Detecting Selective Forwarding using Sentinels in Clustered IoT Networks

Parameswarath, Rohini Poolat; Eugene, Cheng Yujun; Abhishek, Nalam Venkata; Lim, Teng Joon; Sikdar, Biplab

doi:10.1109/globecom42002.2020.9322295

Cited by 3 publications

(4 citation statements)

References 13 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Recently, researchers have turned to SBS, which provides theoretical foundations for abnormal detection without presuming trust values or depending on training data [17], [21], [22]. However, previous SBS still faces the challenge of requiring massive forwarding observations, leading to expensive costs in low-resource cluster-tree networks [23], [24]. The detection method based on the likelihood ratio test (LRT), which estimates the real abnormal packet loss rate as a default value, was adopted to improve the detection efficiency of SBS [25].…”

Section: A Motivation and Problem Statementmentioning

confidence: 99%

“…Resolving the adversarial attack problem is essential to improve the performance of abnormal node detection in clustertree networks because the detection data is easily falsified by malicious nodes [14], [20], [23], [24]. Due to the detection data being generated by the child nodes of the node to be checked, the malicious child can falsify the detection information to prevent its abnormal parent from being detected.…”

Section: A Motivation and Problem Statementmentioning

confidence: 99%

“…3) Limitations: Taken together, the two-phase detection [14], [20], [23], [24] was widely used to identify abnormal nodes by aggregating the detection data. However, most solutions lost effectiveness in adversarial scenarios that must decrease detection performance.…”

Section: B State Of the Art 1) Regular Abnormal Node Detectionmentioning

confidence: 99%

“…where q a ∈ (0, 1) represents the probability of deliberate packet loss behavior of abnormal nodes and is independent of q n . In addition, this work considers the two-phase mechanism that is widely used to detect abnormal nodes in cluster-tree networks [14], [20], [23], [24]. A succinct characterization of the two-phase detection mechanism is as follows:…”

Section: B Threat Modelmentioning

confidence: 99%

See 3 more Smart Citations

A New Abnormal Node Detection Method With Dynamic Hoeffding Test

Huangfu

Zhou

Zhang

2022

IEEE Wireless Commun. Lett.

View full text Add to dashboard Cite

This paper presents a novel probabilistic detection scheme called Cooperative Statistical Detection (CSD) for abnormal node detection while defending against adversarial attacks in cluster-tree networks. The CSD performs a two-phase process: 1) designing a likelihood ratio test (LRT) for a non-root node at its children from the perspective of packet loss; 2) making an overall decision at the root node based on the aggregated detection data of the nodes over tree branches. In most adversarial scenarios, malicious children knowing the detection policy can generate falsified data to protect the abnormal parent from being detected or frame its normal parent as an anomalous node. To resolve this issue, a modified Z-score-based falsification-resistant mechanism is presented in the CSD to remove untrustworthy information. Through theoretical analysis, we show that the LRTbased method achieves perfect detection, i.e., both the false alarm and missed detection probabilities decay exponentially to zero. Furthermore, the optimal removal threshold of the modified Zscore method is derived for falsifications with uncertain strategies and guarantees perfect detection of the CSD. As our simulation results show, the CSD approach is robust to falsifications and can rapidly reach 99% detection accuracy, even in existing adversarial scenarios, which outperforms state-of-the-art technology.

show abstract

Section: A Motivation and Problem Statementmentioning

confidence: 99%

Section: A Motivation and Problem Statementmentioning

confidence: 99%

Section: B State Of the Art 1) Regular Abnormal Node Detectionmentioning

confidence: 99%

Section: B Threat Modelmentioning

confidence: 99%

See 2 more Smart Citations

A New Abnormal Node Detection Method With Dynamic Hoeffding Test

Huangfu

Zhou

Zhang

2022

IEEE Wireless Commun. Lett.

View full text Add to dashboard Cite

show abstract

A Taxonomy of Machine-Learning-Based Intrusion Detection Systems for the Internet of Things: A Survey

Jamalipour

Murali

2022

IEEE Internet Things J.

View full text Add to dashboard Cite

Ensuring cybersecurity for industrial networks: A solution for ARP-based MITM attacks

Bruschi,

Di Pasquale,

Lanzi

et al. 2024

JCS

View full text Add to dashboard Cite

The increased adoption of the Internet Protocol (IP) in ICSs has made these systems vulnerable to the same security risks that are present in traditional IT environments. The legacy nature of ICSs and their unique operational requirements make them vulnerable to security threats that are different from those in IT environments. In this paper, we describe a protocol, named ArpON, which is able to wipe out in quasi real time any ARP cache poisoning attempt, thus making it ineffective. Contrarily to solutions presented in the literature for contrasting ARP cache poisoning, ArpON incurs in low operational costs, is backward compatible, transparent to the ARP protocol and does not use any HW feature nor cryptography functionality. We also model and validate ArpON in the OMNET + + network simulator. The simulation results show that ArpON is effective in avoiding ARP poisoning, and its communication overhead is negligible with respect to classical ARP protocol.

show abstract

Detecting Selective Forwarding using Sentinels in Clustered IoT Networks

Cited by 3 publications

References 13 publications

A New Abnormal Node Detection Method With Dynamic Hoeffding Test

A New Abnormal Node Detection Method With Dynamic Hoeffding Test

A Taxonomy of Machine-Learning-Based Intrusion Detection Systems for the Internet of Things: A Survey

Ensuring cybersecurity for industrial networks: A solution for ARP-based MITM attacks

Contact Info

Product

Resources

About