Computer Engineering and Applications ›› 2020, Vol. 56 ›› Issue (10): 63-68.DOI: 10.3778/j.issn.1002-8331.1902-0064

Previous Articles     Next Articles

Detection Scheme of Impersonation Attack Based on DQL Algorithm in Fog Computing

MENG Yuan, TU Shanshan, YU Jinliang   

  1. 1.Faculty of Information Technology, Beijing University of Technology, Beijing 100124, China
    2.Beijing Key Laboratory of Trusted Computing, Beijing 100124, China
  • Online:2020-05-15 Published:2020-05-13

雾计算中基于DQL算法的伪装攻击检测方案

孟远,涂山山,于金亮   

  1. 1.北京工业大学 信息学部,北京 100124
    2.可信计算北京市重点实验室,北京 100124

Abstract:

Fog computing is a technology that provides distributed computing, storage and other services between cloud data centers and Internet of Things(IoT) devices. It can utilize network edges to authenticate and provide ways to interact with the clouds. In fog computing, traditional security technology is not perfect enough to realize the security between users and fog nodes. It still faces security threats such as eavesdropping attack and impersonation attack, which poses new challenges to detection technology. To solve this problem, an impersonation attack detection scheme based on DQL(Double Q-learning) algorithm for fog computing is proposed. With the help of channel parameters in the physical layer security technology, at first this proposed scheme processes the overestimation of Q value on the basis of Q-learning algorithm to obtain the optimal impersonation attack test threshold. Then the detection of impersonation attack between users and fog nodes is realized by this threshold. Finally, experimental results show that this algorithm is better than the traditional Q-learning algorithm in detecting impersonation attack, and has advantages in the security protection of fog computing.

Key words: fog computing, reinforcement learning, impersonation attack, physical layer security, attack detection

摘要:

雾计算是一种在云数据中心和物联网(Internet of Things,IoT)设备之间提供分布式计算、存储等服务的技术,它能利用网络边缘进行认证并提供与云交互的方法。雾计算中以传统的安全技术实现用户与雾节点间安全性的方法不够完善,它仍然面对着窃听攻击、伪装攻击等安全威胁,这对检测技术提出了新的挑战。针对这一问题,提出了一种基于DQL(Double Q-learning)算法的雾计算伪装攻击检测方案。该方案借助物理层安全技术中的信道参数,首先在Q-learning算法的基础上处理Q值过度估计问题,获取最佳的伪装攻击测试阈值,然后通过阈值实现了用户与雾节点间的伪装攻击检测。实验结果表明,该算法检测伪装攻击的性能优于传统的Q-learning算法,具有在雾计算安全防护方面的优越性。

关键词: 雾计算, 强化学习, 伪装攻击, 物理层安全, 攻击检测