A cybersecurity framework to identify malicious edge device in fog computing and cloud-of-things environments

Amandeep Singh Sohal, Rajinder Sandhu, Sandeep K. Sood, Victor Chang*

*Corresponding author for this work

Research output: Contribution to journalArticlepeer-review

186 Citations (Scopus)


Device security is one of the major challenges for successful implementation of Internet of Things and fog computing environment in current IT space. Researchers and Information Technology (IT) organizations have explored many solutions to protect systems from unauthenticated device attacks (known as outside device attacks). Fog computing uses network devices (e.g. router, switch and hub) for latency-aware processing of collected data using IoT. Then, identification of malicious edge device is one of the critical activities in data security of fog computing environment. Preventing attacks from malicious edge devices in fog computing environment is more difficult because they have certain granted privileges to use and process the data. In this paper, proposed cybersecurity framework uses three technologies which are Markov model, Intrusion Detection System (IDS) and Virtual Honeypot Device (VHD) to identify malicious edge device in fog computing environment. A two-stage hidden Markov model is used to effectively categorize edge devices in four different levels. VHD is designed to store and maintain log repository of all identified malicious devices which assists the system to defend itself from any unknown attacks in the future. Proposed cybersecurity framework is tested with real attacks in virtual environment created using OpenStack and Microsoft Azure. Results indicated that proposed cybersecurity framework is successful in identifying the malicious device as well as reducing the false IDS alarm rate.

Original languageEnglish
Pages (from-to)340-354
Number of pages15
JournalComputers and Security
Publication statusPublished - May 2018


  • Edge device
  • Fog computing
  • Internet of Things
  • Intrusion detection system
  • Two-stage Markov model
  • Virtual Honeypot Device


Dive into the research topics of 'A cybersecurity framework to identify malicious edge device in fog computing and cloud-of-things environments'. Together they form a unique fingerprint.

Cite this