Implementing Security in IoT Ecosystem Using 5G Network Slicing and Pattern Matched Intrusion Detection System: A Simulation Study

Aim/Purpose: 5G and IoT are two path-breaking technologies, and they are like wall and climbers, where IoT as a climber is growing tremendously, taking the support of 5G as a wall. The main challenge that emerges here is to secure the ecosystem created by the collaboration of 5G and IoT, which consists of a network, users, endpoints, devices, and data. Other than underlying and hereditary security issues, they bring many Zero-day vulnerabilities, which always pose a risk. This paper proposes a security solution using network slicing, where each slice serves customers with different problems. Background: 5G and IoT are a combination of technology that will enhance the user experience and add many security issues to existing ones like DDoS, DoS. This paper aims to solve some of these problems by using network slicing and implementing an Intrusion Detection System to identify and isolate the compromised resources. Methodology: This paper proposes a 5G-IoT architecture using network slicing. Research here is an advancement to our previous implementation, a Python-based software divided into five different modules. This paper’s amplification includes induction of security using pattern matching intrusion detection methods and conducting tests in five different scenarios, with 1000 up to 5000 devices in different security modes. This enhancement in security helps differentiate and isolate attacks on IoT endpoints, base stations, and slices. Contribution: Network slicing is a known security technique; we have used it as a platform and developed a solution to host IoT devices with peculiar requirements and enhance their security by identifying intruders. This paper gives a different solution for implementing security while using slicing technology. Findings: The study entails and simulates how the IoT ecosystem can be variedly deployed on 5G networks using network slicing for different types of IoT devices and users. Simulation done in this research proves that the suggested architecture can be successfully implemented on IoT users with peculiar requirements in a network slicing environment. Recommendations for Practitioners: Practitioners can implement this solution in any live or production IoT environment to enhance security. This solution helps them get a cost-effective method for deploying IoT devices on a 5G network, which would otherwise have been an expensive technology to implement. Recommendation for Researchers: Researchers can enhance the simulations by amplifying the different types of IoT devices on varied hardware. They can even perform the simulation on a real network to unearth the actual impact. Impact on Society: This research provides an affordable and modest solution for securing the IoT ecosystem on a 5G network using network slicing technology, which will eventually benefit society as an end-user. This research can be of great assistance to all those working towards implementing security in IoT ecosystems. Future Research: All the configuration and slicing resources allocation done in this research was performed manually; it can be automated to improve accuracy and results. Our future direction will include machine learning techniques to make this application and intrusion detection more intelligent and advanced. This simulation can be combined and performed with smart network devices to obtain more varied results. A proof-of-concept system can be implemented on a real 5G network to amplify the concept further.

Download Full-text

A novel Ensemble of Hybrid Intrusion Detection System for Detecting Internet of Things Attacks

Electronics ◽

10.3390/electronics8111210 ◽

2019 ◽

Vol 8 (11) ◽

pp. 1210 ◽

Cited By ~ 11

Author(s):

Khraisat ◽

Gondal ◽

Vamplew ◽

Kamruzzaman ◽

Alazab

Keyword(s):

Internet Of Things ◽

Intrusion Detection ◽

Intrusion Detection System ◽

Detection System ◽

False Positive Rate ◽

Support Vector ◽

Detection Accuracy ◽

Lower False Positive Rate ◽

Positive Rate ◽

Iot Devices

The Internet of Things (IoT) has been rapidly evolving towards making a greater impact on everyday life to large industrial systems. Unfortunately, this has attracted the attention of cybercriminals who made IoT a target of malicious activities, opening the door to a possible attack to the end nodes. Due to the large number and diverse types of IoT devices, it is a challenging task to protect the IoT infrastructure using a traditional intrusion detection system. To protect IoT devices, a novel ensemble Hybrid Intrusion Detection System (HIDS) is proposed by combining a C5 classifier and One Class Support Vector Machine classifier. HIDS combines the advantages of Signature Intrusion Detection System (SIDS) and Anomaly-based Intrusion Detection System (AIDS). The aim of this framework is to detect both the well-known intrusions and zero-day attacks with high detection accuracy and low false-alarm rates. The proposed HIDS is evaluated using the Bot-IoT dataset, which includes legitimate IoT network traffic and several types of attacks. Experiments show that the proposed hybrid IDS provide higher detection rate and lower false positive rate compared to the SIDS and AIDS techniques.

Download Full-text

Multilevel Intrusion Detection System with Affinity Clustering and Ensemble SVM

International Journal of Scientific Research in Computer Science Engineering and Information Technology ◽

10.32628/cseit206431 ◽

2020 ◽

pp. 522-529

Author(s):

Sadhana Patidar ◽

Priyanka Parihar ◽

Chetan Agrawal

Keyword(s):

Machine Learning ◽

Intrusion Detection ◽

Intrusion Detection System ◽

Detection System ◽

Model Performance ◽

Feature Reduction ◽

Support Vector ◽

Learning Tools ◽

Security Issues ◽

Proposed Model

Now-a-days with growing applications over internet increases the security issues over network. Many security applications are designed to cope with such security concerns but still it required more attention to improve speed as well accuracy. With advancement of technologies there is also evolution of new threats or attacks in network. So, it is required to design such detection system that can handle new threats in network. One of the network security tools is intrusion detection system which is used to detect malicious data packets. Machine learning tool is also used to improve efficiency of network-based intrusion detection system. In this paper, an intrusion detection system is proposed with an application of machine learning tools. The proposed model integrates feature reduction, affinity clustering and multilevel Ensemble Support Vector Machine. The proposed model performance is analyzed over two datasets i.e. NSL-KDD and UNSW-NB 15 dataset and achieved approx. 12% of efficiency over other existing work.

Download Full-text

Intrusion Detection System (IDS) in Internet of Things (IoT) Devices for Smart Home

International Journal of Psychosocial Rehabilitation ◽

10.37200/ijpr/v23i4/pr190448 ◽

2019 ◽

Vol 23 (4) ◽

pp. 1217-1227

Author(s):

M.D. Shakhawat Shafaet Romeo

Keyword(s):

Internet Of Things ◽

Intrusion Detection ◽

Intrusion Detection System ◽

Smart Home ◽

Detection System ◽

Iot Devices

Download Full-text

Redundancy Management and Host Intrusion Detection in WSN

Forensic Investigations and Risk Management in Mobile and Wireless Communications - Advances in Wireless Technologies and Telecommunication ◽

10.4018/978-1-5225-9554-0.ch006 ◽

2020 ◽

pp. 153-167 ◽

Cited By ~ 1

Author(s):

Vijander Singh ◽

Ramesh C. Poonia ◽

Linesh Raja ◽

Gourav Sharma ◽

Narendra Kumar Trivedi ◽

...

Keyword(s):

Intrusion Detection ◽

Intrusion Detection System ◽

Detection System ◽

Access Point ◽

Brute Force ◽

Software Application ◽

Redundancy Management ◽

Different Types ◽

Network Event

Intrusion detection system (IDS) is a software application that gives the facility to monitor the traffic of network, event, or activities on networks and finds if any malicious operation occurs. Hackers use different types of attacks to capture the information and use brute force attacks to match the authenticated key with the key, which the hacker has in its stable. When there is a match, the hacker gets the authenticated key through which he can connect with the hotspot or AP. IDS finds invalid or any other misbehavior in the system. The protocol will take care of it; protocol checks the MAC address of the device which wishes to connect with the hotspot or AP, and if any device repeatedly enters a wrong password, the protocol will gives a pop up on the administrator system. The objective of this chapter is to provide information about the protocol that behaves like IDS and is pre-implemented in the routers, which gives the alert to the administrator if any intruder tries to connect with the hotspot or AP (access point) with the rapid wrong key.

Download Full-text

Hybrid Intrusion Detection System for Internet of Things (IoT)

Journal of ISMAC - June 2019 ◽

10.36548/jismac.2020.4.002 ◽

2020 ◽

Vol 2 (4) ◽

pp. 190-199 ◽

Cited By ~ 1

Author(s):

Dr. S. Smys ◽

Dr. Abul Basar ◽

Dr. Haoxiang Wang

Keyword(s):

Internet Of Things ◽

Intrusion Detection ◽

Intrusion Detection System ◽

Detection System ◽

Denial Of Service ◽

Research Work ◽

Experimental Result ◽

Security Issues ◽

Wide Range ◽

Conventional Machine

Internet of things (IoT) is a promising solution to connect and access every device through internet. Every day the device count increases with large diversity in shape, size, usage and complexity. Since IoT drive the world and changes people lives with its wide range of services and applications. However, IoT provides numerous services through applications, it faces severe security issues and vulnerable to attacks such as sinkhole attack, eaves dropping, denial of service attacks, etc., Intrusion detection system is used to detect such attacks when the network security is breached. This research work proposed an intrusion detection system for IoT network and detect different types of attacks based on hybrid convolutional neural network model. Proposed model is suitable for wide range of IoT applications. Proposed research work is validated and compared with conventional machine learning and deep learning model. Experimental result demonstrate that proposed hybrid model is more sensitive to attacks in the IoT network.

Download Full-text

Implementation of an Embedded Microcontroller-Based Intrusion Detection System

Journal of Advances in Science and Engineering ◽

10.37121/jase.v1i1.3 ◽

2018 ◽

Vol 1 (1) ◽

pp. 27-32

Author(s):

Philip O Unabor ◽

Michael S Okundamiya

Keyword(s):

Liquid Crystal ◽

Intrusion Detection ◽

Intrusion Detection System ◽

Detection System ◽

Liquid Crystal Display ◽

Electrical Signal ◽

Motion Sensor ◽

Modern Times ◽

Security Issues

This paper highlights the implementation of an embedded microcontroller-based intrusion detection system. The PIC16F84A microcontroller embedded in the system was programmed using the MikroC Language for the microcontrollers, to pick up an intrusion signal from the motion sensor, (which interprets the signal to be an electrical signal e.g. voltage), process it and then give a command to the display or output units. The output includes a 16x2 ALPHA liquid crystal display (LCD) and a buzzer (alarm unit), which in turn implement the command thereby notifying the environment of the presence of an intruder by displaying “Intruder Detected!” on the LCD and by a beeping sound with an interval of 0.5s delay by the alarm unit. The system was tested and was found to be efficient and suitable for solving myriad of security issues that confront us in modern times.

Download Full-text

An Intelligent Feature Selection with Optimal Neural Network Based Network Intrusion Detection System for Cloud Environment

International Journal of Engineering and Advanced Technology - Regular Issue ◽

10.35940/ijeat.c6343.029320 ◽

2020 ◽

Vol 9 (3) ◽

pp. 3560-3569

Keyword(s):

Intrusion Detection ◽

Intrusion Detection System ◽

Detection System ◽

Cloud Environment ◽

Sensitive Data ◽

High Detection Rate ◽

Security Issues ◽

Network Intrusion ◽

Grasshopper Optimization Algorithm ◽

Grasshopper Optimization

At present times, Cloud Computing (CC) becomes more familiar in several domains such as education, media, industries, government, and so on. On the other hand, uploading sensitive data to public cloud storage services involves diverse security issues, specifically integrity, availability and confidentiality to organizations/companies. Besides, the open and distributed (decentralized) structure of the cloud is highly prone to cyber attackers and intruders. Therefore, it is needed to design an intrusion detection system (IDS) for cloud environment to achieve high detection rate with low false alarm rate. The proposed model involves a binary grasshopper optimization algorithm with mutation (BGOA-M) as a feature selector to choose the optimal features. For classification, improved particle swarm optimization (IPSO) based NN model, called IPSO-NN has been derived. The significance of the IPSO-NN model is assessed using a set of two benchmark IDS dataset. The experimental results stated that the IPSO-NN model has achieved maximum accuracy values of 99.36% and 97.80% on the applied NSL-KDD 2015 and CICIDS 2017 dataset. The obtained experimental outcome clearly pointed out the extraordinary detection performance of the IPSO-NN model over the compared methods.

Download Full-text

A Supervised Intrusion Detection System for Smart Home IoT Devices

IEEE Internet of Things Journal ◽

10.1109/jiot.2019.2926365 ◽

2019 ◽

Vol 6 (5) ◽

pp. 9042-9053 ◽

Cited By ~ 30

Author(s):

Eirini Anthi ◽

Lowri Williams ◽

Malgorzata Slowinska ◽

George Theodorakopoulos ◽

Pete Burnap

Keyword(s):

Intrusion Detection ◽

Intrusion Detection System ◽

Smart Home ◽

Detection System ◽

Iot Devices

Download Full-text

Preventing MQTT Vulnerabilities Using IoT-Enabled Intrusion Detection System

Sensors ◽

10.3390/s22020567 ◽

2022 ◽

Vol 22 (2) ◽

pp. 567

Author(s):

Muhammad Husnain ◽

Khizar Hayat ◽

Enrico Cambiaso ◽

Ubaid U. Fayyaz ◽

Maurizio Mongelli ◽

...

Keyword(s):

Intrusion Detection ◽

Intrusion Detection System ◽

Communication Protocol ◽

Detection System ◽

Communication Technologies ◽

Cyber Attacks ◽

Iot Security ◽

Iot Applications ◽

Iot Devices ◽

Main Component

The advancement in the domain of IoT accelerated the development of new communication technologies such as the Message Queuing Telemetry Transport (MQTT) protocol. Although MQTT servers/brokers are considered the main component of all MQTT-based IoT applications, their openness makes them vulnerable to potential cyber-attacks such as DoS, DDoS, or buffer overflow. As a result of this, an efficient intrusion detection system for MQTT-based applications is still a missing piece of the IoT security context. Unfortunately, existing IDSs do not provide IoT communication protocol support such as MQTT or CoAP to validate crafted or malformed packets for protecting the protocol implementation vulnerabilities of IoT devices. In this paper, we have designed and developed an MQTT parsing engine that can be integrated with network-based IDS as an initial layer for extensive checking against IoT protocol vulnerabilities and improper usage through a rigorous validation of packet fields during the packet-parsing stage. In addition, we evaluate the performance of the proposed solution across different reported vulnerabilities. The experimental results demonstrate the effectiveness of the proposed solution for detecting and preventing the exploitation of vulnerabilities on IoT protocols.

Download Full-text