An Analytical Study of Security Mechanisms for Data Theft Attacks in Fog Computing | IJCT Volume 13 – Issue 1 | IJCT-V13I1P24
International Journal of Computer Techniques
ISSN 2394-2231
Author
Vina Gauta, Ujwal Lanjewar
Abstract
Fog computing extends cloud computing capabilities to the network edge, enabling low-latency and real-time services for data-intensive applications. However, the decentralized, heterogeneous, and resource-constrained nature of fog environments makes them highly vulnerable to data theft attacks. Such attacks threaten data confidentiality, user privacy, and overall system integrity across multiple architectural layers. This paper presents an analytical study of security mechanisms designed to mitigate data theft attacks in fog computing. The study examines the fog computing architecture and security model, analyzes the threat landscape and attack surfaces, and classifies major data theft attacks, including eavesdropping, compromised fog nodes, insider attacks, man-in-the-middle attacks, and side-channel leakage. Furthermore, the paper reviews and categorizes existing mitigation techniques such as cryptographic methods, authentication and access control, intrusion detection systems, trust and reputation management, deception-based approaches, and secure storage mechanisms. A comparative analysis highlights the strengths and limitations of these mechanisms. Finally, open challenges and future research directions are discussed to support the development of secure and resilient fog computing systems.
Keywords
Fog Computing; Data Theft Attacks; Security Mechanisms; Data Confidentiality; Privacy Preservation; Intrusion Detection Systems; Access Control
Conclusion
Fog computing improves low-latency data processing but introduces serious risks of data theft due to its decentralized nature. This paper analyzed key data theft attacks and existing security mechanisms in fog computing. The study highlights that no single technique is sufficient and that layered, hybrid security approaches offer better protection. Future work should focus on lightweight and adaptive security solutions for dynamic fog environments.
References
[1] F. Bonomi, R. Milito, J. Zhu, and S. Addepalli, “Fog computing and its role in the Internet of Things,” Proc. ACM MCC Workshop on Mobile Cloud Computing, Helsinki, Finland, 2012, pp. 13–16.
[2] M. Chiang and T. Zhang, “Fog and IoT: An overview of research opportunities,” IEEE Internet of Things Journal, vol. 3, no. 6, pp. 854–864, Dec. 2016.
[3] S. Yi, Z. Hao, Z. Qin, and Q. Li, “Fog computing: Platform and applications,” Proc. IEEE HotWeb, Washington, DC, USA, 2015, pp. 73–78.
[4] R. Roman, J. Lopez, and M. Mambo, “Mobile edge computing, fog et al.: A survey and analysis of security threats and challenges,” Future Generation Computer Systems, vol. 78, pp. 680–698, Jan. 2018.
[5] P. Hu, H. Ning, T. Qiu, Y. Xu, X. Luo, and A. Y. Zomaya, “Survey on fog computing: Architecture, key technologies, applications and open issues,” Journal of Network and Computer Applications, vol. 98, pp. 27–42, Nov. 2017.
[6] A. Alrawais, A. Alhothaily, C. Hu, and X. Cheng, “Fog computing for the Internet of Things: Security and privacy issues,” IEEE Internet Computing, vol. 21, no. 2, pp. 34–42, Mar.–Apr. 2017.
[7] M. Mukherjee, L. Shu, and D. Wang, “Survey of fog computing: Fundamental, network applications, and research challenges,” IEEE Communications Surveys & Tutorials, vol. 20, no. 3, pp. 1826–1857, 2018.
[8] T. Alladi, V. Chamola, and N. Kumar, “PARTH: A framework for privacy-preserving authentication of IoT devices in fog computing,” IEEE Internet of Things Journal, vol. 6, no. 2, pp. 3656–3668, Apr. 2019.
[9] N. Santos, K. P. Gummadi, and R. Rodrigues, “Toward trusted cloud computing,” Proc. USENIX HotCloud, San Diego, CA, USA, 2009.
[10] Y. Xiao and M. Krunz, “Distributed detection of insider attacks in fog computing,” IEEE Transactions on Information Forensics and Security, vol. 12, no. 3, pp. 748–761, Mar. 2017.
[11] Z. Guan, X. Liu, and L. Wu, “Trust management for fog computing,” IEEE Communications Magazine, vol. 56, no. 1, pp. 88–94, Jan. 2018.
[12] A. Abeshu and N. Chilamkurti, “Deep learning: The frontier for distributed attack detection in fog computing,” IEEE Communications Magazine, vol. 56, no. 2, pp. 169–175, Feb. 2018.
[13] R. Roman, J. Zhou, and J. Lopez, “On the features and challenges of security and privacy in distributed Internet of Things,” Computer Networks, vol. 57, no. 10, pp. 2266–2279, Jul. 2013.
[14] C. Song, J. Zhang, and W. Xu, “Traffic analysis attacks in IoT networks,” IEEE INFOCOM Workshops, Honolulu, HI, USA, 2018.
[15] K. Zhang, J. Ni, K. Yang, X. Liang, J. Ren, and X. Shen, “Security and privacy in smart city applications,” IEEE Communications Magazine, vol. 55, no. 1, pp. 122–129, Jan. 2017.
[16] J. Liu, Y. Xiao, and C. Chen, “Insider attack detection in fog computing,” Future Generation Computer Systems, vol. 82, pp. 1–12, May 2018.
[17] S. Sicari, A. Rizzardi, L. Grieco, and A. Coen-Porisini, “Security, privacy and trust in Internet of Things,” Computer Networks, vol. 76, pp. 146–164, Jan. 2015.
[18] Y. Zhou, F. R. Yu, J. Chen, and Y. Kuo, “Cyber-physical-social systems: A state-of-the-art survey,” IEEE Communications Surveys & Tutorials, vol. 22, no. 1, pp. 389–425, 2020.
[19] Y. Yarom and K. Falkner, “FLUSH+RELOAD: A high resolution, low noise, L3 cache side-channel attack,” USENIX Security Symposium, San Diego, CA, USA, 2014.
[20] J. Bethencourt, A. Sahai, and B. Waters, “Ciphertext-policy attribute-based encryption,” IEEE Symposium on Security and Privacy, Oakland, CA, USA, 2007.
[21] X. Liu, Y. Zhang, B. Wang, and J. Yan, “Secure data sharing in fog computing using attribute-based encryption,” IEEE Access, vol. 6, pp. 37544–37553, 2018.
[22] C. Gentry, “Fully homomorphic encryption using ideal lattices,” Proc. ACM STOC, Bethesda, MD, USA, 2009.
[23] L. Zhou, Y. Li, K. Chen, and Y. Nan, “Lightweight authentication protocol for fog computing,” IEEE Internet of Things Journal, vol. 6, no. 2, pp. 2793–2804, Apr. 2019.
[24] A. Ouaddah, A. Abou Elkalam, and A. Ait Ouahman, “Access control in the Internet of Things,” Computer Networks, vol. 112, pp. 237–262, Jan. 2017.
[25] Y. Meidan et al., “N-BaIoT: Network-based detection of IoT botnet attacks,” IEEE Pervasive Computing, vol. 17, no. 3, pp. 12–22, Jul.–Sep. 2018.
[26] A. A. Diro and N. Chilamkurti, “Distributed attack detection using deep learning approach,” IEEE Communications Magazine, vol. 56, no. 2, pp. 56–62, Feb. 2018.
[27] M. Roopak, G. Y. Tian, and J. Chambers, “Deep learning-based intrusion detection system for fog computing,” IEEE Access, vol. 7, pp. 164034–164047, 2019.
[28] Z. Yan, P. Zhang, and A. Vasilakos, “A survey on trust management for Internet of Things,” Journal of Network and Computer Applications, vol. 42, pp. 120–134, Jul. 2014.
[29] S. Wang, J. Zhang, and Y. Zhang, “Trust evaluation in fog computing,” IEEE Access, vol. 7, pp. 43690–43702, 2019.
[30] N. K. Sharma and S. K. Sood, “Decoy-based data protection for fog computing,” Computers & Security, vol. 88, Jan. 2020.
[31] S. Stolfo et al., “Decoy documents: Detecting insider threats,” Proc. ACM CCS Workshop, Raleigh, NC, USA, 2012.
[32] V. Costan and S. Devadas, “Intel SGX explained,” IACR Cryptology ePrint Archive, 2016.
[33] H. Almutairi, M. Aldossary, and A. Alqahtani, “Security challenges and solutions in fog computing,” IEEE Access, vol. 7, pp. 13673–13686, 2019.
[34] A. Botta, W. de Donato, V. Persico, and A. Pescapé, “Integration of cloud computing and Internet of Things,” Future Generation Computer Systems, vol. 56, pp. 684–700, Mar. 2016.
[35] M. Chen, Y. Hao, K. Hwang, L. Wang, and L. Wang, “Disease prediction by machine learning over big data from healthcare communities,” IEEE Access, vol. 5, pp. 8869–8879, 2017.
[36] S. Yi, C. Li, and Q. Li, “A survey of fog computing,” ACM SIGCOMM Computer Communication Review, vol. 45, no. 4, pp. 37–42, 2015.
[37] K. Salah, M. H. Rehman, N. Nizamuddin, and A. Al-Fuqaha, “Blockchain for AI: Review and open research challenges,” IEEE Access, vol. 7, pp. 10127–10149, 2019.
[38] L. Nguyen et al., “Federated learning for intrusion detection,” IEEE Internet of Things Journal, vol. 8, no. 3, pp. 1626–1642, 2021.
[39] T. Nguyen, D. Hoang, and P. Niyato, “A survey of trust management in distributed systems,” IEEE Transactions on Dependable and Secure Computing, 2019.
[40] S. Chakraborty et al., “Adversarial attacks and defenses,” IEEE Security & Privacy, vol. 17, no. 2, pp. 72–78, 2019.
[41] M. Fraunholz et al., “HoneyFog: Decoy-based security for fog computing,” IFIP Networking Conference, 2018.
[42] J. Salem et al., “Behavior-based insider threat detection,” Computers & Security, vol. 87, 2019.
[43] X. Li, J. Liu, and S. Kumari, “Dynamic trust management for fog computing,” Future Generation Computer Systems, vol. 92, pp. 749–760, 2019.
[44] Q. Yang et al., “Federated learning,” ACM Transactions on Intelligent Systems and Technology, vol. 10, no. 2, 2019.
[45] B. Biggio and F. Roli, “Wild patterns: Ten years after adversarial machine learning,” Pattern Recognition, vol. 84, pp. 317–331, 2018.
How to Cite This Paper
Vina Gauta, Ujwal Lanjewar (2025). An Analytical Study of Security Mechanisms for Data Theft Attacks in Fog Computing. International Journal of Computer Techniques, 12(6). ISSN: 2394-2231.
