A Lightweight Intrusion Detection Scheme Based on Energy Consumption Analysis in 6LowPAN

Lee, Tsung-Han; Wen, Chih-Hao; Chang, Lin-Huang; Chiang, Hung-Shiou; Hsieh, Ming-Chun

doi:10.1007/978-94-007-7262-5_137

Cited by 63 publications

(35 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…[20] Man-in-the-middle Anomaly-based Simulation Centralized [21] Multiple Conventional attacks Signature-based ------ [22] Routing attack Specification-based Simulation Hybrid [23] DoS Specification-based Simulation -- [24] DoS Signature-based Empirical Centralized [25] Routing attack Anomaly-based Simulation Centralized [26] Routing attack Hybrid Simulation Hybrid [27] Multiple Conventional attacks Anomaly-based ---- [28] Multiple Conventional attacks Signature-based Hypothetical Centralized [29] Multiple Conventional attacks Specification-based Empirical Hybrid [30] Multiple Conventional attacks Signature-based Empirical Distributed [31] DoS Anomaly-based Simulation Distributed [32] Routing attack and MITM Hybrid Simulation [33] Routing attack Hybrid Simulation Distributed [34] Conventional Anomaly-based Empirical [35] Multiple Conventional attacks Anomaly-based ----Hybrid [36] Routing attack Anomaly-based Simulation Hybrid…”

Section: References Security Threat Detection Methods Validation Stratmentioning

confidence: 99%

A Two-Level Flow-Based Anomalous Activity Detection System for IoT Networks

Ullah

Mahmoud

2020

Electronics

View full text Add to dashboard Cite

The significant increase of the Internet of Things (IoT) devices in smart homes and other smart infrastructure, and the recent attacks on these IoT devices, are motivating factors to secure and protect IoT networks. The primary security challenge to develop a methodology to identify a malicious activity correctly and mitigate the impact of such activity promptly. In this paper, we propose a two-level anomalous activity detection model for intrusion detection system in IoT networks. The level-1 model categorizes the network flow as normal flow or abnormal flow, while the level-2 model classifies the category or subcategory of detected malicious activity. When the network flow classified as an anomaly by the level-1 model, then the level-1 model forwards the stream to the level-2 model for further investigation to find the category or subcategory of the detected anomaly. Our proposed model constructed on flow-based features of the IoT network. Flow-based detection methodologies only inspect packet headers to classify the network traffic. Flow-based features extracted from the IoT Botnet dataset and various machine learning algorithms were investigated and tested via different cross-fold validation tests to select the best algorithm. The decision tree classifier yielded the highest predictive results for level-1, and the random forest classifier produced the highest predictive results for level-2. Our proposed model Accuracy, Precision, Recall, and F score for level-1 were measured as 99.99% and 99.90% for level-2. A two-level anomalous activity detection system for IoT networks we proposed will provide a robust framework for the development of malicious activity detection system for IoT networks. It would be of interest to researchers in academia and industry.

show abstract

Section: References Security Threat Detection Methods Validation Stratmentioning

confidence: 99%

A Two-Level Flow-Based Anomalous Activity Detection System for IoT Networks

Ullah

Mahmoud

2020

Electronics

View full text Add to dashboard Cite

show abstract

“…Lee et al [12] OF and MRHOF are not discussed within discussion of detecting malicious activity based on power consumption and network flow. MRHOF and OF0 for each IoT combination attack along with power consumption, hop count, and dropped packet metrics will be in the scope of our work.…”

Section: Mrhof and Of0 Attacksmentioning

confidence: 99%

Employing a Machine Learning Approach to Detect Combined Internet of Things Attacks against Two Objective Functions Using a Novel Dataset

Foley

Moradpoor

Ochenyi

2020

Security and Communication Networks

View full text Add to dashboard Cite

One of the important features of routing protocol for low-power and lossy networks (RPLs) is objective function (OF). OF influences an IoT network in terms of routing strategies and network topology. On the contrary, detecting a combination of attacks against OFs is a cutting-edge technology that will become a necessity as next generation low-power wireless networks continue to be exploited as they grow rapidly. However, current literature lacks study on vulnerability analysis of OFs particularly in terms of combined attacks. Furthermore, machine learning is a promising solution for the global networks of IoT devices in terms of analysing their ever-growing generated data and predicting cyberattacks against such devices. Therefore, in this paper, we study the vulnerability analysis of two popular OFs of RPL to detect combined attacks against them using machine learning algorithms through different simulated scenarios. For this, we created a novel IoT dataset based on power and network metrics, which is deployed as part of an RPL IDS/IPS solution to enhance information security. Addressing the captured results, our machine learning approach is successful in detecting combined attacks against two popular OFs of RPL based on the power and network metrics in which MLP and RF algorithms are the most successful classifier deployment for single and ensemble models.

show abstract

“…Lee et. al [29] proposed a computationally lighter IDS for IoT systems. This technique utilizes a distributed placement strategy for monitoring the node energy consumed for intrusion detection, namely DoS attacks.…”

Section: Prevention Of Intrusion Detection-an Internet Of Things mentioning

confidence: 99%

Performance Improvement of Intrusion Detection Systems

Mishra¹,

Mahapatra²,

Pradhan³

2019

IJITEE

View full text Add to dashboard Cite

Intrusion Detection Systems (IDSs) have been crucial in defending intrusive attacks (both active and passive) in various application scenarios in recent trends. Over the years, many research activities have been carried out on intrusion detection systems. The IDSs have been evolved over times with various detection methodologies, approaches, and technology types. The IDSs after several evaluations and different approaches still face a major challenge-performance improvement. This improvement can be quantified in two broad ways- the detection rate and the rate of false positives. The improved performance involves the efficiency and accuracy of detection. The efficiency can be attributed to performance in case of a very high amount of attacks and the accuracy can be attributed to a significantly low amount of false positives. In the same context, we have found that the IoT networks which are in high demand in recent trends also suffer from such types of attacks in operational environments due to limited storage and processing capabilities. In order to protect the IoT application, the scenario necessitates the need of IDS that is lightweight in implementation and provides a significantly higher amount of accuracy which is at par with the IDSs implemented in conventional networks. In this work, we have proposed an improved technique for performance improvement of IDSs in IoT domain.

show abstract

A Lightweight Intrusion Detection Scheme Based on Energy Consumption Analysis in 6LowPAN

Cited by 63 publications

References 8 publications

A Two-Level Flow-Based Anomalous Activity Detection System for IoT Networks

A Two-Level Flow-Based Anomalous Activity Detection System for IoT Networks

Employing a Machine Learning Approach to Detect Combined Internet of Things Attacks against Two Objective Functions Using a Novel Dataset

Performance Improvement of Intrusion Detection Systems

Contact Info

Product

Resources

About