Intrusion detection systems in Internet of Things: A literature review

Santos, Leonel Duarte dos; Rabadão, Carlos; Gonçalves, Ramiro

doi:10.23919/cisti.2018.8399291

Cited by 83 publications

(49 citation statements)

References 43 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…owever, it has only been tested to detect spoofed or altered information, sinkhole, and selective-forwarding attacks. Shreenivas et al [20], [21] extended SVELTE by adding another intrusion detection module that uses an Expected Transmission (ETX) metric to identify malicious activity on the network. They also proposed a geographic hint to detect malicious nodes that conduct attacks against ETX-based networks.…”

Section: A Signature/event/rule Based Idssmentioning

confidence: 99%

“…The network payloads are treated as a sequence of bytes called bit-pattern, and the feature selection operates as an overlapping tuple of bytes called n-grams. When the corresponding bits matches all positions, a match between the bit-pattern and n-grams occurs [21]. The system is evaluated by deploying four attacks and demonstrates a very low false-positive rate.…”

Section: A Signature/event/rule Based Idssmentioning

confidence: 99%

See 1 more Smart Citation

A Supervised Intrusion Detection System for Smart Home IoT Devices

Anthi

Williams

Slowinska

et al. 2019

IEEE Internet Things J.

441

167

View full text Add to dashboard Cite

The proliferation in Internet of Things (IoT) devices, which routinely collect sensitive information, is demonstrated by their prominence in our daily lives. Although such devices simplify and automate every day tasks, they also introduce tremendous security flaws. Current insufficient security measures employed to defend smart devices make IoT the 'weakest' link to breaking into a secure infrastructure, and therefore an attractive target to attackers. This paper proposes a three layer Intrusion Detection System (IDS) that uses a supervised approach to detect a range of popular network based cyber-attacks on IoT networks. The system consists of three main functions: 1) classify the type and profile the normal behaviour of each IoT device connected to the network, 2) identifies malicious packets on the network when an attack is occurring, and 3) classifies the type of the attack that has been deployed. The system is evaluated within a smart home testbed consisting of 8 popular commercially available devices. The effectiveness of the proposed IDS architecture is evaluated by deploying 12 attacks from 4 main network based attack categories such as: Denial of Service (DoS), Man-In-The-Middle (MITM)/Spoofing, Reconnaissance, and Replay. Additionally, the system is also evaluated against 4 scenarios of multi-stage attacks with complex chains of events. The performance of the system's three core functions result in an F-measure of: 1) 96.2%, 2) 90.0%, and 3) 98.0%. This demonstrates that the proposed architecture can automatically distinguish between IoT devices on the network, whether network activity is malicious or benign, and detect which attack was deployed on which device connected to the network successfully.

show abstract

Section: A Signature/event/rule Based Idssmentioning

confidence: 99%

Section: A Signature/event/rule Based Idssmentioning

confidence: 99%

A Supervised Intrusion Detection System for Smart Home IoT Devices

Anthi

Williams

Slowinska

et al. 2019

IEEE Internet Things J.

441

167

View full text Add to dashboard Cite

show abstract

“…On the other hand, the evolution of intrusion detection systems for the Internet of Things (IoT) is also an emerging research problem because the network traffic in real-time IoT-enabled devices is more pervasive and they are vulnerable to newer cybersecurity attacks [41]. Thus, researchers have focused on practical aspects such as mitigating the interference imposed by intruders in passive RFID networks [42].…”

Section: Related Workmentioning

confidence: 99%

A Scalable and Hybrid Intrusion Detection System Based on the Convolutional-LSTM Network

2019

View full text Add to dashboard Cite

With the rapid advancements of ubiquitous information and communication technologies, a large number of trustworthy online systems and services have been deployed. However, cybersecurity threats are still mounting. An intrusion detection (ID) system can play a significant role in detecting such security threats. Thus, developing an intelligent and accurate ID system is a non-trivial research problem. Existing ID systems that are typically used in traditional network intrusion detection system often fail and cannot detect many known and new security threats, largely because those approaches are based on classical machine learning methods that provide less focus on accurate feature selection and classification. Consequently, many known signatures from the attack traffic remain unidentifiable and become latent. Furthermore, since a massive network infrastructure can produce large-scale data, these approaches often fail to handle them flexibly, hence are not scalable. To address these issues and improve the accuracy and scalability, we propose a scalable and hybrid IDS, which is based on Spark ML and the convolutional-LSTM (Conv-LSTM) network. This IDS is a two-stage ID system: the first stage employs the anomaly detection module, which is based on Spark ML. The second stage acts as a misuse detection module, which is based on the Conv-LSTM network, such that both global and local latent threat signatures can be addressed. Evaluations of several baseline models in the ISCX-UNB dataset show that our hybrid IDS can identify network misuses accurately in 97.29% of cases and outperforms state-of-the-art approaches during 10-fold cross-validation tests.

show abstract

“…The cost function is then computing utilizing equation (4) and depends on its value the algorithm may stop, whether it is under certain value or the improvement from the past iteration is less than specific threshold. If there is a way for improvement, U is then evaluated utilizing equation (6) and the algorithm is repeated again.…”

Section: (4)mentioning

confidence: 99%

Intrusion Detection in IoT based Smart Networks using Fuzzy Brain Storm Optimization Technique

B*,

Venkatachalam,

Saroja

2019

IJEAT

View full text Add to dashboard Cite

The Internet of Things (IoT) is characterized as an approach where objects are outfitted with sensors, processors, and actuators which include design of hardware board and development, protocols, web APIs, and software systems, which combined to make an associated architecture of embedded systems. This connected environment enables technologies to get associated with different networks, platforms, and devices, making a web of communication which is reforming the manner in which we communicate with the world digitally. These connected embedded systems are changing behaviour and interactions with our environment, networks, and homes, and also with our own bodies in terms of smart devices. Security and privacy are the most significant consideration in the field of real-world communication and mainly on IoTs. With the evolution of IoT the network layer security in the IoT has drawn greater focus. The security vulnerabilities in the IoT system could make security risks based on any application. Therefore there is an essential requirement for IDS for the IoT based systems for avoiding security attacks based on security vulnerabilities. This paper proposed a fuzzy c-means clustering with brain storm optimization algorithm (FBSO) for IDS based on IoT system. The NSL-KDD dataset is utilized to evaluate and simulate the proposed algorithm. The results demonstrate that the proposed technique efficiently recognize intrusion attacks and decrease the network difficulties

show abstract

Intrusion detection systems in Internet of Things: A literature review

Cited by 83 publications

References 43 publications

A Supervised Intrusion Detection System for Smart Home IoT Devices

A Supervised Intrusion Detection System for Smart Home IoT Devices

A Scalable and Hybrid Intrusion Detection System Based on the Convolutional-LSTM Network

Intrusion Detection in IoT based Smart Networks using Fuzzy Brain Storm Optimization Technique

Contact Info

Product

Resources

About