Biblio

In addition to the feature of real-time analytics, fog computing allows detection nodes to be located at the edges of the network. On the other hand, intrusion detection systems require prompt and accurate attack analysis and detection. These systems must promptly respond appropriately to an event. Increasing the speed of data transfer and response requires less bandwidth in the network, reducing the data sent to the cloud and increasing information security as some of the advantages of using detection nodes at the edges of the network in fog computing. The use of neural networks in the analyzer engine is important for the low consumption of system resources, avoidance of explicit production of detection rules, detection of known deformed attacks, and the ability to manage noise and outlier data. The current paper proposes and implements the architecture of network intrusion detection nodes in fog computing, in addition to presenting the proposed fog network architecture. In the proposed architecture, each node can, in addition to performing intrusion detection operations, observe the nodes around it, find the compromised node or intrusion node, and inform the nodes close to it to disconnect from that node.