A Novel Insider Attack and Machine Learning Based Detection for the Internet of Things

Morshed Chowdhury; Biplob Ray; Sujan Chowdhury; Sutharshan Rajasegarar

doi:10.1145/3466721

A Novel Insider Attack and Machine Learning Based Detection for the Internet of Things

ACM Transactions on Internet of Things ◽

10.1145/3466721 ◽

2021 ◽

Vol 2 (4) ◽

pp. 1-23

Author(s):

Morshed Chowdhury ◽

Biplob Ray ◽

Sujan Chowdhury ◽

Sutharshan Rajasegarar

Keyword(s):

Machine Learning ◽

Internet Of Things ◽

Network Traffic ◽

The Internet ◽

Traffic Data ◽

Lossy Networks ◽

Insider Attack ◽

Iot Devices ◽

The Impact ◽

The Internet Of Things

Due to the widespread functional benefits, such as supporting internet connectivity, having high visibility and enabling easy connectivity between sensors, the Internet of Things (IoT) has become popular and used in many applications, such as for smart city, smart health, smart home, and smart vehicle realizations. These IoT-based systems contribute to both daily life and business, including sensitive and emergency situations. In general, the devices or sensors used in the IoT have very limited computational power, storage capacity, and communication capabilities, but they help to collect a large amount of data as well as maintain communication with the other devices in the network. Since most of the IoT devices have no physical security, and often are open to everyone via radio communication and via the internet, they are highly vulnerable to existing and emerging novel security attacks. Further, the IoT devices are usually integrated with the corporate networks; in this case, the impact of attacks will be much more significant than operating in isolation. Due to the constraints of the IoT devices, and the nature of their operation, existing security mechanisms are less effective for countering the attacks that are specific to the IoT-based systems. This article presents a new insider attack, named loophole attack , that exploits the vulnerabilities present in a widely used IPv6 routing protocol in IoT-based systems, called RPL (Routing over Low Power and Lossy Networks). To protect the IoT system from this insider attack, a machine learning based security mechanism is presented. The proposed attack has been implemented using a Contiki IoT operating system that runs on the Cooja simulator, and the impacts of the attack are analyzed. Evaluation on the collected network traffic data demonstrates that the machine learning based approaches, along with the proposed features, help to accurately detect the insider attack from the network traffic data.

Download Full-text

Battery Drain Denial-of-Service Attacks and Defenses in the Internet of Things

Journal of Telecommunications and Information Technology ◽

10.26636/jtit.2019.131919 ◽

2019 ◽

Vol 2 ◽

pp. 37-45 ◽

Cited By ~ 3

Author(s):

Philokypros P. Ioulianou ◽

Vassilios G. Vassilakis ◽

Michael D. Logothetis

Keyword(s):

Internet Of Things ◽

Routing Protocol ◽

Denial Of Service ◽

The Internet ◽

Dos Attacks ◽

Lossy Networks ◽

Distributed Intrusion Detection ◽

Iot Devices ◽

The Impact ◽

The Internet Of Things

IPv6 Routing Protocol for Low-Power and Lossy Networks (RPL) is a popular routing protocol used in wireless sensor networks and in the Internet of Things (IoT). RPL was standardized by the IETF in 2012 and has been designed for devices with limited resources and capabilities. Open-source RPL implementations are supported by popular IoT operating systems (OS), such as ContikiOS and TinyOS. In this work, we investigate the possibility of battery drain Denial-of-Service (DoS) attacks in the RPL implementation of ContikiOS. In particular, we use the popular Cooja simulator and implement two types of DoS attacks, particularly version number modiﬁcation and “Hello” ﬂooding. We demonstrate the impact of these attacks on the power consumption of IoT devices. Finally, we discuss potential defenses relying on distributed intrusion detection modules.

Download Full-text

Influence of Montoring: Fog and Edge Computing

Scalable Computing Practice and Experience ◽

10.12694/scpe.v20i2.1533 ◽

2019 ◽

Vol 20 (2) ◽

pp. 365-376 ◽

Cited By ~ 12

Author(s):

Vivek Kumar Prasad ◽

Madhuri D Bhavsar ◽

Sudeep Tanwar

Keyword(s):

Internet Of Things ◽

Fog Computing ◽

The Internet ◽

Cloud Platform ◽

The World ◽

Iot Devices ◽

Edge And Fog Computing ◽

The Impact ◽

The Internet Of Things

The evolution of the Internet of Things (IoT) has augmented the necessity for Cloud, edge and fog platforms. The chief benefit of cloud-based schemes is they allow data to be collected from numerous services and sites, which is reachable from any place of the world. The organizations will be benefited by merging the cloud platform with the on-site fog networks and edge devices and as result, this will increase the utilization of the IoT devices and end users too. The network traffic will reduce as data will be distributed and this will also improve the operational efficiency. The impact of monitoring in edge and fog computing can play an important role to efficiently utilize the resources available at these layers. This paper discusses various techniques involved for monitoring for edge and fog computing and its advantages. The paper ends with a case study to demonstarte the need of monitoring in fog and edge in the healthcare system.

Download Full-text

A Comprehensive and Systematic Survey on the Internet of Things: Security and Privacy Challenges, Security Frameworks, Enabling Technologies, Threats, Vulnerabilities and Countermeasures

Computers ◽

10.3390/computers9020044 ◽

2020 ◽

Vol 9 (2) ◽

pp. 44 ◽

Cited By ~ 2

Author(s):

Muath A. Obaidat ◽

Suhaib Obeidat ◽

Jennifer Holst ◽

Abdullah Al Hayajneh ◽

Joseph Brown

Keyword(s):

Internet Of Things ◽

Cyber Attacks ◽

Security And Privacy ◽

The Internet ◽

Comprehensive Overview ◽

Architecture Model ◽

Research Areas ◽

Iot Devices ◽

The Impact ◽

The Internet Of Things

The Internet of Things (IoT) has experienced constant growth in the number of devices deployed and the range of applications in which such devices are used. They vary widely in size, computational power, capacity storage, and energy. The explosive growth and integration of IoT in different domains and areas of our daily lives has created an Internet of Vulnerabilities (IoV). In the rush to build and implement IoT devices, security and privacy have not been adequately addressed. IoT devices, many of which are highly constrained, are vulnerable to cyber attacks, which threaten the security and privacy of users and systems. This survey provides a comprehensive overview of IoT in regard to areas of application, security architecture frameworks, recent security and privacy issues in IoT, as well as a review of recent similar studies on IoT security and privacy. In addition, the paper presents a comprehensive taxonomy of attacks on IoT based on the three-layer architecture model; perception, network, and application layers, as well as a suggestion of the impact of these attacks on CIA objectives in representative devices, are presented. Moreover, the study proposes mitigations and countermeasures, taking a multi-faceted approach rather than a per layer approach. Open research areas are also covered to provide researchers with the most recent research urgent questions in regard to securing IoT ecosystem.

Download Full-text

Dye-sensitized solar cells under ambient light powering machine learning: towards autonomous smart sensors for the internet of things

Chemical Science ◽

10.1039/c9sc06145b ◽

2020 ◽

Vol 11 (11) ◽

pp. 2895-2906 ◽

Cited By ~ 25

Author(s):

Hannes Michaels ◽

Michael Rinderle ◽

Richard Freitag ◽

Iacopo Benesperi ◽

Tomas Edvinsson ◽

...

Keyword(s):

Machine Learning ◽

Internet Of Things ◽

Dye Sensitized Solar Cells ◽

Smart Sensors ◽

The Internet ◽

Ambient Light ◽

Dye Sensitized ◽

Iot Devices ◽

Sensitized Solar Cells ◽

The Internet Of Things

Indoor light harvesters enable machine learning on fully autonomous IoT devices at 2.72 × 1015 photons per inference.

Download Full-text

Security for IoT

IoT Protocols and Applications for Improving Industry, Environment, and Society - Advances in Web Technologies and Engineering ◽

10.4018/978-1-7998-6463-9.ch006 ◽

2021 ◽

pp. 117-143

Author(s):

Anjum Nazir Qureshi Sheikh ◽

Asha Ambhaikar ◽

Sunil Kumar

Keyword(s):

Machine Learning ◽

Internet Of Things ◽

The Internet ◽

Security Threats ◽

Security Issues ◽

The Earth ◽

The World ◽

Wireless Medium ◽

Iot Devices ◽

The Internet Of Things

The internet of things is a versatile technology that helps to connect devices with other devices or humans in any part of the world at any time. Some of the researchers claim that the number of IoT devices around the world will surpass the total population on the earth after a few years. The technology has made life easier, but these comforts are backed up with a lot of security threats. Wireless medium for communication, large amount of data, and device constraints of the IoT devices are some of the factors that increase their vulnerability to security threats. This chapter provides information about the attacks at different layers of IoT architecture. It also mentions the benefits of technologies like blockchain and machine learning that can help to solve the security issues of IoT.

Download Full-text

SMOTE-DRNN: A Deep Learning Algorithm for Botnet Detection in the Internet-of-Things Networks

Sensors ◽

10.3390/s21092985 ◽

2021 ◽

Vol 21 (9) ◽

pp. 2985

Author(s):

Segun I. Popoola ◽

Bamidele Adebisi ◽

Ruth Ande ◽

Mohammad Hammoudeh ◽

Kelvin Anoh ◽

...

Keyword(s):

Deep Learning ◽

Internet Of Things ◽

Network Traffic ◽

State Of The Art ◽

Classification Performance ◽

The Internet ◽

Traffic Data ◽

Distributed Resources ◽

Deep Recurrent Neural Network ◽

The Internet Of Things

Nowadays, hackers take illegal advantage of distributed resources in a network of computing devices (i.e., botnet) to launch cyberattacks against the Internet of Things (IoT). Recently, diverse Machine Learning (ML) and Deep Learning (DL) methods were proposed to detect botnet attacks in IoT networks. However, highly imbalanced network traffic data in the training set often degrade the classification performance of state-of-the-art ML and DL models, especially in classes with relatively few samples. In this paper, we propose an efficient DL-based botnet attack detection algorithm that can handle highly imbalanced network traffic data. Specifically, Synthetic Minority Oversampling Technique (SMOTE) generates additional minority samples to achieve class balance, while Deep Recurrent Neural Network (DRNN) learns hierarchical feature representations from the balanced network traffic data to perform discriminative classification. We develop DRNN and SMOTE-DRNN models with the Bot-IoT dataset, and the simulation results show that high-class imbalance in the training data adversely affects the precision, recall, F1 score, area under the receiver operating characteristic curve (AUC), geometric mean (GM) and Matthews correlation coefficient (MCC) of the DRNN model. On the other hand, the SMOTE-DRNN model achieved better classification performance with 99.50% precision, 99.75% recall, 99.62% F1 score, 99.87% AUC, 99.74% GM and 99.62% MCC. Additionally, the SMOTE-DRNN model outperformed state-of-the-art ML and DL models.

Download Full-text

Anomaly Detection in IoT Frameworks Using Machine Learning

Applied Approach to Privacy and Security for the Internet of Things - Advances in Information Security, Privacy, and Ethics ◽

10.4018/978-1-7998-2444-2.ch004 ◽

2020 ◽

pp. 88-112

Author(s):

Phidahunlang Chyne ◽

Parag Chatterjee ◽

Sugata Sanyal ◽

Debdatta Kandar

Keyword(s):

Machine Learning ◽

Internet Of Things ◽

Anomaly Detection ◽

Physical World ◽

The Internet ◽

Network Transport ◽

Machine Learning Model ◽

The World ◽

Iot Devices ◽

The Internet Of Things

Rapid advancements in hardware programming and communication innovations have encouraged the development of internet-associated sensory devices that give perceptions and information measurements from the physical world. According to the internet of things (IoT) analytics, more than 100 IoT devices across the world connect to the internet every second, which in the coming years will sharply increase the number of IoT devices by billions. This number of IoT devices incorporates new dynamic associations and does not totally replace the devices that were purchased before yet are not utilized any longer. As an increasing number of IoT devices advance into the world, conveyed in uncontrolled, complex, and frequently hostile conditions, securing IoT frameworks displays various challenges. As per the Eclipse IoT Working Group's 2017 IoT engineer overview, security is the top worry for IoT designers. To approach the challenges in securing IoT devices, the authors propose using unsupervised machine learning model at the network/transport level for anomaly detection.

Download Full-text

Edge Machine Learning for AI-Enabled IoT Devices: A Review

Sensors ◽

10.3390/s20092533 ◽

2020 ◽

Vol 20 (9) ◽

pp. 2533 ◽

Cited By ~ 6

Author(s):

Massimo Merenda ◽

Carlo Porcaro ◽

Demetrio Iero

Keyword(s):

Machine Learning ◽

Internet Of Things ◽

Machine Learning Algorithms ◽

The Internet ◽

Learning Models ◽

Iot Devices ◽

High Level ◽

And Behavior ◽

The Internet Of Things ◽

Machine Learning Models

In a few years, the world will be populated by billions of connected devices that will be placed in our homes, cities, vehicles, and industries. Devices with limited resources will interact with the surrounding environment and users. Many of these devices will be based on machine learning models to decode meaning and behavior behind sensors’ data, to implement accurate predictions and make decisions. The bottleneck will be the high level of connected things that could congest the network. Hence, the need to incorporate intelligence on end devices using machine learning algorithms. Deploying machine learning on such edge devices improves the network congestion by allowing computations to be performed close to the data sources. The aim of this work is to provide a review of the main techniques that guarantee the execution of machine learning models on hardware with low performances in the Internet of Things paradigm, paving the way to the Internet of Conscious Things. In this work, a detailed review on models, architecture, and requirements on solutions that implement edge machine learning on Internet of Things devices is presented, with the main goal to define the state of the art and envisioning development requirements. Furthermore, an example of edge machine learning implementation on a microcontroller will be provided, commonly regarded as the machine learning “Hello World”.

Download Full-text

RIoT: A Routing Protocol for the Internet of Things†

The Computer Journal ◽

10.1093/comjnl/bxaa012 ◽

2020 ◽

Vol 63 (6) ◽

pp. 958-973

Author(s):

Muhammad Omer Farooq

Keyword(s):

Internet Of Things ◽

Routing Protocol ◽

The Internet ◽

Delivery Ratio ◽

Network Partitioning ◽

Memory Requirement ◽

Lossy Networks ◽

Control Overhead ◽

The Impact ◽

The Internet Of Things

Abstract The routing protocol for low-power and lossy networks (RPL) is a standard routing framework for Internet of Things (IoT). It supports multipoint-to-point (MP-to-P), point-to-point (P-to-P) and point-to-multipoint (P-to-MP) communications. It is known that RPL’s control overhead can result in the protocol’s poor performance in P-to-P and P-to-MP communications especially in its non-storing mode of operation. Here, we present a routing protocol for the Internet of Things (RIoT) that supports MP-to-P, P-to-P and P-to-MP communications. The protocol can construct P-to-P and P-to-MP routes with relatively lower control overhead. Another salient feature of RIoT is that it supports multiple gateways in the same network with an aim to reduce memory requirement for storing a forwarding table. Furthermore, RIoT is also capable of handling mobility-based IoT use cases. To facilitate communication among nodes connected to different gateways in the same network, here we also present an inter-gateway communication mechanism. We implemented RIoT in the Contiki operating system, and it is extensively evaluated using emulation and real testbed-based experiments. We analyzed the impact of the number of gateways, radio duty cycling (RDC) and mobility on the routing protocols’ performance. Our results demonstrate that either with or without RDC RIoT demonstrates statistically significantly better packet delivery ratio, per-packet end-to-end delay and control overhead compared to the RPL-based protocol. RIoT’s multi-gateway communication architecture substantially reduces the memory requirement to store a forwarding table. Our results also demonstrate that multiple gateways in a network reduce the network partitioning problem in mobile scenarios. Hence, RIoT also demonstrates better performance in mobile scenarios compared to the RPL-based protocol.

Download Full-text

Detecting Abnormal Behavior of an IoT Device in the Network Based on a Traffic Model

Telecom IT ◽

10.31854/2307-1303-2019-7-3-50-55 ◽

2019 ◽

Vol 7 (3) ◽

pp. 50-55

Author(s):

D. Saharov ◽

D. Kozlov

Keyword(s):

Machine Learning ◽

Internet Of Things ◽

Mobile Networks ◽

Learning Algorithms ◽

Machine Learning Algorithms ◽

Abnormal Behavior ◽

Traffic Model ◽

The Internet ◽

Wide Spread ◽

The Internet Of Things

The article deals with the СoAP Protocol that regulates the transmission and reception of information traf-fic by terminal devices in IoT networks. The article describes a model for detecting abnormal traffic in 5G/IoT networks using machine learning algorithms, as well as the main methods for solving this prob-lem. The relevance of the article is due to the wide spread of the Internet of things and the upcoming update of mobile networks to the 5g generation.

Download Full-text