Routing Attacks and Mitigation Methods for RPL-Based Internet of Things

2019 ◽  
Vol 21 (2) ◽  
pp. 1582-1606 ◽  
Author(s):  
Ahmed Raoof ◽  
Ashraf Matrawy ◽  
Chung-Horng Lung
Keyword(s):  
Internet Of Things ◽  
Routing Attacks ◽  
Mitigation Methods

ELNIDS: Ensemble Learning based Network Intrusion Detection System for RPL based Internet of Things

2020 ◽  
Author(s):  
Abhishek Verma ◽  
Virender Ranga
Keyword(s):  
Internet Of Things ◽  
Intrusion Detection ◽  
Ensemble Learning ◽  
Intrusion Detection System ◽  
Detection System ◽  
Smart Devices ◽  
Network Intrusion Detection ◽  
The Internet ◽  
Routing Attacks ◽  
Network Intrusion

Internet of Things is realized by a large number of heterogeneous smart devices which sense, collect and share data with each other over the internet in order to control the physical world. Due to open nature, global connectivity and resource constrained nature of smart devices and wireless networks the Internet of Things is susceptible to various routing attacks. In this paper, we purpose an architecture of Ensemble Learning based Network Intrusion Detection System named ELNIDS for detecting routing attacks against IPv6 Routing Protocol for Low-Power and Lossy Networks. We implement four different ensemble based machine learning classifiers including Boosted Trees, Bagged Trees, Subspace Discriminant and RUSBoosted Trees. To evaluate proposed intrusion detection model we have used RPL-NIDDS17 dataset which contains packet traces of Sinkhole, Blackhole, Sybil, Clone ID, Selective Forwarding, Hello Flooding and Local Repair attacks. Simulation results show the effectiveness of the proposed architecture. We observe that ensemble of Boosted Trees achieve the highest Accuracy of 94.5% while Subspace Discriminant method achieves the lowest Accuracy of 77.8% among classifier validation methods. Similarly, an ensemble of RUSBoosted Trees achieves the highest Area under ROC value of 0.98 while lowest Area under ROC value of 0.87 is achieved by an ensemble of Subspace Discriminant among all classifier validation methods. All the implemented classifiers show acceptable performance results.

Malware Threat in Internet of Things and Its Mitigation Analysis

2021 ◽  
pp. 371-387
Author(s):  
Shingo Yamaguchi ◽  
Brij Gupta
Keyword(s):  
Internet Of Things ◽  
Large Volume ◽  
Denial Of Service ◽  
The Internet ◽  
Distributed Denial Of Service ◽  
Ddos Attack ◽  
New Type ◽  
Iot Devices ◽  
Mitigation Methods ◽  
The Internet Of Things

This chapter introduces malware's threat in the internet of things (IoT) and then analyzes the mitigation methods against the threat. In September 2016, Brian Krebs' web site “Krebs on Security” came under a massive distributed denial of service (DDoS) attack. It reached twice the size of the largest attack in history. This attack was caused by a new type of malware called Mirai. Mirai primarily targets IoT devices such as security cameras and wireless routers. IoT devices have some properties which make them malware attack's targets such as large volume, pervasiveness, and high vulnerability. As a result, a DDoS attack launched by infected IoT devices tends to become massive and disruptive. Thus, the threat of Mirai is an extremely important issue. Mirai has been attracting a great deal of attention since its birth. This resulted in a lot of information related to IoT malware. Most of them came from not academia but industry represented by antivirus software makers. This chapter summarizes such information.

scholarly journals Routing Attacks and Countermeasures in the RPL-Based Internet of Things

2013 ◽  
Vol 9 (8) ◽  
pp. 794326 ◽  
Author(s):  
Linus Wallgren ◽  
Shahid Raza ◽  
Thiemo Voigt
Keyword(s):  
Internet Of Things ◽  
Routing Attacks

scholarly journals Routing Attacs pada Internet Of Things Berbasis Smart Intrution Detecion System

2020 ◽  
Vol 7 (2) ◽  
pp. 329
Author(s):  
Eka Lailatus Sofa ◽  
Subiyanto Subiyanto
Keyword(s):  
Machine Learning ◽  
Feature Selection ◽  
Internet Of Things ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Learning Algorithm ◽  
Detection System ◽  
Machine Learning Algorithms ◽  
Machine Learning Algorithm ◽  
Routing Attacks

<p class="Abstrak"><em>Internet of Things</em> (IoT) telah memasuki berbagai aspek kehidupan manusia, diantaranya <em>smart city, smart home, smart street, </em>dan<em> smart industry </em>yang memanfaatkan internet untuk memantau informasi yang dibutuhkan<em>.</em> Meskipun sudah dienkripsi dan diautentikasi, protokol jaringan <a title="IPv6" href="https://en.wikipedia.org/wiki/IPv6">IPv6</a> over Low-Power Wireless <a title="Personal area network" href="https://en.wikipedia.org/wiki/Personal_area_network">Personal Area Networks</a> (6LoWPAN) yang dapat menghubungkan benda-benda yang terbatas sumber daya di IoT masih belum dapat diandalkan. Hal ini dikarenakan benda-benda tersebut masih dapat terpapar oleh <em>routing attacks</em> yang berasal dari jaringan 6LoWPAN dan internet. Makalah ini menyajikan kinerja <em>Smart Intrusion Detection System</em> berdasarkan <em>Compression Header Analyzer</em> untuk menganalisis model <em>routing attacks</em> lainnya pada jaringan IoT. IDS menggunakan <em>compression header</em> 6LoWPAN sebagai fitur untuk <em>machine learning algorithm</em> dalam mempelajari jenis <em>routing attacks</em>. Skenario simulasi dikembangkan untuk mendeteksi <em>routing attacks</em> berupa <em>selective forwarding attack</em> dan <em>sinkhole attack</em>. Pengujian dilakukan menggunakan <em>feature selection</em> dan <em>machine learning algorithm</em>. <em>Feature selection</em> digunakan untuk menentukan fitur signifikan yang dapat membedakan antara aktivitas normal dan abnormal. Sementara <em>machine learning algorithm</em> digunakan untuk mengklasifikasikan <em>routing attacks</em> pada jaringan IoT. Ada tujuh <em>machine learning algorithm</em> yang digunakan dalam klasifikasi antara lain <em>Random Forest, Random Tree, J48, Bayes Net, JRip, SMO,</em> dan <em>Naive Bayes</em>. Hasil percobaan disajikan untuk menunjukkan kinerja <em>Smart Intrusion Detection System</em> berdasarkan <em>Compression Header Analyzer</em> dalam menganalisis <em>routing attacks</em>. Hasil evaluasi menunjukkan bahwa IDS ini dapat mendeteksi antara serangan dan <em>non-</em>serangan.</p><p class="Abstrak"> </p><p class="Abstrak"><em><strong>Abstract</strong></em></p><p class="Abstract"><em>Internet of Things (IoT) has entered various aspects of human life including smart city, smart home, smart street, and smart industries that use the internet to get the information they need. Even though it's encrypted and authenticated, Internet protocol  <a title="IPv6" href="https://en.wikipedia.org/wiki/IPv6">IPv6</a> over Low-Power Wireless <a title="Personal area network" href="https://en.wikipedia.org/wiki/Personal_area_network">Personal Area Networks</a> (6LoWPAN) networks that can connect limited resources to IoT are still unreliable. This is because these objects can still be exposed to attacks from 6LoWPAN and the internet. This paper presents the performance of an Smart Intrusion Detection System based on Compression Header Analyzer to analyze other routing attack models on IoT networks. IDS uses a 6LoWPAN compression header as a feature for machine learning algorithms in learning the types of routing attacks. Simulation scenario was developed to detect routing attacks in the form of selective forwarding and sinkhole. Testing is done using the feature selection and machine learning algorithm. Feature selection is used to determine significant features that can distinguish between normal and abnormal activities. While machine learning algorithm is used to classify attacks on IoT networks. There were seven machine learning algorithms used in the classification including Random Forests, Random Trees, J48, Bayes Net, JRip, SMO, and Naive Bayes. Experiment Results to show the results of the Smart Intrusion Detection System based on Compression Header Analyzer in analyzing routing attacks. The evaluation results show that this IDS can protect between attacks and non-attacks.</em><strong></strong></p><p class="Abstrak"><em><strong><br /></strong></em></p>

scholarly journals ELNIDS: Ensemble Learning based Network Intrusion Detection System for RPL based Internet of Things

2020 ◽  
Author(s):  
Abhishek Verma ◽  
Virender Ranga
Keyword(s):  
Internet Of Things ◽  
Intrusion Detection ◽  
Ensemble Learning ◽  
Intrusion Detection System ◽  
Detection System ◽  
Smart Devices ◽  
Network Intrusion Detection ◽  
The Internet ◽  
Routing Attacks ◽  
Network Intrusion

Internet of Things is realized by a large number of heterogeneous smart devices which sense, collect and share data with each other over the internet in order to control the physical world. Due to open nature, global connectivity and resource constrained nature of smart devices and wireless networks the Internet of Things is susceptible to various routing attacks. In this paper, we purpose an architecture of Ensemble Learning based Network Intrusion Detection System named ELNIDS for detecting routing attacks against IPv6 Routing Protocol for Low-Power and Lossy Networks. We implement four different ensemble based machine learning classifiers including Boosted Trees, Bagged Trees, Subspace Discriminant and RUSBoosted Trees. To evaluate proposed intrusion detection model we have used RPL-NIDDS17 dataset which contains packet traces of Sinkhole, Blackhole, Sybil, Clone ID, Selective Forwarding, Hello Flooding and Local Repair attacks. Simulation results show the effectiveness of the proposed architecture. We observe that ensemble of Boosted Trees achieve the highest Accuracy of 94.5% while Subspace Discriminant method achieves the lowest Accuracy of 77.8% among classifier validation methods. Similarly, an ensemble of RUSBoosted Trees achieves the highest Area under ROC value of 0.98 while lowest Area under ROC value of 0.87 is achieved by an ensemble of Subspace Discriminant among all classifier validation methods. All the implemented classifiers show acceptable performance results.

Malware Threat in Internet of Things and Its Mitigation Analysis

2020 ◽  
pp. 363-379
Author(s):  
Shingo Yamaguchi ◽  
Brij Gupta
Keyword(s):  
Internet Of Things ◽  
Large Volume ◽  
Denial Of Service ◽  
The Internet ◽  
Distributed Denial Of Service ◽  
Ddos Attack ◽  
New Type ◽  
Iot Devices ◽  
Mitigation Methods ◽  
The Internet Of Things

This chapter introduces malware's threat in the internet of things (IoT) and then analyzes the mitigation methods against the threat. In September 2016, Brian Krebs' web site “Krebs on Security” came under a massive distributed denial of service (DDoS) attack. It reached twice the size of the largest attack in history. This attack was caused by a new type of malware called Mirai. Mirai primarily targets IoT devices such as security cameras and wireless routers. IoT devices have some properties which make them malware attack's targets such as large volume, pervasiveness, and high vulnerability. As a result, a DDoS attack launched by infected IoT devices tends to become massive and disruptive. Thus, the threat of Mirai is an extremely important issue. Mirai has been attracting a great deal of attention since its birth. This resulted in a lot of information related to IoT malware. Most of them came from not academia but industry represented by antivirus software makers. This chapter summarizes such information.

Sign in / Sign up

Export Citation Format

Share Document