Intrusion Detection at the Network Edge: Solutions, Limitations, and Future Directions

  • Simone RaponiEmail author
  • Maurantonio Caprolu
  • Roberto Di Pietro
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11520)


The low-latency, high bandwidth capabilities promised by 5G, together with the diffusion of applications that require high computing power and, again, low latency (such as videogames), are probably the main reasons—though not the only one—that have led to the introduction of a new network architecture: Fog Computing, that consists in moving the computation services geographically close to where computing is needed. This architectural shift moves security and privacy issues from the Cloud to the different layers of the Fog architecture. In this scenario, IDSs are still necessary, but they need to be contextualized in the new architecture. Indeed, while on the one hand Fog computing provides intrinsic benefits (e.g., low latency), on the other hand, it introduces new design challenges.

In this paper, we provide the following contributions: we analyze the possible IDS solutions that can be adopted within the different Fog computing tiers, together with their related deployment and design challenges; and, we propose some promising future directions, by taking into account the challenges left uncovered by the considered solutions.



This publication was partially supported by awards NPRP-S-11-0109-180242, UREP23-065-1-014, and NPRP X-063-1-014 from the QNRF-Qatar National Research Fund, a member of The Qatar Foundation. The information and views set out in this publication are those of the authors and do not necessarily reflect the official opinion of the QNRF.


  1. 1.
    Bonomi, F., Milito, R., Zhu, J., Addepalli, S.: Fog computing and its role in the internet of things. In: Proceedings of the First Edition of the MCC Workshop on Mobile Cloud Computing, pp. 13–16. ACM (2012)Google Scholar
  2. 2.
    Rios, R., Roman, R., Onieva, J.A., Lopez, J.: From SMOG to Fog: a security perspective. In: 2017 Second International Conference on Fog and Mobile Edge Computing (FMEC), pp. 56–61, May 2017Google Scholar
  3. 3.
    Roman, R., Lopez, J., Mambo, M., Mobile edge computing, Fog et al.: A survey and analysis of security threats and challenges. Future Gener. Comput. Syst. 78, 680–698 (2018)Google Scholar
  4. 4.
    Mukherjee, M., et al.: Security and privacy in fog computing: challenges. IEEE Access 5, 19293–19304 (2017)CrossRefGoogle Scholar
  5. 5.
    Munir, K.: Advancing Consumer-Centric Fog Computing Architectures. IGI Global (2018)Google Scholar
  6. 6.
    Sciancalepore, S., Piro, G., Vogli, E., Boggia, G., Grieco, L.A., Cavone, G.: LICITUS: a lightweight and standard compatible framework for securing layer-2 communications in the IoT. Comput. Netw. 108, 66–77 (2016)CrossRefGoogle Scholar
  7. 7.
    Yu, W., et al.: A survey on the edge computing for the internet of things. IEEE Access 6, 6900–6919 (2018)CrossRefGoogle Scholar
  8. 8.
    Hosseinpour, F., Vahdani Amoli, P., Plosila, J., Hämäläinen, T., Tenhunen, H.: An intrusion detection system for fog computing and IoT based logistic systems using a smart data approach. Int. J. Digit. Content Technol. Appl. 10, 34–46 (2016)Google Scholar
  9. 9.
    Yi, S., Qin, Z., Li, Q.: Security and privacy issues of fog computing: a survey. In: Xu, K., Zhu, H. (eds.) WASA 2015. LNCS, vol. 9204, pp. 685–695. Springer, Cham (2015). Scholar
  10. 10.
    Martin, A., Raponi, S., Combe, T., Di Pietro, R.: Docker ecosystem-vulnerability analysis. Comput. Commun. 122, 30–43 (2018)CrossRefGoogle Scholar
  11. 11.
    Krontiris, I., Giannetsos, T., Dimitriou, T.: LIDeA: a distributed lightweight intrusion detection architecture for sensor networks. In: Proceedings of the 4th International Conference on Security and Privacy in Communication Networks, p. 20. ACM (2008)Google Scholar
  12. 12.
    Hai, T.H., Huh, E.N., Jo, M.: A lightweight intrusion detection framework for wireless sensor networks. Wirel. Commun. Mob. Comput. 10(4), 559–572 (2010)Google Scholar
  13. 13.
    Onat, I., Miri, A.: An intrusion detection system for wireless sensor networks. In: IEEE International Conference on Wireless and Mobile Computing, Networking And Communications, WiMob 2005, vol. 3, pp. 253–259. IEEE (2005)Google Scholar
  14. 14.
    Anwar, S., et al.: From intrusion detection to an intrusion response system: fundamentals, requirements, and future directions. Algorithms 10(2), 39 (2017)CrossRefGoogle Scholar
  15. 15.
    Sandhu, R., Sohal, A.S., Sood, S.K.: Identification of malicious edge devices in fog computing environments. Inf. Secur. J.: Glob. Perspect. 26(5), 213–228 (2017)Google Scholar
  16. 16.
    Sudqi Khater, B., Abdul Wahab, A., Idris, M., Abdulla Hussain, M., Ahmed Ibrahim, A.: A lightweight perceptron-based intrusion detection system for fog computing. Appl. Sci. 9(1), 178 (2019)CrossRefGoogle Scholar
  17. 17.
    Sedjelmaci, H., Senouci, S.M., Al-Bahri, M.: A lightweight anomaly detection technique for low-resource IoT devices: a game-theoretic methodology. In: 2016 IEEE International Conference on Communications (ICC), pp. 1–6. IEEE (2016)Google Scholar
  18. 18.
    Pandeeswari, N., Kumar, G.: Anomaly detection system in cloud environment using fuzzy clustering based ANN. Mob. Netw. Appl. 21(3), 494–505 (2016)CrossRefGoogle Scholar
  19. 19.
    Lo, C.C., Huang, C.C., Ku, J.: A cooperative intrusion detection system framework for cloud computing networks. In: 2010 39th International Conference on Parallel Processing Workshops, pp. 280–284. IEEE (2010)Google Scholar
  20. 20.
    Di Pietro, R., Mancini, L.V.: Intrusion detection systems, vol. 38. Springer, Heidelberg (2008). Scholar
  21. 21.
    Abeshu, A., Chilamkurti, N.: Deep learning: the frontier for distributed attack detection in fog-to-things computing. IEEE Commun. Mag. 56(2), 169–175 (2018)CrossRefGoogle Scholar
  22. 22.
    Kovanen, T., David, G., Hämäläinen, T.: Survey: intrusion detection systems in encrypted traffic. In: Galinina, O., Balandin, S., Koucheryavy, Y. (eds.) NEW2AN/ruSMART -2016. LNCS, vol. 9870, pp. 281–293. Springer, Cham (2016). Scholar
  23. 23.
    Sciancalepore, S., Oligeri, G., Di Pietro, R.: Strength of crowd (SOC)–defeating a reactive jammer in IoT with decoy messages. Sensors 18(10), 3492 (2018). Special Issue on Emerging Methodologies and Practical Solutions for M2M and D2D Communications in the Internet of Things EraCrossRefGoogle Scholar
  24. 24.
    Baktir, A.C., Ozgovde, A., Ersoy, C.: How can edge computing benefit from software-defined networking: a survey, use cases, and future directions. IEEE Commun. Surv. Tutor. 19(4), 2359–2391 (2017, Fourthquarter)CrossRefGoogle Scholar
  25. 25.
    Caprolu, M., Raponi, S., Di Pietro, R.: Fortress: an efficient and distributed firewall for stateful data plane SDN. Secur. Commun. Netw., 16 (2019)Google Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  • Simone Raponi
    • 1
    Email author
  • Maurantonio Caprolu
    • 1
  • Roberto Di Pietro
    • 1
  1. 1.College of Science and Engineering (CSE), Division of Information and Computing Technology (ICT)Hamad Bin Khalifa University (HBKU)DohaQatar

Personalised recommendations