Compression Header Analyzer Intrusion Detection System (CHA - IDS) for 6LoWPAN Communication Protocol

Napiah, Mohamad; Idris, Mohd Yamani Idna; Ramli, Rahizar; Ahmedy, Ismail

doi:10.1109/access.2018.2798626

Cited by 88 publications

(55 citation statements)

References 40 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Napiah et al [14] e paper discussed reducing features from 77 to 5 removing power consumption to ensure ML algorithms were efficient. Power consumption metrics along with feature reduction strategy will be in the scope of our work.…”

Section: Mrhof and Of0 Attacksmentioning

confidence: 99%

Employing a Machine Learning Approach to Detect Combined Internet of Things Attacks against Two Objective Functions Using a Novel Dataset

Foley

Moradpoor

Ochenyi

2020

Security and Communication Networks

View full text Add to dashboard Cite

One of the important features of routing protocol for low-power and lossy networks (RPLs) is objective function (OF). OF influences an IoT network in terms of routing strategies and network topology. On the contrary, detecting a combination of attacks against OFs is a cutting-edge technology that will become a necessity as next generation low-power wireless networks continue to be exploited as they grow rapidly. However, current literature lacks study on vulnerability analysis of OFs particularly in terms of combined attacks. Furthermore, machine learning is a promising solution for the global networks of IoT devices in terms of analysing their ever-growing generated data and predicting cyberattacks against such devices. Therefore, in this paper, we study the vulnerability analysis of two popular OFs of RPL to detect combined attacks against them using machine learning algorithms through different simulated scenarios. For this, we created a novel IoT dataset based on power and network metrics, which is deployed as part of an RPL IDS/IPS solution to enhance information security. Addressing the captured results, our machine learning approach is successful in detecting combined attacks against two popular OFs of RPL based on the power and network metrics in which MLP and RF algorithms are the most successful classifier deployment for single and ensemble models.

show abstract

Section: Mrhof and Of0 Attacksmentioning

confidence: 99%

Employing a Machine Learning Approach to Detect Combined Internet of Things Attacks against Two Objective Functions Using a Novel Dataset

Foley

Moradpoor

Ochenyi

2020

Security and Communication Networks

View full text Add to dashboard Cite

show abstract

“…Our framework provides an effective solution to zero-day attacks previously unseen in the training data. Furthermore, unlike traditional intrusion detection methods that compare a network traffic record against an established baseline traffic (i.e., normal), our framework provides an effective solution to more challenging situations when the normal activity has a short history as well, and is hard to learn offline or due to a blur boundary between the observation of normal and abnormal behavior [1], [2]. Two changes in the modules of DeROL algorithm were made to analyze the UNSW-NB15 dataset as compared to the analysis of the OMNIGLOT dataset.…”

Section: Network Traffic Analysis Using the Unsw-nb15 Intrusion Dementioning

confidence: 99%

“…Once the system experiences a zero-day (i.e., previously unseen) attack, the IDS often sends the session summary records to a cybersecurity analyst for deeper event inspection, who in turn labels the records as malicious activity (or normal activity in the case of a false positive). A more challenging scenario occurs when normal activity changes rapidly and is hard to learn offline or due to a blur boundary between the observation of normal and abnormal behavior [1], [2]. Finally, computer vision tasks involving the deployment of camera sensor networks in the field require classifying events for civilian or military video surveillance [3]- [5].…”

Section: Introductionmentioning

confidence: 99%

Deep reinforcement one-shot learning for artificially intelligent classification in expert aided systems

Puzanov

Zhang

Cohen

2020

Engineering Applications of Artificial Intelligence

View full text Add to dashboard Cite

“…In [20] a compression header analyzer based IDS named CHA-IDS is proposed. It uses signature-based detection mechanism which is embedded in the border router.…”

Section: Related Workmentioning

confidence: 99%

ELNIDS: Ensemble Learning based Network Intrusion Detection System for RPL based Internet of Things

Verma¹,

Ranga²

2020

Preprint

View full text Add to dashboard Cite

Internet of Things is realized by a large number of heterogeneous smart devices which sense, collect and share data with each other over the internet in order to control the physical world. Due to open nature, global connectivity and resource constrained nature of smart devices and wireless networks the Internet of Things is susceptible to various routing attacks. In this paper, we purpose an architecture of Ensemble Learning based Network Intrusion Detection System named ELNIDS for detecting routing attacks against IPv6 Routing Protocol for Low-Power and Lossy Networks. We implement four different ensemble based machine learning classifiers including Boosted Trees, Bagged Trees, Subspace Discriminant and RUSBoosted Trees. To evaluate proposed intrusion detection model we have used RPL-NIDDS17 dataset which contains packet traces of Sinkhole, Blackhole, Sybil, Clone ID, Selective Forwarding, Hello Flooding and Local Repair attacks. Simulation results show the effectiveness of the proposed architecture. We observe that ensemble of Boosted Trees achieve the highest Accuracy of 94.5% while Subspace Discriminant method achieves the lowest Accuracy of 77.8% among classifier validation methods. Similarly, an ensemble of RUSBoosted Trees achieves the highest Area under ROC value of 0.98 while lowest Area under ROC value of 0.87 is achieved by an ensemble of Subspace Discriminant among all classifier validation methods. All the implemented classifiers show acceptable performance results.

show abstract

Compression Header Analyzer Intrusion Detection System (CHA - IDS) for 6LoWPAN Communication Protocol

Cited by 88 publications

References 40 publications

Employing a Machine Learning Approach to Detect Combined Internet of Things Attacks against Two Objective Functions Using a Novel Dataset

Employing a Machine Learning Approach to Detect Combined Internet of Things Attacks against Two Objective Functions Using a Novel Dataset

Deep reinforcement one-shot learning for artificially intelligent classification in expert aided systems

ELNIDS: Ensemble Learning based Network Intrusion Detection System for RPL based Internet of Things

Contact Info

Product

Resources

About