainable communication in Internet of vehicles[J].Sustainable Computing:Informatics and Systems,2019,23:13-20.
[15]DICKERSON J E,DICKERSON J A.Fuzzy network profilingfor intrusion detection[C]//19th International Conference of the North American Fuzzy Information Processing Society-NAFIPS(Cat.No.00TH8500).Atlanta:IEEE,2000:301-306.
[16]LI F,ZHAO R,WANG S,et al.Online Intrusion Detection for Internet of Things Systems With Full Bayesian Possibilistic Clustering and Ensembled Fuzzy Classifiers[J].IEEE Transactions on Fuzzy Systems,2022,30(11):4605-4617.
[17]PAJILA P J B,JULIE E G,ROBINSON Y H.FBDR-FuzzyBased DDoS Attack Detection and Recovery Mechanism for Wireless Sensor Networks[J].Wireless Personal Communications,2022,122(4):3053-3083.
[18]SHAH Y,SENGUPTA S.A survey on Classification of Cyber-attacks on IoT and IIoT devices[C]//2020 11th IEEE Annual Ubiquitous Computing,Electronics & Mobile Communication Conference(UEMCON).New York:IEEE,2020:406-413.
[19]SETHI P,SARANGI S R.Internet of Things:Architectures,Protocols,and Applications[J].Journal of Electrical and Computer Engineering,2017,2017:1-25.
[20]OMOLARA A E,ALABDULATIF A,ABIODUN O I,et al.The internet of things security:A survey encompassing unexplored areas and new insights[J].Computers & Security,2022,112:102494.
[21]ALHIRABI N,RANA O,PERERA C.Security and Privacy Requirements for the Internet of Things[J].ACM Transactions on Internet of Things,2021,2(1):1-37.
[22]LIU Q X,JIN Z,CHEN C H,et al.Internet of Things access control security review [J].Computer Research and Development,2022,59(10):2190-2211.
[23]MOHAMAD M B,HASSAN W H.Current research on Internet of Things(IoT) security:A survey[J].Computer Networks,2019,148:283-294.
[24]AZROUR M,MABROUKI J,FARHAOUI Y,et al.SecurityAnalysis of Nikooghadam et al.'s Authentication Protocol for Cloud-IoT[M].Intelligent Systems in Big Data,Semantic Web and Machine Learning.Cham:Springer International Publi-shing,2021:261-269.
[25]MOUDNI H,ER-ROUIDI M,MOUNCIF H,et al.Fuzzy logic based intrusion detection system against black hole attack in mobile ad hoc networks[J].International Journal of Communication Networks and Information Security,2018,10(2):366-373.
[26]SCARFONE K,MELL P.Guide to intrusion detection and prevention systems(idps)[J].NIST Special Bublication,2007,800(2007):94.
[27]DEBAR H,DACIER M,WESPI A.Towards a taxonomy of intrusion-detection systems[J].Computer Networks(Amsterdam,Netherlands:1999),1999,31(8):805-822.
[28]PERUMALLA S,CHATTERJEE S,KUMAR A P S.BlockChain-based access control and intrusion detection system in IoD[C]// 2021 6th International Conference on Communication and Electronics Systems(ICCES).Coimbatre:IEEE,2021:511-518.
[29]MITTAL M,SARASWAT L K,IWENDI C,et al.A Neuro-Fuzzy Approach for Intrusion Detection in Energy Efficient Sensor Routing[C]// 2019 4th International Conference on Internet of Things:Smart Innovation and Usages(IoT-SIU).Ghaziabad:IEEE,2019:1-5.
[30]SHUBHA R S,MANJAIAH D H.Multi-Layer PerceptronBased Fuzzy Logic Technique for Detection of Attacks in VANETS[C]//2022 IEEE Conference on Interdisciplinary Approaches in Technology and Management for Social Innovation(IATMSI).Gwalior:IEEE,2022.
[31]HU X,ZHANG Q,YANG X,et al.An Intrusion DetectionMethod Fused Deep Learning and Fuzzy Neural Network for Smart Home[C]//ICIC 2022:Intelligent Computing Theories and Application.Cham:Springer International Publishing,2022:627-637.
[32]JANG J S R.ANFIS:adaptive-network-based fuzzy inferencesystem[J].IEEE Transactions on Systems,Man,and Cyberne-tics,1993,23(3):665-685.
[33]FARHIN F,SULTANA I,ISLAM N,et al.Attack Detection in Internet of Things using Software Defined Network and Fuzzy Neural Network[C]//2020 Joint 9th International Conference on Informatics,Electronics & Vision(ICIEV) and 2020 4th International Conference on Imaging,Vision & Pattern Recognition(icIVPR).Kitakyushu:IEEE,2020.
[34]SEDOVA N A,ARKHIPOVA Z V,LAVROV E A,et al.Smart System for Detecting Unauthorized Entry into a Smart Home[C]//2020 International Conference Quality Management,Transport and Information Security,Information Technologies(IT&QM&IS).Yaroslavl:IEEE,2020:63-67.
[35]BESLIN PAJILA P J,GOLDEN JULIE E,HAROLD ROB-INSON Y.ABAP:Anchor Node Based DDoS Attack Detection Using Adaptive Neuro-Fuzzy Inference System[J].Wireless Personal Communications,2023,128(2):875-899.
[36]KARTHIGA B,DURAIRAJ D,NAWAZ N,et al.Intelligent Intrusion Detection System for VANET Using Machine Learning and Deep Learning Approaches[J].Wireless Communications and Mobile Computing,2022,2022:1-13.
[37]BEDOYA J C,LIU C,XIE J.Adaptive Neuro Fuzzy Inference System for Cyber-Intrusion Detection in a Smart Grid[C]//2019 20th International Conference on Intelligent System Application to Power Systems(ISAP).New Delhi:IEEE,2019.
[38]ABAZARI A,ZADSAR M,GHAFOURI M,et al.A Data Mi-ning/ANFIS and Adaptive Control for Detection and Mitigation of Attacks on DC MGs[J].IEEE Transactions on Smart Grid,2023,14(3):2406-2422.
[39]JAVAHERI D,GORGIN S,LEE J,et al.An improved discrete harris hawk optimization algorithm for efficient workflow sche-duling in multi-fog computing[J].Sustainable Computing:Informatics and Systems,2022,36:100787.
[40]ANDRÉ L C,DOUGLAS D L,RODOLFO I M,et al.A Fuzzy Intrusion Detection System for Identifying Cyber-Attacks on IoT Networks[C]//2020 IEEE Latin-American Conference on Communications(LATINCOM).Santo Domingo:IEEE,2020.
[41]HAFEEZ I,ANTIKAINEN M,DING A Y,et al.IoT-KEEPER:Detecting Malicious IoT Network Activity Using Online Traffic Analysis at the Edge[J].IEEE Transactions on Network and Service Management,2020,17(1):45-59.
[42]KHALAFI Z S,DEHGHANI M,KHALILI A,et al.Intrusion Detection,Measurement Correction,and Attack Localization of PMU Networks[J].IEEE Transactions on Industrial Electro-nics,2022,69(5):4697-4706.
[43]FU G H,LI B C,WEI Q J,et al.A Multi-Distance Ensemble and Feature Clustering Based Feature Selection Approach for Network Intrusion Detection[C]//2022 International Symposium on Sensing and Instrumentation in 5G and IoT Era(ISSI).Shanghai:IEEE,2022:160-164.
[44]KOU L.Research on security defense Technology of IoT Sen-sing Layer [D].Harbin:Harbin Engineering University,2019.
[45]ZENG S,TONG X,SANG N.Study on multi-center fuzzy C-means algorithm based on transitive closure and spectral clustering[J].Applied Soft Computing,2014,16:89-101.
[46]SHAN D H,SHI Y C,ZHAO W Z,et al.Segmentation fusion fuzzy clustering algorithm for Cloud data security storage [J].Computer Science,2017,44(5):166-169.
[47]HUANG S,GUO Y,YANG N,et al.A weighted fuzzy C-means clustering method with density peak for anomaly detection in IoT-enabled manufacturing process[J].Journal of Intelligent Manufacturing,2021,32(7):1845-1861.
[48]WANG Z Y,LI L J,MI Z S,et al.Variable precision fuzzyRough Set attribute reduction based on error cost [J].Computer Science,2022,49(4):161-167.
[49]WU Y,NIE L,WANG S,et al.Intelligent Intrusion Detection for Internet of Things Security:A Deep Convolutional Generative Adversarial Network-Enabled Approach[J].IEEE Internet of Things Journal,2023,10(4):3094-3106.
[50]LIU X,ZHAO J,LI J,et al.Large-Scale Multiobjective Federated Neuroevolution for Privacy and Security in the Internet of Things[J].IEEE Internet of Things Magazine,2022,5(2):74-77.
[51]FANG L,LI Y,LIU Z,et al.A Practical Model Based on Ano-maly Detection for Protecting Medical IoT Control Services Against External Attacks[J].IEEE Transactions on Industrial Informatics,2021,17(6):4260-4269.
[52]GORZALCZANY M B,RUDZINSKI F.Intrusion Detection in Internet of Things With MQTT Protocol—An Accurate and Interpretable Genetic-Fuzzy Rule-Based Solution[J].IEEE Internet of Things Journal,2022,9(24):24843-24855.
[53]JIANG J,LIU F,NG W W Y,et al.Dynamic Incremental Ensemble Fuzzy Classifier for Data Streams in Green Internet of Things[J].IEEE Transactions on Green Communications and Networking,2022,6(3):1316-1329.
[54]LI F Y,LI Y,YANG J.Review of interpolation inference algorithms based on fuzzy rules [J].Journal of Computers,2022,45(8):1687-1711.
[55]HOANG T M,TRAN N H,THAI V L,et al.An efficient IDS using FIS to detect DDoS in IoT networks[C]//2022 9th NAFOSTED Conference on Information and Computer Science(NICS).Ho Chi Minh City:IEEE,2022:193-198.
[56]AWOTUNDE J B,AYO F E,PANIGRAHI R,et al.A Multi-level Random Forest Model-Based Intrusion Detection Using Fuzzy Inference System for Internet of Things Networks[J].International Journal of Computational Intelligence Systems,2023,16(1):31.
[57]MEENALOCHANI M,SUDHA S.Jammed Node Detection and Routing in a Multihop Wireless Sensor Network Using Hybrid Techniques[J].Wireless Personal Communications,2019,104(2):663-675.
[58]SAVVA M,IOANNOU I,VASSILIOU V.Fuzzy-Logic Based IDS for Detecting Jamming Attacks in Wireless Mesh IoT Networks[C]//2022 20th Mediterranean Communication and Computer Networking Conference(MedComNet).Pafos:IEEE,2022:54-63.
[59]FARZANEH B,KOOSHA M,BOOCHANPOUR E,et al.ANew Method for Intrusion Detection on RPL Routing Protocol Using Fuzzy Logic[C]//2020 6th International Conference on Web Research(ICWR).Tehran:IEEE,2020:245-250.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
地址:重庆市渝北区洪湖西路18号    邮编:401121  
电话:023-63500828(编辑部) 023-67039612(会议/专题) 023-67039623(财务/发票)
E-mail:jsjkx12@163.com
本系统由北京玛格泰克科技发展有限公司设计开发