Mitigation of DIS flooding attacks in RPL‐based 6LoWPAN networks

Verma, Abhishek; Ranga, Virender

doi:10.1002/ett.3802

Cited by 45 publications

(29 citation statements)

References 61 publications

(67 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This type of attack can consume both outgoing and incoming bandwidth, since the victim’s servers will often attempt to respond with ICMP Echo Reply packets, resulting significant overall system slowdown. Thanks to the ContikiRPL configuration constants set with the building block, the malicious node immediately starts sending DIS messages to its neighbors as shown in Figure 7 [ 54 ], then triggering DIO messages and trickling timers reset.…”

Section: Anomaly Detection Scenariosmentioning

confidence: 99%

Efficient Anomaly Detection for Smart Hospital IoT Systems

Said

Yahyaoui

Abdellatif

2021

Sensors

View full text Add to dashboard Cite

In critical Internet of Things (IoT) application domains, such as the Defense Industry and Healthcare, false alerts have many negative effects, such as fear, disruption of emergency services, and waste of resources. Therefore, an alert must only be sent if triggered by a correct event. Nevertheless, IoT networks are exposed to intrusions, which affects event detection accuracy. In this paper, an Anomaly Detection System (ADS) is proposed in a smart hospital IoT system for detecting events of interest about patients’ health and environment and, at the same time, for network intrusions. Providing a single system for network infrastructure supervision and e-health monitoring has been shown to optimize resources and enforce the system reliability. Consequently, decisions regarding patients’ care and their environments’ adaptation are more accurate. The low latency is ensured, thanks to a deployment on the edge to allow for a processing close to data sources. The proposed ADS is implemented and evaluated while using Contiki Cooja simulator and the e-health event detection is based on a realistic data-set analysis. The results show a high detection accuracy for both e-health related events and IoT network intrusions.

show abstract

Section: Anomaly Detection Scenariosmentioning

confidence: 99%

Efficient Anomaly Detection for Smart Hospital IoT Systems

Said

Yahyaoui

Abdellatif

2021

Sensors

View full text Add to dashboard Cite

show abstract

“…In 2019, Verma and Ranga [8] proposed a mitigation method for DIS flooding attacks. The main idea was to set thresholds in order to restrict trickle timer resets and decrease the number of control message transmissions caused by hello flood attack.…”

Section: Other Studiesmentioning

confidence: 99%

“…Most of them use fewer number of nodes while simulating the network [5,8] . However, in order to observe the effects of these attacks properly, higher number of nodes should be employed for the simulation.…”

Section: Analysis Of Routing Attacksmentioning

confidence: 99%

“…There are several studies that have analyzed attacks against RPL [5][6][7][8]. ; however, the majority of these have been conducted with just a limited number of devices [5,8] . Realistically, at least 25 or 30 devices are needed in order to see the multihop characteristics of RPL [9].…”

Section: Introductionmentioning

confidence: 99%

“…Realistically, at least 25 or 30 devices are needed in order to see the multihop characteristics of RPL [9]. Moreover, some of these studies have analyzed only a few attacks [5][6][7][8] , or more general types of attack which could be applied to any type of network. There has been no detailed and comprehensive study that covers attacks specifically against the RPL protocol.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

A Cross-Layer Intrusion Detection System for RPL-Based Internet of Things

Canbalaban

Şen

2020

Ad-Hoc, Mobile, and Wireless Networks

View full text Add to dashboard Cite

pagesThe "Internet of Things" (IoT) is a heterogeneous network of constrained devices connected both to each other and to the Internet. Since the significance of the IoT has risen remarkably in recent years, a considerable amount of research has been conducted in this area, and especially on, new mechanisms and protocols suited to such complex systems. "Routing Procotol for Low-Power and Lossy Networks" (RPL) is one of the accepted routing protocols for the IoT. It provides for multi-hop routing and is mainly proposed for "multipoint-topoint" (MP2P) communication as well as supporting "point-to-point" (P2P) and "point-tomultipoint" (P2MP) communication. However RPL, as with many protocols proposed for the IoT, was not purposefully designed with security in mind;hence, certain solutions for securing RPL have been developed in the literature. Intrusion detection systems known as IDSs, which monitor activities in systems and detect intrusions, have become an inevitable part of such security systems, since prevention mechanisms alone are never enough. In this thesis study, a new IDS is proposed for these types of low-power and lossy networks.iii The IoT exists in a variety of fields such as smart homes, medical care and smart vehicles and with each having different security requirements. Devices in the IoT are interconnected to each other over lossy communication links, but with limited resources, they are also susceptible to attacks. Moreover, since the communication of such devices is provided by RPL, the protocol could also be targeted by internal attackers. In this thesis study, specific attacks against RPL, namely "version number attack", "worst parent attack" and "hello flood attack" were deeply analyzed. Then, an IDS based on neural networks was proposed in order to detect such attacks. Here, the effects of features taken both from the routing layer and the link layer, were explored, and both binary classification and multi-class classification applied.The proposed system was then evaluated on simulated networks using different percentages of attackers (2%, 6%, 10%, 20%). The study's results showed that the proposed system was able to detect the attacks effectively with a 96.88% detection rate, a 0.13% false positive rate for binary classification, and a 97.52% rate of accuracy for multi-class detection. More specifically, the detection rate was shown to be 93.2% for "version number attack", 98.17% for "worst parent attack" and 99.96% for "hello flood attack". Also, with the usage of features related to the link layer in training, the false positive rate was shown to decrease from 0.61% to 0.13%. The positive effect of the link layer's features was especially noted in the detection of "version number attacks". To the best of the author's knowledge, this study presents the first cross-layer IDS in the literature.

show abstract

A Distributed framework for detecting DDoS attacks in smart contract‐based Blockchain‐IoT Systems by leveraging Fog computing

Kumar

Gupta

et al. 2020

Trans Emerging Tel Tech

115

View full text Add to dashboard Cite

With the advancement of blockchain technology, and the proliferation of Internet of things (IoT)-driven devices, the blockchain-IoT applications is changing the perception and working infrastructure of smart networks. Blockchain supports decentralized architecture and provides secure management, authentication, and access to IoT systems by deploying smart contracts provided by Ethereum. The growing demand and expansion of blockchain-IoT systems is generating large volume of sensitive data. Moreover, distributed denial-of-service (DDoS) attacks are the most challenging threats to smart contracts in blockchain-IoT systems. The 2016 decentralized autonomous organization and 2017 parity wallet attacks exposed the critical fault-lines among Ethereum smart contracts. Currently, there is no security mechanism available for smart contracts after its deployment in blockchain-IoT systems. In order to address these challenges, first we use two artificial intelligence techniques, random forest (RF) and XGBoost that gives full autonomy in decision making capabilities in the proposed security framework. Second, for data load balancing and distributed file storage of IoT data, interplanetary file system is suggested.Finally, we are the first to propose a distributed framework based on fog computing to detect DDoS attacks in smart contracts. The performance of the detection system is evaluated using actual IoT dataset, namely, BoT-IoT. The proposed system is evaluated in terms of accuracy (AC), detection rate (DR), and false alarm rate (FAR). The results confirms the superiority of the proposed framework over some of the recent state-of-art techniques in detecting rare attacks. The proposed framework has achieved DR up to 99.99% using RF by using 10 features of BoT-IoT dataset. INTRODUCTIONInternet of things (IoT) and blockchain are the two emerging technologies, that has revolutionized the world and made human life more meaningful and productive. IoT is a network of smart devices and sensors that exchange information over the Internet. 1 The applications of IoT are involved in various domain such as smart city, smart home, supply chain system, intelligent transportation system, earthquake detection, agriculture, hospital, a smart grid system, and so on. 2

show abstract

Mitigation of DIS flooding attacks in RPL‐based 6LoWPAN networks

Cited by 45 publications

References 61 publications

Efficient Anomaly Detection for Smart Hospital IoT Systems

Efficient Anomaly Detection for Smart Hospital IoT Systems

A Cross-Layer Intrusion Detection System for RPL-Based Internet of Things

A Distributed framework for detecting DDoS attacks in smart contract‐based Blockchain‐IoT Systems by leveraging Fog computing

Contact Info

Product

Resources

About