Hybrid routing for man-in-the-middle (MITM) attack detection in IoT networks
Version 2 2024-06-04, 14:38Version 2 2024-06-04, 14:38
Version 1 2020-05-28, 11:10Version 1 2020-05-28, 11:10
conference contribution
posted on 2024-06-04, 14:38authored byJJ Kang, K Fahd, S Venkatraman, R Trujillo Rasua, P Haskell-Dowland
Affordable and expandable low power networks such as 5G and Low Power Wide Area Networks (LPWAN) in the public and private network areas have improved network bandwidth capacities and processing performance. Internet of Things (IoT) technologies are increasing in popularity with numerous applications and devices being developed for smart environments and health-related applications. This raises security concerns in these networks, as many IoT devices handle confidential information such as IP/MAC addresses, which could be used to identify a user's location. As a result, there is vulnerability to data tampering by man-in-the-middle (MITM) attacks, which feature two observable characteristics: (1) there is a measurable delay in the session and (2) has unusual travel times compared to prior normal transactions. To improve the detection of these attacks, this paper proposes a novel scheme using a hybrid routing mechanism, which involves appointing dedicated nodes for enforcing routing between IoT devices and users with minimal intervention and workload to the network. The function of dedicated devices with more computational and battery power can provide three advantages: (1) determine secured paths within the network by avoiding suspicious nodes and networks, (2) provide stable travel times (less fluctuations) for a trusted time server (TTS) to improve the accuracy of estimated travel times, and (3) provide packet inspection for security checks. This proposed solution contributes towards increasing the security of IoT networks by enabling the real-time detection of intruders.