Treasure collection on foggy islands: Building secure network archives for internet of things

Fog computing has emerged as a promising paradigm in overcoming the growing challenges (e.g., low latency, location awareness, and geographic distribution) arising from many real-world Internet of Things (IoT) applications, by extending the cloud to the network edge. With the widespread deployment of fog-assisted IoT applications, unprecedentedly huge volumes of network traffic from massive IoT devices would continuously arrive at the fog nodes. Archiving the network traffic can be highly beneficial to fog computing, which forms the basis of forensic, monitoring, troubleshooting, and many other critical tasks. Such high value, however, constantly renders traffic archives the first-order target to experienced attackers. This mandates the traffic archives to be built in a trustworthy way and stayed encrypted at rest. Security aside, it is yet highly desirable to retain the utility of the encrypted traffic archives, in particular by making them privately queryable. In this paper, we take the first research attempt and explore a new design point to delicately bridge trusted hardware and searchable encryption for building trustworthy, encrypted, yet queryable network traffic archives for fog-assisted IoT applications. We take a systematic approach to address several key challenges, which are unsolvable by synthesizing out-of-box techniques, from ground up. Extensive evaluations show that our system can achieve stable archiving throughput of 350 Mb/s with one core, and saturate a 1 Gb/s link with four cores; for a real trace, it outperforms a baseline system without any of our designs by over 110 ×.