Node State Monitoring Scheme in Fog Radio Access Networks for Intrusion Detection

This paper studies intrusion detection for fog computing in fog radio access networks (F-RANs). As fog nodes are resource constrained, a traditional intrusion detection system (IDS) cannot be directly deployed in F-RANs due to the communication overhead and computational complexity. To address this challenge, we propose a skyline query-based scheme that can analyze the IDS log statistics of fog nodes and provide a complete data processing flow. Specifically, a three-step solution is proposed. First, a lightweight fog node filtering strategy is proposed to filter the raw data, which can reduce the fog-cloud communication overhead. Second, a sliding-window-based mechanism is developed in the cloud server to efficiently process the asynchronous data flow. Then, using the pre-processed data, a set of seriously attacked nodes will be identified by the skyline query. Third, the security threat level of each individual fog node is calculated using the unascertained measure, which can determine the degree of security threat. The numerical simulations show that the proposed scheme can significantly reduce communication overhead and computational complexity.