Leveraging LSTM Networks for Attack Detection in Fog-to-Things Communications

The evolution and sophistication of cyber-attacks need resilient and evolving cybersecurity schemes. As an emerging technology, the Internet of Things (IoT) inherits cyber-attacks and threats from the IT environment despite the existence of a layered defensive security mechanism. The extension of the digital world to the physical environment of IoT brings unseen attacks that require a novel lightweight and distributed attack detection mechanism due to their architecture and resource constraints. Architecturally, fog nodes can be leveraged to offload security functions from IoT and the cloud to mitigate the resource limitation issues of IoT and scalability bottlenecks of the cloud. Classical machine learning algorithms have been extensively used for intrusion detection, although scalability, feature engineering efforts, and accuracy have hindered their penetration into the security market. These shortcomings could be mitigated using the deep learning approach as it has been successful in big data fields. Apart from eliminating the need to craft features manually, deep learning is resilient against morphing attacks with high detection accuracy. This article proposes an LSTM network for distributed cyber-attack detection in fog-to-things communication. We identify and analyze critical attacks and threats targeting IoT devices, especially attacks exploiting vulnerabilities of wireless communications. The conducted experiments on two scenarios demonstrate the effectiveness and efficiency of deeper models over traditional machine learning models.