Title: DVF-fog: distributed virtual firewall in fog computing based on risk analysis
Authors: Ferdaous Kamoun-Abid; Amel Meddeb-Makhlouf; Faouzi Zarai; Mohsen Guizani
Addresses: Research Unit in New Technologies and Systems of Telecom (NTSCOM), ENETCOM, Route de Tunis, city el Ons, Technopôle of Sfax, Sfax, Tunisia ' Research Unit in New Technologies and Systems of Telecom (NTSCOM), ENETCOM, Route de Tunis, city el Ons, Technopôle of Sfax, Sfax, Tunisia ' Research Unit in New Technologies and Systems of Telecom (NTSCOM), ENETCOM, Route de Tunis, city el Ons, Technopôle of Sfax, Sfax, Tunisia ' Department of Computer Science and Engineering, Qatar University, Al-Jamea Street, 2713, Doha, Qatar
Abstract: To eliminate network saturation during data exchanges, fog computing is deployed as the technology that benefits from both cloud computing and internet of things (IoT) paradigms. Therefore, we focus on network access control issues that are considered as grave challenges in a distributed environment such as fog/cloud computing. Therefore, we present an architecture for distributed fog with a divided topology into zones and implement distributed firewall/controller. This way, we can combine user-based access control and distributed network-based access control based on risk analysis and estimation. The simulation results show that our proposed technique improves the network performance in terms of throughput and blocking rate and it is able to prevent DDoS. Furthermore, the comparison with existing approaches based on the openstack framework illustrates that the fog-based distributed virtual firewall (DVF) approach decreases significantly the false positive rate (FPR) to be 0.0942% and increases the true positive rate (TPR) to be 99.9%.
Keywords: fog computing; access control; distributed firewall; risk analysis; cooperative controller.
DOI: 10.1504/IJSNET.2019.101242
International Journal of Sensor Networks, 2019 Vol.30 No.4, pp.242 - 253
Received: 11 Oct 2018
Accepted: 22 Mar 2019
Published online: 29 Jul 2019 *