A two-layer cloud-fog intrusion detection system using enhanced KNN and MLP neural networks

The concept of the Internet of Things (IoT) and its countless applications are considered as an inseparable part of the modern technology era. The placement of IoT- based devices and their limitations make the environment more vulnerable due to its openness. Security plays a critical role in IoT applications due to the pervasiveness of the IoT in all of the aspects in daily life. On the other hand, final devices such as their limited computing power, large number of devices connected to each other, and communication between devices and users do not allow for using traditional methods to solve security issues. Intrusion detection systems (IDSs) which can separate malicious traffic from normal mode are among the effective solutions in this field. the installed IDS should be highly accurate and lightweight to affect accuracy. In order to bring services closer to electronic devices, a concept called “fog” has emerged. A large number of studies have been conducted to make the light IDS for IoT networks utilizing various methods. The present study aims to proposea two-layer hierarchical IDS based on machine learning, which detects attacks by considering the limitations of IoT resources. In order to create an efficient and accurate IDS, the combination of two improved K-nearest neighbor (KNN) algorithms and a multi-layer perceptron (MLP) neural network was applied in the fog and cloud to separate the attacks from normal traffic, respectively. we evaluated our proposed method using IOT23 dataset. The results prove the improvement in accuracy, compared to the previous methods.