A Trust-Based Intrusion Detection System for RPL Networks: Detecting a Combination of Rank and Blackhole Attacks

Ioulianou, Philokypros P.; Shahandashti, Siamak F.

doi:10.3390/jcp2010009

Cited by 25 publications

(9 citation statements)

References 33 publications

(55 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The system utilized in this study was a 64-bit macOS Ventura with the following specifications: an eight-core Intel Core Xeon W processor running at 3.2 GHz, 32 GB of 2666 MHz DDR4 memory. Python version 3.11 environment was used, and the implementation and evaluation of the recommended model were carried out using NumPy [30], pandas [19], and sklearn [31] packages for data processing. Data handling, preprocessing, and analysis were performed using Pandas and NumPy libraries, while Scikit Learn was utilized for model training, evaluation, and evaluation metrics.…”

Section: Figure 1 the Flow Chart Of The Proposed Model 4 Experimental...mentioning

confidence: 99%

Hyperparameters optimization XGBoost for network intrusion detection using CSE-CIC-IDS 2018 dataset

Chimphlee,

Chimphlee

2024

IJ-AI

View full text Add to dashboard Cite

<p>With the introduction of high-speed internet access, the demand for security and dependable networks has grown. In recent years, network attacks have gotten more complex and intense, making security a vital component of organizational information systems. Network intrusion detection systems (NIDS) have become an essential detection technology to protect data integrity and system availability against such attacks. NIDS is one of the most well-known areas of machine learning software in the security field, with machine learni ng algorithms constantly being developed to improve performance. This research focuses on detecting abnormalities in societal infiltration using the hyperparameters optimization XGBoost (HO-XGB) algorithm with the Communications Security Establishment-The Canadian Institute for Cybersecurity-Intrusion Detection System2018 (CSE-CIC-IDS2018) dataset to get the best potential results. When compared to typical machine learning methods published in the literature, HO-XGB outperforms them. The study shows that XGBoost outperforms other detection algorithms. We refined the HO-XGB model's hyperparameters, which included learning_rate, subsample, max_leaves, max_depth, gamma, colsample_bytree, min_child_weight, n_estimators, max_depth, and reg_alpha. The experimental findings reveal that HO-XGB1 outperforms multiple parameter settings for intrusion detection, effectively optimizing XGBoost's hyperparameters.</p>

show abstract

Section: Figure 1 the Flow Chart Of The Proposed Model 4 Experimental...mentioning

confidence: 99%

Hyperparameters optimization XGBoost for network intrusion detection using CSE-CIC-IDS 2018 dataset

Chimphlee,

Chimphlee

2024

IJ-AI

View full text Add to dashboard Cite

show abstract

“…Meanwhile, [55] used location information and received signal strength information in their detecting solution. Moving to another detection system approach proposed in [75], which utilized a trustbased mechanism to detect and isolate neighbor attackers. Another detection method was developed by Farzaneh et al [76] by considering the total received DIO messages and the number of neighbors.…”

Section: Solutions For Replay Attacksmentioning

confidence: 99%

Replay Attacks in RPL-Based Internet of Things: Survey and Empirical Comparative Study

Albinali,

Azzedin

2023

Preprint

View full text Add to dashboard Cite

RPL was developed as a routing protocol in low-power and lossy network contexts to connect many applications using IP-based communication. However, RPL has been subjected to several attacks, including replay attacks. Replay attacks pose significant challenges as any node can initiate the attack by replaying control messages. These messages play a vital role in establishing and sustaining network topology. However, studies that discourse replay attacks are severely limited. To address this issue, we conducted a comprehensive study on replay attack forms and their impact on RPL networks. Our study includes the latest security countermeasures. According to the literature, most RPL replay attacks rely on replaying DIO messages leading to neighbor, DIO suppression, or copycat attacks. DAO messages are also utilized to launch a replay attack. Nevertheless, the literature lacks any study that analyzes DAO replay attacks. To the best of our knowledge, this is the first study that evaluates DAO replay attacks and includes the route table falsification attack.We conduct a comparative study of these attacks and empirically investigate their impact on networks through extensive evaluation experiments. Our findings verify the harm of replay attacks in terms of packet delivery and latency. The average local delivery ratio dropped to less than 60% under DIO suppression and copycat attacks, and the communication latency increased by 50% under neighbor attacks. These results confirm the threat of replay attacks on RPL networks and the need to design countermeasures to mitigate them.

show abstract

“…The IDS components designed and implemented in previous works [1], [3], [8] may not be effective in detecting unknown attacks. They have been designed by relying on thresholdbased and trust-based mechanisms to detect flooding, rank, and blackhole attacks.…”

Section: Designmentioning

confidence: 99%

“…We have also designed and implemented an IDS prototype for protecting RPL networks and devices from battery-drain DoS attacks using rate thresholds [7]. Another recent work has developed a trust-based mechanism that detects and isolates complex routing attacks such as combined rank and blackhole attacks [8]. However, combinations of routing, flooding, and other types of attacks may bypass the thresholdbased and trust-based detection and cause serious damage to the network.…”

Section: Introductionmentioning

confidence: 99%

ML-based Detection of Rank and Blackhole Attacks in RPL Networks

Ioulianou

Shahandashti

2022

2022 13th International Symposium on Communication Systems, Networks and Digital Signal Processing (CSNDSP)

Self Cite

View full text Add to dashboard Cite

Although IoT security is a field studied extensively, recent attacks such as BotenaGo show that current security solutions cannot effectively stop the spread of IoT attacks. Machine Learning (ML) techniques are promising in improving protection against such attacks. In this work, three supervised ML algorithms are trained and evaluated for detecting rank and blackhole attacks in RPL-based IoT networks. Extensive simulations of the attacks are implemented to create a dataset and appropriate fields are identified for training the ML model. We use Google AutoML and Microsoft Azure ML platforms to train our model. Our evaluation results show that ML techniques can be effective in detecting rank and blackhole attacks, achieving a precision of 93.3%.

show abstract

A Trust-Based Intrusion Detection System for RPL Networks: Detecting a Combination of Rank and Blackhole Attacks

Cited by 25 publications

References 33 publications

Hyperparameters optimization XGBoost for network intrusion detection using CSE-CIC-IDS 2018 dataset

Hyperparameters optimization XGBoost for network intrusion detection using CSE-CIC-IDS 2018 dataset

Replay Attacks in RPL-Based Internet of Things: Survey and Empirical Comparative Study

ML-based Detection of Rank and Blackhole Attacks in RPL Networks

Contact Info

Product

Resources

About