2020 International Conference on Big Data, Artificial Intelligence and Internet of Things Engineering (ICBAIE)

Survey on Edge Computing Security

Huang Zeyu Xia Geming
College of Computer Science and Technology College of Computer Science and Technology
National University of Defense Technology, NUDT National University of Defense Technology, NUDT
Changsha, China Changsha, China
584411366@qq.com xiageming@163.com

Wang Zhaohang Yuan Sen

College of Computer Science and Technology College of Computer Science and Technology
National University of Defense Technology, NUDT National University of Defense Technology, NUDT
Changsha, China Changsha, China
1219383098 @qq.com 2604929112 @qq.com

Abstract—With the advent of the Internet of Everything, to IDC's forecast [1], the total amount of global data will
emerging application scenarios including autonomous driving, increase from 33 zettabytes (ZB) in 2018 to 175 ZB by
immersive games based on VR or AR technology, and Industrial 2025.More than 49% of the data will be stored in the public
Internet of Things have promoted the early development of edge cloud environment. According to the data of iResearch in the
computing technologies. At present, the global mobile "Chinese Intelligent Internet of Things (AIoT) White Paper"
communications industry is moving towards 5G. Since 5G is one [2], it is estimated that the number of IoT connections in China
of the key access technologies to promote large-scale deployment will reach nearly 20 billion in 2025, and the number of V2X
of edge computing, it has made edge computing gain connected vehicles in China will reach 14% of the total. It can
unprecedented attention in the world. However, since the birth of
be predicted that if the existing network structure is kept
edge computing, edge computing security has been a key issue
restricting its implementation and development. The new features
unchanged, the overall communication environment of the
of edge computing, the integration of a large number of new Internet will become worse in the future. At that time, the
technologies, the new application scenarios brought by edge shortcomings of cloud computing, such as high latency,
computing, and people's increasing demands for privacy insufficient bandwidth, high energy consumption, data
protection have brought great challenges to edge computing security and privacy risks will be exposed more fully.
security. This paper reviews the current research status of Therefore, the concept of edge computing has been proposed
research on edge computing security. By analyzing the security and has got attention from all walks of life.
challenges of edge computing in the context of new models, new
Because edge computing deploys computing and storage
application scenarios and new technology environments, this
paper points out the security problems of edge computing in five
resources closer to users, it greatly reduces the delay of data
aspects, including access control, key management, privacy processing. On the one hand, edge nodes can directly deal with
protection, attack mitigation and anomaly detection. The paper some tasks that do not need the capacity of cloud server. On
separately discusses the research achievement of the academic the other hand, they can preprocess the tasks and data that
community in these five areas and analyzes their advantages and need to be transmitted to the cloud server to reduce its
disadvantages. Finally, combining edge cloud collaboration and bandwidth pressure. At the same time, edge computing can
edge intelligence, the future development direction of edge achieve the security and controllability of sensitive data and
computing security is discussed and prospected. user privacy by reducing the chance for user data to be
transmitted on the core network, deploying encryption and
Keywords-edge computing; edge computing security; edge cloud anonymization mechanisms on the edge. Because of these
collaboration; 5G; edge intelligence advantages, edge computing has developed rapidly in recent
years. Although enterprises have complete solutions in the
I. INTRODUCTION application scenarios of edge computing such as intelligent
security, industrial Internet of things, and intelligent connected
Since we entered the era of Internet of everything, the
vehicles [3], there are still some key problems that hinder the
number of various types of networking devices and the amount
rapid implementation of edge computing and edge computing
of data they generate have increased exponentially. According
security is one of them.

978-1-7281-6499-1/20/$31.00 ©2020 IEEE 96

DOI 10.1109/ICBAIE49996.2020.00027

Authorized licensed use limited to: UNIVERSITY OF ROCHESTER. Downloaded on September 19,2020 at 10:02:36 UTC from IEEE Xplore. Restrictions apply.
 Cloud Computing Edge Computing
Model Model

Cloud Computation Center Cloud Computation Center

Core Network Core Network

Switch Switch

Edge Node
Base Station
Router Access Point Base Station Router
Access Point
Edge Node

Mobile
Mobile Communication
PC IoT Devices Communication PC IoT Devices Devices Vehicles
Devices
Figure.1. THE COMPARISON BETWEEN EDGE COMPUTING AND CLOUD COMPUTING MODEL

The comparison between edge computing and cloud In order to solve the existing problems of edge computing
computing model is shown in Fig. 1. In the traditional cloud security, this paper reviews a large number of published
computing model, the focus of privacy protection is to ensure papers on edge computing security from 2016 to early 2020. It
that the data is not leaked, so managers can improve the summarizes the current research status in the field of edge
defense ability of cloud server to resist various attacks [4]. computing security. Hoping to provide some reference and
While edge nodes are deployed in a distributed manner and are help for the current and future research in related fields.
usually placed near the gathering places of people. They have
the characteristics of limited resources, complex environment II. SECURITY RISKS AND CHALLENGES OF EDGE COMPUTING
and heterogeneous network, many traditional security
mechanisms are difficult to be fully applied on them. In order to solve the new security risks brought by edge
Therefore, edge nodes are easy to be invaded by attackers. computing, some research have been carried out in academia.
Because edge nodes will directly connect various IoT devices However, according to the search results in the EI-Compendex
and wearable devices, they will have stronger environmental database, it can be seen from Fig. 2 and Fig. 3 that since the
awareness than cloud servers, and can get more sensitive concept of edge computing was formally proposed in 2016,
information related to users. Because of the vulnerability and the number of papers on edge computing security has
complexity of edge node itself, as well as the sensitivity of the increased but still not much. In recent years, with the rise of
data it can access to, the security of edge computing is crucial edge intelligence and edge cloud collaboration research, edge
and challenging. computing security research is even more lacking, which
reflects the importance and urgency of this research. At
5G is the key access technology to promote the present, the problems concerned by academia in the field of
development of most edge computing applications. As China edge computing security can be grouped into five categories:
continues to accelerate the development of the Industrial access control, key management, privacy protection, attack
Internet [5], edge computing will be gradually deployed as a mitigation, and anomaly detection. Table Ⅰ shows the sources
new type of infrastructure with the popularization of 5G. If of security risks for edge computing in the above five fields.
there is still no complete solution to ensure the security of
edge computing, the network Penetration and network attacks
similar to Stuxnet [6] may have a direct impact on national
security.

97

Authorized licensed use limited to: UNIVERSITY OF ROCHESTER. Downloaded on September 19,2020 at 10:02:36 UTC from IEEE Xplore. Restrictions apply.
A. Access Control Challenges globally, IP video traffic will be 82 percent of all IP traffic
(both business and consumer) by 2022, up from 75 percent in
2017. This prompts people to upgrade the existing host-
1240 centric network to an information-centric network (ICN) [8],
thereby reducing the communication load and delay of the
core network. However, due to the existence of intranet
caching in ICN networks, traditional streaming media access
738 control schemes are not applicable under this architecture.
Successful ICN edge computing deployment relies heavily on
408 an effective decentralized access control mechanism.
286
B. Key Management Challenges
76 46 91
5 10 36 Although edge computing can enable end-to-end
2016 2017 2018 2019 2020 communication of IoT devices using different communication
Edge Computing Edge Security protocols, it still cannot ignore the confidentiality and integrity
of data. Safe and controllable key management are the key to
Figure.2. Trend of edge computing papers ensuring data security and protecting user privacy. The
challenge faced by edge computing in key management is: It is
necessary to design a secure key management scheme with
high scalability, so as to realize the authentication and
Edge Security Edge Intelligence management of terminal devices with different computing
188ˈ7% 118ˈ4%
capabilities.
There are two traditional secure communication solutions,
one is to distribute unique symmetric encryption keys to each
Cloud Edge IoT device, and the other is to use the PKI scheme [10]. These
Collaboration two solutions are not applicable to IoT application scenario
Others 48ˈ2% based on edge computing. The problem of the first solution is
2394ˈ87% that it does not have high scalability. The reason is that in the
first solution, each terminal must store the keys of all devices
that it needs to communicate with, while IoT devices often
have very little storage space. The latter solution is also
inappropriate, because the computational capacity of low-
Figure.3. Paper distribution of edge computing during 2016-2020 power IoT devices is extremely limited, and the use of
standard public key infrastructure (PKI) solutions will greatly
Edge computing security faces a very complex challenge affect the quality of user experience. Therefore, in order to let
in access control. Edge nodes will directly connect to a large edge computing have an applicable key management scheme,
number of low-power IoT devices. These IoT devices with one idea is to design a more lightweight and more scalable
extremely limited resources, heterogeneous hardware, encryption protocol and encryption primitives based on the
different communication protocols and difficult to install current communication security scheme. Another idea is to
patches in time are difficult to deploy the security solutions design a set of communication security schemes with a brand-
under the traditional cloud computing environment. Therefore, new architecture. Both research directions are extremely
the design of access control mechanism for IoT devices in the challenging.
edge computing environment will be very critical and
challenging. C. Privacy Protection Challenges
Identity authentication is also an important issue in the The biggest challenge for edge computing in terms of
access control of edge computing. In order to avoid revealing privacy protection is that due to the vulnerability of edge
the user’s true identity information during the identity nodes, researchers have to assume that they are semi-honest
authentication process, a service-oriented anonymous identity and cannot allow edge nodes to directly obtain the plain text of
authentication scheme needs to be designed so that the service sensitive information.
provider can also confirm the legitimacy of the user without In order to prevent criminals from directly obtaining the
knowing the user’s exact identity [7]. At the same time, the precise location of the users through edge nodes, it is
integration of edge computing and 5G technology has also necessary to design a lightweight positioning encryption
increased the complexity of identity authentication. mechanism to ensure the security of user's location
In addition to the access control challenges faced by edge information. In addition, due to the technical characteristics of
computing under the current host-centric Internet architecture edge computing, eavesdroppers can locate users by tracking
[8], it may also need to face the challenges of Information- the migration path of the service [11]. Therefore, it is
Centric Network (ICN) [8] architecture in the near future. necessary to design appropriate mechanisms to prevent
According to the data in the Cisco Visual Network Index [9], attackers from acquiring the user's location indirectly.

98

Authorized licensed use limited to: UNIVERSITY OF ROCHESTER. Downloaded on September 19,2020 at 10:02:36 UTC from IEEE Xplore. Restrictions apply.
 In addition to the user's location information, user's Therefore, it is far from the goal to deploy the existing cloud-
identity information and interest information also need urgent based mitigation solutions directly on the edge nodes. It is
protection. The edge nodes must not only ensure that users’ necessary to redesign a DDoS mitigation solution based on
true identity information is not leaked during the connection edge computing to overcome the challenges including low
and the process of identity authentication [7], but also need to detection efficiency, high false alarm rate, long time delay and
ensure that the type of network slice serving the terminal and high computational overhead.
the specific type of data transmitted are not leaked. In this way,
the user's interest information can be protected. In addition, E. Anomaly Detection Challenge
how to provide a privacy-preserving and efficient data mining In order to ensure that the applications deployed in the
scheme on edge nodes is also worth studying. Complex edge nodes can continue to provide high-quality services,
deployment environments, large amounts of sensitive data, and anomaly detection must be performed to detect the running
very limited computing resources make edge computing face state of the edge computing system. Because the deployment
huge challenges in privacy protection. environment of edge nodes is relatively harsh, and their own
security protection is relatively insufficient, the edge nodes are
D. Attack Mitigation Challenge prone to anomalies. If an anomaly is not handled properly, its
At present, an application-level DDoS attack is emerging. impact will propagate from one edge node to other edge nodes,
It uses IoT devices as attack sources and is more destructive. thereby reducing the performance of the entire edge
Two typical case are the Mirai botnet attacks on computing system. In addition, once the impact of the anomaly
KrebsOnSecurity [12] and Dyn [13] [14]. With the rapid spreads, it is difficult to find the root cause of its occurrence,
increase in the number of networking devices in the future, the resulting in additional repair costs and delays in recovery.
threat of IoT DDoS attacks will increase. Industrial IoT has
greatly expanded the overall attack surface of the system due However, designing an anomaly detection mechanism for
to the increased connectivity and openness of industrial edge computing is very challenging. Edge nodes are deployed
facilities. The attack threats are extending from the digital to in a distributed manner. The size and power consumption of a
the physical world [15]. However, because a large number of single node are extremely limited, and its computing and
electronic devices in the field control areas have only very storage resources are far inferior to the cloud computing center.
limited computation power and lack effective security Although the current cloud computing center's anomaly
protection, the current Industrial IoT is very vulnerable to detection system and fault tolerance mechanism are very
DDoS attacks. mature, they will consume a lot of resources, so they cannot be
directly moved to the edge computing system. In addition to
the challenges of hardware resources, considering the
Although the edge nodes can isolate most of the IoT data at
dynamics and heterogeneity of the edge computing system
the edge of the network and have the ability to detect and environment, it is also a challenge to connect the abnormal
intercept attacks in the closest place to the source at the first detection results with the hidden failure of the underlying
time, they are facing great challenges in practice. The reason is hardware facilities [17]. Detecting and predicting anomalies in
that the edge node can neither capture the aggregate network a distributed cluster environment is also a current research gap
traffic required for IoT-DDoS detection, nor can it scale [18]. In summary, designing a reliable anomaly detection
resources needed for mitigation like the elastic cloud [16]. mechanism for edge computing still have a long way to go.
TABLE I. THE SOURCES OF SECURITY RISKS FOR EDGE COMPUTING IN THE FIVE FIELDS

Sources of Extremely Terminals with Insufficient Strong

Limited edge
Risks limited different New network physical environmental
node
Fields terminal communication architecture protection of perception of edge
resources
resources protocols edge nodes nodes
Access Control √ √ √ √ √

Key Management √ √ √

Privacy Protection √ √ √

Attack Mitigation √ √ √ √ √

Anomaly Detection √ √
not suitable for edge computing due to the specificity of edge
nodes, such as distributed deployment, limited hardware
III. ANALYSIS OF THE RESEARCH STATUS OF EDGE COMPUTING resources, complex network environment, etc. This prompts
SECURITY
researchers to propose more innovative solutions for the
characteristics of edge computing. The research hotspots of
In recent years, academic research on edge computing edge computing security in the above five fields are shown in
security can be grouped into five categories, including: access Table Ⅱ.
control, key management, privacy protection, attack mitigation,
and anomaly detection. Although cloud computing already has
relatively mature solutions in these fields, many of them are

99

Authorized licensed use limited to: UNIVERSITY OF ROCHESTER. Downloaded on September 19,2020 at 10:02:36 UTC from IEEE Xplore. Restrictions apply.
A. Research Status of Access Control in Edge Computing cloud servers and cannot show the advantage of cloud edge
At present, the research results of edge computing access collaboration. Therefore, the team of Zhipeng Gao [24]
control are mainly divided into two categories, which are the proposed a lightweight trust mechanism based on cloud edge
schemes under the ICN network architecture and the schemes collaboration, which extracts the trust feature by analyzing the
under the non-ICN network architecture. meta interaction data of terminal devices, and enables the edge
nodes to make trust evaluation according to the trust feature.
1) Schemes under the ICN network architecture The authors improve the LightGBM algorithm. They use
In general, there are two main research directions of access convolutional neural network to learn a variety of evaluation
control under the ICN network architecture. One is the access algorithms and check the evaluation results of edge nodes on
control scheme based on user or terminal devices identity cloud servers. Then the cloud servers can adaptively adjust the
authentication, including papers such as [19] [20] [21], the trust evaluation strategy of edge nodes according to the
other is the access control scheme based on transmission checking results. The experimental results show that the
content encryption, including papers such as [22]. The accuracy and speed of the trust mechanism are better than
common disadvantage of early access control schemes based other existing methods.
on identity authentication is that the users will experience
multiple identity authentication when receiving a complete Academic research on access control scheme based on
content, because a series of requests from them will be transmission content encryption is not much. Satyajayant
satisfied by different routers. Misra et al. [22] proposed AccConf. It is an access control
framework based on content encryption. Although it can
In order to solve this problem and the high cost of ensure that only legitimate users can decrypt the
traditional identity authentication schemes, Prosanta Gope [20] corresponding content, and it does not need a central identity
designed a new lightweight privacy-preserving security authentication server that is always online. It can even solve
architecture -- LAAP. The author designs three anonymous the problem of privilege revocation quite well. However, this
authentication protocols using lightweight encryption scheme still can’t avoid the shortcomings of this kind of
primitives, so that edge devices can help each other to achieve research: unauthorized users can still cache the content they
identity authentication without a central authentication server. can't decrypt. It wastes limited network resources greatly.
However, it is still worth studying whether the protocol can
stand the test when malicious users collude with each other. 2) Schemes under the non-ICN network architecture
TACTIC, proposed by Reza Tourani et al. [21], is relatively There are still many researchers working to solve the
more secure. It delegates authentication and authorization to access control problem of edge computing under the current
semi trusted routers, eliminating the need for always on-line Internet architecture. Ranadheer errabelly et al. [25] designed
authentication servers. It translates label authentication in EdgeSec, which is an IoT security service that can be deployed
subsequent requests of legal users into query operations by a on edge nodes. It can connect to IoT devices with different
ingenious design, effectively reducing the scale of label communication protocols and customize security schemes for
authentication and computation overhead effectively. SEAF them. EdgeSec analyzes the requests sent by each IoT device
framework is also an outstanding achievement proposed by and simulates sensitive operations in advance to ensure
Kaiping Xue et al. [19]. In order to reduce the computational absolute security. However, the service has a high demand for
cost, SEAF combines the hash chain and group signature hardware resources.
technology by taking advantage of the continuity of user Jianbing Ni et al. [9] explored the compatibility of edge
requests. So that only the first request of a series of requests node authentication and 5G communication new technology.
needs to be signed for verification with high cost, and the They proposed a service-oriented authentication framework--
remaining requests use lightweight hash operation for ES3A. The framework works in IoT edge computing system
authentication, which only brings slight delay while realizing driven by 5G and supports network slicing technology. In
anonymous authentication DŽ order to protect the user's interest information, the authors
design a privacy-preserving slice selection mechanism. It
However, the above schemes still have limitations. Firstly,
allows the user to access the IoT services anonymously
their application scenarios only focus on streaming media
through the agent of the edge node. In addition, session secret
services, which is not universal. Secondly, if a user or service
keys are generated through negotiation among users, edge
provider who has already passed the identity authentication
nodes and IoT cloud servers.
suddenly starts to make malicious behavior that endangers the
security of the system for some reason, none of the above For a more special disconnected edge environment, Dan
schemes can make response in time. At this time, a set of Klinedinst et al. [26] proposed a solution to establish a trusted
dynamic trust mechanism is needed to supplement the identity. This scheme is oriented to the tactical environment
common identity authentication scheme. such as first aid, search and rescue, military operations and so
on. It does not rely on the Internet and third-party
Jie Yuan et al. [23] of Beijing University of Posts and
authentication, does not need specific hardware security
Telecommunications proposed a trust framework based on
multi-source feedback. They design a lightweight trust requirements, and does not need preset certificates. Instead, it
evaluation mechanism to promote the cooperation between realizes identity authentication based on secure key generation
edge network devices to reduce computing cost and resist and exchange in the field.
malicious feedback attacks. However, according to Zhipeng At the same time, the popularity of blockchain technology
Gao et al. [24], this trust mechanism ignores the ability of makes researchers try to apply it to edge computing. Shaoyong

100

Authorized licensed use limited to: UNIVERSITY OF ROCHESTER. Downloaded on September 19,2020 at 10:02:36 UTC from IEEE Xplore. Restrictions apply.
Guo et al. [27] proposed a blockchain network built on edge also tests their innovation ability for new communication
nodes to provide access control for vehicular networks. This protocols and encryption primitives.
scheme uses the blockchain network and digital signature
algorithm to authenticate the vehicle's identity. They devide Luca Ferretti et al. [31] expand the current edge computing
the blockchain network into a three-tier structure to improve architecture, so that terminal devices can achieve end-to-end
the speed of identity authentication. However, if blockchain communication only by relying on edge nodes. This
technology is to be more widely used in edge computing, it architecture assumes that the edge nodes are semi honest, so in
still needs to solve the shortcomings of complex network order to ensure the communication security, the authors design
structure, high computing cost, slow authentication speed and a novel communication protocol based on symmetric proxy re-
so on. encryption algorithm, and finally implement a scalable publish
/ subscribe communication scheme. This communication
scheme only needs to store one encryption key for each
B. Research Status of Key Management in Edge Computing terminal device and can perform the communication
At present, there are two main research directions of key encryption and decryption operation with very low computing
management scheme for edge computing application cost. It can ensure the confidentiality of end-to-end
environment: one is to carry out lightweight transformation communication.
and scalability optimization on the basis of traditional
communication security schemes; the other is to design a key The privacy-preserving SWAN (P2-SWAN) designed by
management scheme with a new architecture, which has brand Marc X. Makkes et al. [32] is also an outstanding scheme. It is
new lightweight encryption protocols and encryption an edge computing communication security framework driven
primitives. by homomorphic encryption. The authors optimize the Paillier
homomorphic encryption algorithm, so that the
1) Optimization of traditional communication security communication encryption scheme based on it can run on low-
solutions power mobile devices. At the same time, authors also show
Zhi Li et al. [28] designed a set of key management that the encryption scheme is highly scalable, and only a few
scheme for fog computing based on hypergraph. The scheme edge nodes can bear the data encryption transmission load
divides the three-layer network structure of edge computing generated by millions of low-power mobile devices.
into two subnetworks: cloud-fog subnetwork and fog-user
Although the design of the edge computing key
subnetwork. The key management of the two subnetworks is
management scheme with new architecture is very difficult,
carried out separately to reduce the resource cost and increase
the experimental results of the current schemes are relatively
the security and scalability of the network. However, in this
satisfactory. I believe more surprising achievements will
scheme, all users in the same fog-user subnetwork share the
emerge in the near future.
same session key, and the whole network also shares the same
session key for cross group data transmission. It brings high
security risks. C. Research Status of Privacy Protection in Edge Computing
Although almost all research on edge computing security is
Sufyan Almajali et al. [29] just put forward an edge related to privacy protection more or less, some privacy
computing data transmission encryption scheme, which can protection problems still need to be solved with highly
solve the security risks exposed in the previous work. This targeted solutions, such as user location privacy protection and
scheme is aimed at the application scenario that the IoT identity privacy protection.
devices transmit data to the cloud servers through the edge
nodes. The symmetric key encryption and the PKI encryption In the future, mobile devices can rely on edge computing
system are used to make the edge nodes unable to know the and 5G technology to achieve high-precision positioning. So
plain text of the conversation between the IoT devices and the in order to reduce the security risks caused by location
cloud servers. At the same time, the anonymity of the IoT information leakage, Han Jiang et al. [33] put forward two
devices to the edge nodes is guaranteed. However, whether privacy protection positioning protocols for edge computing
low-power IoT devices can bear the computational overhead based on triangle positioning algorithm, multi-point
of this scheme still needs to be confirmed by further positioning algorithm and Paillier homomorphic encryption.
experiments. The two protocols protect the location data directly. The
security of the protocol depends on the semantic security of
It can be seen that the current lightweight transformation Paillier homomorphic encryption.
and scalability optimization of traditional communication
security schemes are not very satisfactory, and the academic At the same time, in order to avoid eavesdroppers
community have to work harder in this direction to get better indirectly capturing the user's location by tracking the
achievements. migration path of services between edge nodes, Ting He et al.
[11] designed a chaff service to fight against these
2) Key management scheme of new architecture eavesdroppers. They studied a variety of service control
It is also a hot research direction to design a new key strategies to confuse and interfere with eavesdroppers’
management scheme with a new architecture for the special tracking. The authors also propose extended strategies for the
application environment of edge computing. Although this advanced eavesdroppers who can detect the control strategy of
direction is helpful for researchers to break out of the the chaff. In the extended strategies, the randomization method
constraints of existing communication security schemes, it is used to add disturbance to the control strategies proposed

101

Authorized licensed use limited to: UNIVERSITY OF ROCHESTER. Downloaded on September 19,2020 at 10:02:36 UTC from IEEE Xplore. Restrictions apply.
earlier. The efficacy of the extended strategies is confirmed rules, mark the new and obvious attack traffic, then send its
through both synthetic and trace-driven simulations. signature to the edge nodes for filtering; the cloud servers are
responsible for collecting the information from multiple
In order to prevent users from disclosing their interest sources and analyzing it much more meticulously to make a
information while enjoying VOD service, Simon Da Silva et al. more accurate judgment. Experimental results show that
[34] proposed PrivaTube. It is a scalable and cost-effective compared with the previous studies, this scheme can not only
VOD solution. The scheme makes full use of the trusted minimize the false alarm rate to the greatest extent, but also
execution environment on the edge node and the client. It uses get a faster response speed. Vafa Andalibi et al. [38] have
forged requests to confuse the users' real access habits, so as to studied the methods of resolving various network attacks from
reduce the risk of personal interest information disclosure. the IoT devices themselves. They try to set a rate limit for each
Siddhartha Kumar et al. [35] proposed a private information IoT device in the manufacturer usage description (MUD). It
retrieval scheme based on generalized Reed-Solomon code to can prevent the IoT devices from participating in DDoS
prevent users from disclosing their interest information during attacks from the source. However, whether this scheme is
private information retrieval on edge nodes. This scheme can feasible in reality remains to be further verified by
protect users' interest information even when multiple small experiments.
cell base stations are colluding with each other.
From the current research results, most of the IoT DDoS
At present, although the research on privacy protection of mitigation schemes have begun to use the idea of cloud edge
edge nodes is hot, many achievements ignore the load problem collaboration to improve the response speed and identification
brought by privacy protection scheme to edge nodes. If edge accuracy of the system. This defense idea can
nodes spend too much resource to protect the privacy of users, comprehensively utilize the capabilities of each layer of the
it will inevitably affect their quality of service, so the network to deal with various network emergencies in a multi-
lightweight privacy protection schemes will be a great layer collaborative way. It can be predicted that the idea of
research direction in the future. cloud edge collaboration will be further developed in the field
of edge computing attack mitigation and play an important
D. Research Status of Edge Computing Attack Mitigation role in coping with other forms of network attacks.
Although edge computing may encounter a variety of
network attacks, most of the current research achievements are E. Research Status of Edge Computing Anomaly Detection
aimed at IoT DDoS attacks. In order to make full use of edge In order to discover and troubleshoot the edge node
nodes to deal with the threat of IoT DDoS attacks, Ketan anomalies in the complex heterogeneous edge environment in
Bhardwaj et al. [36] proposed a DDoS mitigation scheme. The time, the academic community has carried out some research
scheme aggregates the traffic distribution of multiple edge
and get many achievements. Areeg Samir et al. [39] proposed
nodes in three steps to detect DDoS attacks. Although the an anomaly detection and prediction model based on Hidden
scheme can detect DDoS attacks faster in theory, if the edge Markov model for the edge environment to solve the mapping
node captures too little traffic, it will be difficult to find DDoS problem between the detection results and the underlying
attacks with very scattered attack sources. Qiao Yan et al. [37] infrastructure failure. The model comprehensively analyzes
proposed a multi-layer DDoS mitigation framework, including the anomaly of the edge node by monitoring the resource
edge computing layer, fog computing layer and cloud utilization rate, data throughput and the response time of the
computing layer. The first two layers are responsible for the container on edge nodes. At the same time, the model can also
capture of network traffic information. The cloud servers are carry out anomaly prediction to optimize system availability
responsible for the aggregation of network traffic information and performance. Mbarka Soualhia et al. [40] proposed a fault
and DDoS attack detection. The detection results will be fed detection and prediction framework for edge infrastructure
back to the fog computing layer. Fog servers will be based on supervised machine learning and statistical
responsible for dealing with attack traffic. The framework uses technology. In addition to the anomaly detection of edge nodes
Snort rules to detect DDoS attacks and uses switches driven by themselves by monitoring their own key operation data, the
SDN to mitigate attacks. framework also enables the cluster master node to detect and
Based on the above research achievements, Zhou Lying et predict the fault of the first-line high load slave nodes. The
al. [15] designed a set of IoT DDoS mitigation scheme for the master node can schedule the workload ahead of time for the
industrial IoT environment. It still uses three-tier architecture execution of the recovery mechanism. Nour Moustafa et al.
to carry out the work. The firewall on the edge node will [41] proposed an anomaly detection mechanism based on
reversely filter the attack traffic packets based on the known outlier Dirichlet. In view of the current anomaly detection
attack traffic signature; the fog node will initially check the based on machine learning mechanism is vulnerable to attacks
limited network traffic captured by itself according to the from APT

TABLE II. RESEARCH HOTSPOTS IN EACH LEVEL OF EDGE COMPUTING SECURITY

Research Fields Research Hotspots
Access Control Schemes under the ICN network architecture z Schemes based on terminal equipment identity authentication

102

Authorized licensed use limited to: UNIVERSITY OF ROCHESTER. Downloaded on September 19,2020 at 10:02:36 UTC from IEEE Xplore. Restrictions apply.
 Schemes under the non-ICN network architecture z Schemes based on transmission content encryption
z Access control schemes based on trust mechanism
z IoT security framework based on edge computing
Key Management z Optimization of traditional communication security solutions
z Key management schemes with new architecture

Privacy Protection z User's location privacy protection schemes

z Privacy protection of user identity and interest information
z Security Solution for Edge Data Mining
Attack Mitigation z IoT DDoS attack mitigation solutions
z Universal attack mitigation schemes

Anomaly Detection z Anomaly Detection and Prediction Schemes for Edge Cloud Collaboration
z Anti-attack research for anomaly detection

intelligence sinking to the edge of the network [44], making

attackers confrontational, it uses an adversarial statistical intelligence develop from the cloud to the users. In this way,
learning mechanism to strengthen the anomaly detection the "last mile" problem of artificial intelligence landing can be
model's resistance against data poisoning attacks. Ensure that solved. At the same time, implementing artificial intelligence
it can detect anomalies in large-scale dynamic network algorithms at the edge can solve many key issues in edge
normally in the face of attacks targeting the process of computing, and security is one of them.
machine learning.
At present, some research results have clearly applied edge
From the current research achievements, edge computing intelligence to edge computing security. Zengguang Liu et al.
anomaly detection also presents the trend of edge cloud [45] designed a novel intrusion detection and defense method
collaboration. When edge nodes perform lightweight anomaly for CPSS (Cyber-Physical-Social Systems) low-rate DDoS
detection, cloud servers can implement machine learning (LR-DDoS) scenarios in the edge computing environment.
algorithm and analyze the state of edge node more deeply. It This method can extract local sensitive features and use deep
can not only supervise the edge nodes’ anomaly detection, but convolution neural network (DCNN) to automatically learn the
also realize the anomaly prediction for edge nodes. In addition, best feature distribution of the original data. Then, use a deep
the anti-attack research on this type of anomaly detection Q network (DQN) to make decisions on attack prevention.
mechanism is also gradually deepened. I believe that the Experimental results show that this method has higher
research achievements of edge anomaly detection based on detection accuracy and faster response speed than SVM and
edge intelligence will be more and more in the near future. K-means. It also has a certain detection rate for unknown new
network attacks. In terms of privacy protection, Zhou Zhi et al.
IV. FUTURE DEVELOPMENT DIRECTION OF EDGE COMPUTING [46] proposed a data privacy protection scheme that combines
SECURITY edge intelligence with federated learning. Edge intelligence
From the above research status of edge computing security, can also be used for edge security service placement and
more and more research results are beginning to show the situation awareness.
trend of edge cloud collaboration. Combining with the overall However, edge computing security and edge intelligence
evolution of the edge computing industry, all aspects of edge need to be mutually empowered. Although edge intelligence
computing security research will develop towards edge cloud can solve many problems encountered in current edge
collaboration and edge intelligence in the future. On the one computing security, the realization of edge intelligence also
hand, isolated edge computing models cannot provide truly depends on the proper solution of the fundamental problems of
effective and safe services. The relatively limited processing edge security. First of all, edge intelligence will use a lot of
capacity of edge nodes, the highly complex edge network private data during model training. It faces a greater risk of
environment, and the extremely high mobility of terminal privacy leakage [47]. Secondly, as an important digital asset,
devices in the edge environment restrict edge computing, the edge intelligent model is easy to be stolen and cracked by
which cannot provide complete security services by their own malicious users after its deployment to the edge. It may result
capabilities. The bottleneck encountered by edge computing in serious economic losses. In the edge cloud collaboration
security in this aspect can be clearly seen from the research mode, the realization of edge intelligence not only depends on
status. It will become a development trend to combine cloud the real-time processing of terminal perception data and user
computing and edge computing for edge cloud collaboration, uploaded data by the edge nodes, but also requires the cloud
comprehensively utilize the capabilities of each layer of the computing center to perform more detailed analysis and make
network to improve edge performance and then provide more decisions on the pre-processed data sets uploaded by the edge
efficient, reliable, and flexible security services. On the other nodes. This process involves the transmission of a large
hand, the combination of edge computing and artificial amount of sensitive data, which brings great challenges to the
intelligence, edge intelligence [42] has become a new frontier security of edge intelligence in all aspects, including
hotspot. Through the mutual empowerment of edge computing equipment, network, data and applications[48].
and artificial intelligence, it can meet the new application
needs of real application scenarios [43]. Edge computing can To sum up, in view of the current research status of edge
provide infrastructures and real-time data for artificial computing security and the development trend of edge

103

Authorized licensed use limited to: UNIVERSITY OF ROCHESTER. Downloaded on September 19,2020 at 10:02:36 UTC from IEEE Xplore. Restrictions apply.
computing to edge intelligence, we propose three future mechanisms and lightweight security protocols, identity
research hotspots for the research on the security mechanisms privacy and behavior privacy protection technology, multi-
and key technologies of edge intelligence and edge cloud layer collaborative intelligent anomaly detection algorithms,
collaboration: edge cloud collaborative intelligent attack mitigation
mechanisms, etc. After investigating a large number of edge
x The fusion mechanism of edge intelligence and edge computing security papers, this paper first introduces the
security. Edge intelligence need to be guaranteed by background knowledge of edge computing. Secondly, the
edge security and edge security can be improved by paper analyzes the security challenges of edge computing from
edge intelligence. The fusion mechanism between five aspects. Thirdly, the paper classifies the current main
edge intelligence and edge security is a key scientific research achievements of edge computing security into five
issue. The mutual empowerment of edge computing categories and respectively introduces the current situation of
and artificial intelligence is worthy of further study. security research in these five fields in academic. Finally, the
Their fusion level and coupling position in the edge possible research directions in the future are prospected. It is
computing system, the mutual embedded interface and expected that edge computing can be implemented faster and
API in the edge network, etc., involve many basic people can enjoy the convenience brought by edge intelligence
theories and key technologies, such as network system, safely by solving these hot issues of edge computing security
network protocols, security protocols and data analysis, in the future.
etc., which need to be further explored by researchers.
x The collaboration model in the edge-cloud REFERENCES
collaboration architecture. Edge security and edge [1] David Reinsel㸪John Gantz㸪John Rydning. The Digitization of the
intelligence can be enhanced by edge cloud World-From Edge to Core [EB/OL]. [2018-11].
collaboration. The advantages of edge computing https://www.seagate.com/files/www-content/our-story/trends/files/idc-
compared with cloud computing can also be retained seagate-dataage-whitepaper.pdf
or even strengthened by edge cloud collaboration. The [2] iResearch. China Artificial Intelligent Internet of Things (AIoT) White
collaboration model is a key scientific issue in edge Paper [EB/OL].[2020-02-27].
http://report.iresearch.cn/report_pdf.aspx?id=3529
cloud collaboration architecture. How to realize the
[3] Chinese Association of Automation. Edge Computing 2019 Album-
hierarchical edge cloud collaboration model and the Editorial[J]. Automation Panorama㸪2019, 11:3
distributed edge-edge collaboration model, what is [4] Liehuang Z , Feng G , Meng S , Yandong L , Baokun Z , Hongliang M ,
their combination and switch mechanism under a et al. Survey on Privacy Preserving Techniques for Blockchain
unified architecture, and what is their implementation Technology[J]. Journal of Computer Research and Development, 2017.
mechanism on the edge of the network all need to be [5] H Yu澿澳 P Zeng澿澳 Z Weng, H Huang, C Chen, Y Tao, et al. Edge
carefully studied by researchers. Computing Security White Paper [EB/OL]. Edge Computing
Consortium and Alliance of Industrial Internet. [2019-11].
x Edge embedded lightweight intelligent algorithm and http://www.cbdio.com/image/site2/20191128/f42853157e261f49c5df5b.
multi-party security protocols. In the complex pdf
environment of edge computing, the edge security [6] General Office of the Ministry of In dustry and Information Technology
architecture is based on the limited resources of edge of the Peaple’s Republic of China. Notice of the General Office of the
Ministry of Industry and Information Technology on Promoting the
nodes and edge networks, in which the lightweight Development of Industrial Internet [EB/OL]. The website of Ministry of
intelligent algorithm and multi-party security In dustry and Information Technology of the Peaple’s Republic of China.
protocols implemented by the edge are the key [2020-03-20]. http://www.cac.gov.cn/2020-
scientific issues. Researchers need to design and 03/20/c_1586243822373053.htm
implement distributed intelligent algorithms that can [7] NIST. Report on lightweight cryptography [EB/OL]. [2016-09-16].
be effectively executed by edge nodes, distributed and http://csrc.nist.gov/publications/drafts/nistir-8114/nistir8114draft.pdf
lightweight multi-party security protocols that can be [8] Karnouskos S . Stuxnet Worm Impact on Industrial Cyber-Physical
System Security[J]. 2011.
effectively run by edge networks, and the embedded
[9] Ni J , Lin X , Shen X . Efficient and Secure Service-oriented
mechanism of the two. This research involves Authentication Supporting Network Slicing for 5G-enabled IoT[J]. IEEE
lightweight artificial intelligence algorithms, group Journal on Selected Areas in Communications, 2018:1-1.
intelligence algorithms, secure multi-party computing [10] Roman R , Zhou J , Lopez J. On the features and challenges of security
based on blockchain, security protocols, cryptography and privacy in distributed internet of things[J]. Computer Networks,
and other aspects of the basic theories and key 2013, 57(10):2266-2279.
technologies. It is a complex scientific issue that need [11] He T, Ciftcioglu E N, Wang S, Chan K S. Location Privacy in Mobile
to be carefully studied. Edge Clouds: A Chaff-Based Approach[J]. IEEE Journal on Selected
Areas in Communications, 2017, 35(11): 2625-2636.
[12] KrebsOnSecurity hit with record DDoS [EB/OL]. [2020-03-20].
V. CONCLUSION https://krebsonsecurity.com/2016/09/krebsonsecurity-hit-with-record-
Although the research on edge computing security is ddos/
increasing gradually, the overall development is still in the [13] Dyn analysis summary of Friday October 21 attack [EB/OL]. [2020-03-
20]. http://dyn.com/blog/dyn-analysis-summary-of-friday-october-21-
early stage. In the current development trend of edge attack/
computing to edge intelligence, edge computing security lacks [14] Breaking down mirai: An iot DDoS botnet analysis[EB/OL]. [2020-03-
representative research achievements in trust evaluation 20]. https://www.incapsula.com/blog/malware-analysis-mirai-ddos-
algorithms and authentication mechanisms, key management botnet.html

104

Authorized licensed use limited to: UNIVERSITY OF ROCHESTER. Downloaded on September 19,2020 at 10:02:36 UTC from IEEE Xplore. Restrictions apply.
[15] Zhou L, Guo H, Deng G. A Fog Computing Based Approach to DDoS [36] Ketan Bhardwaj㸪Joaquin Chung Miranda㸪Ada Gavrilovska. Towards
Mitigation in IIoT Systems[J]. Computers & Security, 2019: 51-62. IoT-DDoS prevention using edge computing[C]. Proceedings of
[16] Ketan Bhardwaj,Joaquin Chung Miranda,Ada Gavrilovska. Towards Iot- USENIX workshop on hot topics in edge computing, HotEdge 18, 2018.
ddos Prevention Using Edge Computing[C]. Usenix Workshop on Hot [37] Yan Q, Huang W , Luo X , Gong Q. A Multi-Level DDoS Mitigation
Topics in Edge Computing (HotEdge 18), Boston MA,2018. Framework for the Industrial Internet of Things[J]. IEEE
[17] A. Samir and C. Pahl. A Controller Architecture for Anomaly Detection, Communications Magazine, 2018, 56(2):30-36.
Root Cause Analysis and Self-Adaptation for Cluster Architectures[C]. [38] Vafa Andalibi, DongInn Kim, L. Jean Camp. Throwing MUD into the
Intl Conf Adaptiveand Self-Adaptive Systems and Applications. 2019. FOG: Defending IoT and Fog by expanding MUD to Fog network[J].
[18] Du Q, Xie T, He Y. Anomaly Detection and Diagnosis for Container- Proceedings of USENIX workshop on hot topics in edge computing,
Based Microservices with Performance Monitoring[C]. International HotEdge 19, 2019.
Conference on Algorithms and Architectures for Parallel Processing. [39] A. Samir and C. Pahl. Detecting and Predicting Anomalies for Edge
Springer, Cham, 2018. Cluster Environments using Hidden Markov Models. 2019 Fourth
[19] K. Xue , He P , Zhang X , Xia Q , Yue H , Wu F, et al. A Secure, International Conference on Fog and Mobile Edge Computing (FMEC),
Efficient, and Accountable Edge-Based Access Control Framework for Rome, Italy, 2019, pp. 21-28.
Information Centric Networks[J]. IEEE/ACM Transactions on [40] Mbarka Soualhia㸪 Chunyan Fu㸪 Foutse Khomh. Infrastructure Fault
Networking, vol. 27, no. 3, pp. 1220-1233, June 2019. Detection and Prediction in Edge Cloud Environments[C]. Proceedings
[20] Gope, P. LAAP: Lightweight anonymous authentication protocol for of the 4th ACM/IEEE Symposium on Edge Computing, (SEC 2019),
D2D-Aided fog computing paradigm[J]. Computers & Security, 86. pp. Arlington, VA, USA, November 7̽9, 2019.
223-237. [41] Moustafa N, Choo K R, Radwan I, Camtepe S. Outlier Dirichlet Mixture
[21] Reza Tourani, Ray Stubbs, Satyajayant Misra. TACTIC: Tag-based Mechanism: Adversarial Statistical Learning for Anomaly Detection in
Access ConTrol Framework for the Information-Centric Wireless Edge the Fog[J]. IEEE Transactions on Information Forensics and Security,
Networks[C]. 2018 IEEE 38th International Conference on Distributed 2019, 14(8): 1975-1987.
Computing Systems (ICDCS), Vienna, 2018, pp. 456-466. [42] S. Deng, H. Zhao, W. Fang, J. Yin, S. Dustdar and A. Y. Zomaya, "Edge
[22] Misra S , Tourani R , Natividad F , Mick T , Majd N E , Huang H. Intelligence: The Confluence of Edge Computing and Artificial
AccConF: An Access Control Framework for Leveraging In-Network Intelligence," in IEEE Internet of Things Journal. ArXiv, 2019.
Cached Data in the ICN-Enabled Wireless Edge[J]. IEEE transactions on [43] Z Zhou, S Yu, X Chen. Edge intelligence: a new nexus of edge
dependable and secure computing, 2019, 16(1):5-17. computing and artificial intelligence [J]. Big Data Research, 2019,
[23] Yuan J, Li X. A multi-source feedback based trust calculation 005(002):P.53-63.
mechanism for edge computing[C]. conference on computer [44] K. Bhardwaj, N. Suda and R. Marculescu. EdgeAI: A Vision for Deep
communications workshops, 2018: 819-824. Learning in IoT Era. in IEEE Design & Test㸪2019.
[24] Z. Gao , Xia C , Jin Z , Wang Q , Huang J , Yang Y et al. A Light- [45] Liu Z, Yin X, Hu Y. CPSS LR-DDoS Detection and Defense in Edge
weight Trust Mechanism for Cloud-Edge Collaboration Framework. Computing Utilizing DCNN Q-Learning[J]. IEEE Access, 2020: 42120-
2019 IEEE 27th International Conference on Network Protocols (ICNP), 42130.
Chicago, IL, USA, 2019, pp. 1-6. [46] Zhou Z , Chen X , Li E , Zeng L. Edge Intelligence: Paving the Last
[25] Sha K , Errabelly R , Wei W , Yang T A , Wang Z. EdgeSec: Design of Mile of Artificial Intelligence with Edge Computing[J]. Proceedings of
an Edge Layer Security Service to Enhance IoT Security[C]. IEEE the IEEE, 2019.
International Conference on Fog & Edge Computing. IEEE, 2017. [47] Y. Lu, X. Huang, Y. Dai, S. Maharjan and Y. Zhang. Differentially
[26] Echeverria S , Klinedinst D , Williams K , Lewis G A. Establishing Private Asynchronous Federated Learning for Mobile Edge Computing
Trusted Identities in Disconnected Edge Environments[C]. 2016 in Urban Informatics. in IEEE Transactions on Industrial Informatics,
IEEE/ACM Symposium on Edge Computing (SEC). ACM, 2016. vol. 16, no. 3, pp. 2134-2143, 2020.
[27] S. Guo, X. Hu, Z. Zhou, X. Wang, F. Qi and L. Gao. Trust access [48] Y. Tao, P. Xu and H. Jin. Secure Data Sharing and Search for Cloud-
authentication in vehicular network based on blockchain[J]. China Edge-Collaborative Storage. in IEEE Access, vol. 8, pp. 15963-15972,
Communications, vol. 16, no. 6, pp. 18-30, June 2019. 2020.
[28] Li Z , Liu Y , Liu D , Li C , Cui W , Hu G. A Key Management Scheme
Based on Hypergraph for Fog Computing[J]. China Communications,
2018, 15(11):164-176.
[29] Almajali S, Salameh H B, Ayyash M, Elgala H. A Framework for
Efficient and Secured Mobility of IoT Devices in Mobile Edge
Computing[C]. Third IEEE International Conference on Fog & Mobile
Edge Computing. IEEE, 2018.
[30] E. Gyamfi, J. A. Ansere and L. Xu. ECC Based Lightweight
Cybersecurity Solution For IoT Networks Utilising Multi-Access Mobile
Edge Computing. 2019 Fourth International Conference on Fog and
Mobile Edge Computing (FMEC), Rome, Italy, 2019, pp. 149-154.
[31] Ferretti L, Marchetti M, Colajanni M. Fog-based Secure
Communications for Low-power IoT Devices[J]. ACM Transactions on
Internet Technology, 2019, 19(2): 1-21
[32] Makkes M X , Uta A , Das R B , Bozdog V N , Bal H. P^2-SWAN:
Real-Time Privacy Preserving Computation for IoT Ecosystems[C].
IEEE International Conference on Fog & Edge Computing. IEEE, 2017.
[33] Jiang H , Wang H , Zheng Z , Xu Qiuliang. Privacy preserved wireless
sensor location protocols based on mobile edge computing[J].
Computers & Security, 2018.
[34] Silva S D, Mokhtar S B, Contiu S, Daniel N , Laurent R , Etienne R.
PrivaTube: Privacy-Preserving Edge-Assisted Video Streaming[C].
international middleware conference, 2019: 189-201.
[35] Kumar S , Amat A G I , Rosnes E , Senigagliesi L. Private Information
Retrieval From a Cellular Network With Caching at the Edge[J]. 2018.

105

Authorized licensed use limited to: UNIVERSITY OF ROCHESTER. Downloaded on September 19,2020 at 10:02:36 UTC from IEEE Xplore. Restrictions apply.