Securing IoT Attacks: A Machine Learning Approach for Developing Lightweight Trust-Based Intrusion Detection System

The routing process in the Internet of Things (IoT) presents challenges in industrial applications due to its complexity, involving multiple devices, critical decision-making, and accurate data transmission. The complexity further increases with dynamic IoT devices, which creates opportunities for potential intruders to disrupt routing. Traditional security measures are inadequate for IoT devices with limited battery capabilities. Although RPL (Routing Protocol for Low Energy and Lossy Networks) is commonly used for IoT routing, it remains vulnerable to security threats. This study aims to detect and isolate three routing attacks on RPL: Rank, Sybil, and Wormhole. To achieve this, a lightweight trust-based secured routing system is proposed, utilizing machine learning techniques to derive values for devices in new networks, where initial trust values are unavailable. The system demonstrates successful detection and isolation of attacks, achieving an accuracy of 98.59%, precision of 98%, recall of 99%, and f-score of 98%, thereby reinforcing its effectiveness. Attacker nodes are identified and promptly disabled, ensuring a secure routing environment. Validation on a generated dataset further confirms the reliability of the system

A critical analysis of mobility management related issues of wireless sensor networks in cyber physical systems

Mobility management has been a long-standing issue in mobile wireless sensor networks and especially in the context of cyber physical systems; its implications are immense. This paper presents a critical analysis of the current approaches to mobility management by evaluating them against a set of criteria which are essentially inherent characteristics of such systems on which these approaches are expected to provide acceptable performance. We summarize these characteristics by using a quadruple set of metrics. Additionally, using this set we classify the various approaches to mobility management that are discussed in this paper. Finally, the paper concludes by reviewing the main findings and providing suggestions that will be helpful to guide future research efforts in the area

A critical analysis of mobility management related issues of wireless sensor networks in cyber physical systems

Mobility management has been a long-standing issue in mobile wireless sensor networks and especially in the context of cyber physical systems its implications are immense. This paper presents a critical analysis of the current approaches to mobility management by evaluating them against a set of criteria which are essentially inherent characteristics of such systems on which these approaches are expected to provide acceptable performance. We summarize these characteristics by using a quadruple set of metrics. Additionally, using this set we classify the various approaches to mobility management that are discussed in this paper. Finally, the paper concludes by reviewing the main findings and providing suggestions that will be helpful to guide future research efforts in the area. **Please note that there are multiple authors for this article therefore only the name of the first 5 including Federation University Australia affiliate “Muhammad Imran” is provided in this record*

A novel framework for collaborative intrusion detection for M2M networks

The proliferation of sensor devices has introduced exciting possibilities such as the Internet of Things (IoT). Machine to Machine (M2M) communication underpins efficient interactions within such infrastructures. The resource constraints and ad-hoc nature of these networks have significant implications for security in general and with respect to intrusion detection in particular. Consequently, contemporary solutions mandating a stable infrastructure are inadequate to fulfill these defining characteristics of M2M networks. In this paper, we present COLIDE (COLlaborative Intrusion Detection Engine) a novel framework for effective intrusion detection in the M2M networks without incurring high energy and communication cost on the participating host and edge nodes. The framework is envisioned to address challenges such as flexibility, resource constraints, and the collaborative nature of the M2M networks. The paper presents a detailed system description along with its formal and empirical evaluation using Contiki OS. Our evaluation for different communication scenarios demonstrates that the proposed approach has limited overhead in terms of energy utilization and memory consumption

TN-IDS for Network Layer Attacks in RPL based IoT Systems

Routing protocol for Low power and lossy network (RPL) is a standardized optimal protocol for routing in Internet of Things (IoT). The constrained wireless sensor network in IoT is characterized by lack of processing speed, low power and low memory. Sometimes various network attacks enabling the RPL network affect the network performance dismally. This leads to drastic variation in energy consumption at nodes and disturb the RPL network protocol structure. This leads to reduced processing speed and memory allocation in the network. We first illustrate the attacks and their impact in RPL network by simulation. To detect such attacks, we propose an Intrusion Detection System (IDS) scheme for RPL network based on trust computation. Trust based Neighbor notification IDS (TN-IDS) is a secure hierarchical distribution system which monitors the network intrusion and checks the performance of the network. The new TN-IDS system will track all nodes in the network and identify the malicious nodes. The activity list prepared by IDS indicates them to a sink node. This is achieved by introducing a distributed leader election algorithm to collect metrics related to the RPL network. Hence, the performance metrics of the RPL network together with TN-IDS module can identify the malicious node and isolate them

Rank and wormhole attack detection model for RPL-based Internet of Things using machine learning

The proliferation of the internet of things (IoT) technology has led to numerous challenges in various life domains, such as healthcare, smart systems, and mission-critical applications. The most critical issue is the security of IoT nodes, networks, and infrastructures. IoT uses the routing protocol for low-power and lossy networks (RPL) for data communication among the devices. RPL comprises a lightweight core and thus does not support high computation and resource-consuming methods for security implementation. Therefore, both IoT and RPL are vulnerable to security attacks, which are broadly categorized into RPL-specific and sensor-network-inherited attacks. Among the most concerning protocol-specific attacks are rank attacks and wormhole attacks in sensor-network-inherited attack types. They target the RPL resources and components including control messages, repair mechanisms, routing topologies, and sensor network resources by consuming. This leads to the collapse of IoT infrastructure. In this paper, a lightweight multiclass classification-based RPL-specific and sensor-network-inherited attack detection model called MC-MLGBM is proposed. A novel dataset was generated through the construction of various network models to address the unavailability of the required dataset, optimal feature selection to improve model performance, and a light gradient boosting machine-based algorithm optimized for a multiclass classification-based attack detection. The results of extensive experiments are demonstrated through several metrics including confusion matrix, accuracy, precision, and recall. For further performance evaluation and to remove any bias, the multiclass-specific metrics were also used to evaluate the model, including cross-entropy, Cohn’s kappa, and Matthews correlation coefficient, and then compared with benchmark research

Intrusion detection in IPv6-enabled sensor networks.

In this research, we study efficient and lightweight Intrusion Detection Systems (IDS) for ad-hoc networks through the lens of IPv6-enabled Wireless Sensor Actuator Networks. These networks consist of highly constrained devices able to communicate wirelessly in an ad-hoc fashion, thus following the architecture of ad-hoc networks. Current state of the art IDS in IoT and WSNs have been developed considering the architecture of conventional computer networks, and as such they do not efficiently address the paradigm of ad-hoc networks, which is highly relevant in emerging network paradigms, such as the Internet of Things (IoT). In this context, the network properties of resilience and redundancy have not been extensively studied. In this thesis, we first identify a trade-off between the communication and energy overheads of an IDS (as captured by the number of active IDS agents in the network) and the performance of the system in terms of successfully identifying attacks. In order to fine-tune this trade-off, we model networks as Random Geometric Graphs; these are a rigorous approach that allows us to capture underlying structural properties of the network. We then introduce a novel IDS architectural approach that consists of a central IDS agent and set of distributed IDS agents deployed uniformly at random over the network area. These nodes are able to efficiently detect attacks at the networking layer in a collaborative manner by monitoring locally available network information provided by IoT routing protocols, such as RPL. The detailed experimental evaluation conducted in this research demonstrates significant performance gains in terms of communication overhead and energy dissipation while maintaining high detection rates. We also show that the performance of our IDS in ad-hoc networks does not rely on the size of the network but on fundamental underling network properties, such as the network topology and the average degree of the nodes. The experiments show that our proposed IDS architecture is resilient against frequent topology changes due to node failures

The role of communication systems in smart grids: Architectures, technical solutions and research challenges

The purpose of this survey is to present a critical overview of smart grid concepts, with a special focus on the role that communication, networking and middleware technologies will have in the transformation of existing electric power systems into smart grids. First of all we elaborate on the key technological, economical and societal drivers for the development of smart grids. By adopting a data-centric perspective we present a conceptual model of communication systems for smart grids, and we identify functional components, technologies, network topologies and communication services that are needed to support smart grid communications. Then, we introduce the fundamental research challenges in this field including communication reliability and timeliness, QoS support, data management services, and autonomic behaviors. Finally, we discuss the main solutions proposed in the literature for each of them, and we identify possible future research directions

Multi-Layered Security in the Internet of the Things

It is well discussed and understood that there is still a need for suitable security for the Internet of Things. It is however still not clear how existing or emerging security paradigms can be effectively applied to a network of constrained nodes in a lossy communications environment. This thesis provides a survey into what routing protocols can be used with network security in mind. What will also be discussed, is an implementation, that in conjunction which a robust routing protocol, can provide security for a network of constrained devices with a certain level of confidence. The implementation and design involves including communications encryption and centralized non-cryptographic methods for securing the network. This thesis basically explores the use of multiple security mechanisms in an Internet of Things environment by using Contiki OS as the platform of choice for simulations and testing