DewIDS: Dew Computing for Intrusion Detection System in Edge of Things

Abstract

Edge of Things (EoT) is a network of edge devices in which sensors, networks, electronics, and software are included. EoT enables uninterrupted data transfer from the cloud layer to edge devices through the Internet. In this transmission, there need strong privacy and security concerns. Although day by day throughout the universe the number of devices is increasing with new features, shapes, sizes, usage, protocol, etc., the conventional method of security and privacy systems are not sufficient to control the ubiquitous EoT. The conventional IDS system does not work on unstable Internet so to overcome this issue we will use Dew computing in the IDS system. With the assistance of the dew server, an individual has more control and adaptability to access data in the absence of an unstable Internet connection. IDS is used to detect different kinds of attacks in the edge layer. But sometimes it fails to detect the false alarm, which may create a severe problem. Various types of network attacks like Malware, MITM, Remote Code Execution, etc. in different networks are detected by Intrusion Detection System (IDS) and prevented by Intrusion Prevention System (IPS). At the time of the detection procedure, several alarms are generated, which decreases the effectiveness of IDS. Using an alarm filter can be a better solution to overcome this type of problem. An intelligent alarm filtration mechanism can be designed by a selective machine-learning-based classifier in DewIDS then DewIPS can block the attempted intrusion or remediate the incident after SOC investigation. This work aims to present a comprehensive survey of existing Dew Computing for Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) in Edge of Things. © 2023 The Author(s),. All rights reserved.