scholarly journals Intrusion Detection and Prevention in CoAP Wireless Sensor Networks Using Anomaly Detection

Sensors ◽  
2018 ◽  
Vol 18 (8) ◽  
pp. 2445 ◽  
Author(s):  
Jorge Granjal ◽  
João Silva ◽  
Nuno Lourenço
Keyword(s):  
Intrusion Detection ◽  
Anomaly Detection ◽  
Denial Of Service ◽  
The Internet ◽  
Application Layer ◽  
Dos Attacks ◽  
Lower Accuracy ◽  
Communication Environments ◽  
The Internet Of Things ◽  
Intrusion Detection And Prevention

It is well recognized that security will play a major role in enabling most of the applications envisioned for the Internet of Things (IoT). We must also note that most of such applications will employ sensing and actuating devices integrated with the Internet communications infrastructure and, from the minute such devices start to support end-to-end communications with external (Internet) hosts, they will be exposed to all kinds of threats and attacks. With this in mind, we propose an IDS framework for the detection and prevention of attacks in the context of Internet-integrated CoAP communication environments and, in the context of this framework, we implement and experimentally evaluate the effectiveness of anomaly-based intrusion detection, with the goal of detecting Denial of Service (DoS) attacks and attacks against the 6LoWPAN and CoAP communication protocols. From the results obtained in our experimental evaluation we observe that the proposed approach may viably protect devices against the considered attacks. We are able to achieve an accuracy of 93% considering the multi-class problem, thus when the pattern of specific intrusions is known. Considering the binary class problem, which allows us to recognize compromised devices, and though a lower accuracy of 92% is observed, a recall and an F_Measure of 98% were achieved. As far as our knowledge goes, ours is the first proposal targeting the usage of anomaly detection and prevention approaches to deal with application-layer and DoS attacks in 6LoWPAN and CoAP communication environments.

Network Intrusion Detection and Prevention Systems on Flooding and Worm Attacks

2016 ◽  
pp. 183-207
Author(s):  
P. Vetrivelan ◽  
M. Jagannath ◽  
T. S. Pradeep Kumar
Keyword(s):  
Intrusion Detection ◽  
Denial Of Service ◽  
Packet Transmission ◽  
Network Intrusion Detection ◽  
The Internet ◽  
Network Intrusion ◽  
Worm Attacks ◽  
Packet Marking ◽  
Vast Network ◽  
Intrusion Detection And Prevention

The Internet has transformed greatly the improved way of business, this vast network and its associated technologies have opened the doors to an increasing number of security threats which are dangerous to networks. The first part of this chapter presents a new dimension of denial of service attacks called TCP SYN Flood attack has been witnessed for severity of damage and second part on worms which is the major threat to the internet. The TCP SYN Flood attack by means of anomaly detection and traces back the real source of the attack using Modified Efficient Packet Marking algorithm (EPM). The mechanism for detecting the smart natured camouflaging worms which is sensed by means of a technique called Modified Controlled Packet Transmission (MCPT) technique. Finally the network which is affected by these types of worms are detected and recovered by means of Modified Centralized Worm Detector (MCWD) mechanism. The Network Intrusion Detection and Prevention Systems (NIDPS) on Flooding and Worm Attacks were analyzed and presented.

scholarly journals An Intrusion Detection and Prevention Framework for Internet-Integrated CoAP WSN

2018 ◽  
Vol 2018 ◽  
pp. 1-14 ◽  
Author(s):  
Jorge Granjal ◽  
Artur Pedroso
Keyword(s):  
Intrusion Detection ◽  
Denial Of Service ◽  
Communication Technologies ◽  
Point Of View ◽  
Dos Attacks ◽  
Iot Applications ◽  
Sensing Platforms ◽  
Computational Capability ◽  
Intrusion Detection And Prevention ◽  
Critical Resources

End-to-end communications between Internet devices and Internet-integrated constrained wireless sensing platforms will provide an important contribution to the enabling of many of the envisioned IoT applications and, in this context, security must be addressed when employing communication technologies such as 6LoWPAN and CoAP. Considering the constraints typically found on sensing devices in terms of energy, memory, and computational capability, the integration of Wireless Sensor Networks (WSN) with the Internet using such technologies will open new threats and attacks that must be dealt with, particularly those originated at devices without the constraints of WSN sensors (e.g., Internet hosts). Existing encryption strategies for communications in IoT environments are unable to protect Internet-integrated WSN environments from Denial of Service (DoS) attacks, as well as from other forms of attacks at the network and application layers using CoAP. We may thus fairly consider that anomaly and intrusion detection will play a major role in the materialization of most of the envisioned IoT applications. In this article, we propose a framework to support intrusion detection and reaction in Internet-integrated CoAP WSN, and in the context of this framework we design and implement various approaches to support security against various classes of attacks. We have implemented and evaluated experimentally the proposed framework and mechanisms, considering various attack scenarios, and our approach was found to be viable, from the point of view of its impact on critical resources of sensing devices and of its efficiency in dealing with the considered attacks.

scholarly journals An adaptive intrusion detection and prevention system for Internet of Things

2019 ◽  
Vol 15 (11) ◽  
pp. 155014771988810
Author(s):  
Sheikh Tahir Bakhsh ◽  
Saleh Alghamdi ◽  
Rayan A Alsemmeari ◽  
Syed Raheel Hassan
Keyword(s):  
Internet Of Things ◽  
Intrusion Detection ◽  
Computer Network ◽  
The Internet ◽  
Detection Systems ◽  
Internet Users ◽  
Prevention System ◽  
Network Technologies ◽  
The Internet Of Things ◽  
Intrusion Detection And Prevention

The revolution of computer network technologies and telecommunication technologies increases the number of Internet users enormously around the world. Thus, many companies nowadays produce various devices having network chips, each device becomes part of the Internet of Things and can run on the Internet to achieve various services for its users. This led to the increase in security threats and attacks on these devices. Due to the increased number of devices connected to the Internet, the attackers have more opportunities to perform their attacks in such an environment. Therefore, security has become a big challenge more than before. In addition, confidentiality, integrity, and availability are required components to assure the security of Internet of Things. In this article, an adaptive intrusion detection and prevention system is proposed for Internet of Things (IDPIoT) to enhance security along with the growth of the devices connected to the Internet. The proposed IDPIoT enhances the security including host-based and network-based functionality by examining the existing intrusion detection systems. Once the proposed IDPIoT receives the packet, it examines the behavior, the packet is suspected, and it blocks or drops the packet. The main goal is accomplished by implementing one essential part of security, which is intrusion detection and prevention system.

scholarly journals Advanced detection Denial of Service attack in the Internet of Things network based on MQTT protocol using fuzzy logic

2021 ◽  
Vol 7 (2) ◽  
pp. 95
Author(s):  
Mochamad Soebagja Budiana ◽  
Ridha Muldina Negara ◽  
Arif Indra Irawan ◽  
Harashta Tatimma Larasati
Keyword(s):  
Fuzzy Logic ◽  
Feature Selection ◽  
Internet Of Things ◽  
Detection System ◽  
Denial Of Service ◽  
The Internet ◽  
Traffic Intensity ◽  
Dos Attacks ◽  
Fuzzy Input ◽  
The Internet Of Things

Message Queuing Telemetry Transport (MQTT) is one of the popular protocols used on the Internet of Things (IoT) networks because of its lightweight nature. With the increasing number of devices connected to the internet, the number of cybercrimes on IoT networks will increase. One of the most popular attacks is the Denial of Service (DoS) attack. Standard security on MQTT uses SSL/TLS, but SSL/TLS is computationally wasteful for low-powered devices. The use of fuzzy logic algorithms with the Intrusion Detection System (IDS) scheme is suitable for detecting DoS because of its simple nature. This paper uses a fuzzy logic algorithm embedded in a node to detect DoS in the MQTT protocol with feature selection nodes. This paper's contribution is that the nodes feature selection used will monitor SUBSCRIBE and SUBACK traffic and provide this information to fuzzy input nodes to detect DoS attacks. Fuzzy performance evaluation is measured against changes in the number of nodes and attack intervals. The results obtained are that the more the number of nodes and the higher the traffic intensity, the fuzzy performance will decrease, and vice versa. However, the number of nodes and traffic intensity will affect fuzzy performance.

A Novel Intrusion Detection System for Internet of Things Network Security

2021 ◽  
Vol 14 (3) ◽  
pp. 20-37
Author(s):  
Arun Kumar Bediya ◽  
Rajendra Kumar
Keyword(s):  
Internet Of Things ◽  
Intrusion Detection ◽  
Assisted Living ◽  
Intrusion Detection System ◽  
Detection System ◽  
Smart Cities ◽  
Denial Of Service ◽  
The Internet ◽  
Smart Vehicles ◽  
The Internet Of Things

Internet of things (IoT) comprises a developing ecosystem of responsive and interconnected devices, sensors, networks, and software. The internet of things keeps on extending with the number of its different equipment segments for smart cities, healthcare, smart homes, assisted living, smart vehicles, transportation, framework, and many more are the areas where the internet of things benefits human lives. IoT networks are meant to be monitored on real-time events, and if these devices get attacked, it can have an unfavorable effect on the system. This paper discussed many possible attacks at IoT networks and distributed denial of service (DDoS) attack is one of the most dangerous among them. Blockchain technology can be utilized to develop a framework to protect IoT systems; blockchain is a new technology used for cryptocurrency transactions. This paper proposed BIoTIDS an intrusion detection system for the IoT network using blockchain. BIoTIDS is able to detect an intruder in the IoT network and also able to identify DDoS attacks in IoT networks.

scholarly journals Battery Drain Denial-of-Service Attacks and Defenses in the Internet of Things

2019 ◽  
Vol 2 ◽  
pp. 37-45 ◽  
Author(s):  
Philokypros P. Ioulianou ◽  
Vassilios G. Vassilakis ◽  
Michael D. Logothetis
Keyword(s):  
Internet Of Things ◽  
Routing Protocol ◽  
Denial Of Service ◽  
The Internet ◽  
Dos Attacks ◽  
Lossy Networks ◽  
Distributed Intrusion Detection ◽  
Iot Devices ◽  
The Impact ◽  
The Internet Of Things

IPv6 Routing Protocol for Low-Power and Lossy Networks (RPL) is a popular routing protocol used in wireless sensor networks and in the Internet of Things (IoT). RPL was standardized by the IETF in 2012 and has been designed for devices with limited resources and capabilities. Open-source RPL implementations are supported by popular IoT operating systems (OS), such as ContikiOS and TinyOS. In this work, we investigate the possibility of battery drain Denial-of-Service (DoS) attacks in the RPL implementation of ContikiOS. In particular, we use the popular Cooja simulator and implement two types of DoS attacks, particularly version number modification and “Hello” flooding. We demonstrate the impact of these attacks on the power consumption of IoT devices. Finally, we discuss potential defenses relying on distributed intrusion detection modules.

A Novel HTTP Anomaly Detection Framework Based on Edge Intelligence for the Internet of Things (IoT)

2020 ◽  
pp. 1-7
Author(s):  
Yufei An ◽  
Jianqiang Li ◽  
F. Richard Yu ◽  
Jianyong Chen ◽  
Victor C. M. Leung
Keyword(s):  
Internet Of Things ◽  
Anomaly Detection ◽  
The Internet ◽  
The Internet Of Things

scholarly journals Secure and DoS-Resilient Fragment Authentication in CCN-Based Vehicular Networks

2018 ◽  
Vol 2018 ◽  
pp. 1-12
Author(s):  
Sangwon Hyun ◽  
Hyoungshick Kim
Keyword(s):  
Vehicular Networks ◽  
Denial Of Service ◽  
Content Delivery ◽  
Dos Attacks ◽  
Promising Alternative ◽  
Content Centric Networking ◽  
Transmission Unit ◽  
Communication Environments ◽  
Maximum Transmission

Content-Centric Networking (CCN) is considered as a promising alternative to traditional IP-based networking for vehicle-to-everything communication environments. In general, CCN packets must be fragmented and reassembled based on the Maximum Transmission Unit (MTU) size of the content delivery path. It is thus challenging to securely protect fragmented packets against attackers who intentionally inject malicious fragments to disrupt normal services on CCN-based vehicular networks. This paper presents a new secure content fragmentation method that is resistant to Denial-of-Service (DoS) attacks in CCN-based vehicular networks. Our approach guarantees the authenticity of each fragment through the immediate fragment verification at interim nodes on the routing path. Our experiment results demonstrate that the proposed approach provides much stronger security than the existing approach named FIGOA, without imposing a significant overhead in the process. The proposed method achieves a high immediate verification probability of 98.2% on average, which is 52% higher than that of FIGOA, while requiring only 14% more fragments than FIGOA.

Sign in / Sign up

Export Citation Format

Share Document