Toward a Lightweight Intrusion Detection System for the Internet of Things

The Internet of Things (IoT) applications has grown in exorbitant numbers, generating a large amount of data required for intelligent data processing. However, the varying IoT infrastructures (i.e. cloud, edge, fog) and the limitations of the IoT application layer protocols in transmitting/receiving messages become the barriers in creating intelligent IoT applications. These barriers prevent current intelligent IoT applications to adaptively learn from other IoT applications. In this paper, we critically review how IoT-generated data is processed for machine learning analysis, and highlight the current challenges in furthering intelligent solutions in the IoT environment. Furthermore, we propose a framework to enable IoT applications to adaptively learn from other IoT applications, and present a case study in how the framework can be applied to the real studies in the literature. Finally, we discuss the key factors that have an impact on future intelligent applications for the IoT.

show abstract

“…IoT is developed in [59]. The proposed IDS is capable of detecting Denial of Service (DoS) attacks successfully.…”

Section: A Lightweight Machine Learning-based Intrusion Detection Sysmentioning

confidence: 99%

Machine learning and data analytics for the IoT

Adi

Anwar

Baig

et al. 2020

Neural Comput & Applic

170

View full text Add to dashboard Cite

show abstract

“…With the growth of IoT networks, several researchers have proposed anomaly mitigation schemes to protect the IoT from malicious users. As mentioned earlier, the IDS schemes can largely be classified into signature-based [27][28][29], anomaly-based [30][31][32][33][34][35][36], and hybrid-based [22,36]. Additionally, some of the anomaly mitigations' schemes [35][36][37][38] utilize the fog computing paradigm for deployment.…”

Section: Related Workmentioning

confidence: 99%

“…A lightweight IDS scheme [31] is proposed for IoT. This scheme consists of a training level and evaluation level.…”

Section: Related Workmentioning

confidence: 99%

“…However, the schemes in [22,29] are protocol specific, which means the schemes will not be able to work on all IoT devices. Similarly, the anomaly-based schemes in [20,[30][31][32][33][34][35][36][37][38][39] employed machine learning or statistical techniques but may experience false-positive rates when wrong decisions about normal traffic flow are made. The hybrid schemes in [22,36] leverage the benefits of the combination of different detection methodologies.…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

An Anomaly Mitigation Framework for IoT Using Fog Computing

2020

View full text Add to dashboard Cite

The advancement in IoT has prompted its application in areas such as smart homes, smart cities, etc., and this has aided its exponential growth. However, alongside this development, IoT networks are experiencing a rise in security challenges such as botnet attacks, which often appear as network anomalies. Similarly, providing security solutions has been challenging due to the low resources that characterize the devices in IoT networks. To overcome these challenges, the fog computing paradigm has provided an enabling environment that offers additional resources for deploying security solutions such as anomaly mitigation schemes. In this paper, we propose a hybrid anomaly mitigation framework for IoT using fog computing to ensure faster and accurate anomaly detection. The framework employs signature- and anomaly-based detection methodologies for its two modules, respectively. The signature-based module utilizes a database of attack sources (blacklisted IP addresses) to ensure faster detection when attacks are executed from the blacklisted IP address, while the anomaly-based module uses an extreme gradient boosting algorithm for accurate classification of network traffic flow into normal or abnormal. We evaluated the performance of both modules using an IoT-based dataset in terms response time for the signature-based module and accuracy in binary and multiclass classification for the anomaly-based module. The results show that the signature-based module achieves a fast attack detection of at least six times faster than the anomaly-based module in each number of instances evaluated. The anomaly-based module using the XGBoost classifier detects attacks with an accuracy of 99% and at least 97% for average recall, average precision, and average F1 score for binary and multiclass classification. Additionally, it recorded 0.05 in terms of false-positive rates.

show abstract

“…The generated passageway is known as wormhole threat. This may be the serious kind of attack to routing protocols that may affect route investigation method of delaying the investigation of any path other than worm-hole [14]. As given in fig 3, an unnecessary connection is made from B to C by attacker hop Y.…”

Section: Fig 2 Black Hole Attack (Ii) Wormhole Attackmentioning

confidence: 99%

An Enhanced OLSR Protocol to Improve Performance Of UAV in Wireless Mesh Network

Kaur*,

Prakash

2019

IJRTE

View full text Add to dashboard Cite

Over the past few decades, wireless mesh network is the main area of research in small and large sized network structure. Wireless mesh network is a radio based network scheme that needs minimal structure and organisation. It has the capability to integrate the wired system and can be prolonged at minimum cost without losing the mobile nature. Routing protocols mainly affects the performance of the WMN. Some of the advantages of the WMN are cost effective, easy management, robust and reliable service. It is utilised in numerous application areas such as hospitality and healthcare applications, rescue actions and disaster controlling, broadband connection services at home and institutions. In WMN , some challenges faced are, unsuitable number of alternate routes among the pair of the hops, entire capacity decreased due to interference among the multiple connections, effect on security due to complex networks. In a wireless mesh network, described about the optimized link state routing protocol (OLSR) and works on network parameters. In routing protocol, an immediate routing is required so that the change in topology may lead to flooding of data to desirable hosts in the system. After that, routing, performance is evaluated with encryption method using DES. Data encryption standard (DES) is cryptographic method that is applied to block of information. In this research proposed work, developed a novel improved, optimised link state routing method to enhance the network performance end to delay, delivery rate and recover the loss of data from sender to receiver hop. Experimental analysis is done using various parameters metrices as end delay, packet delivery ratio and throughput. In this research, an improvement in discovery delay of PASER and FER is also increased. The frame error rate computed is based on the level ranges range from 0%, 10% and 20%. Moreover, packet delivery ratio is 70% and throughput is 81%.

show abstract

Toward a Lightweight Intrusion Detection System for the Internet of Things

Cited by 200 publications

References 55 publications

Machine learning and data analytics for the IoT

Machine learning and data analytics for the IoT

An Anomaly Mitigation Framework for IoT Using Fog Computing

An Enhanced OLSR Protocol to Improve Performance Of UAV in Wireless Mesh Network

Contact Info

Product

Resources

About