Detecting Man-in-the-Middle Attack in Fog Computing for Social Media

Fog computing (FC) is a networking paradigm where wireless devices known as fog nodes are placed at the edge of the network (close to the Internet of Things (IoT) devices). Fog nodes provide services in lieu of the cloud. Thus, improving the performance of the network and making it attractive to social media-based systems. Security issues are one of the most challenges encountered in FC. In this paper, we propose an anomalybased Intrusion Detection and Prevention System (IDPS) against Man-in-theMiddle (MITM) attack in the fog layer. The system uses special nodes known as Intrusion Detection System (IDS) nodes to detect intrusion in the network. They periodically monitor the behavior of the fog nodes in the network. Any deviation from normal network activity is categorized as malicious, and the suspected node is isolated. Exponentially Weighted Moving Average (EWMA) is added to the system to smooth out the noise that is typically found in social media communications. Our results (with 95% confidence) show that the accuracy of the proposed system increases from 80% to 95% after EWMA is added. Also, with EWMA, the proposed system can detect the intrusion from 0.25- 0.5 s seconds faster than that without EWMA. However, it affects the latency of services provided by the fog nodes by at least 0.75-1.3 s. Finally, EWMA has not increased the energy overhead of the system, due to its lightweight.