Visible to the public An Anomaly-Based IDS for Detecting Attacks in RPL-Based Internet of Things

TitleAn Anomaly-Based IDS for Detecting Attacks in RPL-Based Internet of Things
Publication TypeConference Paper
Year of Publication2019
AuthorsFarzaneh, Behnam, Montazeri, Mohammad Ali, Jamali, Shahram
Conference Name2019 5th International Conference on Web Research (ICWR)
Date Publishedapr
Keywords6LoWPAN, anomaly-based lightweight Intrusion Detection System, communications, composability, computer network security, DIS Attack, everyday life, gaussian distribution, human interaction, IDS, Internet, Internet of Things, IoT, large-scale networks, lossy networks, low-power, Monitoring, Neighbor Attack, networking, pubcrawl, Resiliency, resource-constrained nature, Routing, Routing protocols, RPL, RPL networks, RPL protocol, RPL-based internet, special protocol, specific internal attacks, telecommunication security, Wireless sensor networks
AbstractThe Internet of Things (IoT) is a concept that allows the networking of various objects of everyday life and communications on the Internet without human interaction. The IoT consists of Low-Power and Lossy Networks (LLN) which for routing use a special protocol called Routing over Low-Power and Lossy Networks (RPL). Due to the resource-constrained nature of RPL networks, they may be exposed to a variety of internal attacks. Neighbor attack and DIS attack are the specific internal attacks at this protocol. This paper presents an anomaly-based lightweight Intrusion Detection System (IDS) based on threshold values for detecting attacks on the RPL protocol. The results of the simulation using Cooja show that the proposed model has a very high True Positive Rate (TPR) and in some cases, it can be 100%, while the False Positive Rate (FPR) is very low. The results show that the proposed model is fully effective in detecting attacks and applicable to large-scale networks.
Citation Keyfarzaneh_anomaly-based_2019