اميرحسين لنگرودي

Fog computing is a new distributed and decentralized infrastructure and platform which is introduced to evolve the internet of things and cloud computing technologies. This platform extends cloud resources to the edge of the network and brings data, storage services, computing and communication resources closer to end users. However, since the fog nodes are very close to the end users and may collect sensitive and private information, or on the other hand, when the fog nodes collaborate and share user data to perform certain tasks, it is necessary to check their trustworthiness from establishing communication and sending data; Because uploading data to a malicious node leads to misuse and unauthorized manipulation. Traditional encryption-based methods cannot be used to mitigate internal attacks such as malicious or rogue nodes that have already passed through authentication and access control processes and become part of the network. Therefore, in order to identify and isolate malicious nodes and establish a secure environment, we resort to trust management and computing systems so that nodes can communicate with each other with certain level of trust, which is the degree of confidence that a node will behave in a desirable way. In most of the previous related works in fog, the resistance to collusion has been analyzed in well enough, in such a way that either they were only able to cover low percentages of it or they just tried to reduce its impact on the trust value. So, they were not able to neutralize it completely. Also, due to the fact that distributed environments such as fog which they are naturally dynamic, which means the network topology is constantly changing, so this should be considered in designing security mechanisms such as trust in such environments. To this end, in this research, in order to cover the aforementioned challenges, a trust management system which is resistant to collusion attack is introduced in fog computing environment, where a fog node uses direct and indirect trust to find another appropriate node before establishing communication. The proposed model uses both quality of service (QoS) and quality of security (QoSec) to eva‎luate direct trust, and uses the recommendation of neighboring nodes to eva‎luate indirect trust. In order to prevent collusion and its related attacks such as Bad-Mouthing and Ballot-Stuffing in recommendation model, we proposed a mechanism called the quality of recommendation and eva‎luation of the honesty of the neighboring nodes with the help of the cloud entity in the indirect trust calculation process, which has motivated the nodes to stay genuine. So if they send correct or incorrect information, they will be encouraged or punished respectively. And finally, in order to calculate the indirect trust, the eva‎luated recommendations are dynamically weighted. Trust aggregation is based on a weighted sum in a form that direct and indirect trust weigh dynamically. According to the results obtained in the experimental eva‎luation, the proposed approach is resistant to false recommendations despite the presence of 80 percent of malicious nodes and is able to fully detect them, also the speed of trust convergence is increased and improved by 44 percent compared to the previous related work and has considered dynamic environment of fog computing.

رايانش ابري , امنيت شبكه , اعتماد , مديريت اعتماد , حملات مبتني بر اعتماد , تباني

Fog Computing , Network Security , Trust , Trust Management , Trust-Based Attacks , Collusion

Amir Hossein Langaroudi

Dr. Mohammad Abdollahi Azgomi