With the rapid development of the Internet of Things (IoT), there are several challenges pertaining to security in IoT applications. Compared with the characteristics of the traditional Internet, the IoT has many problems, such as large assets, complex and diverse structures, and lack of computing resources. Traditional network intrusion detection systems cannot meet the security needs of IoT applications. In view of this situation, this study applies cloud computing and machine learning to the intrusion detection system of IoT to improve detection performance. Usually, traditional intrusion detection algorithms require considerable time for training, and these intrusion detection algorithms are not suitable for cloud computing due to the limited computing power and storage capacity of cloud nodes; therefore, it is necessary to study intrusion detection algorithms with low weights, short training time, and high detection accuracy for deployment and application on cloud nodes. An appropriate classification algorithm is a primary factor for deploying cloud computing intrusion prevention systems and a prerequisite for the system to respond to intrusion and reduce intrusion threats. This paper discusses the problems related to IoT intrusion prevention in cloud computing environments. Based on the analysis of cloud computing security threats, this study extensively explores IoT intrusion detection, cloud node monitoring, and intrusion response in cloud computing environments by using cloud computing, an improved extreme learning machine, and other methods. We use the Multi-Feature Extraction Extreme Learning Machine (MFE-ELM) algorithm for cloud computing, which adds a multi-feature extraction process to cloud servers, and use the deployed MFE-ELM algorithm on cloud nodes to detect and discover network intrusions to cloud nodes. In our simulation experiments, a classical dataset for intrusion detection is selected as a test, and test steps such as data preprocessing, feature engineering, model training, and result analysis are performed. The experimental results show that the proposed algorithm can effectively detect and identify most network data packets with good model performance and achieve efficient intrusion detection for heterogeneous data of the IoT from cloud nodes. Furthermore, it can enable the cloud server to discover nodes with serious security threats in the cloud cluster in real time, so that further security protection measures can be taken to obtain the optimal intrusion response strategy for the cloud cluster.
With the extension and expansion of Internet technology, the Internet of Things (IoT), as an important information technology, promotes the intelligent development of modern society. Intelligent IoT applications are being gradually popularized in daily life and industrial development, such as intelligent logistics, transportation, security, medical treatment, homes, and agriculture. The centralized processing mode of cloud computing is to upload all pending transactions to the cloud for execution, and the cloud uses computing resources, storage capacity, and transmission bandwidth to process all service requests sent by end users. The IoT refers to connecting any object with the network through information sensing equipment and according to the agreed protocol. Objects exchange and communicate information through information media to realize the functions of intelligent identification, positioning, tracking, supervision, and so on. The number of global IoT device connections has increased annually, and according to forecasts, the growth rate will gradually stabilize at 15%. Furthermore, data transmission, processing, and storage will add more load to cloud services. Mobile and sensor devices connected to the edge of the Internet are constantly generating new data with diverse data types , which will lead to great challenges in the computing resources and transmission bandwidth of traditional network architecture. At the same time, for IoT applications that require low network latency, such as automatic driving, if the traditional calculation is used as the operation model, low latency cannot be achieved, and thus the vehicle cannot make real-time decisions to avoid risk in the case of emergency braking. The tasks to be processed by the terminal equipment require strong real-time performance, i.e., the tasks must complete data transmission, analysis, and processing with minimum delay, which conflicts with the processing method of the traditional computing model. In summary, in this highly information-based era, the IoT faces multiple severe challenges: a large amount of data redundancy, cloud processing capacity bottlenecks, network bandwidth limits, data security and privacy, increased cloud power load, and increased task processing delays . Intrusion detection technology is an active security protection technology. According to the different methods of data analysis, IoT intrusion detection systems can be divided into anomaly intrusion detection and misuse intrusion detection. Anomaly intrusion detection is an attack or malicious behavior that occurs when the host data in the network or the entire network does not conform to normal data specifications. Misuse intrusion detection refers to modeling certain specific attack models, determining the characteristic behavior of the attack, and matching it with the current behavior. A successful match represents malicious behavior . The above problems are caused by limitations in the development of the IoT data processing mode and the increasing requirements for service quality for processing operations. The cloud collaborative network architecture has brought the terminal service quality to a new development stage and promoted fast-paced technology development. The optimization of task scheduling and application module mapping is a key problem in cloud computing, which plays an important role in the performance and power optimization of network architecture. Therefore, designing an efficient scheme and algorithm for IoT intrusion detection, task scheduling, and application module mapping is the key to improving the overall performance of the IoT architecture, which is of great research significance.
Conclusion and future work
The IoT is a complex, dynamic environment, which poses new challenges to the deployment and algorithm performance of IoT intrusion detection. Based on the research of cloud-based IoT defense architecture, this study focused on cloud computing intrusion detection algorithms and measurement models. Considering the resource constraints of cloud nodes and the high complexity of the network environment, a measurement model of IoT intrusion detection in a cloud computing environment is proposed, and an MFE-ELM algorithm of a limit learning machine with multi-feature extraction is proposed. Experimental simulations verified the training time and detection accuracy of the proposed algorithm. In the experiment, the MFE-ELM algorithm showed good performance in cloud computing, especially in terms of accuracy and time efficiency. Through several experiments, it was proved that the MFE-ELM is an intrusion detection algorithm suitable for cloud computing environments.