International Journal of Computer Science Trends and Technology (IJCST) – Volume 12 Issue 6, Dec - Sep 2024

RESEARCH ARTICLE OPEN ACCESS

Fog Security Review: Threats, Countermeasures, and

Future Research Directions
Arushi Shrivastava, Khushboo Panjwani, Goldi Soni
MCA 1st Semester, Amity University, Raipur
MCA 1st Semester, Amity University, Raipur
Assistant Professor, Amity University, Raipur
ABSTRACT
A key component of processing data closer to the network edge is fog computing, an extension of cloud
computing that offers improved scalability, real-time processing capabilities, and reduced latency. But as fog
computing becomes more widely used, so do the security issues that come with it. This paper provides an
extensive overview of the risks that fog security is now facing, from denial-of-service assaults and data breaches
to privacy issues in dispersed environments. It examines current defences against fog's distinct architecture, such
as intrusion detection systems, access control methods, and encryption protocols. Additionally, the decentralized
nature of fog computing makes it more difficult to guarantee security across a variety of environments and
devices, which makes threat mitigation efforts much more challenging. This review also examines the gaps that
exist between the state-of-the-art security solutions and the rapidly changing fog computing world, highlighting
areas that require more investigation. Improving privacy-preserving methods, creating strong authentication
systems, and resolving the scalability issues related to extensive fog deployments are important future
directions. The need for creative, adaptable security solutions will only grow as fog computing develops,
demanding ongoing attention from both academics and business. The purpose of this study is to give researchers
and practitioners who are working to secure fog computing infrastructures, a basic understanding.
Keywords: Fog Computing, Fog Security, Distributed Architecture, Threats and Countermeasures, Privacy
Preserving Techniques, Intrusion Detection Systems

I. INTRODUCTION them appealing targets for cyberattacks. Data

breaches, unauthorized access, denial of service
Fog computing has become an essential component (DoS) assaults, and privacy violations are among
of cloud computing due to the Internet of Things' the main security problems in fog environments.
(IoT) explosive growth and the growing need for Moreover, creating standardized security solutions
real-time data processing. Fog computing, as is made more difficult by the variety of hardware
opposed to centralized cloud models, moves and software configurations found in fog systems.
intelligence, processing, and data storage closer to
the network's edge, lowering latency and The objective of this review paper is to conduct a
facilitating more responsive applications, thorough analysis of the existing dangers
particularly in latency-sensitive industries like confronting fog computing infrastructures and the
healthcare, smart cities, and driverless cars. strategies used to reduce these risks. Through an
However, the traditional cloud security solutions examination of the advantages and drawbacks of
are unable to adequately handle the new security current remedies, this paper underscores the
vulnerabilities brought about by fog computing's persistent difficulties in safeguarding fog
decentralized and distributed nature. environments and pinpoints the future research
paths required to progress in this area. As fog
Operating at the edge of the network, fog nodes are computing advances, the demand for strong,
frequently very heterogeneous, geographically expandable, and flexible security solutions
distributed, and resource-constrained, which makes becomes more and more crucial.

ISSN: 2347-8578 www.ijcstjournal.org Page 5

International Journal of Computer Science Trends and Technology (IJCST) – Volume 12 Issue 6, Dec - Sep 2024

Cloud

Fog

Fig 1. Fog computing

II. LITERATURE REVIEW With IoT devices constrained by resources and

traditional cloud-based security solutions falling
(Jianbing Ni et al., 2018) [1], provides a brief of the short, the authors advocate for a security approach
privacy concerns in the realm of fog computing, based on fog computing to bolster IoT security.
particularly when implemented in IoT The paper emphasizes how the fog provides
environments. Notable challenges include the localized processing and data storage, and how to
decentralized nature of fog nodes, which gives rise provide a decrease in delays and risks related to
to vulnerabilities like detecting rogue nodes, centralized cloud infrastructure. It considers the
exposing data privacy, and leaking location main security issues, such as certification,
privacy. The paper also examines various remedies confidentiality, integrity, and accessibility. The
tailored for fog environments, including proposed mechanism counters several common
encryption, authentication, and access control attacks on these attributes, providing a lighter and
mechanisms. It stresses the importance of adaptable more scalable solution than existing public key
and scalable security protocols that can function in infrastructure (PKI) systems, which often incur
real-time to accommodate the ever-changing nature high computational and memory overhead.
of IoT networks. In addition, the research delves
into different security frameworks and architectures (Xiuzhen Cheng et al., 2017) [3], explores how fog
presented by both the corporate sector and computing might help with important digital issues
educational institutions. This includes Cisco's IOx in IoT settings. The authors draw attention to the
service and the OpenFog Consortium, which have shortcomings of conventional cloud models for the
the objective of establishing standardized fog Internet of Things, highlighting the ways in which
computing practices. The potential of integrating fog computing can improve data security and
fog with other innovations like 5G and edge lessen attacks such as Denial of Service (DoS) by
computing to improve the performance and security allocating computing resources closer to the
of IoT applications is also examined. network edge. Additionally, they suggest a fog-
based certificate revocation technique that enhances
(Nadeem Abbas et al., 2019) [2], delves into the IoT security efficiency by lowering communication
potential of fog computing in mitigating security overhead and speeding up reaction times.
issues within IoT (Internet of Things) settings.

ISSN: 2347-8578 www.ijcstjournal.org Page 6

International Journal of Computer Science Trends and Technology (IJCST) – Volume 12 Issue 6, Dec - Sep 2024

(Yehia I. Alzoubi et al., 2020) [4], provides a on how fogging has brought cloud features or
thorough analysis of the digital issues related to attributes to the edge, enabling low-latency
fogging in IoT contexts. It demonstrates how fog applications like smart healthcare systems and
computing, which runs close to the network edge, Internet of Things sensors. Trust management,
lowers latency and speeds up IoT applications' authentication, secure communication, privacy
reaction times. The study also highlights the main protection, and defense against malevolent assaults
security issues brought on by fog nodes dispersed are among the security issues that have been
and resource-constrained design. The study brought to light. The authors go into a number of
highlights that although fog computing provides remedies, including authentication procedures,
localized security advantages including data privacy-preserving techniques, and fog forensics.
encryption and real-time threat detection, its Interestingly, they examine technologies such as
decentralized architecture also creates new threats. elliptic curve cryptography (ECC), which is
The authors examine a number of risk-reduction thought to be more effective in fog conditions than
strategies, such as improved intrusion detection more conventional techniques like RSA. Mutual
systems and access control mechanisms and came authentication approaches and intrusion detection
to the conclusion that, in spite of notable progress, systems are also suggested as ways to protect fog
fogging is still in developing and that much more node-to-fog communication.
has to be done to adequately handle the constantly
changing threats. The study also discusses open research difficulties,
including scalability, safe protocols for
(Deepak Puthal et al., 2019) [5], outlines the dynamically joining or departing fog nodes, and
security concerns of fog computing, a decentralized cross-border data issues. Additionally, it
computing infrastructure that brings cloud services investigates possible avenues for enhancing fog
to the network's edge. Although fog computing network security in the future using cutting-edge
lowers latency and speeds up data processing, its methods like user behavior tracking and decoy
distributed architecture creates new security risks technologies.
for IOT (Internet of Things) devices. The sensor
layer, middleware layer, and fog server are the (Mithun Mukherjee et al., 2017) [7], highlights the
three main levels of fog computing that are security and protection issues characteristic to mist
identified in the study. Every tier has unique computing, which expands cloud administrations to
security issues to deal with: the arrange edge. Whereas mist computing
decreases inactivity and offloads cloud information
centres, its attributes—such as portability,
(i)Sensing Layer: Open to physical tampering of heterogeneity, and wide ranging geo-
IoT devices, data injection, and spoofing attacks. arrangement—create noteworthy challenges that
(ii) Threats to the middleware layer include denial- conventional cloud-based security models cannot
of-service (DoS) attacks, in which hostile nodes appropriately address. The paper gives a
obstruct data delivery, Sybil attacks, and data comprehensive audit of these security concerns,
interception. counting issues related to the security of
(iii) Fog Server: Vulnerable to more sophisticated information prepared in topographically
threats that take advantage of flaws in disseminated and portable situations. It moreover
communication and authentication protocols, such analyses the potential assaults and vulnerabilities
as social engineering, DDoS attacks, and session particular to haze systems, such as man-in-the-
hijacking. middle, information spillage, and unauthorized get
The paper suggests a number of security solutions, to.
such as intrusion detection systems (IDS), secure (Aleksandr Ometov et al., 2022) [8], extensively
protocols (such as TLS and IPSec), firewall setups, examines the digital protection challenges present
cryptography, and safe programming techniques. in Cloud, Edge, and Fog computing paradigms,
To properly manage the enormous number of emphasizing their distinct architectures and
connected devices, it also highlights the necessity computing capabilities. The paper identifies critical
of privacy preservation and improved scalability security threats and privacy issues, particularly
solutions. emphasizing the complexity of implementing
(Sourav Kunal et al., 2019) [6], offers a thorough uniform security measures across the diverse
analysis of fogging systems and the security ecosystem. It also evaluates the similarities and
concerns that go along with it. The study focuses differences in security vulnerabilities among the
different paradigms and explores various

ISSN: 2347-8578 www.ijcstjournal.org Page 7

International Journal of Computer Science Trends and Technology (IJCST) – Volume 12 Issue 6, Dec - Sep 2024

approaches to address these challenges, including computing, such as Advanced Persistent Threats
diverse deployment strategies to enhance privacy (APTs), account capturing, and Denial of Service
and security measures. The paper also emphasizes (DoS) assaults. The survey distinguishes common
how the move from conventional frameworks to security holes in Fog applications, which are
disseminated computing models has expanded the regularly driven by client usefulness requests and
requirement for vigorous security arrangements. security measures.
The paper too addresses comparable innovations
Rahman and Wen (2018), highlights fogging as an like edge computing, fog, and small information
expansion of cloud administrations towards centres, giving a comprehensive comparison of
organize edge. It examines key applications like their security concerns. The authors concluded with
smart grid and healthcare, emphasizing fog's recommendations for future investigate headings,
capacity to diminish inactivity by preparing highlighting the significance of joining vigorous
information locally. The paper moreover addresses security components into the plan of Fog
security challenges such as information security, frameworks to address dangers such as unreliable
versatility bolster, and heterogeneity, whereas APIs.
proposing that mist computing underpins real-time
applications more successfully than cloud models. Soni(2022) [11], in the paper stated that the
Internet of Things (IoT) is relying more and more
(Saad Khan et al., 2017) [10], investigates the on big data as it offers insights into consumer
security challenges related with Fog computing, a behaviour, asset utilisation, and preventative
worldview expanding cloud administrations to the maintenance. Big data can be employed in the IoT
edge of the arrange. Fog computing offers to gather, store, analyse, and act on data from
decentralized information handling, making it connected devices, sensors, and other sources. The
perfect for real-time, location-sensitive applications system may be made more effective and efficient
like IoT (Internet of Things). with the use of this data, which can also give
The paper emphasizes that this engineering brings important insights into how customers behave and
critical security dangers, as Mist computing how assets are utilised.
acquires numerous vulnerabilities from cloud

III. COMPARISON OF RELATED RESEARCH WORK

The following table provides a comprehensive comparison of several research papers focused on the fog
security. It outlines key aspects such as the paper titles, authors, years of publication, the primary focus of each
study, the security measures addressed, countermeasures taken, methodology or approach used and the future
directions proposed.

TABLE I
COMPARISON OF RESEARCH WORK

Paper Title Author Year Research Focus Security Threats Proposed Methodology/
Addressed Countermeasures Approach
Securing Fog Jianbing 2018 Focuses on Data breaches, Proposes a one-way Uses a
Computing for Ni et al. safeguarding man-in-the- encryption framework combination of
Internet of mechanisms and middle (MITM) for secure data cryptography and
Things information attacks, and sharing and blockchain to
Applications: integrity in distributed denial authentication. establish a
Challenges and fogging. of service secure,
Solutions (DDoS). decentralized
framework for
fog nodes.
A Mechanism Nadeem 2019 Emphasizes Insider threats, Focuses on key Proposes a
for Securing Abbas et secure access DDoS, and man- management schemes hierarchical key
IoT-enabled al. control in large- in-the-browser for secure management
Applications at scale fog attacks in fog authentication and scheme for

ISSN: 2347-8578 www.ijcstjournal.org Page 8

International Journal of Computer Science Trends and Technology (IJCST) – Volume 12 Issue 6, Dec - Sep 2024

the Fog Layer networks with nodes. cryptographic authentication in

IoT devices. protocols. large-scale fog
environments,
validated with
security analysis
and simulations.
An overview of Sourav 2019 Studies Data Uses homomorphic Utilizes
Cloud-Fog Kunal et encryption confidentiality encryption and secure encryption
Computing: al. techniques to breaches, edge multi-party techniques
Architectures, safeguard device computation (SMC) optimized for
Applications sensitive data in vulnerabilities, for secure data edge devices and
with Security fog and IoT and network processing and proposes
Challenges environments. attacks. storage. frameworks for
reducing the
computational
overhead of these
systems.
Fog Computing, Gohar 2018 Analyzes the External attacks Proposes a hybrid Incorporates
Applications, Rahman intrusion such as botnets, intrusion detection machine learning
Security and detection insider threats, system using AI algorithms for
Challenges, systems (IDS) in and DDoS. techniques such as anomaly
Review fog computing machine learning for detection and
environments. dynamic threat pattern
detection. recognition in
large fog
networks.
Fog Computing Saad 2017 Investigates Unauthorized Introduces a novel Introduces a
Security: A Khan et lightweight access, malicious lightweight distributed,
Review of al. security node attacks, and encryption scheme lightweight
Current solutions for data privacy. combined with access encryption
Applications resource- control policies. protocol that
and Security constrained fog emphasizes low
Solutions networks. latency.

IV. CONCLUSION display progressing challenges for actualizing

viable and adaptable security arrangements.
Fog computing presents a transformative
arrangement for overseeing information closer to Looking ahead, future inquire about security in fog
the edge of systems, empowering quicker handling, computing by upgrading privacy-preserving
and decreased inactivity. This decentralized strategies, fortifying confirmation systems, and
engineering presents a special set of security creating versatile security measures of taking care
challenges that got to be tended to guarantee its of large-scale and different systems. Collaboration
broad selection. This review has highlighted between the educational community, industry, and
different dangers to fog computing, counting government bodies is fundamental to progress in
information breaches, denial of service attacks, and fog security and make strong systems for its secure
security infringement, which can compromise the integration into basic foundations. As fog
astuteness, privacy, and accessibility of computing proceeds to advance, so must the
information. security procedures that secure it, guaranteeing that
this promising innovation can be sent securely and
Whereas a few countermeasures, such as successfully.
encryption conventions, get to control components,
and interruption location frameworks, have been V. FUTURE SCOPE
created to moderate these dangers, they stay
inadequately to completely address the energetic The need for more resilient and adaptable security
and dispersed nature of fog situations. The solutions will only grow as fog computing develops
heterogeneity of gadgets, real-time information and becomes more popular across a range of
preparing necessities, and the scale of arrangements businesses. Fog computing's decentralized structure
and proximity to clients and Internet of Things

ISSN: 2347-8578 www.ijcstjournal.org Page 9

International Journal of Computer Science Trends and Technology (IJCST) – Volume 12 Issue 6, Dec - Sep 2024

(IoT) devices provide special vulnerabilities that [3] Xiuzhen Cheng, Arwa Alrawais, Abdulrahman
call for innovative methods of attack detection and Alhothaily, Chunqiang Hu, "Fog Computing for the
avoidance. Future studies should concentrate on Internet of Things: Security and Privacy Issues",
creating all-encompassing security frameworks that IEEE Internet Computing March 2017.
can handle the wide variety of fog computing-
related devices, networks, and protocols. [4] Yehia I Alzoubi, Valmira H. Osmanaj, Ashraf
Jaradat, Ahmad Al-Ahmad, "Fog Computing
Improving privacy-preserving methods is one Security and Privacy for the Internet of Thing
interesting field for future research. It will be applications: State-of-the-art", Security Privacy,
crucial to maintain data secrecy without sacrificing 2020.
efficiency when fog nodes process enormous
volumes of sensitive data. While methods like [5] Deepak Puthal, Saraju P. Mohanty, Sanjivani
unfair privacy, privacy preserving computation, Ashok Bhavake, Graham Morgan, Rajiv Ranjan,
and parallel encoding present viable avenues, more "Fog Computing Security Challenges and Future
development and optimization for fog situations are Directions", IEEE Consumer Electronics Magazine
required. May 2019.

Another key focus area is the development of [6] Sourav Kunal, Arijit Saha, Ruhul Amin, "An
lightweight, scalable authentication and access overview of Cloud-Fog Computing: Architectures,
control mechanisms that can operate efficiently Applications with Security Challenges", Security
across large-scale, distributed fog networks. Privacy, 2019.
Traditional security measures designed for [7] Mithun Mukherjee, Rakesh Matam, Lei Shu,
centralized cloud systems are often inadequate for Leandros Maglaras, Mohamed Amine Ferrag,
the decentralized fog architecture. Future solutions Nikumani Choudhury, Vikas Kumar, “Security and
must balance security with low-latency processing Privacy in Fog Computing: Challenges”, IEEE
to meet the real-time demands of fog-based Access, Volume 5, 2017.
applications.
[8] Aleksandr Ometov, Oliver Liombe Molua,
Moreover, there is a growing need for adaptive Mikhail Komarov, Jari Nurmi, "A Survey of
intrusion detection and prevention systems (IDPS) Security in Cloud, Edge, and Fog Computing",
capable of handing the dynamic and heterogeneous Sensors 2022, 22, 927.
nature of fog environments. AI-driven security
models, leveraging machine learning and data [9] Gohar Rahman, Chuah Chai Wen "Fog
analytics, could provide more accurate threat Computing, Applications, Security and Challenges,
detection while minimizing false positives. Review", International Journal of Engineering &
Technology, 7 (3) (2018) 1615-1621.
In conclusion, the future of fog security research
lies in creating flexible, scalable, and intelligent [10] Saad Khan, Simon Parkinson, Yongrui Qin,
solutions that can keep pace with the evolving "Fog Computing Security: A Review of Current
complexity of fog ecosystems. This will require Applications and Security Solutions", Journal of
ongoing collaboration between academia, industry, Cloud Computing: Advances, Systems and
and government bodies to ensure that fog Applications (2017) 6:19.
computing can reach its full potential securely.
[11]Goldi Soni, “Data Science: Significance of big
REFERENCES data in internet of things” NeuroQuantology
(2022) 20(21) 607-606.
[1] Jianbing Ni, Xiaodong Lin, "Securing Fog
Computing for Internet of Things Applications:
Challenges and Solutions", IEEE Communications
Surveys & Tutorials, Vol. 20, No. 1, First Quarter
2018.

[2] Nadeem Abbas, Muhammad Asim, Noshina

Tariq, Thar Baker, Sohail Abbas, "A Mechanism
for Securing IoT-enabled Applications at the Fog
Layer", J. Sens. Actuator Netw. 2019, 8, 16.

ISSN: 2347-8578 www.ijcstjournal.org Page 10