Survey on Intrusion Detection System in IoT Network

Mehdi, Syed Ali; Hussain, S. M. Suhail

doi:10.1007/978-981-19-2535-1_60

Cited by 4 publications

(7 citation statements)

References 21 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The black hole attack is classified among the most dangerous threats in MANET networks, indeed in this attack, a malicious node redirect all communications to it self in order to drop or to modify them, witch hijack the purpose that the network is deployed for. Hence, the necessity to implement Many researchers are interested by this field of research and several solutions were proposed in the literature to detect and isolate the black holes, for example by examining the sequence number of the replays [16,27,32,38] or by modifying the structure of the AODV control messages [25,39] or by sending a RREQ without destination address [40], since the malicious node responds to all REEQ without checking if the destination address is mentioned in the RREQ or not ... etc. Unfortunately, most of the proposed IDS are, now, inefficient against the new generation of black holes, known also by smart black holes [40].…”

Section: Smart Black Hole Attackmentioning

confidence: 99%

“…In black hole attacks, an attacking node re-directs data packets to itself, by announcing itself the node how has the newest and shortest path to the destination, and eavesdrops or discards them, thus, affecting network performances, hence the need to implement Intrusion Detection Systems (IDS) [27].…”

Section: Introductionmentioning

confidence: 99%

“…Many solutions were proposed against the black holes attacks, but most of them become inefficient in front of the new generation of black holes, called also smart black holes. Indeed, classical solutions, like threshold based methods [16,27,32,38] which consists in fixing a threshold for the sequence number in order to detect the malicious node that assumes possessing a route to the destination with a very high sequence number, are invalid versus the smart black holes [40].…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Mitigation of smart black hole attacks using universal sink detection method in graph theory

MEKKAOUI

TEGGAR

2023

Preprint

View full text Add to dashboard Cite

Nowadays, network security has become a very important aspect due to the increasing number of connected things and the multiple threats that become more and more intelligent. Mobile Ad hoc networks (MANET), known to be non-infrastructure and self-configured peer networks, are subject to multiple types of attacks. For this reason, it is essential to implement an Intrusion Detection System that realizes fast attack detection to alert users by any malicious activity taking place on the network. Black hole is one of the most serious threats in MANETs, witch is the origin of Denial of service attack. This type of threats has been widely studied and many solutions were proposed. Unfortunately these solutions has become inefficient against the new generation of black holes, known also as smart black holes, witch can deceive most of these solutions. To overcome smart black holes, we proposed an Intrusion Detection System based on the early detecting and isolating malicious nodes by exploiting local information shared by neighbors and using universal sink detection method in graph theory. We proved that smart black holes can defeat the sequence number threshold-based detection strategy by using leastsquare method. Simulations in NS2, showed the efficiency of the proposed approach, which can quickly detect and isolate smart black holes, improve the Packet delivery ratio (PDR) and throughput by an average of 97% and 90%, respectively, thus preserving the network performances.

show abstract

Section: Smart Black Hole Attackmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Mitigation of smart black hole attacks using universal sink detection method in graph theory

MEKKAOUI

TEGGAR

2023

Preprint

View full text Add to dashboard Cite

show abstract

“…The incorporation of an IDS into SDN architecture is among the ideal methods to develop a secure SDN environment [20], [21]. In this case, IDS is a system made for the detection and notification of unpermitted attempts at access, adjustments, and/or restrictions of computer system Generally, two categories of IDS are the most commonly used [22], [23]: host IDS (HIDS) and network IDS (NIDS).…”

Section: ) Security Challenges In Sdnmentioning

confidence: 99%

MCAD: A Machine Learning Based Cyberattacks Detector in Software-Defined Networking (SDN) for Healthcare Systems

Halman

Alenazi

2023

IEEE Access

View full text Add to dashboard Cite

The healthcare sector deals with sensitive and significant data that must be protected against illegitimate users. Software-defined networks (SDNs) are widely used in healthcare systems to ensure efficient resource utilization, security, optimal network control, and management. Despite such advantages, SDNs suffer from a major issue posed by a wide range of cyberattacks, due to the sensitivity of patients' data. These attacks diminish the overall network performance, and can cause a network failure that might threaten human lives. Therefore, the main goal of our work is to propose a machine learning-based cyberattack detector (MCAD) for healthcare systems, by adapting a layer three (L3) learning switch application to collect normal and abnormal traffic, and then deploy MCAD on the Ryu controller. Our findings are beneficial for enhancing the security of healthcare applications by mitigating the impact of cyberattacks. This work covers the testing of MCAD using a wide spectrum of both ML algorithms and attacks, and provides a performance comparison for every pair of ML algorithms/attacks to illustrate the strengths and weaknesses of different algorithms against a specific attack. The MCAD shows impressive performance, achieving an F1-score of 0.9998 and of 0.9882 on normal and attack classes, respectively, which implies a high level of reliability. MCAD also achieved 5,709,692 samples per second on throughput, which reflects a high-performance real-time system with respect to complexity. Additionally, it showed a positive impact on the network KPIs by increasing the throughput by 609%, and decreasing delay and jitter by 77% and 23%, respectively, compared to attack results.

show abstract

“…Extensive research has been conducted in this field, leading to numerous proposed solutions for the detection and isolation of black hole attacks. These approaches encompass various techniques, such as examining the sequence numbers of RREPs [16,27,33,39], modifying the structure of AODV control messages [25,40], or even sending RREQs without a destination address [41], exploiting the fact that malicious nodes respond to all RREQs without verifying the presence of a destination address. Unfortunately, most of the existing IDS solutions prove ineffective against the new generation of black holes, commonly referred to as smart black holes [28,41].…”

Section: Smart Black Hole Attackmentioning

confidence: 99%

Enhancing Security in Mobile Ad Hoc Networks: Detection and Isolation of Smart Black Hole Attacks using Universal Sink Detection Technique in Graph Theory

MEKKAOUI,

TEGGAR,

Houacine

2023

Preprint

View full text Add to dashboard Cite

Network security is of utmost importance due to the ever-increasing number of connected devices and the growing sophistication of threats. Mobile Ad hoc networks (MANETs), characterized by their non-infrastructure and self-configured peer networks, are particularly vulnerable to various types of attacks. Therefore, it is imperative to implement an efficient Intrusion Detection System (IDS) capable of rapidly detecting attacks and alerting users to any malicious activities occurring on the network. Among the numerous threats faced by MANETs, the black hole attack stands out as one of the most serious. Originating from Denial of Service attacks, this type of threat has been extensively studied, and several solutions have been proposed. However, these solutions have become ineffective against the emergence of a new generation of black holes, known as smart black holes, which can circumvent most existing countermeasures. To address the challenge posed by smart black holes, we propose an IDS that focuses on early detection and isolation of malicious nodes. Our approach leverages locally shared information from neighboring nodes and utilizes the universal sink detection method derived from graph theory. Through simulations conducted in NS2, we have evaluated the effectiveness of our proposed approach. The results validate the efficiency of our system, as it enables prompt detection and isolation of smart black holes, leading to significant improvements in Packet Delivery Ratio (PDR) and throughput, with average enhancements of 97% and 90%, respectively. Consequently, our approach not only preserves network performance but also mitigates the impact of smart black hole attacks.

show abstract

Survey on Intrusion Detection System in IoT Network

Cited by 4 publications

References 21 publications

Mitigation of smart black hole attacks using universal sink detection method in graph theory

Mitigation of smart black hole attacks using universal sink detection method in graph theory

MCAD: A Machine Learning Based Cyberattacks Detector in Software-Defined Networking (SDN) for Healthcare Systems

Enhancing Security in Mobile Ad Hoc Networks: Detection and Isolation of Smart Black Hole Attacks using Universal Sink Detection Technique in Graph Theory

Contact Info

Product

Resources

About