Deakin University
Browse

File(s) under embargo

Routing Attacks Detection in 6LoWPAN-Based Internet of Things

Version 2 2024-06-03, 02:22
Version 1 2024-01-05, 04:27
journal contribution
posted on 2024-06-03, 02:22 authored by Ammar Alazab, Ansam KhraisatAnsam Khraisat, Sarabjot Singh, Savitri Bevinakoppa, Osama A Mahdi
The Internet of Things (IoT) has become increasingly popular, and opened new possibilities for applications in various domains. However, the IoT also poses security challenges due to the limited resources of the devices and its dynamic network topology. Routing attacks on 6LoWPAN-based IoT devices can be particularly challenging to detect because of its unique characteristics of the network. In recent years, several techniques have been proposed for detecting routing attacks, including anomaly detection. These techniques leverage different features of network traffic to identify and classify routing attacks. This paper focuses on routing attacks that target the Routing Protocol for Low-Power and Lossy Networks (RPL), which are widely used in 6LoWPAN-based IoT systems. The attacks discussed in this paper can be categorized as either inherited from Wireless Sensor Networks or exploiting vulnerabilities unique to RPL (known as RPL-specific attacks). The paper describes various RPL attacks, including Flood Attacks, Data-DoS/DDoS Attacks, Wormhole Attacks, RPL Rank Attacks, Blackhole Attacks, Version Attacks, and Sinkhole Attacks. In this paper, a novel Hybrid Intrusion Detection System (HIDS) that combines a decision tree classifier and a one-class Support Vector Machine classifier is proposed to detect routing attacks. The HIDS draws on the strengths of both a Signature Intrusion Detection System (SIDS) and an Anomaly-based Intrusion Detection System (AIDS) to identify routing attacks with a high degree of accuracy and a low false alarm rate. The routing dataset, which features genuine IoT network traffic and various kinds of routing attacks, was used to test the proposed HIDS. According to the findings, the hybrid IDS proposed in this study outperforms SIDS and AIDS approaches, with higher detection rates and lower false positive rates.

History

Journal

Electronics

Volume

12

Article number

1320

Pagination

1-19

Location

Basel, Switzerland

ISSN

1450-5843

eISSN

2831-0128

Language

eng

Publication classification

C1 Refereed article in a scholarly journal

Issue

6

Publisher

MDPI