Attack Model and Detection Scheme for Botnet on 6LoWPAN

Cho, Eung Jun; Kim, Jin Ho; Hong, Choong Seon

doi:10.1007/978-3-642-04492-2_66

Cited by 31 publications

(20 citation statements)

References 1 publication

(1 reference statement)

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Cho et al proposed a methodology for checking packets that are passing through the border router for communication between physical and the network devices. Their methodology was based on the botnet attacks by checking the packet length [29]. However, no information is presented about the technique can be employed to create normal behavior profiles.…”

Section: Related Workmentioning

confidence: 99%

A Novel Ensemble of Hybrid Intrusion Detection System for Detecting Internet of Things Attacks

et al. 2019

View full text Add to dashboard Cite

The Internet of Things (IoT) has been rapidly evolving towards making a greater impact on everyday life to large industrial systems. Unfortunately, this has attracted the attention of cybercriminals who made IoT a target of malicious activities, opening the door to a possible attack to the end nodes. Due to the large number and diverse types of IoT devices, it is a challenging task to protect the IoT infrastructure using a traditional intrusion detection system. To protect IoT devices, a novel ensemble Hybrid Intrusion Detection System (HIDS) is proposed by combining a C5 classifier and One Class Support Vector Machine classifier. HIDS combines the advantages of Signature Intrusion Detection System (SIDS) and Anomaly-based Intrusion Detection System (AIDS). The aim of this framework is to detect both the well-known intrusions and zero-day attacks with high detection accuracy and low false-alarm rates. The proposed HIDS is evaluated using the Bot-IoT dataset, which includes legitimate IoT network traffic and several types of attacks. Experiments show that the proposed hybrid IDS provide higher detection rate and lower false positive rate compared to the SIDS and AIDS techniques.

show abstract

Section: Related Workmentioning

confidence: 99%

A Novel Ensemble of Hybrid Intrusion Detection System for Detecting Internet of Things Attacks

et al. 2019

View full text Add to dashboard Cite

show abstract

“…The most common attack in the category of threats arising from the Internet is the botnet attack where data is forged by the botnet network and the wrong data is sent to the user node. In [46], authors proposed an additional module in 6LoWPAN gateway that analyses data passing though the gateway searching for malicious traffic. The security treats to the 6LoWPAN arising from the RPL routing protocol will be discussed next.…”

Section: Attacks and Security Mechanisms For Adaptation And Network mentioning

confidence: 99%

“…Authentication attack Network access control framework [44] PS Provides the node identification, but only enables one border router; Not implemented yet; Man in the middle, Eavesdropping/spoofing IPsec (AH and EPS) [45] PS Provides end-to-end secure communication; Pre-shared keys mechanism is not very flexible; Botnet attack Bot analysis module [46] IDS Good detection rates for large number of nodes; Decreased network performance and large overhead; RPL Selective forwarding attack Lightweight Heartbeat [48] IDS It has to be combined with IPsec to detect attack; No defense is provided after the attack is detected; Resilient techniques [51] PS Improved delivery ratio, but an increase in energy consumption; Spoofed/altered inf., sinkhole, selective forwarding SVELTE [50] IDS SVELTEs overhead is small enough; The true positive rate is not 100% due to some false alarms; Sinkhole attack IDS solution [52] IDS IPsec and bidirectional communication are necessary. Parent fail-over & rank authentication [53] …”

Section: Psmentioning

confidence: 99%

A Survey of Potential Security Issues in Existing Wireless Sensor Network Protocols

Tomić

McCann

2017

IEEE Internet Things J.

230

115

View full text Add to dashboard Cite

Abstract-The increasing pervasiveness of Wireless Sensor Networks (WSNs) in diverse application domains including critical infrastructure systems, sets an extremely high security bar in the design of WSN systems to exploit their full benefits, increasing trust while avoiding loss. Nevertheless, a combination of resource restrictions and the physical exposure of sensor devices inevitably cause such networks to be vulnerable to security threats, both external and internal. While several researchers have provided a set of open problems and challenges in WSN security and privacy, there is a gap in the systematic study of the security implications arising from the nature of existing communication protocols in WSNs. Therefore, we have carried out a deep-dive into the main security mechanisms and their effects on the most popular protocols and standards used in WSN deployments i.e. IEEE 802.15.4, B-MAC, 6LoWPAN, RPL, BCP, CTP, and CoAP, where potential security threats and existing countermeasures are discussed at each layer of WSN stack. This work culminates in a deeper analysis of network layer attacks deployed against the RPL routing protocol. We quantify the impact of individual attacks on the performance of a network using the Cooja network simulator. Finally, we discuss new research opportunities in network layer security and how to use Cooja as a benchmark for developing new defenses for WSN systems.

show abstract

“…Cho et al [15] proposed a botnet detection mechanism for 6LoWPAN-based networks in 2009. They assumed that the nodes in the IoT network use TCP transport layer protocol.…”

Section: Intrusion Detection Systems Proposed For Internet Of Thingsmentioning

confidence: 99%

Security of Internet of Things for a Reliable Internet of Services

Arış

Oktuğ

Voigt

2018

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. The Internet of Things (IoT) consists of resource-constrained devices (e.g., sensors and actuators) which form low power and lossy networks to connect to the Internet. With billions of devices deployed in various environments, IoT is one of the main building blocks of future Internet of Services (IoS). Limited power, processing, storage and radio dictate extremely efficient usage of these resources to achieve high reliability and availability in IoS. Denial of Service (DoS) and Distributed DoS (DDoS) attacks aim to misuse the resources and cause interruptions, delays, losses and degrade the offered services in IoT. DoS attacks are clearly threats for availability and reliability of IoT, and thus of IoS. For highly reliable and available IoS, such attacks have to be prevented, detected or mitigated autonomously. In this study, we propose a comprehensive investigation of Internet of Things security for reliable Internet of Services. We review the characteristics of IoT environments, cryptography-based security mechanisms and D/DoS attacks targeting IoT networks. In addition to these, we extensively analyze the intrusion detection and mitigation mechanisms proposed for IoT and evaluate them from various points of view. Lastly, we consider and discuss the open issues yet to be researched for more reliable and available IoT and IoS.

show abstract

Attack Model and Detection Scheme for Botnet on 6LoWPAN

Cited by 31 publications

References 1 publication

A Novel Ensemble of Hybrid Intrusion Detection System for Detecting Internet of Things Attacks

A Novel Ensemble of Hybrid Intrusion Detection System for Detecting Internet of Things Attacks

A Survey of Potential Security Issues in Existing Wireless Sensor Network Protocols

Security of Internet of Things for a Reliable Internet of Services

Contact Info

Product

Resources

About