A machine learning based authentication and intrusion detection scheme for IoT users anonymity preservation in fog environment

Authentication is a critical challenge in fog computing security, especially as fog servers provide services to many IoT users. The conventional authentication process often requires disclosing sensitive personal information, such as usernames, emails, mobile numbers, and passwords that end users are reluctant to share with intermediary services (i.e., Fog servers). With the rapid growth of IoT networks, existing authentication methods often fail to balance low computational overhead with strong security, leaving systems vulnerable to various attacks, including unauthorized access and data interception. Additionally, traditional intrusion detection methods are not well-suited for the distinct characteristics of IoT devices, resulting in a low accuracy in applying existing anomaly detection methods. In this paper, we incorporate a two-step authentication process, starting with anonymous authentication using a secret ID with Elliptic Curve Cryptography (ECC), followed by an intrusion detection algorithm for users flagged as suspicious activity. The scheme allows users to register with a Cloud Service Provider (CSP) using encrypted credentials. The CSP responds with a secret number reserved in the Fog node for the IoT user. To access the services provided by the Fog Service Provider (FSP), IoT users must submit a secret ID. Furthermore, we introduce a staked ensemble learning approach for intrusion detection that achieves 99.86% accuracy, 99.89% precision, 99.96% recall, and a 99.91% F1-score in detecting anomalous instances, with a support count of 50,376. This approach is applied when users fail to provide a correct secret ID. Our proposed scheme utilizes several hash functions through symmetric encryption and decryption techniques to ensure secure end-to-end communication.