Intrusion Detection System for AES Encripted Low-Power IoT Networks

The introduction of the IPv6 protocol solved the problem of providingaddresses to network devices. With the emergence of the Internetof Things (IoT), there was also the need to develop a protocolthat would assist in connecting low-power devices. The 6LoWPANprotocols were created for this purpose. However, such protocolsinherited the vulnerabilities and threats related to Denial of Service(DoS) attacks from the IPv4 and IPv6 protocols. In this paper, weprepare a network environment for low-power IoT devices usingCOOJA simulator and Contiki operating system to analyze theenergy consumption of devices. Besides, we propose an IntrusionDetection System (IDS) associated with the AES symmetric encryptionalgorithm for the detection of reflection DoS attacks. Thesymmetric encryption has proven to be an appropriate methoddue to low implementation overhead, not incurring in large powerconsumption, and keeping a high level of system security. The maincontributions of this paper are: (i) implementation of a reflectionattack algorithm for IoT devices; (ii) implementation of an intrusiondetection system using AES encryption; (iii) comparison ofthe power consumption in three distinct scenarios: normal messageexchange, the occurrence of a reflection attack, and runningIDS algorithm. Finally, the results presented show that the IDSwith symmetric cryptography meets the security requirements andrespects the energy limits of low-power sensors.

Download Full-text

Design Of Intrusion Detection System For Dos Attack In 6lowpan And RPL Based IoT Network

International Journal of Innovative Technology and Exploring Engineering - Special Issue ◽

10.35940/ijitee.k2288.0981119 ◽

2019 ◽

Vol 8 (11) ◽

pp. 3840-3844

Keyword(s):

Intrusion Detection ◽

Low Power ◽

Intrusion Detection System ◽

Detection System ◽

Denial Of Service ◽

Attack Detection ◽

Area Network ◽

Dos Attack ◽

Resource Constrained ◽

Ipv6 Protocol

Internet of Things (IoT) is a network spread globally and accommodates maximum things under it. All these things are connected globally using IPv6 protocol which satisfies the need of connecting maximum devices by supporting 2^128 addresses. Because of heavy-weight nature of IPv6 protocol, a compressed version of it known as IPv6 Low Power Personal Area Network (6LoWPAN) protocol is used for a resource-constrained network that communicates over low power and lossy links. In IoT, devices are resource-constrained in terms of low battery power, less processing power, less transceiver power, etc. Also these devices are directly connected to insecure internet hence it is very challenging to maintain security in IoT network. In this paper, we have discussed various attacks on 6LoWPAN and RPL network along with countermeasures to reduce the attacks. DoS attack is one of the severe attacks in IoT which has various patterns of execution. Out of various attacks we have designed Intrusion Detection System (IDS) for Denial of Service (DOS) attack detection using Contiki OS and Cooja simulator.

Download Full-text

Multi-Aspect DDOS Detection System for Securing Cloud Network

Cloud Security ◽

10.4018/978-1-5225-8176-5.ch096 ◽

2019 ◽

pp. 1952-1983

Author(s):

Pourya Shamsolmoali ◽

Masoumeh Zareapoor ◽

M.Afshar Alam

Keyword(s):

Cloud Computing ◽

Detection System ◽

Denial Of Service ◽

Complex Form ◽

Internet Security ◽

Detection Methods ◽

Ddos Attacks ◽

Dos Attacks ◽

Ddos Detection ◽

Cloud Network

Distributed Denial of Service (DDoS) attacks have become a serious attack for internet security and Cloud Computing environment. This kind of attacks is the most complex form of DoS (Denial of Service) attacks. This type of attack can simply duplicate its source address, such as spoofing attack, which defending methods do not able to disguises the real location of the attack. Therefore, DDoS attack is the most significant challenge for network. In this chapter we present different aspect of security in Cloud Computing, mostly we concentrated on DDOS Attacks. The Authors illustrated all types of Dos Attacks and discussed the most effective detection methods.

Download Full-text

Visualization Technique for Intrusion Detection

Security and Privacy Management, Techniques, and Protocols - Advances in Information Security, Privacy, and Ethics ◽

10.4018/978-1-5225-5583-4.ch011 ◽

2018 ◽

pp. 276-290

Author(s):

Mohamed Cheikh ◽

Salima Hacini ◽

Zizette Boufaida

Keyword(s):

Intrusion Detection ◽

Computer Security ◽

Detection System ◽

Denial Of Service ◽

High Rate ◽

False Alarms ◽

Dos Attacks ◽

Network Parameter ◽

A New Technique ◽

Parameter Values

Intrusion detection system (IDS) plays a vital and crucial role in a computer security. However, they suffer from a number of problems such as low detection of DoS (denial-of-service)/DDoS (distributed denial-of-service) attacks with a high rate of false alarms. In this chapter, a new technique for detecting DoS attacks is proposed; it detects DOS attacks using a set of classifiers and visualizes them in real time. This technique is based on the collection of network parameter values (data packets), which are automatically represented by simple geometric graphs in order to highlight relevant elements. Two implementations for this technique are performed. The first is based on the Euclidian distance while the second is based on KNN algorithm. The effectiveness of the proposed technique has been proven through a simulation of network traffic drawn from the 10% KDD and a comparison with other classification techniques for intrusion detection.

Download Full-text

Securing Infrastructure-as-a-Service Public Clouds Using Security Onion

Applied System Innovation ◽

10.3390/asi2010006 ◽

2019 ◽

Vol 2 (1) ◽

pp. 6

Author(s):

Abdullahi Mikail ◽

Bernardi Pranggono

Keyword(s):

Intrusion Detection System ◽

Detection System ◽

Cloud Model ◽

Denial Of Service ◽

Cyber Attacks ◽

Proof Of Concept ◽

Dos Attacks ◽

Infrastructure As A Service ◽

Effective Manner ◽

Security Challenges

The shift to Cloud computing has brought with it its specific security challenges concerning the loss of control, trust and multi-tenancy especially in Infrastructure-as-a-Service (IaaS) Cloud model. This article focuses on the design and development of an intrusion detection system (IDS) that can handle security challenges in IaaS Cloud model using an open source IDS. We have implemented a proof-of-concept prototype on the most deployed hypervisor—VMware ESXi—and performed various real-world cyber-attacks, such as port scanning and denial of service (DoS) attacks to validate the practicality and effectiveness of our proposed IDS architecture. Based on our experimental results we found that our Security Onion-based IDS can provide the required protection in a reasonable and effective manner.

Download Full-text

AntibIoTic: Protecting IoT Devices Against DDoS Attacks

10.31224/osf.io/vh8ka ◽

2017 ◽

Cited By ~ 3

Author(s):

Michele De Donno ◽

Nicola Dragoni ◽

Alberto Giaretta ◽

Manuel Mazzara

Keyword(s):

Denial Of Service ◽

Main Idea ◽

Denial Of Service Attacks ◽

Distributed Denial Of Service ◽

Ddos Attacks ◽

Dos Attacks ◽

The World ◽

Iot Devices

The 2016 is remembered as the year that showed to the world how dangerous distributed Denial of Service attacks can be. Gauge of the disruptiveness of DDoS attacks is the number of bots involved: the bigger the botnet, the more powerful the attack. This character, along with the increasing availability of connected and insecure IoT devices, makes DDoS and IoT the perfect pair for the malware industry. In this paper we present the main idea behind AntibIoTic, a palliative solution to prevent DoS attacks perpetrated through IoT devices.

Download Full-text

Intrusion Detection in IoT Networks Using Deep Learning Algorithm

Information ◽

10.3390/info11050279 ◽

2020 ◽

Vol 11 (5) ◽

pp. 279 ◽

Cited By ~ 1

Author(s):

Bambang Susilo ◽

Riri Fitri Sari

Keyword(s):

Machine Learning ◽

Deep Learning ◽

Learning Strategies ◽

Learning Algorithm ◽

Human Life ◽

Denial Of Service ◽

The Internet ◽

Dos Attacks ◽

Deep Learning Algorithm ◽

Iot Devices

The internet has become an inseparable part of human life, and the number of devices connected to the internet is increasing sharply. In particular, Internet of Things (IoT) devices have become a part of everyday human life. However, some challenges are increasing, and their solutions are not well defined. More and more challenges related to technology security concerning the IoT are arising. Many methods have been developed to secure IoT networks, but many more can still be developed. One proposed way to improve IoT security is to use machine learning. This research discusses several machine-learning and deep-learning strategies, as well as standard datasets for improving the security performance of the IoT. We developed an algorithm for detecting denial-of-service (DoS) attacks using a deep-learning algorithm. This research used the Python programming language with packages such as scikit-learn, Tensorflow, and Seaborn. We found that a deep-learning model could increase accuracy so that the mitigation of attacks that occur on an IoT network is as effective as possible.

Download Full-text

Smart Detection: An Online Approach for DoS/DDoS Attack Detection Using Machine Learning

Security and Communication Networks ◽

10.1155/2019/1574749 ◽

2019 ◽

Vol 2019 ◽

pp. 1-15 ◽

Cited By ~ 6

Author(s):

Francisco Sales de Lima Filho ◽

Frederico A. F. Silveira ◽

Agostinho de Medeiros Brito Junior ◽

Genoveva Vargas-Solar ◽

Luiz F. Silveira

Keyword(s):

Machine Learning ◽

Network Traffic ◽

Service Providers ◽

Detection System ◽

Denial Of Service ◽

Sampling Rate ◽

Attack Detection ◽

Dos Attacks ◽

Internet Service ◽

Benchmark Datasets

Users and Internet service providers (ISPs) are constantly affected by denial-of-service (DoS) attacks. This cyber threat continues to grow even with the development of new protection technologies. Developing mechanisms to detect this threat is a current challenge in network security. This article presents a machine learning- (ML-) based DoS detection system. The proposed approach makes inferences based on signatures previously extracted from samples of network traffic. The experiments were performed using four modern benchmark datasets. The results show an online detection rate (DR) of attacks above 96%, with high precision (PREC) and low false alarm rate (FAR) using a sampling rate (SR) of 20% of network traffic.

Download Full-text

A Framework for Mitigating DDoS and DOS Attacks in IoT Environment Using Hybrid Approach

Electronics ◽

10.3390/electronics10111282 ◽

2021 ◽

Vol 10 (11) ◽

pp. 1282

Author(s):

Abdulrahman Aminu Ghali ◽

Rohiza Ahmad ◽

Hitham Alhussian

Keyword(s):

High Speed ◽

Oil And Gas ◽

Denial Of Service ◽

Hybrid Approach ◽

Social Engineering ◽

Specific Method ◽

Dos Attacks ◽

Man In The Middle ◽

Intelligent Devices ◽

Iot Devices

The Internet of Things (IoT) has gained remarkable acceptance from millions of individuals. This is evident in the extensive use of intelligent devices such as smartphones, smart television, speakers, air conditioning, lighting, and high-speed networks. The general application area of IoT includes industries, hospitals, schools, homes, sports, oil and gas, automobile, and entertainment, to mention a few. However, because of the unbounded connection of IoT devices and the lack of a specific method for overseeing communication, security concerns such as distributed denial of service (DDoS), denial of service (DoS), replay, botnet, social engineering, man-in-the-middle, and brute force attacks have posed enormous challenges in the IoT environment. Regarding these enormous challenges, this study focuses on DDoS and DoS attacks. These two attacks have the most severe consequences in the IoT environment. The solution proposed in this study can also help future researchers tackle the expansion of IoT security threats. Moreover, the study conducts rigorous experiments to assess the efficiency of the proposed approach. In summary, the experimental results show that the proposed hybrid approach mitigates data exfiltration caused by DDoS and DoS attacks by 95.4%, with average network lifetime, energy consumption, and throughput improvements of 15%, 25%, and 60%, respectively.

Download Full-text

Towards Improved Random Forest based Feature Selection for Intrusion Detection in Smart IOT Environment

International Journal of Innovative Technology and Exploring Engineering - Special Issue ◽

10.35940/ijitee.f1446.0981119 ◽

2019 ◽

Vol 8 (11) ◽

pp. 749-757

Keyword(s):

Feature Selection ◽

Random Forest ◽

Intrusion Detection ◽

Performance Metrics ◽

Detection System ◽

Denial Of Service ◽

Learning Approaches ◽

Iot Devices ◽

Sensitivity Specificity ◽

Research Challenge

Internet of Things (IoT) is raised as most adaptive technologies for the end users in past few years. Indeed of being popular, security in IoT turned out to be a crucial research challenge and a sensible topic which is discussed very often. Denial of Service (DoS) attack is encountered in IoT sensor networks by perpetrators with numerous compromised nodes to flood certain targeted IoT device and thus resulting in vulnerability or service unavailability. Features that are encountered from the malicious node can be utilized effectually to recognize recurring patterns or attack signature of network based or host based attacks. Henceforth, feature extraction using machine learning approaches for modelling of Intrusion detection system (IDS) have been cast off for identification of threats in IoT devices. In this investigation, Kaggle dataset is measured as benchmark dataset for detecting intrusion is considered initially. These dataset includes 41 essential attributes for intrusion identification. Next, selection of features for classifiers is done with an improved Weighted Random Forest Information extraction (IW-RFI). This proposed WRFI approach evaluates the mutual information amongst the attributes of features and select the optimal features for further computation. This work primarily concentrates on feature selection as effectual feature selection leads to effectual classification. Finally, performance metrics like accuracy, sensitivity, specificity is computed for determining enhanced feature selection. The anticipated model is simulated in MATLAB environment, which outperforms than the existing approaches. This model shows better trade off in contrary to prevailing approaches in terms of accurate detection of threats in IoT devices and offers better transmission over those networks.

Download Full-text

Cybersecurity for next generation healthcare in Qatar

Journal of Emergency Medicine Trauma and Acute Care ◽

10.5339/jemtac.2021.qhc.41 ◽

2021 ◽

Vol 2021 (2) ◽

Author(s):

Mohammad Zubair ◽

Devrim Unal ◽

Abdulla Al-Ali ◽

Thomas Reimann ◽

Guillaume Alinier

Keyword(s):

Deep Learning ◽

Management System ◽

Secure Communication ◽

Identity Management ◽

Detection System ◽

Denial Of Service ◽

Learning System ◽

Dos Attacks ◽

Privacy And Security ◽

Identity Management System

Background: IoMT (Internet of Medical Things) devices (often referred to IoMT domain) have the potential to quickly diagnose and monitor patients outside the hospital by transmitting information through the cloud domain using wireless communication to remotely located medical professionals (user domain). shows the proposed IoMT framework designed to improve the privacy and security of the healthcare infrastructure. Methods: The framework consists of four modules: 1. Intrusion Detection System (IDS) using deep learning (DL) to identify bluetooth-based Denial-of-Service (DoS)-attacks on IoMT devices and is deployed on edge-computing to secure communication between IoMT and edge. 2. IDS is backed up with identity-based cryptography to encrypt the data and communication path. 3. Besides the identity-management system (to authenticate users), it is modeled with aliveness detection using face authentication techniques at the edge to guarantee the confidentiality, integrity, and availability (CIA) of the framework. 4. At the cloud level, another IDS using MUSE (Merged-Hierarchical-Deep-Learning-System-with-Layer-Reuse) is proposed to protect the system against Man-In-The-Middle attacks, while the data is transferred between IoMT-EDGE-CLOUD. Results: These four modules are developed independently by precisely analyzing dependencies. The performance of IDS in terms of precision is 99% and for the identity-management system, the time required to encrypt and decrypt 256-bit key is 66 milliseconds and 220 milliseconds respectively. The true positive rate is 90.1%, which suggests real-time detection and authentication rate. IDS (2) using MUSE (12-layer) the accuracy is >95%, and it consumes 15.7% to 27.63% less time to train than the smaller four-layer model. Conclusion: Our designed models suit edge devices and cloud-based cybersecurity systems and support the fast diagnosis and care required by critically ill patients in the community.

Download Full-text