A Novel Insider Attack and Machine Learning Based Detection for the Internet of Things

Chowdhury, Morshed, Ray, B, Chowdhury, S and Rajasegarar, Sutharshan 2021, A Novel Insider Attack and Machine Learning Based Detection for the Internet of Things, ACM Transactions on Internet of Things, vol. 2, no. 4, pp. 1-23, doi: 10.1145/3466721.

Attached Files
Name Description MIMEType Size Downloads

Title A Novel Insider Attack and Machine Learning Based Detection for the Internet of Things
Author(s) Chowdhury, MorshedORCID iD for Chowdhury, Morshed orcid.org/0000-0002-2866-4955
Ray, B
Chowdhury, S
Rajasegarar, SutharshanORCID iD for Rajasegarar, Sutharshan orcid.org/0000-0002-6559-6736
Journal name ACM Transactions on Internet of Things
Volume number 2
Issue number 4
Article ID 26
Start page 1
End page 23
Total pages 23
Publisher ACM
Place of publication New York, N.Y.
Publication date 2021-07
ISSN 2691-1914
2577-6207
Keyword(s) RPL security
IoT
machine learning
RPL
Contiki
insider attack
Summary Due to the widespread functional benefits, such as supporting internet connectivity, having high visibility and enabling easy connectivity between sensors, the Internet of Things (IoT) has become popular and used in many applications, such as for smart city, smart health, smart home, and smart vehicle realizations. These IoT-based systems contribute to both daily life and business, including sensitive and emergency situations. In general, the devices or sensors used in the IoT have very limited computational power, storage capacity, and communication capabilities, but they help to collect a large amount of data as well as maintain communication with the other devices in the network. Since most of the IoT devices have no physical security, and often are open to everyone via radio communication and via the internet, they are highly vulnerable to existing and emerging novel security attacks. Further, the IoT devices are usually integrated with the corporate networks; in this case, the impact of attacks will be much more significant than operating in isolation. Due to the constraints of the IoT devices, and the nature of their operation, existing security mechanisms are less effective for countering the attacks that are specific to the IoT-based systems. This article presents a new insider attack, named loophole attack, that exploits the vulnerabilities present in a widely used IPv6 routing protocol in IoT-based systems, called RPL (Routing over Low Power and Lossy Networks). To protect the IoT system from this insider attack, a machine learning based security mechanism is presented. The proposed attack has been implemented using a Contiki IoT operating system that runs on the Cooja simulator, and the impacts of the attack are analyzed. Evaluation on the collected network traffic data demonstrates that the machine learning based approaches, along with the proposed features, help to accurately detect the insider attack from the network traffic data.
Language eng
DOI 10.1145/3466721
Indigenous content off
HERDC Research category C1 Refereed article in a scholarly journal
Persistent URL http://hdl.handle.net/10536/DRO/DU:30153890

Connect to link resolver
 
Unless expressly stated otherwise, the copyright for items in DRO is owned by the author, with all rights reserved.

Versions
Version Filter Type
Citation counts: TR Web of Science Citation Count  Cited 0 times in TR Web of Science
Scopus Citation Count Cited 0 times in Scopus
Google Scholar Search Google Scholar
Access Statistics: 32 Abstract Views, 1 File Downloads  -  Detailed Statistics
Created: Thu, 29 Jul 2021, 10:36:43 EST

Every reasonable effort has been made to ensure that permission has been obtained for items included in DRO. If you believe that your rights have been infringed by this repository, please contact drosupport@deakin.edu.au.