دانلود مقاله مدل و الگوریتم تشخیص نفوذ IoT مبتنی بر محاسبات ابری

خلاصه
1. معرفی
2. کارهای مرتبط
3. مدل اندازه گیری تشخیص نفوذ اینترنت اشیا در محیط های رایانش ابری
4. شرح الگوریتم MFE-ELM
5. آزمایش شبیه سازی
6. نتیجه گیری و کار آینده
اعلامیه منافع رقابتی
سپاسگزاریها
منابع

Abstract
1. Introduction
2. Related work
3. Internet of things intrusion detection measurement model in cloud computing environments
4. MFE-ELM algorithm description
5. Simulation experiment
6. Conclusion and future work
Declaration of competing interest
Acknowledgements
References

چکیده
با توسعه سریع اینترنت اشیا (IoT)، چالش های متعددی در رابطه با امنیت در برنامه های کاربردی اینترنت اشیا وجود دارد. در مقایسه با ویژگی های اینترنت سنتی، اینترنت اشیا دارای مشکلات زیادی مانند دارایی های بزرگ، ساختارهای پیچیده و متنوع و کمبود منابع محاسباتی است. سیستم‌های تشخیص نفوذ شبکه سنتی نمی‌توانند نیازهای امنیتی برنامه‌های IoT را برآورده کنند. با توجه به این وضعیت، این مطالعه محاسبات ابری و یادگیری ماشین را در سیستم تشخیص نفوذ اینترنت اشیا به منظور بهبود عملکرد تشخیص اعمال می‌کند. معمولاً الگوریتم‌های تشخیص نفوذ سنتی به زمان قابل‌توجهی برای آموزش نیاز دارند و این الگوریتم‌های تشخیص نفوذ به دلیل محدودیت توان محاسباتی و ظرفیت ذخیره‌سازی گره‌های ابری برای محاسبات ابری مناسب نیستند. بنابراین، مطالعه الگوریتم‌های تشخیص نفوذ با وزن کم، زمان آموزش کوتاه و دقت تشخیص بالا برای استقرار و کاربرد بر روی گره‌های ابری ضروری است. یک الگوریتم طبقه بندی مناسب یک عامل اولیه برای استقرار سیستم های جلوگیری از نفوذ محاسبات ابری و پیش نیاز سیستم برای پاسخ به نفوذ و کاهش تهدیدات نفوذ است. این مقاله مشکلات مربوط به جلوگیری از نفوذ IoT در محیط‌های رایانش ابری را مورد بحث قرار می‌دهد. بر اساس تجزیه و تحلیل تهدیدات امنیتی رایانش ابری، این مطالعه به طور گسترده تشخیص نفوذ IoT، نظارت بر گره ابری، و پاسخ نفوذ در محیط‌های رایانش ابری را با استفاده از رایانش ابری، یک ماشین یادگیری افراطی بهبودیافته و روش‌های دیگر بررسی می‌کند. ما از الگوریتم Multi-Feature Extraction Extreme Learning Machine (MFE-ELM) برای محاسبات ابری استفاده می کنیم که یک فرآیند استخراج چند ویژگی را به سرورهای ابری اضافه می کند و از الگوریتم MFE-ELM مستقر در گره های ابری برای شناسایی و کشف نفوذهای شبکه استفاده می کنیم. گره های ابری در آزمایش‌های شبیه‌سازی ما، یک مجموعه داده کلاسیک برای تشخیص نفوذ به‌عنوان آزمایش انتخاب می‌شود و مراحل آزمایشی مانند پیش‌پردازش داده‌ها، مهندسی ویژگی، آموزش مدل و تجزیه و تحلیل نتایج انجام می‌شود. نتایج تجربی نشان می‌دهد که الگوریتم پیشنهادی می‌تواند به طور موثر اکثر بسته‌های داده شبکه را با عملکرد مدل خوب شناسایی و شناسایی کند و به تشخیص نفوذ کارآمد برای داده‌های ناهمگن اینترنت اشیا از گره‌های ابری دست یابد. علاوه بر این، می‌تواند سرور ابری را قادر به کشف گره‌هایی با تهدیدات امنیتی جدی در خوشه ابری در زمان واقعی کند، به طوری که اقدامات حفاظتی امنیتی بیشتری برای دستیابی به استراتژی پاسخ نفوذ بهینه برای خوشه ابری انجام شود.

Abstract

With the rapid development of the Internet of Things (IoT), there are several challenges pertaining to security in IoT applications. Compared with the characteristics of the traditional Internet, the IoT has many problems, such as large assets, complex and diverse structures, and lack of computing resources. Traditional network intrusion detection systems cannot meet the security needs of IoT applications. In view of this situation, this study applies cloud computing and machine learning to the intrusion detection system of IoT to improve detection performance. Usually, traditional intrusion detection algorithms require considerable time for training, and these intrusion detection algorithms are not suitable for cloud computing due to the limited computing power and storage capacity of cloud nodes; therefore, it is necessary to study intrusion detection algorithms with low weights, short training time, and high detection accuracy for deployment and application on cloud nodes. An appropriate classification algorithm is a primary factor for deploying cloud computing intrusion prevention systems and a prerequisite for the system to respond to intrusion and reduce intrusion threats. This paper discusses the problems related to IoT intrusion prevention in cloud computing environments. Based on the analysis of cloud computing security threats, this study extensively explores IoT intrusion detection, cloud node monitoring, and intrusion response in cloud computing environments by using cloud computing, an improved extreme learning machine, and other methods. We use the Multi-Feature Extraction Extreme Learning Machine (MFE-ELM) algorithm for cloud computing, which adds a multi-feature extraction process to cloud servers, and use the deployed MFE-ELM algorithm on cloud nodes to detect and discover network intrusions to cloud nodes. In our simulation experiments, a classical dataset for intrusion detection is selected as a test, and test steps such as data preprocessing, feature engineering, model training, and result analysis are performed. The experimental results show that the proposed algorithm can effectively detect and identify most network data packets with good model performance and achieve efficient intrusion detection for heterogeneous data of the IoT from cloud nodes. Furthermore, it can enable the cloud server to discover nodes with serious security threats in the cloud cluster in real time, so that further security protection measures can be taken to obtain the optimal intrusion response strategy for the cloud cluster.

Introduction

With the extension and expansion of Internet technology, the Internet of Things (IoT), as an important information technology, promotes the intelligent development of modern society. Intelligent IoT applications are being gradually popularized in daily life and industrial development, such as intelligent logistics, transportation, security, medical treatment, homes, and agriculture. The centralized processing mode of cloud computing is to upload all pending transactions to the cloud for execution, and the cloud uses computing resources, storage capacity, and transmission bandwidth to process all service requests sent by end users. The IoT refers to connecting any object with the network through information sensing equipment and according to the agreed protocol. Objects exchange and communicate information through information media to realize the functions of intelligent identification, positioning, tracking, supervision, and so on. The number of global IoT device connections has increased annually, and according to forecasts, the growth rate will gradually stabilize at 15%. Furthermore, data transmission, processing, and storage will add more load to cloud services. Mobile and sensor devices connected to the edge of the Internet are constantly generating new data with diverse data types [1], which will lead to great challenges in the computing resources and transmission bandwidth of traditional network architecture. At the same time, for IoT applications that require low network latency, such as automatic driving, if the traditional calculation is used as the operation model, low latency cannot be achieved, and thus the vehicle cannot make real-time decisions to avoid risk in the case of emergency braking. The tasks to be processed by the terminal equipment require strong real-time performance, i.e., the tasks must complete data transmission, analysis, and processing with minimum delay, which conflicts with the processing method of the traditional computing model. In summary, in this highly information-based era, the IoT faces multiple severe challenges: a large amount of data redundancy, cloud processing capacity bottlenecks, network bandwidth limits, data security and privacy, increased cloud power load, and increased task processing delays [2]. Intrusion detection technology is an active security protection technology. According to the different methods of data analysis, IoT intrusion detection systems can be divided into anomaly intrusion detection and misuse intrusion detection. Anomaly intrusion detection is an attack or malicious behavior that occurs when the host data in the network or the entire network does not conform to normal data specifications. Misuse intrusion detection refers to modeling certain specific attack models, determining the characteristic behavior of the attack, and matching it with the current behavior. A successful match represents malicious behavior [3]. The above problems are caused by limitations in the development of the IoT data processing mode and the increasing requirements for service quality for processing operations. The cloud collaborative network architecture has brought the terminal service quality to a new development stage and promoted fast-paced technology development. The optimization of task scheduling and application module mapping is a key problem in cloud computing, which plays an important role in the performance and power optimization of network architecture. Therefore, designing an efficient scheme and algorithm for IoT intrusion detection, task scheduling, and application module mapping is the key to improving the overall performance of the IoT architecture, which is of great research significance.

Conclusion and future work

The IoT is a complex, dynamic environment, which poses new challenges to the deployment and algorithm performance of IoT intrusion detection. Based on the research of cloud-based IoT defense architecture, this study focused on cloud computing intrusion detection algorithms and measurement models. Considering the resource constraints of cloud nodes and the high complexity of the network environment, a measurement model of IoT intrusion detection in a cloud computing environment is proposed, and an MFE-ELM algorithm of a limit learning machine with multi-feature extraction is proposed. Experimental simulations verified the training time and detection accuracy of the proposed algorithm. In the experiment, the MFE-ELM algorithm showed good performance in cloud computing, especially in terms of accuracy and time efficiency. Through several experiments, it was proved that the MFE-ELM is an intrusion detection algorithm suitable for cloud computing environments.