Anomaly Behavior Analysis System for ZigBee in smart buildings

Baalbaki, Bilal Al; Pacheco, Jesús; Tunc, Cihan; Hariri, Salim; Al-Nashif, Youssif

doi:10.1109/aiccsa.2015.7507187

Cited by 12 publications

(9 citation statements)

References 9 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Anomaly-based detection was also adopted by Baalbaki et al [101] for their proposed ZigBee IDS. The system was able to detect different attacks, such as DoS, flooding, and pulse DoS, with a high detection rate and low false positive rate, when compared with signature and specification-based IDS approaches.…”

Section: Ids For Iot Networkmentioning

confidence: 99%

Bluetooth Low Energy Mesh Networks: Survey of Communication and Security Protocols

Ghori

Wan

Sodhy

2020

Sensors

View full text Add to dashboard Cite

Bluetooth Low Energy (BLE) Mesh Networks enable flexible and reliable communications for low-power Internet of Things (IoT) devices. Most BLE-based mesh protocols are implemented as overlays on top of the standard Bluetooth star topologies while using piconets and scatternets. Nonetheless, mesh topology support has increased the vulnerability of BLE to security threats, since a larger number of devices can participate in a BLE Mesh network. To address these concerns, BLE version 5 enhanced existing BLE security features to deal with various authenticity, integrity, and confidentiality issues. However, there is still a lack of detailed studies related to these new security features. This survey examines the most recent BLE-based mesh network protocols and related security issues. In the first part, the latest BLE-based mesh communication protocols are discussed. The analysis shows that the implementation of BLE pure mesh protocols remains an open research issue. Moreover, there is a lack of auto-configuration mechanisms in order to support bootstrapping of BLE pure mesh networks. In the second part, recent BLE-related security issues and vulnerabilities are highlighted. Strong Intrusion Detection Systems (IDS) are essential for detecting security breaches in order to protect against zero-day exploits. Nonetheless, viable IDS solutions for BLE Mesh networks remain a nascent research area. Consequently, a comparative survey of IDS approaches for related low-power wireless protocols was used to map out potential approaches for enhancing IDS solutions for BLE Mesh networks.

show abstract

Section: Ids For Iot Networkmentioning

confidence: 99%

Bluetooth Low Energy Mesh Networks: Survey of Communication and Security Protocols

Ghori

Wan

Sodhy

2020

Sensors

View full text Add to dashboard Cite

show abstract

“…ARAS datasets contain the ground truth labels for 27 various activities. Each house was equipped with 20 binary sensors of various kinds that communicate wirelessly using the ZigBee protocol (Al Baalbaki et al, 2015). A full month of data that contains the activity labels and the sensor data for both residents was gathered from each home, resulting in a total of two months of data.…”

Section: Data Descriptionmentioning

confidence: 99%

Activity Recognition for Ambient Sensing Data and Rule Based Anomaly Detection

Ardebili

Eken

Küçük

2020

Int. Arch. Photogramm. Remote Sens. Spatial Inf. Sci.

View full text Add to dashboard Cite

Abstract. After a brief look at the smart home, we conclude that to have a smart home, and it is necessary to have an intelligent management center. In this article, We have tried to make it possible for the smart home management center to be able to detect the presence of an abnormal state in the behavior of someone who lives in the house. In the proposed method, the daily algorithm examines the rate of changes of a person and provides a number which is henceforth called NNC (Number of normal changes) based on the person’s behavioral changes. We achieve the NNC number using a machine learning algorithm and performing a series of several simple statistical and mathematical calculations. NNC is a number that shows abnormal changes in residents’ behaviors in a smart home, i.e., this number is a small number for a regular person with constant planning and for a person who may not have any fixed principles and regular in personal life is a big number.To increase our accuracy in calculating NNC, we review all common machine learning algorithms and after tests we choose the decision tree because of its higher accuracy and speed and finally, NNC number is obtained by combining the Decision Tree algorithm with statistical and mathematical methods. In this method, we present a set of states and information obtained from the sensors along with the activities performed by the occupant of the house over a period of several days to the proposed algorithm. and the method ahead generates the main NNC number for those days for anyone living in a smart home. To generate this main NNC, we calculate each person’s daily NNC. That means we have daily NNCs for each person (based on his/her behaviors on that day) and the main NNC is the average of these daily NNC. We chose ARAS dataset (Human Activity Datasets in Multiple Homes with Multiple Residents) to implement our method and after tests and replications on the ARAS dataset, and to find anomalies in each person’s behavior in a day, we compare the main (average) NNC with that person’s daily NNC on that day. Finally, we can say, if the main NNC changes more than 30%, there is a possibility of an abnormality. and if the NNC changes more than 60% percent, we can say that an abnormal state or an uncommon event happened that day, and a declaration of an abnormal state will be issued to the resident of the house.

show abstract

“…Other works focus on the proposal of innovative intrusion detection systems, designed to protect ZigBee based IoT networks. [56] introduces ABAS, an anomaly based protection system analyzing network traffic to classify anomalous behavior, while [57] makes use of machine learning algorithms to detect running attacks. [58] uses fuzzy methods based on a finite state machine to detect possible vulnerabilities.…”

Section: Internet Of Things Network May Adopt Different Communicatiomentioning

confidence: 99%

Evaluating Security of Low-Power Internet of Things Networks

al.¹

2019

IJCDS

View full text Add to dashboard Cite

Internet of Things (IoT) is one of the most prominent technologies on the Internet. Simple objects gain the ability to store, process and exchange information among themselves or with external entities, by observing and controlling the environment. Thanks to the rapid development of this innovation, IoT opens possibilities to a huge number of objects and applications that promise to improve our daily life. The main scenarios of the development of IoT are home automation/domestic and Industrial IoT. According to such scenarios, several applications could be implemented: from smart thermostats, light bulbs, refrigerators, ovens, door window sensors to volumetric, flow, heat and connected data processing devices. Since this is a new phenomenon, it has not yet been studied and analyzed for its entirety, also due to the lack of a definitive standard that can provide an overview of these devices. The objective of this paper is to implement different well-known attacks against IoT networks, by adopting the ZigBee communication protocol to analyze devices and network security. For our aim, we have considered different scenarios involving an attacker aiming to dismantle the IoT network (jamming, flooding DoS), retrieve sensitive information (sniffing, brute force password crack) and to actively communicate on the network to impersonate legitimate nodes (replay). Such exploitation provides us the ability to analyze the effects of attacks designed to target common wireless networks, when they are perpetrated against IoT environments. Obtained results prove that IoT devices and networks (often embedded in sensitive environments such as hospitals or critical infrastructures) are vulnerable to several attacks.

show abstract

Anomaly Behavior Analysis System for ZigBee in smart buildings

Cited by 12 publications

References 9 publications

Bluetooth Low Energy Mesh Networks: Survey of Communication and Security Protocols

Bluetooth Low Energy Mesh Networks: Survey of Communication and Security Protocols

Activity Recognition for Ambient Sensing Data and Rule Based Anomaly Detection

Evaluating Security of Low-Power Internet of Things Networks

Contact Info

Product

Resources

About