Incremental hybrid intrusion detection for 6LoWPAN

被引：0

作者：

Pasikhan, Aryan Mohammadi ^{[1
]}

Clark, John A. ^{[1
]}

Gope, Prosanta ^{[1
]}

机构：

[1] Univ Sheffield, Dept Comp Sci, Sheffield, England

来源：

COMPUTERS & SECURITY | 2023年 / 135卷

关键词：

6LoWPAN; RPL; Intrusion Detection System (IDS); Increase rank attack; DIO suppression attack; INTERNET; IDS;

D O I：

10.1016/j.cose.2023.103447

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

IPv6 over Low-powered Wireless Personal Area Networks (6LoWPAN) has grown in importance in recent years, with the Routing Protocol for Low Power and Lossy Networks (RPL) emerging as a major enabler. However, RPL can be subject to attack, with severe consequences. Most proposed IDSs have been limited to specific RPL attacks and typically assume a stationary environment. In this article, we propose the first adaptive hybrid IDS to efficiently detect and identify a wide range of RPL attacks (including DIO Suppression, Increase Rank, and Worst Parent attacks, which have been overlooked in the literature) in evolving data environments. We apply our framework to networks under various levels of node mobility and maliciousness. We experiment with several incremental machine learning (ML) approaches and various 'concept-drift detection' mechanisms (e.g. ADWIN, DDM, and EDDM) to determine the best underlying settings for the proposed scheme.

引用

页数：12

共 47 条

[1] [Anonymous], 2001, PMLR
[2] [Anonymous], 2015, International Journal of Computer Applications, DOI DOI 10.5120/21565-4589
[3] [Anonymous], 2013, Proceedings of the 2013 ACM SIGSAC Conference on Computer and Communications Security, DOI [DOI 10.1145/2508859.2512494, 10.1145/2508859.2512494]
[4] Bhuyan M H., 2012, Survey on incremental approaches for network anomaly detection
[5] Bifet A, 2009, LECT NOTES COMPUT SC, V5772, P249, DOI 10.1007/978-3-642-03915-7_22
[6] Bifet A, 2009, KDD-09: 15TH ACM SIGKDD CONFERENCE ON KNOWLEDGE DISCOVERY AND DATA MINING, P139
[7] Bifet A, 2007, PROCEEDINGS OF THE SEVENTH SIAM INTERNATIONAL CONFERENCE ON DATA MINING, P443
[8] Hybrid of anomaly-based and specification-based IDS for Internet of Things using unsupervised OPF based on MapReduce approach
Bostani, Hamid
Sheikhan, Mansour
[J]. COMPUTER COMMUNICATIONS, 2017, 98 : 52 - 71
[9] RPL routing protocol over IoT: A comprehensive survey, recent advances, insights, bibliometric analysis, recommendations, and future directions
Darabkh, Khalid A.
Al-Akhras, Muna
Zomot, Jumana N.
Atiquzzaman, Mohammed
[J]. JOURNAL OF NETWORK AND COMPUTER APPLICATIONS, 2022, 207
[10] Incremental Learning of Concept Drift in Nonstationary Environments
Elwell, Ryan
Polikar, Robi
[J]. IEEE TRANSACTIONS ON NEURAL NETWORKS, 2011, 22 (10): : 1517 - 1531

← 1 2 3 4 5 →